Teamworking for Security

Information Resources Management ◽

10.4018/978-1-61520-965-1.ch506 ◽

2010 ◽

pp. 1466-1487

Author(s):

Rainer Bye ◽

Ahmet Camtepe ◽

Sahin Albayrak

Keyword(s):

Network Security ◽

Intrusion Detection ◽

Probabilistic Analysis ◽

Malware Detection ◽

Vulnerability Analysis ◽

Collaborative Approach ◽

Simulation Environment ◽

Related Data ◽

Collaboration Model

Collaborative methods are promising tools for solving complex security tasks. In this context, the authors present the security overlay framework CIMD (Collaborative Intrusion and Malware Detection), enabling participants to state objectives and interests for joint intrusion detection and find groups for the exchange of security-related data such as monitoring or detection results accordingly; to these groups the authors refer as detection groups. First, the authors present and discuss a tree-oriented taxonomy for the representation of nodes within the collaboration model. Second, they introduce and evaluate an algorithm for the formation of detection groups. After conducting a vulnerability analysis of the system, the authors demonstrate the validity of CIMD by examining two different scenarios inspired sociology where the collaboration is advantageous compared to the non-collaborative approach. They evaluate the benefit of CIMD by simulation in a novel packet-level simulation environment called NeSSi (Network Security Simulator) and give a probabilistic analysis for the scenarios.

Download Full-text

Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions

Proceedings of IEEE INFOCOM '96. Conference on Computer Communications ◽

10.1109/infcom.1996.493354 ◽

2002 ◽

Cited By ~ 2

Author(s):

B. Guha ◽

B. Mukherjee

Keyword(s):

Network Security ◽

Reverse Engineering ◽

Vulnerability Analysis

Download Full-text

Intrusion Detection Based on Big Data Fuzzy Analytics

10.5772/intechopen.99636 ◽

2021 ◽

Author(s):

Farah Jemili ◽

Hajer Bouras

Keyword(s):

Big Data ◽

Network Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

High Performance ◽

Detection System ◽

Training Dataset ◽

False Alarms ◽

Massive Datasets ◽

Detection Rates

In today’s world, Intrusion Detection System (IDS) is one of the significant tools used to the improvement of network security, by detecting attacks or abnormal data accesses. Most of existing IDS have many disadvantages such as high false alarm rates and low detection rates. For the IDS, dealing with distributed and massive data constitutes a challenge. Besides, dealing with imprecise data is another challenge. This paper proposes an Intrusion Detection System based on big data fuzzy analytics; Fuzzy C-Means (FCM) method is used to cluster and classify the pre-processed training dataset. The CTU-13 and the UNSW-NB15 are used as distributed and massive datasets to prove the feasibility of the method. The proposed system shows high performance in terms of accuracy, precision, detection rates, and false alarms.

Download Full-text

Vulnerability Analysis, Intrusion Detection and Privacy Preservation of Modern Communication Systems

ICST Transactions on Security and Safety ◽

10.4108/eai.28-12-2017.153514 ◽

2017 ◽

Vol 4 (12) ◽

pp. 153514

Author(s):

Dr. Sencun Zhu ◽

Dr. Kevin Jones ◽

Dr. Leandros Maglaras

Keyword(s):

Intrusion Detection ◽

Communication Systems ◽

Privacy Preservation ◽

Vulnerability Analysis

Download Full-text

A Survey on Network Security-Related Data Collection Technologies

IEEE Access ◽

10.1109/access.2018.2817921 ◽

2018 ◽

Vol 6 ◽

pp. 18345-18365 ◽

Cited By ~ 26

Author(s):

Huaqing Lin ◽

Zheng Yan ◽

Yu Chen ◽

Lifang Zhang

Keyword(s):

Network Security ◽

Data Collection ◽

Related Data

Download Full-text

A Study on Password Strength in Wireless Encryption Protocols

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2019.02.02 ◽

2019 ◽

Vol 8 (2) ◽

pp. 21-26

Author(s):

Gabriel PETRICĂ

Keyword(s):

Operating System ◽

Wireless Networks ◽

Network Security ◽

Intrusion Detection ◽

Wireless Network ◽

Data Encryption ◽

The Internet ◽

Wireless Network Security ◽

Password Strength

Solutions that can be implemented to secure a LAN include firewalls and intrusion detection / prevention systems (IDS / IPS). For a wireless network, security is a challenge considering the specific elements of this type of network: the physical area from which the connection is possible, and the weaknesses of the protocols used for data encryption. This article presents a case study on the most widely used protocols (WEP, WPA and WPA2) to secure wireless networks and the methodology by which passwords can be decrypted using Kali Linux distribution - available for free on the Internet - and applications included in this operating system.

Download Full-text

Malware

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch271 ◽

2008 ◽

pp. 4014-4037

Author(s):

Steven Furnell ◽

Jeremy Ward

Keyword(s):

Network Security ◽

Malware Detection ◽

Appropriate Use ◽

Antivirus Software ◽

Security Technologies ◽

It Systems ◽

Malware Evolution

In the two decades since its first significant appearance, malware has become the most prominent and costly threat to modern IT systems. This chapter examines the nature of malware evolution. It highlights that, as well as the more obvious development of propagation techniques, the nature of payload activities (and the related motivations of the malware creators) is also significantly changing, as is the ability of the malware to defeat defences. Having established the various facets of the threat, the discussion proceeds to consider appropriate strategies for malware detection and prevention, considering the role of modern antivirus software, and its use alongside other network security technologies to give more comprehensive protection. It is concluded that although malware is likely to remain a significant and ever-present threat, the risk and resultant impacts can be substantially mitigated by appropriate use of such safeguards.

