Search results for "Intrusion detection"

showing 10 items of 69 documents

A novel method for network intrusion detection based on nonlinear SNE and SVM

2017

In the case of network intrusion detection data, pre-processing techniques have been extensively used to enhance the accuracy of the model. An ideal intrusion detection system (IDS) is one that has appreciable detection capability overall the group of attacks. An open research problem of this area is the lower detection rate for less frequent attacks, which result from the curse of dimensionality and imbalanced class distribution of the benchmark datasets. This work attempts to minimise the effects of imbalanced class distribution by applying random under-sampling of the majority classes and SMOTE-based oversampling of minority classes. In order to alleviate the issue arising from the curse…

business.industryComputer science[INFO.INFO-TS] Computer Science [cs]/Signal and Image ProcessingDimensionality reductionFeature vectorPattern recognitionGeneral MedicineIntrusion detection systemSupport vector machineBenchmark (computing)EmbeddingRadial basis functionArtificial intelligencebusinessCurse of dimensionality
researchProduct

Dynamic Distributed Intrusion Detection for Secure Multi-Robot Systems

2009

A general technique to build a dynamic and distributed intrusion detector for a class of multi–agent systems is proposed in this paper, by which misbehavior in the motion of one or more agents can be discovered. Previous work from the authors has focused on how to distinguish the behavior of a misbehaving agent in a completely distributed way, by developing a solution where agents act as local monitors of their neighbors and use locally sensed information as well as data received from other monitors at a particular time. In this work, we improve the system detection capability by allowing monitors to use information collected at different instants and thus realizing a dynamic state observer…

EngineeringClass (computer programming)business.industryReal-time computingDetectorMotion detectionIntrusion detection systemMotion (physics)hybrid observerSettore ING-INF/04 - Automaticamulti-agent systemRobotIntrusion detectionObservabilityState observerbusiness
researchProduct

Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks

2013

In modern networks, HTTP clients communicate with web servers using request messages. By manipulating these messages attackers can collect confidential information from servers or even corrupt them. In this study, the approach based on anomaly detection is considered to find such attacks. For HTTP queries, feature matrices are obtained by applying an n-gram model, and, by learning on the basis of these matrices, growing hierarchical self-organizing maps are constructed. For HTTP headers, we employ statistical distribution models based on the lengths of header values and relative frequency of symbols. New requests received by the web-server are classified by using the maps and models obtaine…

Self-organizing mapWeb serverComputer scienceServerHeaderSingle-linkage clusteringAnomaly detectionIntrusion detection systemData miningWeb servicecomputer.software_genrecomputer
researchProduct

A Hierarchical Detection and Response System to Enhance Security Against Lethal Cyber-Attacks in UAV Networks

2018

International audience; Unmanned aerial vehicles (UAVs) networks have not yet received considerable research attention. Specifically, security issues are a major concern because such networks, which carry vital information, are prone to various attacks. In this paper, we design and implement a novel intrusion detection and response scheme, which operates at the UAV and ground station levels, to detect malicious anomalies that threaten the network. In this scheme, a set of detection and response techniques are proposed to monitor the UAV behaviors and categorize them into the appropriate list (normal, abnormal, suspect, and malicious) according to the detected cyber-attack. We focus on the m…

Ad hoc networksMonitoringAnomaly-based intrusion detection systemWireless ad hoc networkComputer science[ INFO.INFO-NI ] Computer Science [cs]/Networking and Internet Architecture [cs.NI]UAVMobile computing[ INFO.INFO-CR ] Computer Science [cs]/Cryptography and Security [cs.CR]JammingComputerApplications_COMPUTERSINOTHERSYSTEMS02 engineering and technologyIntrusion detection systemAnomaly detection and rules-based intrusion detection techniquesIDSBlack hole (networking)Computer securitycomputer.software_genreMobile communicationUnmanned aerial vehicles[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR][INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI]0202 electrical engineering electronic engineering information engineeringFalse positive paradoxOverhead (computing)Intrusion detectionElectrical and Electronic Engineering020206 networking & telecommunicationsComputer Science ApplicationsHuman-Computer InteractionControl and Systems Engineeringintrusion detection system020201 artificial intelligence & image processingcyber-attacksIntrusion prevention systemcomputerSoftware
researchProduct

Robust Network Agreement on Logical Information

2011

Abstract Logical consensus is an approach to distributed decision making which is based on the availability of a network of agents with incomplete system knowledge. The method requires the construction of a Boolean map which defines a dynamic system allowing the entire network to consent on a unique, global decision. Previous work by the authors proved the method to be viable for applications such as intrusion detection within a structured environment, when the agent's communication topology is known in advance. The current work aims at providing a fully distributed protocol, requiring no a priori knowledge of each agent's communication neighbors. The protocol allows the construction of a r…

