Search results for: network intrusion prevention

Authors: Farheen Tabassum, Shoab Ahmed Khan

Abstract:

The brutality of attacks on networks and decisive infrastructures are on the climb over recent years and appears to continue to do so. Distributed Denial of service attack is the most prevalent and easy attack on the availability of a service due to the easy availability of large botnet computers at cheap price and the general lack of protection against these attacks. Application layer DDoS attack is DDoS attack that is targeted on wed server, application server or database server. These types of attacks are much more sophisticated and challenging as they get around most conventional network security devices because attack traffic often impersonate normal traffic and cannot be recognized by network layer anomalies. Conventional techniques of single-hosted security systems are becoming gradually less effective in the face of such complicated and synchronized multi-front attacks. In order to protect from such attacks and intrusion, corporation among all network devices is essential. To overcome this issue, a collaborative intrusion detection system (CIDS) is proposed in which multiple network devices share valuable information to identify attacks, as a single device might not be capable to sense any malevolent action on its own. So it helps us to take decision after analyzing the information collected from different sources. This novel attack detection technique helps to detect seemingly benign packets that target the availability of the critical infrastructure, and the proposed solution methodology shall enable the incident response teams to detect and react to DDoS attacks at the earliest stage to ensure that the uptime of the service remain unaffected. Experimental evaluation shows that the proposed collaborative detection approach is much more effective and efficient than the previous approaches.

Keywords: Distributed Denial-of-Service (DDoS), Collaborative Intrusion Detection System (CIDS), Slowloris, OSSIM (Open Source Security Information Management tool), OSSEC HIDS

Procedia PDF Downloads 337

Authors: Maad Kamal Al-Anni

Abstract:

This study is about an algorithmic dependence of Artificial Neural Network on Multilayer Perceptron (MPL) pertaining to the classification and clustering presentations for Mobile Adhoc Network vulnerabilities. Moreover, mobile ad hoc network (MANET) is ubiquitous intelligent internetworking devices in which it has the ability to detect their environment using an autonomous system of mobile nodes that are connected via wireless links. Security affairs are the most important subject in MANET due to the easy penetrative scenarios occurred in such an auto configuration network. One of the powerful techniques used for inspecting the network packets is Intrusion Detection System (IDS); in this article, we are going to show the effectiveness of artificial neural networks used as a machine learning along with stochastic approach (information gain) to classify the malicious behaviors in simulated network with respect to different IDS techniques. The monitoring agent is responsible for detection inference engine, the audit data is collected from collecting agent by simulating the node attack and contrasted outputs with normal behaviors of the framework, whenever. In the event that there is any deviation from the ordinary behaviors then the monitoring agent is considered this event as an attack , in this article we are going to demonstrate the  signature-based IDS approach in a MANET by implementing the back propagation algorithm over ensemble-based Traffic Table (TT), thus the signature of malicious behaviors or undesirable activities are often significantly prognosticated and efficiently figured out, by increasing the parametric set-up of Back propagation algorithm during the experimental results which empirically shown its effectiveness  for the ratio of detection index up to 98.6 percentage. Consequently it is proved in empirical results in this article, the performance matrices are also being included in this article with Xgraph screen show by different through puts like Packet Delivery Ratio (PDR), Through Put(TP), and Average Delay(AD).

Keywords: Intrusion Detection System (IDS), Mobile Adhoc Networks (MANET), Back Propagation Algorithm (BPA), Neural Networks (NN)

Procedia PDF Downloads 165

Authors: Elmahdi Khalil, Saad Enniari, Mostapha Zbakh

Abstract:

Cloud computing promises to increase innovation and the velocity with witch applications are deployed, all while helping any enterprise meet most IT service needs at a lower total cost of ownership and higher return investment. As the march of cloud continues, it brings both new opportunities and new security challenges. To take advantages of those opportunities while minimizing risks, we think that Intrusion Detection Systems (IDS) integrated in the cloud is one of the best existing solutions nowadays in the field. The concept of intrusion detection was known since past and was first proposed by a well-known researcher named Anderson in 1980's. Since that time IDS's are evolving. Although, several efforts has been made in the area of Intrusion Detection systems for cloud computing environment, many attacks still prevail. Therefore, the work presented in this paper proposes a multi criteria analysis and a comparative study between several IDS architectures designated to work in a cloud computing environments. To achieve this objective, in the first place we will search in the state of the art of several consistent IDS architectures designed to work in a cloud environment. Whereas, in a second step we will establish the criteria that will be useful for the evaluation of architectures. Later, using the approach of multi criteria decision analysis Mac Beth (Measuring Attractiveness by a Categorical Based Evaluation Technique we will evaluate the criteria and assign to each one the appropriate weight according to their importance in the field of IDS architectures in cloud computing. The last step is to evaluate architectures against the criteria and collecting results of the model constructed in the previous steps.

