Detection of Intrusion using Hybrid Feature Selection and Flexible Rule Based Machine Learning

doi:10.35940/ijeat.f8783.088619

Detection of Intrusion using Hybrid Feature Selection and Flexible Rule Based Machine Learning

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f8783.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 2852-2861

Keyword(s):

Data Processing ◽

Data Sharing ◽

Service Providers ◽

Attack Detection ◽

Sensitive Data ◽

Characteristics Analysis ◽

Network Status ◽

Legacy Applications ◽

Status Analysis ◽

Processing Framework

With the rapid growth in the data processing and data sharing, the application owners and the consumers of the applications are more influenced to use the remote storage on cloud-based data centre and the application generated data is also growing ups and bounds. Nevertheless, the adaptation of the data sharing, and data processing applications were not easy for the consumers. The application owners and the service providers have struggled with the sensitive data of the consumers and the consumers were also faced trust issues with the complete framework. The standard legacy applications were designed for the traditional centralized scenarios, where the intrusion detection can be performed only using the network status analysis and the application characteristics analysis. Moreover, most of the parallel calculations initially enhance the hybrid likelihood and change likelihood of GA as indicated by the populace advancement variable-based math and wellness esteem. Nevertheless, the population of data and the attacks on the data is high and the correct population size is highly difficult to determine. Regardless to mention, that the use of fitness functions will restrict the attack detection to certain types and these algorithms are bound to fail in case of a newer attack. However, with the migration of application to the data processing framework, the consumers have started demanding more security against the intrusions. A good number of research attempts were made to map the traditional security algorithms into the data processing space, nonetheless, the attempts were highly criticized due to the lack of proper analysis of security attacks on data processing applications. Hence, this work proposes a novel framework to detect the intrusions on data processing framework with justifying attack characteristics. This work proposes a novel algorithm to reduce the features of attack characteristics to justify the gaps on data processing frameworks with significant reduction in time for processing and further, proposes an algorithm to derive a strong rule engine to analyse the attack characteristics for detecting newer attacks. The complete proposed framework demonstrates nearly 93% and higher accuracy, which is much higher than the existing parallel research outcomes with least time complexity.

Get full-text (via PubEx)

An Approach to Data Confidentiality Protection in Cloud Environments

International Journal of Web Services Research ◽

10.4018/jwsr.2012070104 ◽

2012 ◽

Vol 9 (3) ◽

pp. 67-83 ◽

Cited By ~ 1

Author(s):

Stephen S. Yau ◽

Ho G. An ◽

Arun Balaji Buduru

Keyword(s):

Cloud Computing ◽

Data Processing ◽

Data Storage ◽

Service Providers ◽

Data Confidentiality ◽

Sensitive Data ◽

Computing Systems ◽

Cloud Application ◽

Cloud Infrastructures ◽

Processing Service

In current cloud computing systems, because users’ data is stored and processed by computing systems managed and operated by various service providers, users are concerned with the risks of unauthorized usage of their sensitive data by various entities, including service providers. The current cloud computing systems protect users’ data confidentiality from all entities, except service providers. In this paper, an approach is presented for improving the protection of users’ data confidentiality in cloud computing systems from all entities, including service providers. The authors’ approach has the following features: (1) separation of cloud application providers, data processing service providers and data storage providers, (2) anonymization of users’ identities, (3) grouping cloud application components and distributing their execution to distinct cloud infrastructures of data processing service providers, and (4) use of data obfuscation and cryptography for protecting the sensitive data from unauthorized access by all entities, including service providers. The proposed approach ensures that users’ sensitive data can be protected from their service providers even if the users do not have full cooperation from their service providers.

Get full-text (via PubEx)

A Decentralized Personal Data Store based on Ethereum: Towards GDPR Compliance

Journal of Communications Software and Systems ◽

10.24138/jcomss.v15i2.696 ◽

2019 ◽

Vol 15 (2) ◽

Cited By ~ 3

Author(s):

Marco Alessi ◽

Alessio Camillò ◽

Enza Giangreco ◽

Marco Matera ◽

Stefano Pino ◽

...