0209 industrial biotechnology020901 industrial engineering & automationTheoretical computer scienceSettore ING-INF/04 - AutomaticaComputer scienceDistributed computingIntrusion detection security robust logical consensus networked and distributed systems.0202 electrical engineering electronic engineering information engineering020207 software engineeringTopology (electrical circuits)02 engineering and technologyIntrusion detection systemProtocol (object-oriented programming)
researchProduct

Privacy Violation Classification of Snort Ruleset

2010

Published version of a paper presented at the 2010 18th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP). (c) 2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. Paper also available from the publisher:http://dx.doi.org/10.1109/PDP.2010.87 It is important to analyse the privacy impact of Intrusion Detection System (IDS) rules, in order to understand a…

VDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424Information privacyNaive Bayes classifierComputer scienceRelational databasePrivacy softwareData securityConfidentialityNetwork monitoringIntrusion detection systemData miningcomputer.software_genrecomputer
researchProduct

Federated Learning for Zero-Day Attack Detection in 5G and Beyond V2X Networks

2023

Deploying Connected and Automated Vehicles (CAVs) on top of 5G and Beyond networks (5GB) makes them vulnerable to increasing vectors of security and privacy attacks. In this context, a wide range of advanced machine/deep learning-based solutions have been designed to accurately detect security attacks. Specifically, supervised learning techniques have been widely applied to train attack detection models. However, the main limitation of such solutions is their inability to detect attacks different from those seen during the training phase, or new attacks, also called zero-day attacks. Moreover, training the detection model requires significant data collection and labeling, which increases th…

[INFO.INFO-AI] Computer Science [cs]/Artificial Intelligence [cs.AI]5GBIoV[INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI]Zero-day attacksSécurité5G V2X IoV Sécurité Attaques Détection Apprentissage Fédéré[INFO] Computer Science [cs]Intrusion DetectionDétectionAttaquesSecurityV2XApprentissage FédéréFederated Learning5GConnected and Automated Vehicles[INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]
researchProduct

Detection of Anomalous HTTP Requests Based on Advanced N-gram Model and Clustering Techniques

2013

Nowadays HTTP servers and applications are some of the most popular targets for network attacks. In this research, we consider an algorithm for HTTP intrusions detection based on simple clustering algorithms and advanced processing of HTTP requests which allows the analysis of all queries at once and does not separate them by resource. The method proposed allows detection of HTTP intrusions in case of continuously updated web-applications and does not require a set of HTTP requests free of attacks to build the normal user behaviour model. The algorithm is tested using logs acquired from a large real-life web service and, as a result, all attacks from these logs are detected, while the numbe…

Set (abstract data type)n-gramResource (project management)Computer scienceServerAnomaly detectionIntrusion detection systemData miningWeb serviceCluster analysiscomputer.software_genrecomputer
researchProduct

Data Mining Approach for Detection of DDoS Attacks Utilizing SSL/TLS Protocol

2015

Denial of Service attacks remain one of the most serious threats to the Internet nowadays. In this study, we propose an algorithm for detection of Denial of Service attacks that utilize SSL/TLS protocol. These protocols encrypt the data of network connections on the application layer which makes it impossible to detect attackers activity based on the analysis of packet payload. For this reason, we concentrate on statistics that can be extracted from packet headers. Based on these statistics, we build a model of normal user behavior by using several data mining algorithms. Once the model has been built, it is used to detect DoS attacks. The proposed framework is tested on the data obtained w…

Transport Layer SecurityNetwork securitybusiness.industryNetwork packetComputer scienceComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSDenial-of-service attackIntrusion detection systemcomputer.software_genreApplication layerAnomaly detectionThe InternetData miningbusinesscomputerComputer network
researchProduct

Decision-cache based XACML authorisation and anonymisation for XML documents

2012

Author's version of an article in the journal: Computer Standards and Interfaces. Also available from the publisher at: http://dx.doi.org/10.1016/j.csi.2011.10.007 This paper describes a decision cache for the eXtensible Access Control Markup Language (XACML) that supports fine-grained authorisation and anonymisation of XML based messages and documents down to XML attribute and element level. The decision cache is implemented as an XACML obligation service, where a specification of the XML elements to be authorised and anonymised is sent to the Policy Enforcement Point (PEP) during initial authorisation. Further authorisation of individual XML elements according to the authorisation specifi…

authorisationSoftware_OPERATINGSYSTEMSMarkup languageComputer sciencecomputer.internet_protocolXACMLAccess controlIntrusion detection systemcomputer.software_genrecachingXACMLcomputer.programming_languageanonymisationVDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424AuthenticationDatabasebusiness.industryComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSHardware and ArchitectureCacheprivacy policyWeb servicebusinessLawcomputerSoftwareXMLComputer Standards & Interfaces
researchProduct