Keywords: cloud computing, cloud security, intrusion detection/prevention system, multi-criteria decision analysis

Procedia PDF Downloads 444

Authors: Sukhleen Kaur

Abstract:

In security groundwork, Intrusion Detection System (IDS) has become an important component. The IDS has received increasing attention in recent years. IDS is one of the effective way to detect different kinds of attacks and malicious codes in a network and help us to secure the network. Data mining techniques can be implemented to IDS, which analyses the large amount of data and gives better results. Data mining can contribute to improving intrusion detection by adding a level of focus to anomaly detection. So far the study has been carried out on finding the attacks but this paper detects the malicious files. Some intruders do not attack directly, but they hide some harmful code inside the files or may corrupt those file and attack the system. These files are detected according to some defined parameters which will form two lists of files as normal files and harmful files. After that data mining will be performed. In this paper a hybrid classifier has been used via Naive Bayes and Ripper classification methods. The results show how the uploaded file in the database will be tested against the parameters and then it is characterised as either normal or harmful file and after that the mining is performed. Moreover, when a user tries to mine on harmful file it will generate an exception that mining cannot be made on corrupted or harmful files.

Keywords: data mining, association, classification, clustering, decision tree, intrusion detection system, misuse detection, anomaly detection, naive Bayes, ripper

Procedia PDF Downloads 393

Authors: Zyad Elkhadir, Khalid Chougdali, Mohammed Benattou

Abstract:

Most of the existing intrusion detection systems works on quantitative network traffic data with many irrelevant and redundant features, which makes detection process more time’s consuming and inaccurate. A several feature extraction methods, such as linear discriminant analysis (LDA), have been proposed. However, LDA suffers from the small sample size (SSS) problem which occurs when the number of the training samples is small compared with the samples dimension. Hence, classical LDA cannot be applied directly for high dimensional data such as network traffic data. In this paper, we propose two solutions to solve SSS problem for LDA and apply them to a network IDS. The first method, reduce the original dimension data using principal component analysis (PCA) and then apply LDA. In the second solution, we propose to use the pseudo inverse to avoid singularity of within-class scatter matrix due to SSS problem. After that, the KNN algorithm is used for classification process. We have chosen two known datasets KDDcup99 and NSLKDD for testing the proposed approaches. Results showed that the classification accuracy of (PCA+LDA) method outperforms clearly the pseudo inverse LDA method when we have large training data.

Keywords: LDA, Pseudoinverse, PCA, IDS, NSL-KDD, KDDcup99

Procedia PDF Downloads 205

Authors: A. Mohammadpour, Ebrahim Najafi Kajabad, Ghazale Ipakchi

Abstract:

Presently, computer networks’ security rise in importance and many studies have also been conducted in this field. By the penetration of the internet networks in different fields, many things need to be done to provide a secure industrial and non-industrial network. Fire walls, appropriate Intrusion Detection Systems (IDS), encryption protocols for information sending and receiving, and use of authentication certificated are among things, which should be considered for system security. The aim of the present study is to use the outcome of several algorithms, which cause decline in IDS errors, in the way that improves system security and prevents additional overload to the system. Finally, regarding the obtained result we can also detect the amount and percentage of more sub attacks. By running the proposed system, which is based on the use of multi-algorithmic outcome and comparing that by the proposed single algorithmic methods, we observed a 78.64% result in attack detection that is improved by 3.14% than the proposed algorithms.

Keywords: intrusion detection systems, clustering, k-means, k-medoids, SV clustering, ensemble

Procedia PDF Downloads 195

Authors: Laicheng Cao, Xiangqian Su, Youxiao Wu

Abstract:

Feature selection is one of the important problems in network security, pattern recognition, data mining and other fields. In order to remove redundant features, effectively improve the detection speed of intrusion detection system, proposes a new feature selection method, which is based on the invasive weed optimization (IWO) algorithm and tabu search algorithm(TS). Use IWO as a global search, tabu search algorithm for local search, to improve the results of IWO algorithm. The experimental results show that the feature selection method can effectively remove the redundant features of network data information in feature selection, reduction time, and to guarantee accurate detection rate, effectively improve the speed of detection system.