Keyword(s):

Data Sharing ◽

Data Protection ◽

Service Providers ◽

Personal Data ◽

End Users ◽

Third Party ◽

Smart Devices ◽

Sensitive Data ◽

Data Store ◽

Mandatory Requirement

Sharing personal data with service providers is a fundamental resource for the times we live in. But data sharing represents an unavoidable issue, due to improper data treatment, lack of users' awareness to whom they are sharing with, wrong or excessive data sharing from end users who ignore they are exposing personal information. The problem becomes even more complicate if we try to consider the devices around us: how to share devices we own, so that we can receive pervasive services, based on our contexts and device functionalities. The European Authority has provided the General Data Protection Regulation (GDPR), in order to implement protection of sensitive data in each EU member, throughout certification mechanisms (according to Art. 42 GDPR). The certification assures compliance to the regulation, which represent a mandatory requirement for any service which may come in contact with sensitive data. Still the certification is an open process and not constrained by strict rule. In this paper we describe our decentralized approach in sharing personal data in the era of smart devices, being those considered sensitive data as well. Having in mind the centrality of users in the ownership of the data, we have proposed a decentralized Personal Data Store prototype, which stands as a unique data sharing endpoint for third party services. Even if blockchain technologies may seem fit to solve the issue of data protection, because of the absence of a central authority, they lay to additional concerns especially relating such technologies with specifications described in the regulation. The current work offers a contribution in the advancements of personal data sharing management systems in a distributed environment by presenting a real prototype and an architectural blueprint, which advances the state of the art in order to meet the GDPR regulation. Address those arisen issues, from a technological perspective, stands as an important challenge, in order to empower end users in owning their personal data for real.

Get full-text (via PubEx)

The Need for Machine-Processable Agreements in Health Data Management

Algorithms ◽

10.3390/a13040087 ◽

2020 ◽

Vol 13 (4) ◽

pp. 87

Author(s):

George Konstantinidis ◽

Adriane Chapman ◽

Mark J. Weal ◽

Ahmed Alzubaidi ◽

Lisa M. Ballard ◽

...

Keyword(s):

Data Processing ◽

Data Management ◽

Data Sharing ◽

Medical Information ◽

Service Providers ◽

Personal Data ◽

Health Data ◽

Coarse Grained ◽

Semantic Web Technologies ◽

Fine Grained

Data processing agreements in health data management are laid out by organisations in monolithic “Terms and Conditions” documents written in natural legal language. These top-down policies usually protect the interest of the service providers, rather than the data owners. They are coarse-grained and do not allow for more than a few opt-in or opt-out options for individuals to express their consent on personal data processing, and these options often do not transfer to software as they were intended to. In this paper, we study the problem of health data sharing and we advocate the need for individuals to describe their personal contract of data usage in a formal, machine-processable language. We develop an application for sharing patient genomic information and test results, and use interactions with patients and clinicians in order to identify the particular peculiarities a privacy/policy/consent language should offer in this complicated domain. We present how Semantic Web technologies can have a central role in this approach by providing the formal tools and features required in such a language. We present our ongoing approach to construct an ontology-based framework and a policy language that allows patients and clinicians to express fine-grained consent, preferences or suggestions on sharing medical information. Our language offers unique features such as multi-party ownership of data or data sharing dependencies. We evaluate the landscape of policy languages from different areas, and show how they are lacking major requirements needed in health data management. In addition to enabling patients, our approach helps organisations increase technological capabilities, abide by legal requirements, and save resources.

Get full-text (via PubEx)

Betalogger: Smartphone Sensor-based Side-channel Attack Detection and Text Inference Using Language Modeling and Dense MultiLayer Neural Network

ACM Transactions on Asian and Low-Resource Language Information Processing ◽

10.1145/3460392 ◽

2021 ◽

Vol 20 (5) ◽

pp. 1-17

Author(s):

Abdul Rehman Javed ◽

Saif Ur Rehman ◽

Mohib Ullah Khan ◽

Mamoun Alazab ◽

Habib Ullah Khan

Keyword(s):

Neural Network ◽

Language Modeling ◽

Attack Detection ◽

Machine Learning Algorithms ◽

Second Phase ◽

Sensitive Data ◽

Phase Sequence ◽

Smartphone Technology ◽

Conventional Machine ◽

Sequence Generator

With the recent advancement of smartphone technology in the past few years, smartphone usage has increased on a tremendous scale due to its portability and ability to perform many daily life tasks. As a result, smartphones have become one of the most valuable targets for hackers to perform cyberattacks, since the smartphone can contain individuals’ sensitive data. Smartphones are embedded with highly accurate sensors. This article proposes BetaLogger , an Android-based application that highlights the issue of leaking smartphone users’ privacy using smartphone hardware sensors (accelerometer, magnetometer, and gyroscope). BetaLogger efficiently infers the typed text (long or short) on a smartphone keyboard using Language Modeling and a Dense Multi-layer Neural Network (DMNN). BetaLogger is composed of two major phases: In the first phase, Text Inference Vector is given as input to the DMNN model to predict the target labels comprising the alphabet, and in the second phase, sequence generator module generate the output sequence in the shape of a continuous sentence. The outcomes demonstrate that BetaLogger generates highly accurate short and long sentences, and it effectively enhances the inference rate in comparison with conventional machine learning algorithms and state-of-the-art studies.

