Search results for "Intrusion detection"

showing 10 items of 69 documents

A framework for behavior-based detection of user substitution in a mobile context

2007

Personal mobile devices, such as mobile phones, smartphones, and communicators can be easily lost or stolen. Due to the functional abilities of these devices, their use by unintended persons may result in severe security breaches concerning private or corporate data and services. Organizations develop their security policy and employ preventive techniques to combat unauthorized use. Current solutions, however, are still breakable and there is a strong need for means to detect user substitution when it happens. A crucial issue in designing such means is to define the measures to be monitored. In this paper, a structured conceptual framework for mobile-user substitution detection is proposed.…

General Computer ScienceComputer sciencemedia_common.quotation_subjectUser modelingSubstitution (logic)Computer user satisfactionIntrusion detection systemComputer securitycomputer.software_genreSecurity policyUser interface designHuman–computer interactionPersonalityLawcomputerMobile devicemedia_commonComputers & Security
researchProduct

Smart Grid Security: A new Approach to Detect Intruders in a Smart Grid Neighborhood Area Network

2016

International audience; In this paper, we propose an efficient and lightweight attack detection mechanism for a smart grid Neighborhood Area Network (NAN) that combine between distributed and centralized intrusion detection. A NAN includes the customers' appliances, smart meters and collectors. The smart meters measure the power consumption of each appliance and the collectors aggregate the measures and forward them to the control center for analysis. Intrusion Detection System (IDS) agents, proposed in our framework, run in a distributed fashion at smart meters level and in a centralized fashion at collector and control center nodes. A combination between a rule-based detection and a learn…

Intruder detection[ INFO ] Computer Science [cs]Computer science[SPI] Engineering Sciences [physics][ INFO.INFO-NI ] Computer Science [cs]/Networking and Internet Architecture [cs.NI]Denial-of-service attack02 engineering and technologyIntrusion detection system[INFO] Computer Science [cs]Resource exhaustion0202 electrical engineering electronic engineering information engineering[ SPI ] Engineering Sciences [physics]Neighborhood area networkSmart GridFalse data injection[INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI]business.industrySmart grid security020208 electrical & electronic engineering020206 networking & telecommunicationsAttackGrid[SPI.TRON] Engineering Sciences [physics]/Electronics[ SPI.TRON ] Engineering Sciences [physics]/ElectronicsSmart gridDoSbusinessEnergy (signal processing)Computer networkEfficient energy use
researchProduct

Two tiered privacy enhanced intrusion detection system architecture

2009

The paper describes an architecture for privacy-enhanced intrusion detection systems, that separates privacy-invasive and privacy-preserving operations. This can be useful in cases where less sensitive network monitoring is outsourced to a third party and more sensitive network monitoring operations and data forensics are performed in-house or by law enforcement agencies.

Network forensicsInformation privacyComputer sciencePrivacy policyLaw enforcementXACMLComputingMilieux_LEGALASPECTSOFCOMPUTINGIntrusion detection systemNetwork monitoringComputer securitycomputer.software_genreHost-based intrusion detection systemcomputercomputer.programming_language2009 IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications
researchProduct

Learning Temporal Regularities of User Behavior for Anomaly Detection

2001

Fast expansion of inexpensive computers and computer networks has dramatically increased number of computer security incidents during last years. While quite many computer systems are still vulnerable to numerous attacks, intrusion detection has become vitally important as a response to constantly increasing number of threats. In this paper we discuss an approach to discover temporal and sequential regularities in user behavior. We present an algorithm that allows creating and maintaining user profiles relying not only on sequential information but taking into account temporal features, such as events' lengths and possible temporal relations between them. The constructed profiles represent …

Network securitybusiness.industryComputer scienceAnomaly detectionArtificial intelligenceIntrusion detection systemData miningAnomaly (physics)businesscomputer.software_genrecomputer
researchProduct

An intrusion detection system for selective forwarding attack in IPv6-based mobile WSNs

