Search results for " intrusion detection"

showing 10 items of 13 documents

A Hierarchical Detection and Response System to Enhance Security Against Lethal Cyber-Attacks in UAV Networks

2018

International audience; Unmanned aerial vehicles (UAVs) networks have not yet received considerable research attention. Specifically, security issues are a major concern because such networks, which carry vital information, are prone to various attacks. In this paper, we design and implement a novel intrusion detection and response scheme, which operates at the UAV and ground station levels, to detect malicious anomalies that threaten the network. In this scheme, a set of detection and response techniques are proposed to monitor the UAV behaviors and categorize them into the appropriate list (normal, abnormal, suspect, and malicious) according to the detected cyber-attack. We focus on the m…

Ad hoc networksMonitoringAnomaly-based intrusion detection systemWireless ad hoc networkComputer science[ INFO.INFO-NI ] Computer Science [cs]/Networking and Internet Architecture [cs.NI]UAVMobile computing[ INFO.INFO-CR ] Computer Science [cs]/Cryptography and Security [cs.CR]JammingComputerApplications_COMPUTERSINOTHERSYSTEMS02 engineering and technologyIntrusion detection systemAnomaly detection and rules-based intrusion detection techniquesIDSBlack hole (networking)Computer securitycomputer.software_genreMobile communicationUnmanned aerial vehicles[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR][INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI]0202 electrical engineering electronic engineering information engineeringFalse positive paradoxOverhead (computing)Intrusion detectionElectrical and Electronic Engineering020206 networking & telecommunicationsComputer Science ApplicationsHuman-Computer InteractionControl and Systems Engineeringintrusion detection system020201 artificial intelligence & image processingcyber-attacksIntrusion prevention systemcomputerSoftware
researchProduct

Mitigating DDoS using weight‐based geographical clustering

2020

Distributed denial of service (DDoS) attacks have for the last two decades been among the greatest threats facing the internet infrastructure. Mitigating DDoS attacks is a particularly challenging task as an attacker tries to conceal a huge amount of traffic inside a legitimate traffic flow. This article proposes to use data mining approaches to find unique hidden data structures which are able to characterize the normal traffic flow. This will serve as a mean for filtering illegitimate traffic under DDoS attacks. In this endeavor, we devise three algorithms built on previously uncharted areas within mitigation techniques where clustering techniques are used to create geographical clusters …

Anomaly intrusion detectionsComputer Networks and CommunicationsComputer scienceComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSDenial-of-service attackFault tolerancecomputer.software_genreClustering techniquesData segmentComputer Science ApplicationsTheoretical Computer ScienceComputational Theory and MathematicsMitigating DDoS attacksCloud burstingData miningCluster analysisWeight based dosingcomputerSoftwareAddress clusteringMitigation techniquesConcurrency and Computation: Practice and Experience
researchProduct

Using continuous user authentication to detect masqueraders

2003

Nowadays computer and network intrusions have become more common and more complicated, challenging the intrusion detection systems. Also, network traffic has been constantly increasing. As a consequence, the amount of data to be processed by an intrusion detection system has been growing, making it difficult to efficiently detect intrusions online. Proposes an approach for continuous user authentication based on the user’s behaviour, aiming at development of an efficient and portable anomaly intrusion detection system. A prototype of a host‐based intrusion detection system was built. It detects masqueraders by comparing the current user behaviour with his/her stored behavioural model. The m…

AuthenticationUser profileComputer scienceAnomaly-based intrusion detection systemReal-time computingIntrusion detection systemLibrary and Information SciencesManagement Science and Operations ResearchComputer securitycomputer.software_genreManagement Information SystemsInformation protection policyHost-based intrusion detection systemSystems architectureBusiness and International ManagementHost (network)computerInformation Management & Computer Security
researchProduct

A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection

2001

Network security, and intrusion detection in particular, represents an area of increased in security community over last several years. However, the majority of work in this area has been concentrated upon implementation of misuse detection systems for intrusion patterns monitoring among network traffic. In anomaly detection the classification was mainly based on statistical or sequential analysis of data often neglect ion temporal events' information as well as existing relations between them. In this paper we consider an anomaly detection problem as one of classification of user behavior in terms of incoming multiple discrete sequences. We present and approach that allows creating and mai…

Class (computer programming)User profileNetwork securitybusiness.industryAnomaly-based intrusion detection systemComputer scienceIntrusion detection systemcomputer.software_genreMisuse detectionData analysisAnomaly detectionData miningbusinesscomputer
researchProduct

Machine Learning Techniques for Intrusion Detection: A Comparative Analysis

2016

International audience; With the growth of internet world has transformed into a global market with all monetary and business exercises being carried online. Being the most imperative resource of the developing scene, it is the vulnerable object and hence needs to be secured from the users with dangerous personality set. Since the Internet does not have focal surveillance component, assailants once in a while, utilizing varied and advancing hacking topologies discover a path to bypass framework " s security and one such collection of assaults is Intrusion. An intrusion is a movement of breaking into the framework by compromising the security arrangements of the framework set up. The techniq…

Computer scienceAnomaly-based intrusion detection system02 engineering and technologyIntrusion detection systemIDSMachine learningcomputer.software_genre[ INFO.INFO-CV ] Computer Science [cs]/Computer Vision and Pattern Recognition [cs.CV][INFO.INFO-AI]Computer Science [cs]/Artificial Intelligence [cs.AI]Machine LearningResource (project management)Component (UML)0202 electrical engineering electronic engineering information engineeringROCSet (psychology)[ INFO.INFO-AI ] Computer Science [cs]/Artificial Intelligence [cs.AI]False Positivebusiness.industryACM[INFO.INFO-CV]Computer Science [cs]/Computer Vision and Pattern Recognition [cs.CV]020206 networking & telecommunicationsPrecisionObject (computer science)True PositiveOutlier020201 artificial intelligence & image processingThe InternetArtificial intelligenceData miningbusinesscomputer
researchProduct

