Computer Science Research Articles
Single Platform to Read Collections of Research Articles
A Review on Intrusion Detection Systems to Secure IoT Networks
A. Arul Anitha, L. Arockiam
Abstract - The Internet of Things (IoT) and its rapid advancements will lead to everything being connected in the near future. The number of devices connected to the global network is increasing every day. IoT security challenges arise as a result of the large-scale incorporation of smart devices. Security issues on the Internet of Things have been the most focused area of research over the last decade. As IoT devices have less memory, processing capacity, and power consumption, the traditional security mechanisms are not suitable for IoT. A security mechanism called an Intrusion Detection System (IDS) has a crucial role in protecting the IoT nodes and networks. The lightweight nature of IoT nodes should be considered while designing IDS for the IoT. In this paper, the types of IDS, the major attacks on IoT, the recent research, and contributions to IDS in IoT networks are discussed, and an analytical survey is given based on the study. Though it is a promising area for research, IDS still needs further refinement to ensure high security for IoT networks and devices. Hence, further research, development, and lightweight mechanisms are required for IDS to provide a higher level of security to the resource-limited IoT network.
Published: 2022Read / Download
Hybrid Intrusion Detection Method Based on Constraints Optimized SAE and Grid Search Based SVM-RBF on Cloud
Nirmalajyothi Narisetty, Gangadhara Rao Kancherla, Basaveswararao Bobba, K. Swathi
Abstract - The present era is facing lot of Security, Privacy, and Integrity issues because of tremendous development in communication technology, data storage devices, and computing advancements leading to unavoidable losses. As a result of the aforementioned technological revolutions day by day, many of the organizations or institutions started migrating to cloud environment. Because of this, security issues have increased coupled with the advent of new ways of penetration into networks. Unauthorized users and many professionals with malicious intent started exploiting the legitimate users through cyber-crimes. So, there is a need to implement a proper Intrusion Detection System with optimization procedures. This paper proposes a hybrid Intrusion Detection approach with a combination of Constraints Optimized Stacked Autoencoder (COSAE) for dimension reduction and grid search based SVM-RBF classifier (GSVM-RBF). The COSAE+GSVM-RBF model enhanced the performance using a two-fold. i) The SAE is optimized through regularization techniques with the adoption of weight and dropout constraints, ii) To enhance the performance of the SVM classifier with RBF for tuning the hyperparameters using grid search. Various experiments are conducted to validate this model with four activation functions Scaled Exponential Linear Unit (SELU), Rectified Linear Unit, softplus, and Exponential Linear Unit (ELU) for dimension reduction using COSAE. The improvements carried out in this paper result in exploding gradients and vanishing gradients avoids overfitting in large datasets, intrusion detection rate, gain in computational time, and 100% F-Measure in classifying minor class labels. The proposed approach is validated on the CICIDS2017 dataset. Further, a comparative analysis of the proposed approach with state-of-the-art approaches has been conducted. Based on the experimental results it is observed that the proposed approach outperforms the prevailing approaches.
Published: 2021Read / Download
Modified Deep Learning Methodology Based Malicious Intrusion Detection System in Software Defined Networking
Thangaraj Ethilu, Abirami Sathappan, Paul Rodrigues
Abstract - Software Defined Networking (SDN) has increased a high-level attention in recent years, mainly because of its ability to address the cyber security challenges. Machine learning architectures were developed as the SDN system to detect the security threads; however, present techniques are limited with (i) higher computation time during malicious switch detection, (ii) reduced malicious switch detection rate (MSDR). This paper presents modified deep learning architecture based SDN system consist of two stages: (i) training stage, computes the external feature maps from both trusted and malicious network switches connected to the SDN controller, (ii) testing stage, classifying the trust and malicious switches connected with SDN controller. The feature maps are trained and classified with Modified LeNET Convolutional Neural Networks (CNN) architecture. The proposed methodology is simulated via network simulator under environmental constraint conditions. The results shows that the proposed methodology reduced the malicious switch detection computational time about a half as well as it increased the MSDR to about 6% compared to the conventional methodologies.