Download Full-text

Network security defense model based on firewall and IPS

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189294 ◽

2020 ◽

Vol 39 (6) ◽

pp. 8961-8969

Author(s):

Shijie Ding ◽

Zhiwei Zhang ◽

Jun Xie

Keyword(s):

Network Security ◽

Intrusion Detection ◽

Detection System ◽

Reference Value ◽

Attack Behavior ◽

Validity And Reliability ◽

Characteristic Analysis ◽

Technical Requirements ◽

Defense Model ◽

The Government

With the spread of the COVID-19 epidemic, the government has put forward higher requirements for network security and reliability through the flow of network managers and the release of information. Traditional intrusion detection technology and firewall technology cannot effectively defend against DDoS attacks. This paper analyzes the principles and defects of intrusion detection system and firewall. In this paper, the architecture design of intrusion prevention system which integrates audit and network defense functions is proposed. The system optimizes the detection and analysis component of detecting attack behavior according to the special requirements of attack defense task, and adds the module of attack behavior characteristic analysis and defense strategy generation. The policy execution component uses a special defense engine to execute defense policies, providing the system with deep defense capabilities. Experiments show that the validity and reliability of the key modules in the proposed defense model meet the technical requirements. It has a certain reference value to improve the reliability of network management system under the influence of COVID-19 epidemic situation.

Download Full-text

Network Traffic and Data

Statistical Techniques for Network Security ◽

10.4018/978-1-59904-708-9.ch003 ◽

2011 ◽

pp. 60-103

Author(s):

Yu Wang

Keyword(s):

Intrusion Detection ◽

Network Traffic ◽

Computer Network ◽

Transmission Control Protocol ◽

Processing Unit ◽

Data Types ◽

Specific Data ◽

Related Data ◽

Central Processing ◽

Intrusion Detection And Prevention

In this chapter we will focus on examining computer network traffic and data. A computer network combines a set of computers and physically and logically connects them together to exchange information. Network traffic acquired from a network system provides information on data communications within the network and between networks or individual computers. The most common data types are log data, such as Kerberos logs, transmission control protocol/Internet protocol (TCP/IP) logs, Central processing unit (CPU) usage data, event logs, user command data, Internet visit data, operating system audit trail data, intrusion detection and prevention service (IDS/IPS) logs, Netflow1 data, and the simple network management protocol (SNMP) reporting data. Such information is unique and valuable for network security, specifically for intrusion detection and prevention. Although we have already presented some essential challenges in collecting such data in Chapter I, we will discuss traffic data, as well as other related data, in greater detail in this chapter. Specifically, we will describe system-specific and user-specific data types in Sections System- Specific Data and User-Specific Data, respectively, and provide detailed information on publicly available data in Section Publicly Available Data.

Download Full-text

Machine Learning Techniques for Network Intrusion Detection

Dynamic and Advanced Data Mining for Progressing Technological Development ◽

10.4018/978-1-60566-908-3.ch012 ◽

2010 ◽

pp. 273-299 ◽

Cited By ~ 1

Author(s):

Tich Phuoc Tran ◽

Pohsiang Tsai ◽

Tony Jan ◽

Xiangjian He

Keyword(s):

Machine Learning ◽

Network Security ◽

Intrusion Detection ◽

Computer Systems ◽

Computational Cost ◽

Training Data ◽

Machine Learning Techniques ◽

Complex Nature ◽

Processing Power ◽

Linear Relationships

Most of the currently available network security techniques are not able to cope with the dynamic and increasingly complex nature of cyber attacks on distributed computer systems. Therefore, an automated and adaptive defensive tool is imperative for computer networks. Alongside the existing prevention techniques such as encryption and firewalls, Intrusion Detection System (IDS) has established itself as an emerging technology that is able to detect unauthorized access and abuse of computer systems by both internal users and external offenders. Most of the novel approaches in this field have adopted Artificial Intelligence (AI) technologies such as Artificial Neural Networks (ANN) to improve performance as well as robustness of IDS. The true power and advantages of ANN lie in its ability to represent both linear and non-linear relationships and learn these relationships directly from the data being modeled. However, ANN is computationally expensive due to its demanding processing power and this leads to overfitting problem, i.e. the network is unable to extrapolate accurately once the input is outside of the training data range. These limitations challenge IDS with low detection rate, high false alarm rate and excessive computation cost. This chapter proposes a novel Machine Learning (ML) algorithm to alleviate those difficulties of existing AI techniques in the area of computer network security. The Intrusion Detection dataset provided by Knowledge Discovery and Data Mining (KDD-99) is used as a benchmark to compare our model with other existing techniques. Extensive empirical analysis suggests that the proposed method outperforms other state-of-the-art learning algorithms in terms of learning bias, generalization variance and computational cost. It is also reported to significantly improve the overall detection capability for difficult-to-detect novel attacks which are unseen or irregularly occur in the training phase.

Download Full-text