scholarly journals Issues and Challenges for Preventing Cyber - Attacks

2020 ◽  
pp. 212-215
Author(s):  
Arvind Kishanrao Rathod ◽  
Bhushan Shivaji Kulkarni
Keyword(s):  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Preventive Measures ◽  
Detection System ◽  
Social Engineering ◽  
Cyber Attacks ◽  
Security Policies ◽  
Data Corruption ◽  
Individual System

The main objective of cyber security is to prevent various types of attacks on individual user system or organizations system or network by implementing some preventive measures such as by enforcing security policies, providing security awareness among the peoples by organizing frequent trainings or workshop to avoid social engineering attacks. Also implementing some tools such as intrusion detection system, firewall, antiviruses in individual system on organizations network and avoid from data corruption or alteration attacks by attackers via internet or some other means.

scholarly journals IntruDTree: A Machine Learning-Based Cyber Security Intrusion Detection Model

2020 ◽  
Author(s):  
Iqbal H. Sarker ◽  
Yoosef B. Abushark ◽  
Fawaz Alsolami ◽  
Asif Irshad Khan
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Security Model ◽  
K Nearest Neighbor ◽  
Detection Model

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

scholarly journals Scrutinizing Attacks and Evaluating Performance Appraisal Parameters via Feature Selection in Intrusion Detection System

2021 ◽  
Author(s):  
Navroop Kaur ◽  
Meenakshi Bansal ◽  
Sukhwinder Singh S
Keyword(s):  
Feature Selection ◽  
Performance Evaluation ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Support Vector ◽  
K Nearest Neighbor ◽  
Evaluation Parameters

Abstract In modern times the firewall and antivirus packages are not good enough to protect the organization from numerous cyber attacks. Computer IDS (Intrusion Detection System) is a crucial aspect that contributes to the success of an organization. IDS is a software application responsible for scanning organization networks for suspicious activities and policy rupturing. IDS ensures the secure and reliable functioning of the network within an organization. IDS underwent huge transformations since its origin to cope up with the advancing computer crimes. The primary motive of IDS has been to augment the competence of detecting the attacks without endangering the performance of the network. The research paper elaborates on different types and different functions performed by the IDS. The NSL KDD dataset has been considered for training and testing. The seven prominent classifiers LR (Logistic Regression), NB (Naïve Bayes), DT (Decision Tree), AB (AdaBoost), RF (Random Forest), kNN (k Nearest Neighbor), and SVM (Support Vector Machine) have been studied along with their pros and cons and the feature selection have been imposed to enhance the reading of performance evaluation parameters (Accuracy, Precision, Recall, and F1Score). The paper elaborates a detailed flowchart and algorithm depicting the procedure to perform feature selection using XGB (Extreme Gradient Booster) for four categories of attacks: DoS (Denial of Service), Probe, R2L (Remote to Local Attack), and U2R (User to Root Attack). The selected features have been ranked as per their occurrence. The implementation have been conducted at five different ratios of 60-40%, 70-30%, 90-10%, 50-50%, and 80-20%. Different classifiers scored best for different performance evaluation parameters at different ratios. NB scored with the best Accuracy and Recall values. DT and RF consistently performed with high accuracy. NB, SVM, and kNN achieved good F1Score.

scholarly journals Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things

Sensors ◽  
2019 ◽  
Vol 19 (9) ◽  
pp. 1977 ◽  
Author(s):  
Geethapriya Thamilarasu ◽  
Shiven Chawla
Keyword(s):  
Deep Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Cyber Attacks ◽  
The Internet ◽  
Critical Systems ◽  
The Internet Of Things