Published: 2021Read / Download
Towards Improved Detection of Intrusions with Constraint-Based Clustering (CBC)
J. Rene Beulah, C. Pretty Diana Cyril, S. Geetha, D. Shiny Irene
Abstract - The modern society is greatly benefited by the advancement of the Internet. The quick surge in the number of connections and the ease of access to the Internet have given rise to tremendous security threat to individuals and organizations. In addition to intrusion prevention techniques like firewalls, intrusion detection systems (IDS) are an obligatory level of safety for establishments to identify insiders and outsiders with malicious intentions. Anomaly-based IDS is in the literature for the last few decades, but still the existing methods lack in three main aspects - difficulty in handling mixed attribute types, more dependence on input parameters and incompetence in maintaining a good balance between detection rate (DR) and false alarm rate (FAR). The research work proposed in this paper proposes a semi supervised IDS based on outlier detection which first selects the important features that help in identifying intrusive events and then applies a constraint-based clustering algorithm to closely learn the properties of normal connections. The proposed method can handle data.........................
Published: 2021Read / Download
A Novel Hybrid Approach for Detection of Web-Based Attacks in Intrusion Detection Systems
Muhammet Baykara, Resul Das
Abstract - Importance of information security systems is increasing in parallel with the rapid developments in information technology. The development of new technologies brings new security weaknesses in corporate and personal meaning can lead to unavoidable losses. For this reason, many researches have been performed in order to ensure the security of information systems. In today's world, the concept of information has been moved to the digital size from conventional size. Protection of the data stored in the digital archive and is easily accessibility at any time have become a quite important phenomenon. In this concept, intrusion detection and prevention systems as security tools are widely used today. In this paper, a hybrid real time intrusion and prevention system approach has been proposed for web applications security. The proposed system uses rule-based misuse detection ...............................
Published: 2017Read / DownloadUsage of Machine Learning for Intrusion Detection in a Network
Prachi
Abstract - Increase in volume and intensity of network attacks, forcing the business systems to revamp their network security solutions in order to avoid huge financial losses. Intrusion Detection Systems are one of the most essential security solutions in order to ensure the security of any network. Considering huge volumes of network data and complex nature of intrusions, the performance optimization of Network Intrusion Detection System became an open problem that is gaining more and more attention from the researchers nowadays. The objective of this paper is to identify a machine learning algorithm that provides high accuracy and real-time system application. This paper evaluates the performance of 15 different machine learning algorithms using NSL-KDD dataset on the basis of false discovery rate, average accuracy, root mean squared error and model building time.................................
Published: 2016Read / Download
A Survey on Potential Applications of Honeypot Technology in Intrusion Detection Systems
Muhammet Baykara, Resul Das
Abstract - Information security in the sense of personal and institutional has become a top priority in digitalized modern world in parallel to the new technological developments. Many methods, tools and technologies are used to provide the information security of IT systems. These are considered, encryption, authentication, firewall, and intrusion detection and prevention systems. Moreover, honeypot systems are proposed as complementary structures. This paper presents the overall view of the publications in IDS, IPS and honeypot systems. Recently, honeypot systems are anymore used in connection with intrusion detection systems. So this paper describes possible implementation of honeypot technologies combined with IDS/IPS in a network. Studies in the literature have shown intrusion detection systems cannot find the 0-day vulnerabilities. The system provided by the honeypots and intrusion detection systems in the network, might detect new exploit and hacker attempt.
Published: 2015Read / DownloadEfficient Collaborative Technique using Intrusion Detection System for Preserving Privacy in Location-based Services
Muhammad Jawad Ikram, Jonathan Cazalas
Abstract - The ubiquitous nature of smartphones and GPS-enabled devices, coupled with the increasingly popular usage of location-based services, has effectively created an environment where data access truly is anywhere at any time. While said environment is indeed convenient and quite useful, the unfortunate reality is that users are exposed to a variety of privacy and security threats. User location information can be tracked and then used in malicious ways by non-trusted applications and adversaries. We address this problem by proposing an efficient, collaborative technique that is integrated with an intrusion detection system and rekeying techniques. The algorithm is parameterized by defining performance and security metrics, which can then be used to find optimal settings, both in terms of privacy and quality of service. Based on the proposed performance-security metrics, the tradeoff between privacy and quality of service can be quantified.
Published: 2015Read / Download