Combining conjunctive rule extraction with diffusion maps for network intrusion detection

2013

Network security and intrusion detection are important in the modern world where communication happens via information networks. Traditional signature-based intrusion detection methods cannot find previously unknown attacks. On the other hand, algorithms used for anomaly detection often have black box qualities that are difficult to understand for people who are not algorithm experts. Rule extraction methods create interpretable rule sets that act as classifiers. They have mostly been combined with already labeled data sets. This paper aims to combine unsupervised anomaly detection with rule extraction techniques to create an online anomaly detection framework. Unsupervised anomaly detectio…

Computer scienceAnomaly-based intrusion detection systemNetwork securityintrusion detectiontunkeutumisen havaitseminenFeature extractionDiffusion mapdiffusion mapIntrusion detection systemMachine learningcomputer.software_genrepoikkeavuuden havaitseminenBlack boxtiedon louhintan-grammiCluster analysista113Training setrule extractionbusiness.industryn-gramanomaly detectiondiffuusiokarttakoneoppiminensääntöjen erottaminenAnomaly detectionArtificial intelligenceData miningtiedonlouhintabusinesscomputer2013 IEEE Symposium on Computers and Communications (ISCC)
researchProduct

On the Robust Synthesis of Logical Consensus Algorithms for Distributed Intrusion Detection

2013

We introduce a novel consensus mechanism by which the agents of a network can reach an agreement on the value of a shared logical vector function depending on binary input events. Based on results on the convergence of finite--state iteration systems, we provide a technique to design logical consensus systems that minimize the number of messages to be exchanged and the number of steps before consensus is reached, and that can tolerate a bounded number of failed or malicious agents. We provide sufficient joint conditions on the input visibility and the communication topology for the method's applicability. We describe the application of our method to two distributed network intrusion detecti…

Consensus algorithmTheoretical computer scienceComputer scienceDistributed computingVisibility (geometry)Binary numberValue (computer science)Topology (electrical circuits)Computer Science::Multiagent SystemsSettore ING-INF/04 - AutomaticaControl and Systems EngineeringConsensus distributed algorithms intrusion detection security.Bounded functionConvergence (routing)Electrical and Electronic EngineeringVector-valued function
researchProduct

Intrusion Detection and Ejection Framework Against Lethal Attacks in UAV-Aided Networks: A Bayesian Game-Theoretic Methodology

2017

International audience; Advances in wireless communications and microelectronics have spearheaded the development of unmanned aerial vehicles (UAVs), which can be used to augment a ground network composed of sensors and/or vehicles in order to increase coverage, enhance the end-to-end delay, and improve data processing. While UAV-aided networks can potentially find applications in many areas, a number of issues, particularly security, have not been readily addressed. The intrusion detection system is the most commonly used technique to detect attackers. In this paper, we focus on addressing two main issues within the context of intrusion detection and attacker ejection in UAV-aided networks…

EngineeringAnomaly-based intrusion detection systemintrusion detection system (IDS)Context (language use)02 engineering and technologyIntrusion detection systemComputer securitycomputer.software_genreBayesian game[ SPI.GCIV.IT ] Engineering Sciences [physics]/Civil Engineering/Infrastructures de transportUtility[ SPI.NRJ ] Engineering Sciences [physics]/Electric power0202 electrical engineering electronic engineering information engineering[ SPI.GCIV ] Engineering Sciences [physics]/Civil Engineering[ SPI ] Engineering Sciences [physics]Overhead (computing)Network performanceunmanned aerial vehicles (UAVs)Ad HocBayesian gameVehicular ad hoc networkbusiness.industryMechanical EngineeringNode (networking)020206 networking & telecommunicationsComputer Science Applications[ SPI.TRON ] Engineering Sciences [physics]/ElectronicsEfficientAutomotive Engineeringintrusion ejection system (IES)020201 artificial intelligence & image processingVehicular NetworksWireless Sensor NetworksbusinesscomputerComputer network
researchProduct

Two tiered privacy enhanced intrusion detection system architecture

2009

The paper describes an architecture for privacy-enhanced intrusion detection systems, that separates privacy-invasive and privacy-preserving operations. This can be useful in cases where less sensitive network monitoring is outsourced to a third party and more sensitive network monitoring operations and data forensics are performed in-house or by law enforcement agencies.

Network forensicsInformation privacyComputer sciencePrivacy policyLaw enforcementXACMLComputingMilieux_LEGALASPECTSOFCOMPUTINGIntrusion detection systemNetwork monitoringComputer securitycomputer.software_genreHost-based intrusion detection systemcomputercomputer.programming_language2009 IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications
researchProduct

PRIvacy LEakage Methodology (PRILE) for IDS Rules

2010

This paper introduces a methodology for evaluating PRIvacy LEakage in signature-based Network Intrusion Detection System (IDS) rules. IDS rules that expose more data than a given percentage of all data sessions are defined as privacy leaking. Furthermore, it analyses the IDS rule attack specific pattern size required in order to keep the privacy leakage below a given threshold, presuming that occurrence frequencies of the attack pattern in normal text are known. We have applied the methodology on the network intrusion detection system Snort’s rule set. The evaluation confirms that Snort in its default configuration aims at not being excessively privacy invasive. However we have identified s…

Set (abstract data type)Pattern sizeEngineeringbusiness.industryPrivacy softwareData miningNetwork intrusion detectionLeakage (economics)computer.software_genreComputer securitybusinesscomputerSignature (logic)
researchProduct