Get full-text (via PubEx)

A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01957-9 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Shanshan Yu ◽

Jicheng Zhang ◽

Ju Liu ◽

Xiaoqing Zhang ◽

Yafeng Li ◽

...

Keyword(s):

Ensemble Learning ◽

Denial Of Service ◽

Attack Detection ◽

Coarse Grained ◽

Communication Overhead ◽

Detection Scheme ◽

Fine Grained ◽

Ddos Attack ◽

Network Status ◽

Ddos Attack Detection

AbstractIn order to solve the problem of distributed denial of service (DDoS) attack detection in software-defined network, we proposed a cooperative DDoS attack detection scheme based on entropy and ensemble learning. This method sets up a coarse-grained preliminary detection module based on entropy in the edge switch to monitor the network status in real time and report to the controller if any abnormality is found. Simultaneously, a fine-grained precise attack detection module is designed in the controller, and a ensemble learning-based algorithm is utilized to further identify abnormal traffic accurately. In this framework, the idle computing capability of edge switches is fully utilized with the design idea of edge computing to offload part of the detection task from the control plane to the data plane innovatively. Simulation results of two common DDoS attack methods, ICMP and SYN, show that the system can effectively detect DDoS attacks and greatly reduce the southbound communication overhead and the burden of the controller as well as the detection delay of the attacks.

Get full-text (via PubEx)

Big traffic data processing framework for intelligent monitoring and recording systems

Neurocomputing ◽

10.1016/j.neucom.2015.07.140 ◽

2016 ◽

Vol 181 ◽

pp. 139-146 ◽

Cited By ~ 18

Author(s):

Yingjie Xia ◽

Jinlong Chen ◽

Xindai Lu ◽

Chunhui Wang ◽

Chao Xu

Keyword(s):

Data Processing ◽

Traffic Data ◽

Intelligent Monitoring ◽

Big Traffic Data ◽

Processing Framework

Get full-text (via PubEx)

Real Time Data Processing Framework

International Journal of Data Mining & Knowledge Management Process ◽

10.5121/ijdkp.2015.5504 ◽

2015 ◽

Vol 5 (5) ◽

pp. 49-63 ◽

Cited By ~ 3

Author(s):

Karan Patel ◽

Yash Sakaria ◽

Chetashri Bhadane

Keyword(s):

Data Processing ◽

Real Time ◽

Time Data ◽

Real Time Data ◽

Real Time Data Processing ◽

Processing Framework

Get full-text (via PubEx)

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Get full-text (via PubEx)

Protecting Sensitive Data with Secure Data Enclaves

10.31219/osf.io/jmd7t ◽

2021 ◽

Author(s):

Mark Howison ◽

Mintaka Angell ◽

Michael Hicklen ◽

Justine S. Hastings

Keyword(s):

Data Sharing ◽

Data Use ◽

Data Access ◽

Cloud Services ◽

Reference Architecture ◽

Sensitive Data ◽

Technical Requirements ◽

Data Owner ◽

Secure Data ◽

Amazon Web Services

A Secure Data Enclave is a system that allows data owners to control data access and ensure data security while facilitating approved uses of data by other parties. This model of data use offers additional protections and technical controls for the data owner compared to the more commonly used approach of transferring data from the owner to another party through a data sharing agreement. Under the data use model, the data owner retains full transparency and auditing over the other party’s access, which can be difficult to achieve in practice with even the best legal instrument for data sharing. We describe the key technical requirements for a Secure Data Enclave and provide a reference architecture for its implementation on the Amazon Web Services platform using managed cloud services.

Get full-text (via PubEx)

A Safe and Resilient Cryptographic System for Dynamic Cloud Groups with Secure Data Sharing and Efficient User Revocation

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i3.2144 ◽

2021 ◽

Vol 12 (3) ◽

pp. 5164-5175

Author(s):

Prerna Agarwal Et. al.

Keyword(s):

Data Sharing ◽

Service Providers ◽

Cloud Service ◽

Data File ◽

Third Party ◽

Outsourced Data ◽

User Revocation ◽

Cryptographic System ◽

Daunting Challenge ◽

Cloud Users

A comprehensive and functional approach is built in cloud computing, which can be used by cloud users to exchange information. Cloud service providers (CSPs) can transfer through server services through powerful data centres to cloud users. Data is protected through authentication of cloud users and CSPs can have outsourced data file sharing security assurance. The continuing change in cloud users, especially unauthenticated users or third parties poses a critical problem in ensuring privacy in data sharing. The multifunctional exchange of information while protecting information and personal protection from unauthorized or other third-party users remains a daunting challenge

Get full-text (via PubEx)