scholarly journals Design Of Intrusion Detection System For Dos Attack In 6lowpan And RPL Based IoT Network

2019 ◽  
Vol 8 (11) ◽  
pp. 3840-3844
Keyword(s):  
Intrusion Detection ◽  
Low Power ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Area Network ◽  
Dos Attack ◽  
Resource Constrained ◽  
Ipv6 Protocol

Internet of Things (IoT) is a network spread globally and accommodates maximum things under it. All these things are connected globally using IPv6 protocol which satisfies the need of connecting maximum devices by supporting 2^128 addresses. Because of heavy-weight nature of IPv6 protocol, a compressed version of it known as IPv6 Low Power Personal Area Network (6LoWPAN) protocol is used for a resource-constrained network that communicates over low power and lossy links. In IoT, devices are resource-constrained in terms of low battery power, less processing power, less transceiver power, etc. Also these devices are directly connected to insecure internet hence it is very challenging to maintain security in IoT network. In this paper, we have discussed various attacks on 6LoWPAN and RPL network along with countermeasures to reduce the attacks. DoS attack is one of the severe attacks in IoT which has various patterns of execution. Out of various attacks we have designed Intrusion Detection System (IDS) for Denial of Service (DOS) attack detection using Contiki OS and Cooja simulator.

Application of Deep Learning Technique in an Intrusion Detection System

2020 ◽  
Vol 19 (02) ◽  
pp. 2050016
Author(s):  
Shideh Saraeian ◽  
Mahya Mohammadi Golchi
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Visual Analysis ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Hybrid Network ◽  
Machine Learning Techniques ◽  
Learning Technique

Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.

scholarly journals Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

2021 ◽  
Author(s):  
Kathiroli Raja ◽  
Krithika Karthikeyan ◽  
Abilash B ◽  
Kapal Dev ◽  
Gunasekaran Raja
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Production Management ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Sensitive Information ◽  
Smart Meters ◽  
Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified,
1
stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

scholarly journals Intrusion Detection System using Hybrid SVM-RF and SVM-DT in Wireless Sensor Networks

2019 ◽  
Vol 8 (2S8) ◽  
pp. 1926-1931
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Hybrid Algorithm ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Support Vector ◽  
Second Stage ◽  
Network Intrusion

Intrusion detection system (IDS) is one of the essential security mechanisms against attacks in WSN. Network intrusion detection system (NIDS) generally uses the classification techniques in order to obtain the best possible accuracy and attack detection rate. In this paper, Intrusion Detection System is designed which uses two-stage hybrid classification method. In the first stage it uses Support Vector Machine (SVM) as anomaly detection, and in the second stage it uses Random Forest (RF)/Decision Tree (DT) as misuse. The abnormal activities are detected in the first stage. These abnormal activities are further analyzed and the known attacks are identified in the second stage and are classified as Denial of Service (DoS) attack, Probe attack, Remote to Local (R2L) attack and User to Root (U2R) attack. Simulation results reveal that the proposed hybrid algorithm obtains better accuracy and detection rate than the single classifier namely, SVM, RF and DT algorithm. The experimental results also shows that hybrid algorithm can detect anomaly activity in a reliable way. Proposed technique uses the standard NSL KDD dataset to evaluate/calculate the performance of the proposed approach. Here the results show that the proposed Hybrid SVM-RF/DT IDS technique performs better in terms of detection rate, accuracy and recall than the existing SVM, RF and DT approaches.

scholarly journals Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache

Respati ◽  
2020 ◽  
Vol 15 (2) ◽  
pp. 6
Author(s):  
Lukman Lukman ◽  
Melati Suci
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Web Server ◽  
Attack Detection ◽  
Web Servers ◽  
Server Software ◽  
The Web

INTISARIKeamanan jaringan pada web server merupakan bagian yang paling penting untuk menjamin integritas dan layanan bagi pengguna. Web server sering kali menjadi target serangan yang mengakibatkan kerusakan data. Salah satunya serangan SYN Flood merupakan jenis serangan Denial of Service (DOS) yang memberikan permintaan SYN secara besar-besaran kepada web server.Untuk memperkuat keamanan jaringan web server penerapan Intrusion Detection System (IDS) digunakan untuk mendeteksi serangan, memantau dan menganalisa serangan pada web server. Software IDS yang sering digunakan yaitu IDS Snort dan IDS Suricata yang memiliki kelebihan dan kekurangannya masing-masing. Tujuan penelitian kali ini untuk membandingkan kedua IDS menggunakan sistem operasi linux dengan pengujian serangan menggunakan SYN Flood yang akan menyerang web server kemudian IDS Snort dan Suricata yang telah terpasang pada web server akan memberikan peringatan jika terjadi serangan. Dalam menentukan hasil perbandingan, digunakan parameter-parameter yang akan menjadi acuan yaitu jumlah serangan yang terdeteksi dan efektivitas deteksi serangan dari kedua IDS tersebut.Kata kunci: Keamanan jaringan, Web Server, IDS, SYN Flood, Snort, Suricata. ABSTRACTNetwork security on the web server is the most important part to guarantee the integrity and service for users. Web servers are often the target of attacks that result in data damage. One of them is the SYN Flood attack which is a type of Denial of Service (DOS) attack that gives a massive SYN request to the web server.To strengthen web server network security, the application of Intrusion Detection System (IDS) is used to detect attacks, monitor and analyze attacks on web servers. IDS software that is often used is IDS Snort and IDS Suricata which have their respective advantages and disadvantages.The purpose of this study is to compare the two IDS using the Linux operating system with testing the attack using SYN Flood which will attack the web server then IDS Snort and Suricata that have been installed on the web server will give a warning if an attack occurs. In determining the results of the comparison, the parameters used will be the reference, namely the number of attacks detected and the effectiveness of attack detection from the two IDS.Keywords: Network Security, Web Server, IDS, SYN Flood, Snort, Suricata.

