scholarly journals LC-IDS: Loci-Constellation-Based Intrusion Detection for Reconfigurable Wireless Networks

Electronics ◽  
2021 ◽  
Vol 10 (24) ◽  
pp. 3053
Author(s):  
Jaime Zuniga-Mejia ◽  
Rafaela Villalpando-Hernandez ◽  
Cesar Vargas-Rosales ◽  
Mahdi Zareei
Keyword(s):  
Wireless Networks ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Dimensional Space ◽  
Temporal Structure ◽  
Detection Performance ◽  
Detection Accuracy ◽  
Routing Attacks ◽  
Network Intrusion ◽  
Wide Range

Detection accuracy of current machine-learning approaches to intrusion detection depends heavily on feature engineering and dimensionality-reduction techniques (e.g., variational autoencoder) applied to large datasets. For many use cases, a tradeoff between detection performance and resource requirements must be considered. In this paper, we propose Loci-Constellation-based Intrusion Detection System (LC-IDS), a general framework for network intrusion detection (detection of already known and previously unknown routing attacks) for reconfigurable wireless networks (e.g., vehicular ad hoc networks, unmanned aerial vehicle networks). We introduce the concept of ‘attack-constellation’, which allows us to represent all the relevant information for intrusion detection (misuse detection and anomaly detection) on a latent 2-dimensional space that arises naturally by considering the temporal structure of the input data. The attack/anomaly-detection performance of LC-IDS is analyzed through simulations in a wide range of network conditions. We show that for all the analyzed network scenarios, we can detect known attacks, with a good detection accuracy, and anomalies with low false positive rates. We show the flexibility and scalability of LC-IDS that allow us to consider a dynamic number of neighboring nodes and routing attacks in the ‘attack-constellation’ in a distributed fashion and with low computational requirements.

scholarly journals Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks

Sensors ◽  
2021 ◽  
Vol 21 (14) ◽  
pp. 4736
Author(s):  
Sk. Tanzir Mehedi ◽  
Adnan Anwar ◽  
Ziaur Rahman ◽  
Kawsar Ahmed
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Real Time ◽  
Transfer Learning ◽  
Security Requirements ◽  
Detection Accuracy ◽  
Area Network ◽  
Complex Data ◽  
Network Intrusion

The Controller Area Network (CAN) bus works as an important protocol in the real-time In-Vehicle Network (IVN) systems for its simple, suitable, and robust architecture. The risk of IVN devices has still been insecure and vulnerable due to the complex data-intensive architectures which greatly increase the accessibility to unauthorized networks and the possibility of various types of cyberattacks. Therefore, the detection of cyberattacks in IVN devices has become a growing interest. With the rapid development of IVNs and evolving threat types, the traditional machine learning-based IDS has to update to cope with the security requirements of the current environment. Nowadays, the progression of deep learning, deep transfer learning, and its impactful outcome in several areas has guided as an effective solution for network intrusion detection. This manuscript proposes a deep transfer learning-based IDS model for IVN along with improved performance in comparison to several other existing models. The unique contributions include effective attribute selection which is best suited to identify malicious CAN messages and accurately detect the normal and abnormal activities, designing a deep transfer learning-based LeNet model, and evaluating considering real-world data. To this end, an extensive experimental performance evaluation has been conducted. The architecture along with empirical analyses shows that the proposed IDS greatly improves the detection accuracy over the mainstream machine learning, deep learning, and benchmark deep transfer learning models and has demonstrated better performance for real-time IVN security.

scholarly journals A flexible framework for anomaly Detection via dimensionality reduction

2021 ◽  
Author(s):  
Alireza Vafaei Sadr ◽  
Bruce A. Bassett ◽  
M. Kunz
Keyword(s):  
Anomaly Detection ◽  
Dimensionality Reduction ◽  
Dimensional Space ◽  
High Dimensions ◽  
Detection Algorithms ◽  
Latent Space ◽  
Wide Range ◽  
Flexible Framework ◽  
Online Anomaly Detection ◽  
Python Package

AbstractAnomaly detection is challenging, especially for large datasets in high dimensions. Here, we explore a general anomaly detection framework based on dimensionality reduction and unsupervised clustering. DRAMA is released as a general python package that implements the general framework with a wide range of built-in options. This approach identifies the primary prototypes in the data with anomalies detected by their large distances from the prototypes, either in the latent space or in the original, high-dimensional space. DRAMA is tested on a wide variety of simulated and real datasets, in up to 3000 dimensions, and is found to be robust and highly competitive with commonly used anomaly detection algorithms, especially in high dimensions. The flexibility of the DRAMA framework allows for significant optimization once some examples of anomalies are available, making it ideal for online anomaly detection, active learning, and highly unbalanced datasets. Besides, DRAMA naturally provides clustering of outliers for subsequent analysis.

scholarly journals Network Intrusion Detection using a Combination of Fuzzy Clustering and Ant Colony Algorithm

2021 ◽  
Vol 5 (2) ◽  
pp. 11-19
Author(s):  
Yadgar Sirwan Abdulrahman
Keyword(s):  
Intrusion Detection ◽  
Ant Colony Algorithm ◽  
Optimization Problems ◽  
Detection System ◽  
Ant Colony ◽  
Detection Accuracy ◽  
Ant Colony Optimization Algorithm ◽  
Network Intrusion ◽  
Secure Network ◽  
Main Component

