scholarly journals Application of Histogram-Based Outlier Scores to Detect Computer Network Anomalies

Electronics ◽  
2019 ◽  
Vol 8 (11) ◽  
pp. 1251
Author(s):  
Nerijus Paulauskas ◽  
Algirdas Baskys
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Computer Networks ◽  
Intrusion Detection System ◽  
Computer Network ◽  
Detection System ◽  
Experimental Results ◽  
Data Confidentiality ◽  
New Challenges ◽  
Critical Resources

Misuse activity in computer networks constantly creates new challenges and difficulties to ensure data confidentiality, integrity, and availability. The capability to identify and quickly stop the attacks is essential, as the undetected and successful attack may cause losses of critical resources. The anomaly-based intrusion detection system (IDS) is a valuable security tool that is capable of detecting new, previously unseen attacks. Anomaly-based IDS sends an alarm when it detects an event that deviates from the behavior characterized as normal. This paper analyses the use of the histogram-based outlier score (HBOS) to detect anomalies in the computer network. Experimental results of different histogram creation methods and the influence of the number of bins on the performance of anomaly detection are presented. Experiments were conducted using an NSL-KDD dataset.

scholarly journals Early Intrusion Detection System (IDS) using Snort and Telegram approach

SISFORMA ◽  
2020 ◽  
Vol 7 (1) ◽  
pp. 21
Author(s):  
Aan Erlansari ◽  
Funny Farady Coastera ◽  
Afief Husamudin
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Computer Networks ◽  
Intrusion Detection System ◽  
Computer Network ◽  
Instant Messaging ◽  
Detection System ◽  
Data Packets ◽  
Log Files ◽  
Pass Through

Computer network security is an important factor that must be considered. Guaranteed security can avoid losses caused by attacks on the network security system. The most common prevention against network attacks is to place an administrator, but problems will arise when the administrator is not supervising the network, so to overcome these problems a system called IDS (Intrusion Detection System) can detect suspicious activity on the network through automating the work functions of an administrator. Snort is one of the software that functions to find out the intrusion. Data packets that pass through network traffic will be analyzed. Data packets detected as intrusion will trigger alerts which are then stored in log files. Thus, administrators can find out intrusions that occur on computer networks, and the existence of instant messaging applications can help administrators to get realtime notifications, one of which is using the Telegram application. The results of this study are,  Snort able to detect intrusion of attacks on computer networks and the system can send alerts from snort to administrators via telegram bot in real-time.

scholarly journals Anomaly based Intrusion Detection System using Machine Learning

2021 ◽  
Vol 9 (9) ◽  
pp. 255-260
Author(s):  
Akshat Runwal
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Intrusion Detection System ◽  
Computer Network ◽  
Detection System ◽  
High Detection Rate ◽  
Network Intrusion ◽  
Average Accuracy

Abstract: Attacks on the computer infrastructures are becoming an increasingly serious issue. The problem is ubiquitous and we need a reliable system to prevent it. An anomaly detection-based network intrusion detection system is vital to any security framework within a computer network. The existing Intrusion detection system have a high detection rate but they also have mendacious alert rates. With the use of Machine Learning, we can implement an efficient and reliable model for Intrusion detection and stop some of the hazardous attacks in the network. This paper focuses on detailed study on NSL- KDD dataset after extracting some of the relevant records and then several experiments have been performed and evaluated to assess various machine learning classifiers based on dataset. The implemented experiments demonstrated that the Random forest classifier has achieved the highest average accuracy and has outperformed the other models in various evaluations. Keywords: Intrusion Detection System, Anomaly Detection, Machine Learning, Random Forest, Network Security

Implementasi Iptables Firewall dan Intrusion Detection System Untuk Mencegah Serangan DDoS Pada Linux Server

2021 ◽  
pp. 19-23
Author(s):  
Theodorus Kristian Widianto ◽  
Wiwin Sulistyo
Keyword(s):  
Intrusion Detection ◽  
Computer Networks ◽  
Intrusion Detection System ◽  
Detection System ◽  
Ddos Attacks ◽  
Server Side ◽  
Ddos Attack ◽  
Internet Users ◽  
Data Theft ◽  
Server Computer

Security on computer networks is currently a matter that must be considered especially for internet users because many risks must be borne if this is negligent of attention. Data theft, system destruction, and so on are threats to users, especially on the server-side. DDoS is a method of attack that is quite popular and is often used to bring down servers. This method runs by consuming resources on the server computer so that it can no longer serve requests from the user side. With this problem, security is needed to prevent the DDoS attack, one of which is using iptables that has been provided by Linux. Implementing iptables can prevent or stop external DDoS attacks aimed at the server.

Hybrid Intrusion Detection Framework for Ad hoc networks

2016 ◽  
Vol 10 (4) ◽  
pp. 1-32 ◽  
Author(s):  
Abdelaziz Amara Korba ◽  
Mehdi Nafaa ◽  
Salim Ghanemi
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Ad Hoc Networks ◽  
Intrusion Detection System ◽  
Ad Hoc ◽  
Detection System ◽  
Security Framework ◽  
Detection Techniques ◽  
Wide Range ◽  
Hoc Networks

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

Sign in / Sign up

Export Citation Format

Share Document