Adaptive Intrusion Detection Systems

This chapter deals with a challenging issue in intrusion detection research field, which is IDS adaptability. First, it introduces the intrusion detection concepts, then presents with details the two existing generations of IDSs and addresses their major problem: permanent coverage of new attacks patterns in a dynamic changing environment. Thereafter, it evokes the requirement of adaptability in IDS as a mean to remedy this deficiency. Later, it explores the most eminent approaches that are proposed for IDS adaptability. It describes their functional architecture and discusses their strong aspects and weaknesses. At the end, new trends toward the intrusion detection adaptability problematic are mentioned and followed by a conclusion.

Amelioration of Anonymity Modus Operandi for Privacy Preserving Data Publishing

The scientific tumultuous intonation has swept our feet's, of its balance and at the same time wheedled us to reach the take-off arena from where we can march equipped and outfitted into the subsequent century with confidence & self-assurance; by unearthing solutions for all information security related issues (with special emphasis on privacy issues). Examining various outstanding research problems that encompass to be embarked upon for effectively managing and controlling the balance between privacy and utility, the research community is pressurized to propose suitable elucidations. The solution is to engender several Privacy-Preserving Data Publishing (PPDP) techniques like Perturbation, swapping, randomization, cryptographic techniques etc., Amongst the various available techniques k-anonymity is unique in facet of its association with protection techniques that preserve the truthfulness of the data. The principal chip in of this sketch out comprises: 1) Motivation for this exploration for Amelioration Of Anonymity Modus Operandi For Privacy Preserving Data Mining; 2) investigation of well-known research approaches to PPDM; 3) argue solutions to tackle the problems of security threats and attacks in the PPDM in systems; 4) related survey of the various anonymity techniques; 5) exploration of metrics for the diverse anonymity techniques; 6) performance measures for the various anonymity techniques; and 7) contradistinguish the diverse anonymity techniques and algorithms.

HTTPV

There is a need to be able to verify plaintext HTTP content transfers. Common sense dictates authentication and sensitive content should always be protected by SSL/HTTPS, but there is still great exploitation potential in the modification of static content in transit. Pre-computed signatures and client-side verification offers integrity protection of HTTP content in applications where SSL is not feasible. In this chapter, the authors demonstrate a mechanism by which a Web browser or other HTTP client can verify that content transmitted over an untrusted channel has not been modified. Verifiable HTTP is not intended to replace SSL. Rather, it is intended to be used in applications where SSL is not feasible, specifically, when serving high-volume static content and/or content from non-secure sources such as Content Distribution Networks. Finally, the authors find content verification is effective with server-side overhead similar to SSL. With future optimization such as native browser support, content verification could achieve comparable client-side efficiency.

Formal Reliability Analysis of Engineering Systems

Reliability analysis of engineering systems has traditionally been done using computationally expensive computer simulations that cannot attain 100% accuracy due to their inherent limitations. The authors conduct a formal reliability analysis using higher-order-logic theorem proving, which is known to be sound, accurate, and exhaustive. For this purpose, they present the higher-order-logic formalization of independent multiple continuous random variables, their verified probabilistic properties, and generalized relations for commonly encountered reliability structures in engineering systems. To illustrate the usefulness of the approach, the authors present the formal reliability analysis of a single stage transmission of an automobile.

Botnets

Recent malicious attempts are intended to get financial benefits through a large pool of compromised hosts, which are called software robots or simply bots. A group of bots, referred to as a botnet, is remotely controllable by a server and can be used for sending spam emails, stealing personal information, and launching DDoS attacks. Growing popularity of botnets compels to find proper countermeasures, but existing defense mechanisms hardly catch up with the speed of botnet technologies. Bots are constantly and automatically changing their signatures to successfully avoid the detection. Therefore, it is necessary to analyze the weaknesses of existing defense mechanisms to find the gap and then design new framework of botnet detection that integrates effective approaches. To get a deep insight into the inner-working of botnets and to understand their architecture, the authors analyze some sophisticated sample botnets. In this chapter, they propose a comprehensive botnet analysis and reporting framework that is based on sound theoretical background.

Trends in Crime Toolkit Development

Cybercriminals continue to target online users of banks. They are improving their techniques and using high levels of skill in their attacks. Their continued search for different methods to commit crime makes the existing protection system less effective. They have developed crime toolkits which have become more accessible and simpler to use, and this has attracted more cybercriminals to cybercrime. In this chapter, the authors study the methods that are used in crime toolkits. They present the development and current trend of crime toolkits and reveal the methods that have been used to commit cybercrime successfully.

Web Service Security

The high adoption in daily lives of services offered by the Web 2.0 has opened a wide field for the proliferation of new Web-based services and applications. Social networks, as the main exponent of this new generation of services, require security systems to ensure end user authentication and access control to shared information. Another feature that is becoming increasingly important in these scenarios is the delegation of controlled access between the different API (Application Programming Interfaces) to integrate services and information. The safe use of these Web services requires end user security credentials and different authentication and authorization technologies. This chapter provides an introduction to the most relevant protocols and standards in the area of Web service security, which are able to provide authentication and authorization mechanisms.

Short-Hops vs. Long-Hops

Sensor networks are composed of miniaturized wireless sensor nodes with limited capacity and energy source. Generally, these sensor networks are used, in many applications, to monitor inaccessible environments (battlefields, volcano monitoring, animal tracking…), hence the impossibility to replace or to recharge the batteries. As sensors may be deployed in a large area, radio transceivers are the most energy consuming of sensor nodes, which means that their usage needs to be very efficient in order to maximize node life, which leads us to maximize the network's life. In wireless sensor networks and in order to transmit its data, a node can route its messages towards destination, generally the base station, either by using small or large hops, so optimizing the hop length can extend significantly the lifetime of the network. This chapter provides a simple way to verify, which makes the energy consumption minimal by choosing proper hop length.

Applying Game Theory in Securing Wireless Sensor Networks by Minimizing Battery Usage

In this chapter, the authors examine the impacts of applying game theory on the network throughput, network voltage loss, and accuracy of malicious node detection in wireless sensor networks. Nodes in a wireless sensor network use our proposed protocol when deciding whether or not to forward packets they receive from other sensors in order to conserve power. Wireless sensor network nodes achieve this by optimizing their decision-making based on a framework using game theory. Defining a suitable cost and profit for routing and forwarding incoming packets and keeping a history of past behaviors of non-cooperating nodes gradually forces malicious nodes out of the wireless sensor network.In this chapter, the authors examine the impacts of applying game theory on the network throughput, network voltage loss, and accuracy of malicious node detection in wireless sensor networks. Nodes in a wireless sensor network use our proposed protocol when deciding whether or not to forward packets they receive from other sensors in order to conserve power. Wireless sensor network nodes achieve this by optimizing their decision-making based on a framework using game theory. Defining a suitable cost and profit for routing and forwarding incoming packets and keeping a history of past behaviors of non-cooperating nodes gradually forces malicious nodes out of the wireless sensor network.

Synthesis of Supervised Approaches for Intrusion Detection Systems

Given the increasing number of users of computer systems and networks, it is difficult to know the profile of the latter, and therefore, intrusion has become a highly prized area of network security. In this chapter, to address the issues mentioned above, the authors use data mining techniques, namely association rules, decision trees, and Bayesian networks. The results obtained on the KDD'99 benchmark have been validated by several evaluation measures and are promising and provide access to other techniques and hybridization to improve the security and confidentiality in the field.