scholarly journals Implementasi Intrusion Detection System (IDS) Pada Keamanan PC Server Terhadap Serangan Flooding Data

2018 ◽  
Vol 28 (1) ◽  
Author(s):  
Achmad Hambali Hambali ◽  
Siti Nurmiati
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Local Area Network ◽  
Detection System ◽  
Denial Of Service ◽  
Local Area ◽  
Area Network

Flooding Data adalah jenis serangan Denial of Service (DOS) di mana data flooding menyerangkomputer atau server di jaringan lokal atau internet dengan menghabiskan sumber daya yang dimiliki olehkomputer hingga komputer tidak dapat menjalankan fungsinya dengan baik sehingga tidak secara langsungmencegah pengguna lain dari mendapatkan akses ke layanan dari komputer yang diserang. Penelitian ini untukmenganalisis indikasi serangan dan menjaga keamanan sistem dari ancaman banjir data. Untuk itu kitamembutuhkan alat deteksi yang dapat mengenali keberadaan serangan flooding data dengan mengetuk paketdata dan kemudian membandingkannya dengan aturan basis data IDS (berisi paket serangan tanda tangan).Mesin IDS akan membaca peringatan dari IDS (seperti jenis serangan dan penyadap alamat IP) untukmeminimalkan data serangan flooding terhadap LAN (Local Area Network) dan server. Metode pengujian dataserangan banjir dengan menggunakan metode pengujian penetrasi. Tiga sampel uji adalah serangan floodingdata terhadap ICMP, UDP dan protokol TCP menggunakan aplikasi Flooding data. Hasil yang diperolehketika menguji data serangan flooding di mana sensor sensor deteksi dapat mendeteksi semua serangan dansemua sampel serangan dapat dicegah atau disaring menggunakan sistem keamanan jaringan berbasisfirewall.

scholarly journals Machine Learning-Based Distributed Denial of Service Attack Detection on Intrusion Detection System Regarding to Feature Selection

2020 ◽  
Vol 4 (1) ◽  
Author(s):  
Ahmad Azhari ◽  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Policy Development ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Detection Techniques

Distributed Service Denial (DDoS) is a type of network attack, which each year increases in volume and intensity.  DDoS attacks also form part of the major types of cyber security threats so far. Early detection plays a key role in avoiding the catastrophic effects on server infrastructure from DDoS attacks. Detection techniques in the traditional Intrusion Detection System (IDS) are far from perfect compared to a number of modern techniques and tools used by attackers, because the traditional IDS only uses signature-based detection or anomaly-based detection models and causes a lot of false positive flags, since the flow of computer network data packets has complex properties in terms of both size and source. Based on the  deficiency in the ordinary IDS, this study aims to detect DDoS attacks by using machine learning techniques to enhance IDS policy development.  According to the experiment the selection of features plays an important role in the precision of the detection results and in the performance of machine learning in classification problems. The combination of seven key selected dataset features used as an input neural network classifier in this study provides the highest accuracy value at 97.76%.

Machine Learning Based Intrusion Detection System for Denial of Service Attack

2021 ◽  
pp. 29-47
Author(s):  
Ashish Pandey ◽  
Neelendra Badal
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Dos Attack ◽  
Denial Of Service Attack ◽  
Service Attack

Machine learning-based intrusion detection system (IDS) is a research field of network security which depends on the effective and accurate training of models. The models of IDS must be trained with new attacks periodically; therefore, it can detect any security violations in the network. One of most frequent security violations that occurs in the network is denial of service (DoS) attack. Therefore, training of IDS models with latest DoS attack instances is required. The training of IDS models can be more effective when it is performed with the help of machine learning algorithms because the processing capabilities of machine learning algorithms are very fast. Therefore, the work presented in this chapter focuses on building a model of machine learning-based intrusion detection system for denial of service attack. Building a model of IDS requires sample dataset and tools. The sample dataset which is used in this research is NSL-KDD, while WEKA is used as a tool to perform all the experiments.

Deteksi Serangan Denial of Service di Situs Web dengan Wireshark Menggunakan Metode IDS Berbasis Anomali

2020 ◽  
Vol 8 (4) ◽  
pp. 375
Author(s):  
Finandito Adhana ◽  
I Ketut Gede Suhartana
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Dos Attack ◽  
Dos Attacks ◽  
Data Packets ◽  
Anomaly Pattern ◽  
Suspicious Activity

Denial of Service (DoS) attacks are increasingly dangerous. This DoS attack works by sending data packets continuously so that the target being attacked cannot be operated anymore. DoS attacks attack the most websites, thus making the website inaccessible. An anomaly based intrusion detection system (IDS) is a method used to detect suspicious activity in a system or network on the basis of anomaly pattern arising from such interference. Wireshark is software used to analyze network traffic packets that have various kinds of tools for network professionals.

Structural Design of Intrusion Detection System

2014 ◽  
Vol 530-531 ◽  
pp. 705-708
Author(s):  
Yao Meng
Keyword(s):  
Intrusion Detection ◽  
Structural Design ◽  
Intrusion Detection System ◽  
Detection System ◽  
Algorithm Design ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Detection Algorithms ◽  
Defense Systems ◽  
Ddos Attack Detection

This paper first engine starting defense from Intrusion Detection, Intrusion detection engine analyzes the hardware platform, the overall structure of the technology and the design of the overall structure of the plug, which on the whole structure from intrusion defense systems were designed; then described in detail improved DDOS attack detection algorithm design thesis, and the design of anomaly detection algorithms.

Sign in / Sign up

Export Citation Format

Share Document