Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 13

IDS Related Abstracts

13 A Lifetime-Enhancing Monitoring Node Distribution Using Minimum Spanning Tree in Mobile Ad Hoc Networks

Authors: Sungchul Ha, Hyunwoo Kim


In mobile ad hoc networks, all nodes in a network only have limited resources and calculation ability. Therefore communication topology which have long lifetime is good for all nodes in mobile ad hoc networks. There are a variety of researches on security problems in wireless ad hoc networks. The existing many researches try to make efficient security schemes to reduce network power consumption and enhance network lifetime. Because a new node can join the network at any time, the wireless ad hoc networks are exposed to various threats and can be destroyed by attacks. Resource consumption is absolutely necessary to secure networks, but more resource consumption can be a critical problem to network lifetime. This paper focuses on efficient monitoring node distribution to enhance network lifetime in wireless ad hoc networks. Since the wireless ad hoc networks cannot use centralized infrastructure and security systems of wired networks, a new special IDS scheme is necessary. The scheme should not only cover all nodes in a network but also enhance the network lifetime. In this paper, we propose an efficient IDS node distribution scheme using minimum spanning tree (MST) method. The simulation results show that the proposed algorithm has superior performance in comparison with existing algorithms.

Keywords: Power Control, MANETs, IDS, minimum spanning tree

Procedia PDF Downloads 220
12 A Review of Security Attacks and Intrusion Detection Schemes in Wireless Sensor Networks: A Survey

Authors: Maleh Yassine, Ezzati Abdellah


Wireless Sensor Networks (WSNs) are currently used in different industrial and consumer applications, such as earth monitoring, health related applications, natural disaster prevention, and many other areas. Security is one of the major aspects of wireless sensor networks due to the resource limitations of sensor nodes. However, these networks are facing several threats that affect their functioning and their life. In this paper we present security attacks in wireless sensor networks, and we focus on a review and analysis of the recent Intrusion Detection schemes in WSNs.

Keywords: Wireless Sensor Networks, IDS, security attack, denial of service, cluster-based model, signature based IDS, hybrid IDS

Procedia PDF Downloads 187
11 Intrusion Detection In MANET Using Game Theory

Authors: J. D. Mallapur, S. B. Kumbalavati, K. Y. Bendigeri


A mobile Ad-hoc network (MANET) is a multihop wireless network where nodes communicate each other without any pre-deployed infrastructure. There is no central administrating unit. Hence, MANET is generally prone to many of the attacks. These attacks may alter, release or deny data. These attacks are nothing but intrusions. Intrusion is a set of actions that attempts to compromise integrity, confidentiality and availability of resources. A major issue in the design and operation of ad-hoc network is sharing the common spectrum or common channel bandwidth among all the nodes. We are performing intrusion detection using game theory approach. Game theory is a mathematical tool for analysing problems of competition and negotiation among the players in any field like marketing, e-commerce and networking. In this paper mathematical model is developed using game theory approach and intruders are detected and removed. Bandwidth utilization is estimated and comparison is made between bandwidth utilization with intrusion detection technique and without intrusion detection technique. Percentage of intruders and efficiency of the network is analysed.

Keywords: Sensor Networks, Game theory, Ad-hoc Network, IDS

Procedia PDF Downloads 260
10 Proposed Anticipating Learning Classifier System for Cloud Intrusion Detection (ALCS-CID)

Authors: Wafa' Slaibi Alsharafat


Cloud computing is a modern approach in network environment. According to increased number of network users and online systems, there is a need to help these systems to be away from unauthorized resource access and detect any attempts for privacy contravention. For that purpose, Intrusion Detection System is an effective security mechanism to detect any attempts of attacks for cloud resources and their information. In this paper, Cloud Intrusion Detection System has been proposed in term of reducing or eliminating any attacks. This model concerns about achieving high detection rate after conducting a set of experiments using benchmarks dataset called KDD'99.

Keywords: Cloud Computing, Intrusion Detection, IDS, anticipating classifier system

Procedia PDF Downloads 340
9 Intrusion Detection Using Dual Artificial Techniques

Authors: Rana I. Abdulghani, Amera I. Melhum


With the abnormal growth of the usage of computers over networks and under the consideration or agreement of most of the computer security experts who said that the goal of building a secure system is never achieved effectively, all these points led to the design of the intrusion detection systems(IDS). This research adopts a comparison between two techniques for network intrusion detection, The first one used the (Particles Swarm Optimization) that fall within the field (Swarm Intelligence). In this Act, the algorithm Enhanced for the purpose of obtaining the minimum error rate by amending the cluster centers when better fitness function is found through the training stages. Results show that this modification gives more efficient exploration of the original algorithm. The second algorithm used a (Back propagation NN) algorithm. Finally a comparison between the results of two methods used were based on (NSL_KDD) data sets for the construction and evaluation of intrusion detection systems. This research is only interested in clustering the two categories (Normal and Abnormal) for the given connection records. Practices experiments result in intrude detection rate (99.183818%) for EPSO and intrude detection rate (69.446416%) for BP neural network.