Keywords: intrusion detection, feature selection, iwo, tabu search

Procedia PDF Downloads 502

Authors: Ghodhbani Salah, Jemili Farah

Abstract:

With the growth of cyber attacks, information safety has become an important issue all over the world. Many firms rely on security technologies such as intrusion detection systems (IDSs) to manage information technology security risks. IDSs are considered to be the last line of defense to secure a network and play a very important role in detecting large number of attacks. However the main problem with today’s most popular commercial IDSs is generating high volume of alerts and huge number of false positives. This drawback has become the main motivation for many research papers in IDS area. Hence, in this paper we present a data mining technique to assist network administrators to analyze and reduce false positive alarms that are produced by an IDS and increase detection accuracy. Our data mining technique is unsupervised clustering method based on hybrid ANT algorithm. This algorithm discovers clusters of intruders’ behavior without prior knowledge of a possible number of classes, then we apply K-means algorithm to improve the convergence of the ANT clustering. Experimental results on real dataset show that our proposed approach is efficient with high detection rate and low false alarm rate.

Keywords: intrusion detection system, alarm filtering, ANT class, ant clustering, intruders’ behaviors, false alarms

Procedia PDF Downloads 381

Authors: Hafiz Gulfam Ahmad, Chuangdong Li, Zeeshan Ahmad

Abstract:

In this paper, we proposed a parallel IDS and honeypot based approach to detect and analyze the unknown and known attack taxonomy for improving the IDS performance and protecting the network from intruders. The main theme of our approach is to record and analyze the intruder activities by using both the low and high interaction honeypots. Our architecture aims to achieve the required goals by combing signature based IDS, honeypots and generate the new signatures. The paper describes the basic component, design and implementation of this approach and also demonstrates the effectiveness of this approach reducing the probability of network attacks.

Keywords: network security, intrusion detection, honeypot, snort, nmap

Procedia PDF Downloads 530

Authors: Ji-Hoon Hong, Dong-Hee Kim, Nam-Uk Kim, Tai-Myoung Chung

Abstract:

Smartphone users are increasing rapidly. Accordingly, many companies are running BYOD (Bring Your Own Device: Policies to bring private-smartphones to the company) policy to increase work efficiency. However, smartphones are always under the threat of malware, thus the company network that is connected smartphone is exposed to serious risks. Most smartphone malware detection techniques are to perform an independent detection (perform the detection of a single target application). In this paper, we analyzed a variety of intrusion detection techniques. Based on the results of analysis propose an agent using the network IDS.

Keywords: android malware detection, software-defined network, interaction environment, android malware detection, software-defined network, interaction environment

Procedia PDF Downloads 407

Authors: James Kaweesa

Abstract:

The Internet of Things (IoT) has become a critical component of modern technology, enabling the connection of numerous devices to the internet. The interconnected nature of IoT devices, along with their heterogeneous and resource-constrained nature, makes them vulnerable to various types of attacks, such as malware, denial-of-service attacks, and network scanning. Intrusion Detection Systems (IDSs) are a key mechanism for protecting IoT networks and from attacks by identifying and alerting administrators to suspicious activities. In this review, the paper will discuss the different types of IDSs available for IoT systems and evaluate their effectiveness in detecting and preventing attacks. Also, examine the various evaluation methods used to assess the performance of IDSs and the challenges associated with evaluating them in IoT environments. The review will highlight the need for effective and efficient IDSs that can cope with the unique characteristics of IoT networks, including their heterogeneity, dynamic topology, and resource constraints. The paper will conclude by indicating where further research is needed to develop IDSs that can address these challenges and effectively protect IoT systems from cyber threats.

