Search results for "Intrusion detection system"

showing 10 items of 51 documents

Anomaly Detection from Network Logs Using Diffusion Maps

2011

The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done by applying diffusion maps. The method is adaptive and thus does not need training before analysis. We tested the method with data that includes normal and intrusive traffic to a web server. This approach finds all intrusions in the dataset. peerReviewed

Web serverComputer scienceintrusion detectionDimensionality reductionFeature matrixDiffusion mapdiffusion maphyökkäyksen havaitseminenIntrusion detection systemcomputer.software_genreanomaly detectionpoikkeavuuden havaitseminendiffuusiokarttakoneoppiminenAnomaly detectionData miningtiedonlouhintan-grammitcomputern-grams
researchProduct

Data Stream Clustering for Application-Layer DDoS Detection in Encrypted Traffic

2018

Application-layer distributed denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed using legitimate requests from legitimately connected network machines that make these attacks undetectable by signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections in the application layer, making it even harder to detect an attacker’s activity without decrypting users’ network traffic, and therefore violating their privacy. In this paper, we present a method that allows us to detect various application-l…

Web serverbusiness.industryComputer scienceNetwork packetDenial-of-service attackIntrusion detection systemEncryptioncomputer.software_genreApplication layerData stream clusteringbusinesscomputerVirtual networkComputer network
researchProduct

New Optimization and Security Approaches to Enhance the Smart Grid Performance and Reliability

2016

International audience; Nowadays, the Smart Grid (SG) is becoming smarter thanks to the integration of different information and communication technologies to enhance the reliability and efficiency of the power grid. However, several issues should be met to ensure high SG performance. Among these issues, we cite the problem of electric vehicles (EVs) integration into the SG to avoid electricity intermittence due to the important load that EVs can create. Another issue is the SG communication network security that can be attempted by malicious intruders in order to create damages and make the power grid instable. In this context, we propose at a first level a Bayesian game-theory model that …

[ INFO ] Computer Science [cs]Computer scienceDistributed computing02 engineering and technologyIntrusion detection system[INFO] Computer Science [cs]Bayesian gameGame TheoryRobustness (computer science)Bayesian Nash Equilibrium0202 electrical engineering electronic engineering information engineering[INFO]Computer Science [cs]Smart GridChallengesIntrusion Detection System020203 distributed computingbusiness.industry020206 networking & telecommunicationsTelecommunications networkSmart gridInformation and Communications TechnologyElectricitybusinessGame theoryElectric VehiclesComputer network
researchProduct

Decision-cache based XACML authorisation and anonymisation for XML documents

2012

Author's version of an article in the journal: Computer Standards and Interfaces. Also available from the publisher at: http://dx.doi.org/10.1016/j.csi.2011.10.007 This paper describes a decision cache for the eXtensible Access Control Markup Language (XACML) that supports fine-grained authorisation and anonymisation of XML based messages and documents down to XML attribute and element level. The decision cache is implemented as an XACML obligation service, where a specification of the XML elements to be authorised and anonymised is sent to the Policy Enforcement Point (PEP) during initial authorisation. Further authorisation of individual XML elements according to the authorisation specifi…

authorisationSoftware_OPERATINGSYSTEMSMarkup languageComputer sciencecomputer.internet_protocolXACMLAccess controlIntrusion detection systemcomputer.software_genrecachingXACMLcomputer.programming_languageanonymisationVDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424AuthenticationDatabasebusiness.industryComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSHardware and ArchitectureCacheprivacy policyWeb servicebusinessLawcomputerSoftwareXMLComputer Standards & Interfaces
researchProduct

Anomaly‐based intrusion detection systems: The requirements, methods, measurements, and datasets

2021

International audience; With the Internet's unprecedented growth and nations' reliance on computer networks, new cyber‐attacks are created every day as means for achieving financial gain, imposing political agendas, and developing cyberwarfare arsenals. Network security is thus acquiring increasing attention among researchers, practitioners, network architects, policy makers, and others. To defend organizations' networks from existing, foreseen, and future threats, intrusion detection systems (IDSs) are becoming a must. Existing surveys on anomaly‐based IDS (AIDS) focus on specific components such as detection mechanisms and lack many others. In contrast to existing surveys, this article co…

business.industryComputer scienceAnomaly (natural sciences)020206 networking & telecommunications02 engineering and technologyIntrusion detection system[INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE]Computer securitycomputer.software_genre[INFO.INFO-MO]Computer Science [cs]/Modeling and Simulation[INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR][INFO.INFO-MA]Computer Science [cs]/Multiagent Systems [cs.MA]0202 electrical engineering electronic engineering information engineering020201 artificial intelligence & image processingThe Internet[INFO.INFO-ET]Computer Science [cs]/Emerging Technologies [cs.ET]Electrical and Electronic Engineering[INFO.INFO-DC]Computer Science [cs]/Distributed Parallel and Cluster Computing [cs.DC]businesscomputer
researchProduct

Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context

2010

Published version of an article from the journal: Wireless Personal Communications. The original publication is available at Spingerlink. http://dx.doi.org/10.1007/s11277-010-0069-6 The paper proposes a location-aware mobile Intrusion Prevention System (mIPS) architecture with enhanced privacy that is integrated in Managed Security Service (MSS). The solution is envisaged in a future fifth generation telecommunications (5G) context with increased but varying bandwidth, a virtualised execution environment and infrastructure that allows threads, processes, virtual machines and storage to be migrated to cloud computing services on demand, to dynamically scale performance and save power. 5G mob…

business.industryComputer scienceVDP::Technology: 500::Information and communication technology: 550Context (language use)Cloud computingIntrusion detection systemManaged security servicecomputer.software_genreComputer securityComputer Science ApplicationsInformation sensitivityVirtual machineMalwareElectrical and Electronic EngineeringIntrusion prevention systembusinesscomputerMobile deviceComputer networkWireless Personal Communications
researchProduct

A novel method for network intrusion detection based on nonlinear SNE and SVM

2017

In the case of network intrusion detection data, pre-processing techniques have been extensively used to enhance the accuracy of the model. An ideal intrusion detection system (IDS) is one that has appreciable detection capability overall the group of attacks. An open research problem of this area is the lower detection rate for less frequent attacks, which result from the curse of dimensionality and imbalanced class distribution of the benchmark datasets. This work attempts to minimise the effects of imbalanced class distribution by applying random under-sampling of the majority classes and SMOTE-based oversampling of minority classes. In order to alleviate the issue arising from the curse…

business.industryComputer science[INFO.INFO-TS] Computer Science [cs]/Signal and Image ProcessingDimensionality reductionFeature vectorPattern recognitionGeneral MedicineIntrusion detection systemSupport vector machineBenchmark (computing)EmbeddingRadial basis functionArtificial intelligencebusinessCurse of dimensionality
researchProduct

Anomaly-based online intrusion detection system as a sensor for cyber security situational awareness system

2016

Almost all the organisations and even individuals rely on complex structures of data networks and networked computer systems. That complex data ensemble, the cyber domain, provides great opportunities, but at the same time it offers many possible attack vectors that can be abused for cyber vandalism, cyber crime, cyber espionage or cyber terrorism. Those threats produce requirements for cyber security situational awareness and intrusion detection capability. This dissertation concentrates on research and development of anomaly-based network intrusion detection system as a sensor for a situational awareness system. In this dissertation, several models of intrusion detection systems are devel…

early warningpääsynvalvontatunkeilijan havaitsemisjärjestelmätcyber securityvalvontajärjestelmättilannekuvaanomaly detectionsituational awarenessinformation sharingnetwork securityintrusion detection systemklusterianalyysitiedonlouhintakyberturvallisuustietoverkotclustering
researchProduct

An Intrusion Detection System for Fog Computing and IoT based Logistic Systems using a Smart Data Approach

2016

The Internet of Things (IoT) is widely used in advanced logistic systems. Safety and security of such systems are utmost important to guarantee the quality of their services. However, such systems are vulnerable to cyber-attacks. Development of lightweight anomaly based intrusion detection systems (IDS) is one of the key measures to tackle this problem. In this paper, we present a new distributed and lightweight IDS based on an Artificial Immune System (AIS). The IDS is distributed in a three-layered IoT structure including the cloud, fog and edge layers. In the cloud layer, the IDS clusters primary network traffic and trains its detectors. In the fog layer, we take advantage of a smart dat…

smart dataintrusion detection systemsesineiden internetfog computing
researchProduct

Online anomaly detection using dimensionality reduction techniques for HTTP log analysis

2015

Modern web services face an increasing number of new threats. Logs are collected from almost all web servers, and for this reason analyzing them is beneficial when trying to prevent intrusions. Intrusive behavior often differs from the normal web traffic. This paper proposes a framework to find abnormal behavior from these logs. We compare random projection, principal component analysis and diffusion map for anomaly detection. In addition, the framework has online capabilities. The first two methods have intuitive extensions while diffusion map uses the Nyström extension. This fast out-of-sample extension enables real-time analysis of web server traffic. The framework is demonstrated using …

ta113Web serverComputer Networks and Communicationsbusiness.industryComputer scienceRandom projectionDimensionality reductionRandom projectionPrincipal component analysisIntrusion detection systemAnomaly detectionMachine learningcomputer.software_genreCyber securityWeb trafficPrincipal component analysisDiffusion mapAnomaly detectionIntrusion detectionArtificial intelligenceData miningWeb servicebusinesskyberturvallisuuscomputer
researchProduct