Cyber-attacks on the Internet of Things (IoT) are growing at an alarming rate as devices, applications, and communication networks are becoming increasingly connected and integrated. When attacks on IoT networks go undetected for longer periods, it affects availability of critical systems for end users, increases the number of data breaches and identity theft, drives up the costs and impacts the revenue. It is imperative to detect attacks on IoT systems in near real time to provide effective security and defense. In this paper, we develop an intelligent intrusion-detection system tailored to the IoT environment. Specifically, we use a deep-learning algorithm to detect malicious traffic in IoT networks. The detection solution provides security as a service and facilitates interoperability between various network communication protocols used in IoT. We evaluate our proposed detection framework using both real-network traces for providing a proof of concept, and using simulation for providing evidence of its scalability. Our experimental results confirm that the proposed intrusion-detection system can detect real-world intrusions effectively.

scholarly journals A Real-time Anomaly-based Intrusion Detection System for Automotive Controller Area Networks

2020 ◽  
Author(s):  
Luís Felipe Prado D'Andrada ◽  
Paulo Freitas de Araujo-Filho ◽  
Divanilson Rodrigo Campelo
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
True Positive Rate ◽  
Detection Algorithm ◽  
Cyber Attacks ◽  
Area Network ◽  
Controller Area Networks ◽  
Positive Rate ◽  
Promising Solution

The Controller Area Network (CAN) is the most pervasive in-vehiclenetwork technology in cars. However, since CAN was designed with no securityconcerns, solutions to mitigate cyber attacks on CAN networks have been pro-posed. Prior works have shown that detecting anomalies in the CAN networktraffic is a promising solution for increasing vehicle security. One of the mainchallenges in preventing a malicious CAN frame transmission is to be able todetect the anomaly before the end of the frame. This paper presents a real-timeanomaly-based Intrusion Detection System (IDS) capable of meeting this dead-line by using the Isolation Forest detection algorithm implemented in a hardwaredescription language. A true positive rate higher than 99% is achieved in testscenarios. The system requires less than 1μs to evaluate a frame’s payload, thusbeing able to detect the anomaly before the end of the frame.

scholarly journals SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks

Information ◽  
2019 ◽  
Vol 10 (3) ◽  
pp. 106 ◽  
Author(s):  
Pedro Manso ◽  
José Moura ◽  
Carlos Serrão
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Performance ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Normal Operation ◽  
Ddos Attacks ◽  
Network Infrastructure ◽  
Sdn Controller

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.

scholarly journals Cybersecurity in Automotive: An Intrusion Detection System in Connected Vehicles

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1765
Author(s):  
Francesco Pascale ◽  
Ennio Andrea Adinolfi ◽  
Simone Coppola ◽  
Emanuele Santonicola
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Cyber Attacks ◽  
Connected Vehicles ◽  
Area Network ◽  
Automotive Sector ◽  
Cyber Attack ◽  
Data Set ◽  
Evaluation Parameters

Today’s modern vehicles are connected to a network and are considered smart objects of IoT, thanks to the capability to send and receive data from the network. One of the greatest challenges in the automotive sector is to make the vehicle secure and reliable. In fact, there are more connected instruments on a vehicle, such as the infotainment system and/or data interchange systems. Indeed, with the advent of new paradigms, such as Smart City and Smart Road, the vision of Internet of Things has evolved substantially. Today, we talk about the V2X systems in which the vehicle is strongly connected with the rest of the world. In this scenario, the main aim of all connected vehicles vendors is to provide a secure system to guarantee the safety of the drive and persons against a possible cyber-attack. So, in this paper, an embedded Intrusion Detection System (IDS) for the automotive sector is introduced. It works by adopting a two-step algorithm that provides detection of a possible cyber-attack. In the first step, the methodology provides a filter of all the messages on the Controller Area Network (CAN-Bus) thanks to the use of a spatial and temporal analysis; if a set of messages are possibly malicious, these are analyzed by a Bayesian network, which gives the probability that a given event can be classified as an attack. To evaluate the efficiency and effectiveness of our method, an experimental campaign was conducted to evaluate them, according to the classic evaluation parameters for a test’s accuracy. These results were compared with a common data set on cyber-attacks present in the literature. The first experimental results, obtained in a test scenario, seem to be interesting. The results show that our method has good correspondence in the presence of the most common cyber-attacks (DDoS, Fuzzy, Impersonating), obtaining a good score relative to the classic evaluation parameters for a test’s accuracy. These results have decreased performance when we test the system on a Free State Attack.