2017

Selective forwarding attack is considered among the most dangerous attack in wireless sensor networks, particularly in mobile environment. The attackers compromise legitimate nodes and selectively drop some packets. In addition to that, the movement of some nodes increases link failures, collisions and packet loss. So, it will be more difficult to detect malicious nodes from legitimates ones. This paper focuses on detecting selective forwarding attackers in IPv6-based mobile wireless sensor networks when the standardized IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) is used. Contrarily to previous works which propose solutions to detect selective forwarding attack in static w…

Routing protocolComputer scienceNetwork packetbusiness.industryComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS010401 analytical chemistryPacket forwarding020206 networking & telecommunications02 engineering and technologyIntrusion detection system01 natural sciences0104 chemical sciencesIPv6Key distribution in wireless sensor networksPacket lossPacket drop attack0202 electrical engineering electronic engineering information engineeringbusinessWireless sensor networkComputer network2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC)
researchProduct

Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks

2013

In modern networks, HTTP clients communicate with web servers using request messages. By manipulating these messages attackers can collect confidential information from servers or even corrupt them. In this study, the approach based on anomaly detection is considered to find such attacks. For HTTP queries, feature matrices are obtained by applying an n-gram model, and, by learning on the basis of these matrices, growing hierarchical self-organizing maps are constructed. For HTTP headers, we employ statistical distribution models based on the lengths of header values and relative frequency of symbols. New requests received by the web-server are classified by using the maps and models obtaine…

Self-organizing mapWeb serverComputer scienceServerHeaderSingle-linkage clusteringAnomaly detectionIntrusion detection systemData miningWeb servicecomputer.software_genrecomputer
researchProduct

PRIvacy LEakage Methodology (PRILE) for IDS Rules

2010

This paper introduces a methodology for evaluating PRIvacy LEakage in signature-based Network Intrusion Detection System (IDS) rules. IDS rules that expose more data than a given percentage of all data sessions are defined as privacy leaking. Furthermore, it analyses the IDS rule attack specific pattern size required in order to keep the privacy leakage below a given threshold, presuming that occurrence frequencies of the attack pattern in normal text are known. We have applied the methodology on the network intrusion detection system Snort’s rule set. The evaluation confirms that Snort in its default configuration aims at not being excessively privacy invasive. However we have identified s…

Set (abstract data type)Pattern sizeEngineeringbusiness.industryPrivacy softwareData miningNetwork intrusion detectionLeakage (economics)computer.software_genreComputer securitybusinesscomputerSignature (logic)
researchProduct

Detection of Anomalous HTTP Requests Based on Advanced N-gram Model and Clustering Techniques

2013

Nowadays HTTP servers and applications are some of the most popular targets for network attacks. In this research, we consider an algorithm for HTTP intrusions detection based on simple clustering algorithms and advanced processing of HTTP requests which allows the analysis of all queries at once and does not separate them by resource. The method proposed allows detection of HTTP intrusions in case of continuously updated web-applications and does not require a set of HTTP requests free of attacks to build the normal user behaviour model. The algorithm is tested using logs acquired from a large real-life web service and, as a result, all attacks from these logs are detected, while the numbe…

Set (abstract data type)n-gramResource (project management)Computer scienceServerAnomaly detectionIntrusion detection systemData miningWeb serviceCluster analysiscomputer.software_genrecomputer
researchProduct

Decentralized Intrusion Detection In Cooperative Multi-Agent Systems

Settore ING-INF/04 - AutomaticaIntrusion detectionsecuritymulti-agent systems
researchProduct

Logical Consensus for Distributed Network Agreement

2008

In this paper we introduce a novel consensus mechanism where agents of a network are able to share logical values, or Booleans, representing their local opinions on e.g. the presence of an intruder or of a fire within an indoor environment. Under suitable joint conditions on agents? visibility and communication capability, we provide an algorithm generating a logical linear consensus system that is globally stable. The solution is optimal in terms of the number of messages to be exchanged and the time needed to reach a consensus. Moreover, to cope with possible sensor failure, we propose a second design approach that produces robust logical nonlinear consensus systems tolerating a maximum n…

Settore ING-INF/04 - AutomaticaRobustness (computer science)Computer scienceDistributed computingVisibility (geometry)Stability (learning theory)Algorithm designIntrusion detection systemdistributed systemConsensus algorithmBoolean data typelogical consensuUniform consensus
researchProduct