Keywords: cyber-threats, iot, intrusion detection system, networks

Procedia PDF Downloads 55

Authors: Abdelkader Hachemi & Boualem Remini

Abstract:

Seawater intrusion is a significant challenge faced by coastal aquifers in the Mediterranean basin. This study aims to determine the position of the sharp interface between seawater and freshwater in the aquifer of Wadi Nador, located in the Wilaya of Tipaza, Algeria. A numerical areal sharp interface model using the finite element method is developed to investigate the spatial and temporal behavior of seawater intrusion. The aquifer is assumed to be homogeneous and isotropic. The simulation results are compared with geophysical prospection data obtained through electrical methods in 2011 to validate the model. The simulation results demonstrate a good agreement with the geophysical prospection data, confirming the accuracy of the sharp interface model. The position of the sharp interface in the aquifer is found to be approximately 1617 meters from the sea. Two scenarios are proposed to predict the interface position for the year 2024: one without pumping and the other with pumping. The results indicate a noticeable retreat of the sharp interface position in the first scenario, while a slight decline is observed in the second scenario. The findings of this study provide valuable insights into the dynamics of seawater intrusion in the Wadi Nador aquifer. The predicted changes in the sharp interface position highlight the potential impact of pumping activities on the aquifer's vulnerability to seawater intrusion. This study emphasizes the importance of implementing measures to manage and mitigate seawater intrusion in coastal aquifers. The sharp interface model developed in this research can serve as a valuable tool for assessing and monitoring the vulnerability of aquifers to seawater intrusion.

Keywords: seawater, intrusion, sharp interface, Algeria

Procedia PDF Downloads 40

Authors: Ahlem Abid, Farah Jemili

Abstract:

Intrusion detection has been the subject of numerous studies in industry and academia, but cyber security analysts always want greater precision and global threat analysis to secure their systems in cyberspace. To improve intrusion detection system, the visualisation of the security events in form of graphs and diagrams is important to improve the accuracy of alerts. In this paper, we propose an approach of an IDS based on cloud computing, big data technique and using a machine learning graph algorithm which can detect in real time different attacks as early as possible. We use the MAWILab intrusion detection dataset . We choose Microsoft Azure as a unified cloud environment to load our dataset on. We implement the k2 algorithm which is a graphical machine learning algorithm to classify attacks. Our system showed a good performance due to the graphical machine learning algorithm and spark structured streaming engine.

Keywords: Apache Spark Streaming, Graph, Intrusion detection, k2 algorithm, Machine Learning, MAWILab, Microsoft Azure Cloud

Procedia PDF Downloads 117

Authors: Abdelkader Hachemi, Boualem Remini

Abstract:

Seawater intrusion is a significant challenge faced by coastal aquifers in the Mediterranean basin. This study aims to determine the position of the sharp interface between seawater and freshwater in the aquifer of Wadi Nador, located in the Wilaya of Tipaza, Algeria. A numerical areal sharp interface model using the finite element method is developed to investigate the spatial and temporal behavior of seawater intrusion. The aquifer is assumed to be homogeneous and isotropic. The simulation results are compared with geophysical prospection data obtained through electrical methods in 2011 to validate the model. The simulation results demonstrate a good agreement with the geophysical prospection data, confirming the accuracy of the sharp interface model. The position of the sharp interface in the aquifer is found to be approximately 1617 meters from the sea. Two scenarios are proposed to predict the interface position for the year 2024: one without pumping and the other with pumping. The results indicate a noticeable retreat of the sharp interface position in the first scenario, while a slight decline is observed in the second scenario. The findings of this study provide valuable insights into the dynamics of seawater intrusion in the Wadi Nador aquifer. The predicted changes in the sharp interface position highlight the potential impact of pumping activities on the aquifer's vulnerability to seawater intrusion. This study emphasizes the importance of implementing measures to manage and mitigate seawater intrusion in coastal aquifers. The sharp interface model developed in this research can serve as a valuable tool for assessing and monitoring the vulnerability of aquifers to seawater intrusion.

Keywords: seawater intrusion, sharp interface, coastal aquifer, algeria

Procedia PDF Downloads 83

Authors: Umar Albalawi, Sang C. Suh, Jinoh Kim

Abstract:

As internet continues to expand its usage with an enormous number of applications, cyber-threats have significantly increased accordingly. Thus, accurate detection of malicious traffic in a timely manner is a critical concern in today’s Internet for security. One approach for intrusion detection is to use Machine Learning (ML) techniques. Several methods based on ML algorithms have been introduced over the past years, but they are largely limited in terms of detection accuracy and/or time and space complexity to run. In this work, we present a novel method for intrusion detection that incorporates a set of supervised learning algorithms. The proposed technique provides high accuracy and outperforms existing techniques that simply utilizes a single learning method. In addition, our technique relies on partial flow information (rather than full information) for detection, and thus, it is light-weight and desirable for online operations with the property of early identification. With the mid-Atlantic CCDC intrusion dataset publicly available, we show that our proposed technique yields a high degree of detection rate over 99% with a very low false alarm rate (0.4%).