Keywords: IDS, PSO, NSL_KDD

Procedia PDF Downloads 253
8 Requirement Engineering for Intrusion Detection Systems in Wireless Sensor Networks

Authors: Afnan Al-Romi, Iman Al-Momani


The urge of applying the Software Engineering (SE) processes is both of vital importance and a key feature in critical, complex large-scale systems, for example, safety systems, security service systems, and network systems. Inevitably, associated with this are risks, such as system vulnerabilities and security threats. The probability of those risks increases in unsecured environments, such as wireless networks in general and in Wireless Sensor Networks (WSNs) in particular. WSN is a self-organizing network of sensor nodes connected by wireless links. WSNs consist of hundreds to thousands of low-power, low-cost, multi-function sensor nodes that are small in size and communicate over short-ranges. The distribution of sensor nodes in an open environment that could be unattended in addition to the resource constraints in terms of processing, storage and power, make such networks in stringent limitations such as lifetime (i.e. period of operation) and security. The importance of WSN applications that could be found in many militaries and civilian aspects has drawn the attention of many researchers to consider its security. To address this important issue and overcome one of the main challenges of WSNs, security solution systems have been developed by researchers. Those solutions are software-based network Intrusion Detection Systems (IDSs). However, it has been witnessed, that those developed IDSs are neither secure enough nor accurate to detect all malicious behaviours of attacks. Thus, the problem is the lack of coverage of all malicious behaviours in proposed IDSs, leading to unpleasant results, such as delays in the detection process, low detection accuracy, or even worse, leading to detection failure, as illustrated in the previous studies. Also, another problem is energy consumption in WSNs caused by IDS. So, in other words, not all requirements are implemented then traced. Moreover, neither all requirements are identified nor satisfied, as for some requirements have been compromised. The drawbacks in the current IDS are due to not following structured software development processes by researches and developers when developing IDS. Consequently, they resulted in inadequate requirement management, process, validation, and verification of requirements quality. Unfortunately, WSN and SE research communities have been mostly impermeable to each other. Integrating SE and WSNs is a real subject that will be expanded as technology evolves and spreads in industrial applications. Therefore, this paper will study the importance of Requirement Engineering when developing IDSs. Also, it will study a set of existed IDSs and illustrate the absence of Requirement Engineering and its effect. Then conclusions are drawn in regard of applying requirement engineering to systems to deliver the required functionalities, with respect to operational constraints, within an acceptable level of performance, accuracy and reliability.

Keywords: Software Engineering, Wireless Sensor Networks, Intrusion Detection System, requirement engineering, IDS, WSN

Procedia PDF Downloads 170
7 Intrusion Detection Techniques in Mobile Adhoc Networks: A Review

Authors: Rashid Mahmood, Muhammad Junaid Sarwar


Mobile ad hoc networks (MANETs) use has been well-known from the last few years in the many applications, like mission critical applications. In the (MANETS) prevention method is not adequate as the security concerned, so the detection method should be added to the security issues in (MANETs). The authentication and encryption is considered the first solution of the MANETs problem where as now these are not sufficient as MANET use is increasing. In this paper we are going to present the concept of intrusion detection and then survey some of major intrusion detection techniques in MANET and aim to comparing in some important fields.

Keywords: Prevention, Detection, manet, IDS, signature, intrusions

Procedia PDF Downloads 186
6 Intrusion Detection Techniques in NaaS in the Cloud: A Review

Authors: Rashid Mahmood


The network as a service (NaaS) usage has been well-known from the last few years in the many applications, like mission critical applications. In the NaaS, prevention method is not adequate as the security concerned, so the detection method should be added to the security issues in NaaS. The authentication and encryption are considered the first solution of the NaaS problem whereas now these are not sufficient as NaaS use is increasing. In this paper, we are going to present the concept of intrusion detection and then survey some of major intrusion detection techniques in NaaS and aim to compare in some important fields.

Keywords: Cloud, Detection, IDS, naas

Procedia PDF Downloads 115
5 Intrusion Detection System Using Linear Discriminant Analysis

Authors: Mohammed Benattou, Zyad Elkhadir, Khalid Chougdali


Most of the existing intrusion detection systems works on quantitative network traffic data with many irrelevant and redundant features, which makes detection process more time’s consuming and inaccurate. A several feature extraction methods, such as linear discriminant analysis (LDA), have been proposed. However, LDA suffers from the small sample size (SSS) problem which occurs when the number of the training samples is small compared with the samples dimension. Hence, classical LDA cannot be applied directly for high dimensional data such as network traffic data. In this paper, we propose two solutions to solve SSS problem for LDA and apply them to a network IDS. The first method, reduce the original dimension data using principal component analysis (PCA) and then apply LDA. In the second solution, we propose to use the pseudo inverse to avoid singularity of within-class scatter matrix due to SSS problem. After that, the KNN algorithm is used for classification process. We have chosen two known datasets KDDcup99 and NSLKDD for testing the proposed approaches. Results showed that the classification accuracy of (PCA+LDA) method outperforms clearly the pseudo inverse LDA method when we have large training data.

