Network Intrusion Detection and Prevention Systems for Attacks in IoT Systems

2019 ◽  
pp. 128-141 ◽  
Author(s):  
Vetrivelan Pandu ◽  
Jagannath Mohan ◽  
T. S. Pradeep Kumar
Keyword(s):  
Machine Learning ◽  
Web Application ◽  
Detection System ◽  
Security Threats ◽  
Network Intrusion ◽  
Security Personnel ◽  
Prevention System ◽  
Based Instruction ◽  
Vast Network ◽  
Intrusion Detection And Prevention

Internet of things (IoT) has transformed greatly the improved way of business through machine-to-machine (M2M) communications. This vast network and its associated technologies have opened the doors to an increasing number of security threats which are dangerous to IoT and 5G wireless networks. The first part of this chapter presents instruction detection system (IDS) which detect the various attacks in 6LoWPAN layer. An IDS is to detect and analyze both inbound and outbound network traffic for abnormal activities. An IPS complements an IDS configuration by proactively inspecting a system's incoming traffic to weed out malicious requests. A typical IPS configuration uses web application firewalls and traffic filtering solutions to secure applications. An IPS prevents attacks by dropping malicious packets, blocking offending IPs and alerting security personnel to potential threats. Machine learning (ML)-based instruction detection and prevention system (IDPS) is proposed and implemented in Contiki simulation environment.

Using response action with intelligent intrusion detection and prevention system against web application malware

2014 ◽  
Vol 22 (5) ◽  
pp. 431-449 ◽  
Author(s):  
Ammar Alazab ◽  
Michael Hobbs ◽  
Jemal Abawajy ◽  
Ansam Khraisat ◽  
Mamoun Alazab
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Web Application ◽  
Web Applications ◽  
Detection Efficiency ◽  
Detection System ◽  
Content Type ◽  
Novel Approach ◽  
Prevention System ◽  
Intrusion Detection And Prevention

Purpose – The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened. Design/methodology/approach – A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS). Findings – After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system. Research limitations/implications – Data limitation. Originality/value – The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.

scholarly journals A Hybrid Adaptive Development Algorithm and Machine Learning Based Method for Intrusion Detection and Prevention System

2021 ◽  
Vol 12 (5) ◽  
pp. 1226-1236
Author(s):  
K. NandhaKumar, Et. al.
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Learning Algorithm ◽  
Attack Detection ◽  
Machine Learning Algorithm ◽  
Data Set ◽  
Network Intrusion ◽  
Prevention System ◽  
Adaptive Development ◽  
Intrusion Detection And Prevention

Network Intrusion detection and prevention Systems (NIDPS) are employed in monitoring a network which safeguards user integrity, privacy thereby ensuring the data security and availability in a network. Such systems not only monitor the suspicious activities in a network but also used as control systems to eliminate the malicious users from the network. In this paper, a Hybrid Adaptive Development Algorithm and Machine Learning Algorithm (ADA-MLA) method is proposed to identify the malicious activities and eliminating them from the network. The deployment of honeypot-based intrusion is improved adaptive development algorithm. Machine learning algorithm has been employed in the Hybrid IDPS for learning the network data patterns which also identifies the maximum probable attacks in the network. The signatures for the DARPA 99 data set have been updated during the implementation of intrusion prevention system on a real-time basis. The hybrid method works on (i) classifying the attacks based on protocols and (ii) classifying the attacks on pre-determined threshold values. Hence, both known and unknown attacks can be easily captured in the proposed hybrid IDPS method which thereby achieves higher attack detection and prevention accuracy while compared to the conventional attack detection and prevention methodologies.

scholarly journals Perancangan Security Network Intrusion Prevention System Pada PDTI Universitas Islam Raden Rahmat Malang

2021 ◽  
Vol 5 (1) ◽  
pp. 60-69
Author(s):  
Farid Wahyudi ◽  
◽  
Listanto Tri Utomo ◽  
Keyword(s):  
Network Security ◽  
Computer Security ◽  
Detection System ◽  
Local Network ◽  
Science System ◽  
Intrusion Prevention ◽  
Data Packets ◽  
Network Intrusion ◽  
Prevention System ◽  
Intrusion Prevention System

Security is very main in computer networks, where many devices are connected to each other to interact and exchange data without limits. Network security is also a very important issue to prioritize, one of which is to use an intrusion prevention system. At PDTI UNIRA there are often network security problems, one of which is that during the test season, the server experiences many intrusion problems. The purpose of this research is to develop a social science system based on the analysis at PDTI of Raden Rahmat Islamic University Malang. This research method uses a computer security development approach, namely the Intrusion Prevention System (IPS), by combining firewall engineering methods and Intrusion-Detection System (IDS). The result of this research is a technology that can be used to prevent attacks that will enter the local network checking and recording all data packets and recognizing sensor packets, when the attack has been identified, IPS will deny access (block) and record (log) all data packets. identified. So IPS acts as a firewall that will allow and block combined with IDS that can detect packets in detail. With a network security system, the Unira PDTI server is safer and can avoid intrusion.

Network Intrusion Detection and Prevention Systems on Flooding and Worm Attacks

2016 ◽  
pp. 183-207
Author(s):  
P. Vetrivelan ◽  
M. Jagannath ◽  
T. S. Pradeep Kumar
Keyword(s):  
Intrusion Detection ◽  
Denial Of Service ◽  
Packet Transmission ◽  
Network Intrusion Detection ◽  
The Internet ◽  
Network Intrusion ◽  
Worm Attacks ◽  
Packet Marking ◽  
Vast Network ◽  
Intrusion Detection And Prevention

The Internet has transformed greatly the improved way of business, this vast network and its associated technologies have opened the doors to an increasing number of security threats which are dangerous to networks. The first part of this chapter presents a new dimension of denial of service attacks called TCP SYN Flood attack has been witnessed for severity of damage and second part on worms which is the major threat to the internet. The TCP SYN Flood attack by means of anomaly detection and traces back the real source of the attack using Modified Efficient Packet Marking algorithm (EPM). The mechanism for detecting the smart natured camouflaging worms which is sensed by means of a technique called Modified Controlled Packet Transmission (MCPT) technique. Finally the network which is affected by these types of worms are detected and recovered by means of Modified Centralized Worm Detector (MCWD) mechanism. The Network Intrusion Detection and Prevention Systems (NIDPS) on Flooding and Worm Attacks were analyzed and presented.

Sign in / Sign up

Export Citation Format

Share Document