scholarly journals Machine Learning Based Intelligent Intrusion Classification System for IoT Gateway Communication

2021 ◽  
pp. 1-9
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Classification System ◽  
Intrusion Detection System ◽  
Detection System ◽  
Cyber Attacks ◽  
Machine Learning Algorithms ◽  
Human Interaction ◽  
User Requirement ◽  
Sensor Devices

Internet of Things(IoT) is a next generation of Internet in that every object in the universe connect, communicate with sensor devices through Internet. In that inter-connected communication devices as well as sensor devices share the data through IoT gateway for a relevant application like whether forecasting, healthcare, smart city, disaster management are providing without human interaction. IoT enhances comfortable for human being even security is one of the challenging tasks. Intrusion detection system (IDS) will protect IoT devices from intruders. Now a day i.e in this era, as per user requirement and day-to-day increasing new innovative technologies as IoT, cloud computing, big data analytics, AIapplications implementation a network traffic will be generating a heavy data. To manage these data intrusion detection system is essential technique to detect, collect analyze the data is transmission through IoT gateway network. It is essential to improve the accuracy as well speed of intrusion detection system model by applying machine learning approach to detect IoT systems and gateway network to protect from cyber-attacks. In this paper providing a detailed study of Intrusion detection system (IDS) classification system for IoT gateway communication to protect IoT gateway by machine learning algorithms ina intelligent fashion.

scholarly journals DEVELOPMENT OF AN INTRUSION DETECTION SYSTEM IN A COMPUTER NETWORK

2014 ◽  
Vol 12 (5) ◽  
pp. 3479-3485
Author(s):  
Babatunde R.S ◽  
Adewole K.S ◽  
Abdulsalam S.O ◽  
Isiaka R.M
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Preventive Measures ◽  
Computer Network ◽  
Detection System ◽  
Denial Of Service ◽  
Network System ◽  
Network Attack ◽  
Network Technologies

The development of network technologies and application has promoted network attack both in number and severity.  The last few years have seen a dramatic increase in the number of attacks, hence, intrusion detection has become the mainstream of information assurance. A computer network system should provide confidentiality, integrity and assurance against denial of service. While firewalls do provide some protection, they do not provide full protection.  This is because not all access to the network occurs through the firewall.  This is why firewalls need to be complemented by an intrusion detection system (IDS).An IDS does not usually take preventive measures when an attack is detected; it is a reactive rather than proactive agent. It plays the role of an informant rather than a police officer. In this research, an intrusion detection system that can be used to deny illegitimate access to some operations was developed. The IDS also controls the kind of operations performed by users (i.e. clients) on the network. However, unlike other methods, this requires no encryption or cryptographic processing on a per-packet basis. Instead, it scans the various messages sent on a network by the user. The system was developed using MicrosoftVisual Basic.

scholarly journals Intrusion Detection System for Detecting Cyber Attacks

2019 ◽  
Vol 9 (1S) ◽  
pp. 196-199
Keyword(s):  
Control System ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Closed Loop ◽  
Detection System ◽  
Cyber Attacks ◽  
Closed Loop Control ◽  
Loop Control ◽  
Closed Loop Control System ◽  
Loop Control System

The proposed topology for a wireless networked control system is learnt under several cyber-attack situations, and a distributed intrusion detection system (IDS) is created to see the presence of attacks. More particularly, the paper shows a modeling structure for the closed-loop control system with the IDS, and a computational method to create and compute the IDS. The computational procedure delivers a stable closed-loop control system with the IDS being sensitive to cyber-attacks. Also, a simulation example is used to demonstrate the application of the proposed procedure as well as its effectiveness.

Sign in / Sign up

Export Citation Format

Share Document