scholarly journals A Noble Approach of Real Time Intrusion Detection System (NART-IDS)

2019 ◽  
pp. 10-22
Author(s):  
Deepak Kumar Yadav ◽  
Akhilesh Bansiya
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Intrusion Detection System ◽  
Detection System ◽  
Critical Systems ◽  
Online Detection ◽  
Report Generation ◽  
Improve Efficiency ◽  
Network Intrusion ◽  
System Overhead

Malicious users use different techniques such as cracking passwords, text traffic, sniffing unencrypted or light, etc. System overhead and compromise critical systems. Therefore, there must be some sort of security for the organization's private resources from the Internet and from the inside. Therefore, the intrusion detection system (IDS) could be the best solution. It complements the firewall to improve the security holes. An intrusion detection system includes a management console and sensors. The management console holds all the responsibility of functionality of IDS comprises with its initialization, packet capturing, and report generation, whereas the sensors used to monitor hosts or networks in real time. There may be different categories of Intrusion Detection System. IDS can be designed in the concept of Signature analysis as well as anomaly behavior analysis. Therefore IDS used to capture the behavior of suspected packets. These functions are in host mode and called as Host Intrusion Detection System (HIDS) and in Network mode called as Network Intrusion Detection System (NIDS). The entitled dissertation work is carried out to obtain the best analysis performance through signature based detection system. It is efficient for host as well as network system .here basically Transmission Control Packets (TCP) and User Datagram Packets (UDP) considered to analysis for finding different attacks like Probe,DoS,R2l and U2R. This system is being found functionally efficient and also provide layer wise attacks details. Here different agent modules used to perform desired isolated responsibility like Mobile Agent (MA) to activate different IDS chest at different hosts, Tenet Agent (TA) for signature rule, Analysis Agent (AA) etc. The proposed system can greatly improve efficiency from offline detection to real-time online detection. Since the proposed system derives features from packet headers. Many attacks were experimented in this system. Experiments were performed to demonstrate the excellent effectiveness and efficiency of the proposed system. The proposed system can greatly improve efficiency from offline detection to real-time online detection. Since the proposed system derives features from packet headers. The entitled system can be further enhanced to capture more type of attacks at the levels of multiple layers and also may stop attacks as well.

scholarly journals Realguard: A Lightweight Network Intrusion Detection System for IoT Gateways

Sensors ◽  
2022 ◽  
Vol 22 (2) ◽  
pp. 432
Author(s):  
Xuan-Ha Nguyen ◽  
Xuan-Duong Nguyen ◽  
Hoang-Hai Huynh ◽  
Kim-Hung Le
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Real Time ◽  
Intrusion Detection System ◽  
Detection System ◽  
Cyber Attacks ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Network Intrusion ◽  
Network Intrusion Detection System

Cyber security has become increasingly challenging due to the proliferation of the Internet of things (IoT), where a massive number of tiny, smart devices push trillion bytes of data to the Internet. However, these devices possess various security flaws resulting from the lack of defense mechanisms and hardware security support, therefore making them vulnerable to cyber attacks. In addition, IoT gateways provide very limited security features to detect such threats, especially the absence of intrusion detection methods powered by deep learning. Indeed, deep learning models require high computational power that exceeds the capacity of these gateways. In this paper, we introduce Realguard, an DNN-based network intrusion detection system (NIDS) directly operated on local gateways to protect IoT devices within the network. The superiority of our proposal is that it can accurately detect multiple cyber attacks in real time with a small computational footprint. This is achieved by a lightweight feature extraction mechanism and an efficient attack detection model powered by deep neural networks. Our evaluations on practical datasets indicate that Realguard could detect ten types of attacks (e.g., port scan, Botnet, and FTP-Patator) in real time with an average accuracy of 99.57%, whereas the best of our competitors is 98.85%. Furthermore, our proposal effectively operates on resource-constraint gateways (Raspberry PI) at a high packet processing rate reported about 10.600 packets per second.

Sign in / Sign up

Export Citation Format

Share Document