Keywords: intrusion detection, supervised learning, traffic classification, computer networks

Procedia PDF Downloads 322

Authors: Mehrshad Khosraviani, Faramarz Abbaspour Leyl Abadi

Abstract:

The fundamental component of the computer network of modern information society will be considered. These networks are connected to the network of the internet generally. Due to the fact that the primary purpose of the Internet is not designed for, in recent decades, none of these networks in many of the attacks has been very important. Today, for the provision of security, different security tools and systems, including intrusion detection systems are used in the network. A common diagnosis system based on artificial immunity, the designer, the Adhasaz Foundation has been evaluated. The idea of using artificial safety methods in the diagnosis of abnormalities in computer networks it has been stimulated in the direction of their specificity, there are safety systems are similar to the common needs of m, that is non-diagnostic. For example, such methods can be used to detect any abnormalities, a variety of attacks, being memory, learning ability, and Khodtnzimi method of artificial immune algorithm pointed out. Diagnosis of the common system of education offered in this paper using only the normal samples is required for network and any additional data about the type of attacks is not. In the proposed system of positive selection and negative selection processes, selection of samples to create a distinction between the colony of normal attack is used. Copa real data collection on the evaluation of ij indicates the proposed system in the false alarm rate is often low compared to other ir methods and the detection rate is in the variations.

Keywords: artificial immune system, abnormality detection, intrusion detection, computer networks

Procedia PDF Downloads 331

Authors: Nadjah Chergui, Narhimene Boustia

Abstract:

Intrusion Detection Systems are an essential tool for network security infrastructure. However, IDSs have a serious problem which is the generating of massive number of alerts, most of them are false positive ones which can hide true alerts and make the analyst confused to analyze the right alerts for report the true attacks. The purpose behind this paper is to present a formalism model to perform correlation engine by the reduction of false positive alerts basing on vulnerability contextual information. For that, we propose a formalism model based on non-monotonic JClassicδє description logic augmented with a default (δ) and an exception (є) operator that allows a dynamic inference according to contextual information.

Keywords: context, default, exception, vulnerability

Procedia PDF Downloads 241

Authors: Saman Javadi, Mohammad Hassan Mahmoudi, Fatemeh Jafari, Aminreza Neshat

Abstract:

Urmia Lake’s water level has been dropped during the past decade. Although the most common reason in studies was declared climate change, but observation of adjacent lake (like Van in Turkey) is not the same as the common reason. Most of studies were focused on climate and land use change, but groundwater resource as one of the most important element is negligible. Due to population and agriculture activities growth, exploration of groundwater resource has been increased. In as much as continued decline of water levels can lead to saltwater intrusion, reduce stream discharge near outcrop regions and threaten groundwater quality, aquifers of this region were affected by saltwater intrusion of Urmia Lake. In this research comparison of saltwater intrusion into eastern and western coastal aquifer was studied. In conclusion eastern aquifers are in a critical situation; vice versa the western ones are in a better situation. Thus applying management of groundwater operation would be necessary for eastern aquifers.

Keywords: coastal aquifer, groundwater over-exploration, saltwater intrusion, Urmia Lake

Procedia PDF Downloads 509

Authors: Klaus Froehlich-Gildhoff, Ullrich Boettinger, Katharina Rauh, Angela Schickler

Abstract:

The Prevention Network Ortenaukreis, PNO, funded by the German Ministry of Education and Research, aims to promote physical and mental health as well as the social inclusion of 3 to 10 years old children and their families in the Ortenau district. Within a period of four years starting 11/2014 a community network will be established. One regional and five local prevention representatives are building networks with stakeholders of the prevention and health promotion field bridging the health care, educational and youth welfare system in a multidisciplinary approach. The regional prevention representative implements regularly convening prevention and health conferences. On a local level, the 5 local prevention representatives implement round tables in each area as a platform for networking. In the setting approach, educational institutions are playing a vital role when gaining access to children and their families. Thus the project will offer 18 month long organizational development processes with specially trained coaches to 25 kindergarten and 25 primary schools. The process is based on a curriculum of prevention and health promotion which is adapted to the specific needs of the institutions. Also to ensure that the entire region is reached demand oriented advanced education courses are implemented at participating day care centers, kindergartens and schools. Evaluation method: The project is accompanied by an extensive research design to evaluate the outcomes of different project components such as interview data from community prevention agents, interviews and network analysis with families at risk on their support structures, data on community network development and monitoring, as well as data from kindergarten and primary schools. The latter features a waiting-list control group evaluation in kindergarten and primary schools with a mixed methods design using questionnaires and interviews with pedagogues, teachers, parents, and children. Results: By the time of the conference pre and post test data from the kindergarten samples (treatment and control group) will be presented, as well as data from the first project phase, such as qualitative interviews with the prevention coordinators as well as mixed methods data from the community needs assessment. In supporting this project, the Federal Ministry aims to gain insight into efficient components of community prevention and health promotion networks as it is implemented and evaluated. The district will serve as a model region, so that successful components can be transferred to other regions throughout Germany. Accordingly, the transferability to other regions is of high interest in this project.