Keywords: PCA, IDS, LDA, Pseudoinverse, NSL-KDD, KDDcup99

Procedia PDF Downloads 123
4 Adopting Flocks of Birds Approach to Predator for Anomalies Detection on Industrial Control Systems

Authors: M. Okeke, A. Blyth


Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition (SCADA) can be seen in many different critical infrastructures, from nuclear management to utility, medical equipment, power, waste and engine management on ships and planes. The role SCADA plays in critical infrastructure has resulted in a call to secure them. Many lives depend on it for daily activities and the attack vectors are becoming more sophisticated. Hence, the security of ICS is vital as malfunction of it might result in huge risk. This paper describes how the application of Prey Predator (PP) approach in flocks of birds could enhance the detection of malicious activities on ICS. The PP approach explains how these animals in groups or flocks detect predators by following some simple rules. They are not necessarily very intelligent animals but their approach in solving complex issues such as detection through corporation, coordination and communication worth emulating. This paper will emulate flocking behavior seen in birds in detecting predators. The PP approach will adopt six nearest bird approach in detecting any predator. Their local and global bests are based on the individual detection as well as group detection. The PP algorithm was designed following MapReduce methodology that follows a Split Detection Convergence (SDC) approach.

Keywords: artificial life, IDS, SCADA, SDC, industrial control system (ICS), prey predator (PP)

Procedia PDF Downloads 168
3 Wireless Sensor Anomaly Detection Using Soft Computing

Authors: Mouhammd Alkasassbeh, Alaa Lasasmeh


We live in an era of rapid development as a result of significant scientific growth. Like other technologies, wireless sensor networks (WSNs) are playing one of the main roles. Based on WSNs, ZigBee adds many features to devices, such as minimum cost and power consumption, and increasing the range and connect ability of sensor nodes. ZigBee technology has come to be used in various fields, including science, engineering, and networks, and even in medicinal aspects of intelligence building. In this work, we generated two main datasets, the first being based on tree topology and the second on star topology. The datasets were evaluated by three machine learning (ML) algorithms: J48, meta.j48 and multilayer perceptron (MLP). Each topology was classified into normal and abnormal (attack) network traffic. The dataset used in our work contained simulated data from network simulation 2 (NS2). In each database, the Bayesian network meta.j48 classifier achieved the highest accuracy level among other classifiers, of 99.7% and 99.2% respectively.

Keywords: Machine Learning, IDS, WSN, ZigBee technology

Procedia PDF Downloads 428
2 Benchmarking of Pentesting Tools

Authors: Ana Lucila Sandoval Orozco, Luis Javier García Villalba, Esteban Alejandro Armas Vega


The benchmarking of tools for dynamic analysis of vulnerabilities in web applications is something that is done periodically, because these tools from time to time update their knowledge base and search algorithms, in order to improve their accuracy. Unfortunately, the vast majority of these evaluations are made by software enthusiasts who publish their results on blogs or on non-academic websites and always with the same evaluation methodology. Similarly, academics who have carried out this type of analysis from a scientific approach, the majority, make their analysis within the same methodology as well the empirical authors. This paper is based on the interest of finding answers to questions that many users of this type of tools have been asking over the years, such as, to know if the tool truly test and evaluate every vulnerability that it ensures do, or if the tool, really, deliver a real report of all the vulnerabilities tested and exploited. This kind of questions have also motivated previous work but without real answers. The aim of this paper is to show results that truly answer, at least on the tested tools, all those unanswered questions. All the results have been obtained by changing the common model of benchmarking used for all those previous works.

Keywords: cybersecurity, Security, IDS, web scanners, web vulnerabilities

Procedia PDF Downloads 173
1 Machine Learning Methods for Network Intrusion Detection

Authors: Mouhammad Alkasassbeh, Mohammad Almseidin


Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanisms that is used to sense and classify any abnormal actions. Therefore, the IDS must be always up to date with the latest intruder attacks signatures to preserve confidentiality, integrity, and availability of the services. The speed of the IDS is a very important issue as well learning the new attacks. This research work illustrates how the Knowledge Discovery and Data Mining (or Knowledge Discovery in Databases) KDD dataset is very handy for testing and evaluating different Machine Learning Techniques. It mainly focuses on the KDD preprocess part in order to prepare a decent and fair experimental data set. The J48, MLP, and Bayes Network classifiers have been chosen for this study. It has been proven that the J48 classifier has achieved the highest accuracy rate for detecting and classifying all KDD dataset attacks, which are of type DOS, R2L, U2R, and PROBE.

Keywords: IDS, KDD, DDoS, MLP

Procedia PDF Downloads 42