As information technology grows, network security is a significant issue and challenge. The intrusion detection system (IDS) is known as the main component of a secure network. An IDS can be considered a set of tools to help identify and report abnormal activities in the network. In this study, we use data mining of a new framework using fuzzy tools and combine it with the ant colony optimization algorithm (ACOR) to overcome the shortcomings of the k-means clustering method and improve detection accuracy in IDSs. Introduced IDS. The ACOR algorithm is recognized as a fast and accurate meta-method for optimization problems. We combine the improved ACOR with the fuzzy c-means algorithm to achieve efficient clustering and intrusion detection. Our proposed hybrid algorithm is reviewed with the NSL-KDD dataset and the ISCX 2012 dataset using various criteria. For further evaluation, our method is compared to other tasks, and the results are compared show that the proposed algorithm has performed better in all cases.

scholarly journals RICNN: A ResNet&Inception convolutional neural network for intrusion detection of abnormal traffic

2021 ◽  
pp. 55-55
Author(s):  
Benhui Xia ◽  
Dezhi Han ◽  
Ximing Yin ◽  
Gao Na
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Detection Rate ◽  
Recognition Rate ◽  
Identification Accuracy ◽  
Detection Accuracy ◽  
Traffic Classification ◽  
High Detection Rate ◽  
Network Intrusion

To secure cloud computing and outsourced data while meeting the requirements of automation, many intrusion detection schemes based on deep learn ing are proposed. Though the detection rate of many network intrusion detection solutions can be quite high nowadays, their identification accuracy on imbalanced abnormal network traffic still remains low. Therefore, this paper proposes a ResNet &Inception-based convolutional neural network (RICNN) model to abnormal traffic classification. RICNN can learn more traffic features through the Inception unit, and the degradation problem of the network is eliminated through the direct map ping unit of ResNet, thus the improvement of the model?s generalization ability can be achievable. In addition, to simplify the network, an improved version of RICNN, which makes it possible to reduce the number of parameters that need to be learnt without degrading identification accuracy, is also proposed in this paper. The experimental results on the dataset CICIDS2017 show that RICNN not only achieves an overall accuracy of 99.386% but also has a high detection rate across different categories, especially for small samples. The comparison experiments show that the recognition rate of RICNN outperforms a variety of CNN models and RNN models, and the best detection accuracy can be achieved.

Building Recommender Systems for Network Intrusion Detection Using Intelligent Decision Technologies

2013 ◽  
pp. 49-62 ◽  
Author(s):  
Mrutyunjaya Panda ◽  
Manas Ranjan Patra ◽  
Sachidananda Dehuri
Keyword(s):  
Intrusion Detection ◽  
Recommender Systems ◽  
Machine Learning Algorithms ◽  
Network Intrusion Detection ◽  
Current Generation ◽  
Network Intrusion ◽  
Intelligent Decision ◽  
Wide Range ◽  
Network Intrusions ◽  
Decision Technologies

This chapter presents an overview of the field of recommender systems and describes the current generation of recommendation methods with their limitations and possible extensions that can improve the capabilities of the recommendations made suitable for a wide range of applications. In recent years, machine learning algorithms have been considered to be an important part of the recommendation process to take intelligent decisions. The chapter will explore the application of such techniques in the field of network intrusion detection in order to examine the vulnerabilities of different recommendation techniques. Finally, the authors outline some of the major issues in building secure recommendation systems in identifying possible network intrusions.

Hybrid Intrusion Detection Framework for Ad hoc networks

2016 ◽  
Vol 10 (4) ◽  
pp. 1-32 ◽  
Author(s):  
Abdelaziz Amara Korba ◽  
Mehdi Nafaa ◽  
Salim Ghanemi
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Ad Hoc Networks ◽  
Intrusion Detection System ◽  
Ad Hoc ◽  
Detection System ◽  
Security Framework ◽  
Detection Techniques ◽  
Wide Range ◽  
Hoc Networks

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

scholarly journals Research on Network Intrusion Detection Based on Incremental Extreme Learning Machine and Adaptive Principal Component Analysis

Energies ◽  
2019 ◽  
Vol 12 (7) ◽  
pp. 1223 ◽  
Author(s):  
Jianlei Gao ◽  
Senchun Chai ◽  
Baihai Zhang ◽  
Yuanqing Xia
Keyword(s):  
Intrusion Detection ◽  
Extreme Learning Machine ◽  
Detection System ◽  
Principal Component ◽  
Detection Accuracy ◽  
Network Attack ◽  
Network Intrusion ◽  
Learning Machine ◽  
Malicious Behaviors ◽  
Adaptive Principal Component Analysis

Recently, network attacks launched by malicious attackers have seriously affected modern life and enterprise production, and these network attack samples have the characteristic of type imbalance, which undoubtedly increases the difficulty of intrusion detection. In response to this problem, it would naturally be very meaningful to design an intrusion detection system (IDS) to effectively and quickly identify and detect malicious behaviors. In our work, we have proposed a method for an IDS-combined incremental extreme learning machine (I-ELM) with an adaptive principal component (A-PCA). In this method, the relevant features of network traffic are adaptively selected, where the best detection accuracy can then be obtained by I-ELM. We have used the NSL-KDD standard dataset and UNSW-NB15 standard dataset to evaluate the performance of our proposed method. Through analysis of the experimental results, we can see that our proposed method has better computation capacity, stronger generalization ability, and higher accuracy.

Sign in / Sign up

Export Citation Format

Share Document