Keywords: childhood research, health promotion, physical health, prevention network, psychological well-being, social inclusion

Procedia PDF Downloads 197

Authors: Najmeh Abedzadeh, Matthew Jacobs

Abstract:

An intrusion detection system (IDS) is a software application that monitors malicious activities and generates alerts if any are detected. However, most network activities in IDS datasets are normal, and the relatively few numbers of attacks make the available data imbalanced. Consequently, cyber-attacks can hide inside a large number of normal activities, and machine learning algorithms have difficulty learning and classifying the data correctly. In this paper, a comprehensive literature review is conducted on different types of algorithms for both implementing the IDS and methods in correcting the imbalanced IDS dataset. The most famous algorithms are machine learning (ML), deep learning (DL), synthetic minority over-sampling technique (SMOTE), and reinforcement learning (RL). Most of the research use the CSE-CIC-IDS2017, CSE-CIC-IDS2018, and NSL-KDD datasets for evaluating their algorithms.

Keywords: IDS, imbalanced datasets, sampling algorithms, big data

Procedia PDF Downloads 283

Authors: Zeynep Turhan

Abstract:

This review emphasized the effectiveness of men’s participation, and whether non-violent (NV) boys’ and men’s perceptions of IPV prevention programs affect their involvement. Additionally, the review aimed to identify the barriers of non-engagement as well as the most effective approaches to end and prevent violence-against-women (VAW). The main goals of this assessment were to investigate 1) how NV men engage in anti-violence prevention programs that empower women, 2) what are the possible perceptions of NV men involved in prevention programs 3) how to identify effective approaches and strategies that encourage NV men to become involved in prevention programs. This critical review also included the overview of prevention programs such as The Mentors in Violence Prevention Programs (MVP), The White Ribbon Campaign (WRC), and Domestic Violence Prevention Enhancement and Leadership through Alliances (DELTA). The review recommended expanding these programs to reach more macro settings such as workplace, faith-based and other community-based organizations. Additionally, secondary and territory prevention programs need to expand through addressing the long-term effects of violence.

Keywords: engagement, non-violent men, prevention programs

Procedia PDF Downloads 387

Authors: Adamu Abdullahi, On Francisca, Saidu Isah Rambo, G. N. Obunadike, D. T. Chinyio

Abstract:

The paper discusses the potential threat of Denial of Service (DoS) attacks in the Internet of Things (IoT) networks on constrained application protocols (CoAP). As billions of IoT devices are expected to be connected to the internet in the coming years, the security of these devices is vulnerable to attacks, disrupting their functioning. This research aims to tackle this issue by applying mixed methods of qualitative and quantitative for feature selection, extraction, and cluster algorithms to detect DoS attacks in the Constrained Application Protocol (CoAP) using the Machine Learning Algorithm (MLA). The main objective of the research is to enhance the security scheme for CoAP in the IoT environment by analyzing the nature of DoS attacks and identifying a new set of features for detecting them in the IoT network environment. The aim is to demonstrate the effectiveness of the MLA in detecting DoS attacks and compare it with conventional intrusion detection systems for securing the CoAP in the IoT environment. Findings: The research identifies the appropriate node to detect DoS attacks in the IoT network environment and demonstrates how to detect the attacks through the MLA. The accuracy detection in both classification and network simulation environments shows that the k-means algorithm scored the highest percentage in the training and testing of the evaluation. The network simulation platform also achieved the highest percentage of 99.93% in overall accuracy. This work reviews conventional intrusion detection systems for securing the CoAP in the IoT environment. The DoS security issues associated with the CoAP are discussed.

Keywords: algorithm, CoAP, DoS, IoT, machine learning

Procedia PDF Downloads 45

Authors: Muhammad Ali

Abstract:

Cyber-attacks and anomaly detection on the Internet of Things (IoT) infrastructure is emerging concern in the domain of data-driven intrusion. Rapidly increasing IoT risk is now making headlines around the world. denial of service, malicious control, data type probing, malicious operation, DDos, scan, spying, and wrong setup are attacks and anomalies that can affect an IoT system failure. Everyone talks about cyber security, connectivity, smart devices, and real-time data extraction. IoT devices expose a wide variety of new cyber security attack vectors in network traffic. For further than IoT development, and mainly for smart and IoT applications, there is a necessity for intelligent processing and analysis of data. So, our approach is too secure. We train several machine learning models that have been compared to accurately predicting attacks and anomalies on IoT systems, considering IoT applications, with ANOVA-based feature selection with fewer prediction models to evaluate network traffic to help prevent IoT devices. The machine learning (ML) algorithms that have been used here are KNN, SVM, NB, D.T., and R.F., with the most satisfactory test accuracy with fast detection. The evaluation of ML metrics includes precision, recall, F1 score, FPR, NPV, G.M., MCC, and AUC & ROC. The Random Forest algorithm achieved the best results with less prediction time, with an accuracy of 99.98%.

Keywords: machine learning, analysis of variance, Internet of Thing, network security, intrusion detection

Procedia PDF Downloads 95

Authors: Mohamed Anouar Razgallah

Abstract:

This paper examines in the context of a one-period model the impact of background risk on the optimal secondary prevention. We conduct our study based on various configurations of the background risk. We intend to show that in most cases the level of secondary prevention effort varied after the introduction of background risk, however, in very few cases this level remains constant.

Keywords: secondary prevention, primary prevention, background risk, ecomomics

Procedia PDF Downloads 399

Authors: Edward Guillén, Jhordany Rodriguez, Rafael Páez

Abstract:

Anomaly detection techniques have been focused on two main components: data extraction and selection and the second one is the analysis performed over the obtained data. The goal of this paper is to analyze the influence that each of these components has over the system performance by evaluating detection over network scenarios with different setups. The independent variables are as follows: the number of system inputs, the way the inputs are codified and the complexity of the analysis techniques. For the analysis, some approaches of artificial neural networks are implemented with different number of layers. The obtained results show the influence that each of these variables has in the system performance.

Keywords: network intrusion detection, machine learning, artificial neural network, anomaly detection module

Procedia PDF Downloads 307

Authors: Zhizhong Yuan, Lili Wang, Chenya Zheng, Wuqi Yang

Abstract:

How to encourage and support peer-to-peer (P2P) network lending, and effectively monitor the risk of P2P network lending, has become the focus of the Chinese government departments, industrialists, experts and scholars in recent years. The reason is that this convenient online micro-credit service brings a series of credit risks and other issues. Avoiding the risks brought by the P2P network lending model, it can better play a benign role and help China's small and medium-sized private enterprises with vigorous development to solve the capital needs; otherwise, it will bring confusion to the normal financial order. As a form of financial services, P2P network lending has injected new blood into China's non-government finance in the past ten years, and has found a way out for idle funds and made up for the shortage of traditional financial services in China. However, it lacks feasible measures in credit evaluation and government supervision. This paper collects a large amount of data about P2P network lending of China. The data collection comes from the official media of the Chinese government, the public achievements of existing researchers and the analysis and collation of correlation data by the authors. The research content of this paper includes literature review; the current situation of China's P2P network lending development; the risk analysis of P2P network lending in China; the risk prevention strategy of P2P network lending in China. The focus of this paper is to try to find a specific program to strengthen supervision and avoid risks from the perspective of government regulators, operators of P2P network lending platform, investors and users of funds. These main measures include: China needs to develop self-discipline organization of P2P network lending industry and formulate self-discipline norms as soon as possible; establish a regular information disclosure system of P2P network lending platform; establish censorship of credit rating of borrowers; rectify the P2P network lending platform in compliance through the implementation of bank deposition. The results and solutions will benefit all the P2P network lending platforms, creditors, debtors, bankers, independent auditors and government agencies of China and other countries.

Keywords: peer-to-peer(P2P), regulation, risk prevention, supervision

Procedia PDF Downloads 142

Authors: Saurabh Shukla, G. N. Pandey

Abstract:

The fires have become the most serious disasters to forest resources and the human environment. In recent years, due to climate change, human activities and other factors the frequency of forest fires has increased considerably. The monitoring and prevention of forest fires have now become a global concern for forest fire prevention organizations. Currently, the methods for forest fire prevention largely consist of patrols, observation from watch towers. Thus, software like deployment of the wireless sensor network to prevent forest fire is being developed to get a better estimate of the temperature and humidity prospects. Now days, wireless sensor networks are beginning to be deployed at an accelerated pace. It is not unrealistic to expect that in coming years the world will be covered with wireless sensor networks. This new technology has lots of unlimited potentials and can be used for numerous application areas including environmental, medical, military, transportation, entertainment, crisis management, homeland defense, and smart spaces.

Keywords: deployment, sensors, wireless sensor networks, forest fires

Procedia PDF Downloads 405

Authors: Muhammad Kamran Asif

Abstract:

MPLS stands for Multi-Protocol Label Switching. It is the technology which replaces ATM (Asynchronous Transfer Mode) and frame relay. In this paper, we have designed a full fledge small scale MPLS based service provider network core network model, which provides communication services (e.g. voice, video and data) to the customer more efficiently using label switching technique. Using MPLS VPN provides security to the customers which are either on LAN or WAN. It protects its single customer sites from being attacked by any intruder from outside world along with the provision of concept of extension of a private network over an internet. In this paper, we tried to implement a service provider network using minimum available resources i.e. five 3800 series CISCO routers comprises of service provider core, provider edge routers and customer edge routers. The customers on the one end of the network (customer side) is capable of sending any kind of data to the customers at the other end using service provider cloud which is MPLS VPN enabled. We have also done simulation and emulation for the model using GNS3 (Graphical Network Simulator-3) and achieved the real time scenarios. We have also deployed a NMS system which monitors our service provider cloud and generates alarm in case of any intrusion or malfunctioning in the network. Moreover, we have also provided a video help desk facility between customers and service provider cloud to resolve the network issues more effectively.

Keywords: MPLS, VPN, NMS, ATM, asynchronous transfer mode

Procedia PDF Downloads 311

Authors: Azim Hilmy Mohamad Yusof, Muhamad Iqbal Mubarak Faharul Azman, Nur Azwin Ismail, Noer El Hidayah Ismail

Abstract:

Infiltration is the process by which precipitation or water soaks into subsurface soils and moves into rocks through cracks and pore spaces. This paper explains how the water infiltration will be identified using 2-D resistivity imaging. Padang Minden, in Universiti Sains Malaysia, Penang has been chosen as the survey area during this study. The study area consists of microcline granite with grain size of medium to coarse. 2-D Resistivity Imaging survey is used to detect subsurface layer for many years by making measurements on the ground surface. The result shows that resistivity value of 0.015 Ωm - 10 Ωm represent the salt water intrusion zone while the resistivity value of 11 Ωm - 100 Ωm is suggested as the boundary zone between the salt water intrusion zone and low saturated zone.

Keywords: 2-D resistivity imaging, microcline granite, salt water intrusion, water infiltration

Procedia PDF Downloads 312

Authors: Babatunde Adebo, Adedeji Adetoyinbo

Abstract:

Groundwater is an important constituent of the hydrological cycle and plays a vital role in augmenting water supply to meet the ever-increasing needs of people for domestic, agricultural and industrial purposes. Unfortunately, this important resource has in most cases been contaminated due to the advancement of seawater into the fresh groundwater. This is due to the high volume of water being abstracted in these areas as a result of a high population of coastal dwellers. The knowledge of salinity level and intrusion of saltwater into the freshwater aquifer is, therefore, necessary for groundwater monitoring and prediction in the coastal areas. In this work, an advection-dispersion saltwater intrusion model is used to study and simulate saltwater intrusion in a typical coastal aquifer. The aquifer portion was divided into a grid with elements and nodes. Map of the study area indicating well locations were overlain on the grid system such that these locations coincide with the nodes. Chlorides at these well were considered as initial nodal salinities. Results showed a highest and lowest increase in simulated chloride of 37.89 mg/L and 0.8 mg/L respectively. It also revealed that the chloride concentration of most of the considered well might climb unacceptable level in the next few years, if the current abstraction rate continues unabated.

Keywords: saltwater intrusion, coastal aquifer, nodal salinity, chloride concentration

Procedia PDF Downloads 218