Search results for "intrusion detection system"

showing 10 items of 51 documents

An intrusion detection system for selective forwarding attack in IPv6-based mobile WSNs

2017

Selective forwarding attack is considered among the most dangerous attack in wireless sensor networks, particularly in mobile environment. The attackers compromise legitimate nodes and selectively drop some packets. In addition to that, the movement of some nodes increases link failures, collisions and packet loss. So, it will be more difficult to detect malicious nodes from legitimates ones. This paper focuses on detecting selective forwarding attackers in IPv6-based mobile wireless sensor networks when the standardized IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) is used. Contrarily to previous works which propose solutions to detect selective forwarding attack in static w…

Routing protocolComputer scienceNetwork packetbusiness.industryComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS010401 analytical chemistryPacket forwarding020206 networking & telecommunications02 engineering and technologyIntrusion detection system01 natural sciences0104 chemical sciencesIPv6Key distribution in wireless sensor networksPacket lossPacket drop attack0202 electrical engineering electronic engineering information engineeringbusinessWireless sensor networkComputer network2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC)
researchProduct

Growing Hierarchical Self-organizing Maps and Statistical Distribution Models for Online Detection of Web Attacks

2013

In modern networks, HTTP clients communicate with web servers using request messages. By manipulating these messages attackers can collect confidential information from servers or even corrupt them. In this study, the approach based on anomaly detection is considered to find such attacks. For HTTP queries, feature matrices are obtained by applying an n-gram model, and, by learning on the basis of these matrices, growing hierarchical self-organizing maps are constructed. For HTTP headers, we employ statistical distribution models based on the lengths of header values and relative frequency of symbols. New requests received by the web-server are classified by using the maps and models obtaine…

Self-organizing mapWeb serverComputer scienceServerHeaderSingle-linkage clusteringAnomaly detectionIntrusion detection systemData miningWeb servicecomputer.software_genrecomputer
researchProduct

Detection of Anomalous HTTP Requests Based on Advanced N-gram Model and Clustering Techniques

2013

Nowadays HTTP servers and applications are some of the most popular targets for network attacks. In this research, we consider an algorithm for HTTP intrusions detection based on simple clustering algorithms and advanced processing of HTTP requests which allows the analysis of all queries at once and does not separate them by resource. The method proposed allows detection of HTTP intrusions in case of continuously updated web-applications and does not require a set of HTTP requests free of attacks to build the normal user behaviour model. The algorithm is tested using logs acquired from a large real-life web service and, as a result, all attacks from these logs are detected, while the numbe…

Set (abstract data type)n-gramResource (project management)Computer scienceServerAnomaly detectionIntrusion detection systemData miningWeb serviceCluster analysiscomputer.software_genrecomputer
researchProduct

Logical Consensus for Distributed Network Agreement

2008

In this paper we introduce a novel consensus mechanism where agents of a network are able to share logical values, or Booleans, representing their local opinions on e.g. the presence of an intruder or of a fire within an indoor environment. Under suitable joint conditions on agents? visibility and communication capability, we provide an algorithm generating a logical linear consensus system that is globally stable. The solution is optimal in terms of the number of messages to be exchanged and the time needed to reach a consensus. Moreover, to cope with possible sensor failure, we propose a second design approach that produces robust logical nonlinear consensus systems tolerating a maximum n…

Settore ING-INF/04 - AutomaticaRobustness (computer science)Computer scienceDistributed computingVisibility (geometry)Stability (learning theory)Algorithm designIntrusion detection systemdistributed systemConsensus algorithmBoolean data typelogical consensuUniform consensus
researchProduct

Learning temporal patterns for anomaly intrusion detection

2002

For the last decade an explosive spread of computer systems and computer networks has resulted in a society that is increasingly dependent on information stored on these systems. A computer system connected to the network is accessible from another computer in this network regardless of its geographical position. Along with providing many benefits for legitimate users this technology creates almost unlimited opportunities for malicious persons, which using software vulnerabilities may successfully penetrate the networked computer systems. In order to eliminate potential devastating consequences caused by breaches in computer systems, more and more attention is drawn to the information secur…

SoftwareOrder (exchange)Network securitybusiness.industryComputer scienceVulnerabilityPattern matchingIntrusion detection systemInformation securityComputer securitycomputer.software_genrebusinesscomputerProceedings of the 2002 ACM symposium on Applied computing
researchProduct

Data Mining Approach for Detection of DDoS Attacks Utilizing SSL/TLS Protocol

2015

Denial of Service attacks remain one of the most serious threats to the Internet nowadays. In this study, we propose an algorithm for detection of Denial of Service attacks that utilize SSL/TLS protocol. These protocols encrypt the data of network connections on the application layer which makes it impossible to detect attackers activity based on the analysis of packet payload. For this reason, we concentrate on statistics that can be extracted from packet headers. Based on these statistics, we build a model of normal user behavior by using several data mining algorithms. Once the model has been built, it is used to detect DoS attacks. The proposed framework is tested on the data obtained w…

Transport Layer SecurityNetwork securitybusiness.industryNetwork packetComputer scienceComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSDenial-of-service attackIntrusion detection systemcomputer.software_genreApplication layerAnomaly detectionThe InternetData miningbusinesscomputerComputer network
researchProduct

Intruder Pattern Identification

2008

This paper considers the problem of intrusion detection in information systems as a classification problem. In particular the case of masquerader is treated. This kind of intrusion is one of the more difficult to discover because it may attack already open user sessions. Moreover, this problem is complex because of the large variability of user models and the lack of available data for the learning purpose. Here, flexible and robust similarity measures, suitable also for non-numeric data, are defined, they will be incorporated on a one-class training K N N and compared with several classification methods proposed in the literature using the Masquerading User Data set (www.schonlau.net) repr…

UnixSimilarity (geometry)Settore INF/01 - Informaticabusiness.industryComputer scienceIntrusion detection systemSimilarity measurecomputer.software_genreMachine learningPattern identificationData setIntrusionOne class calssifier Masquerader detection Intrusion detection systemsInformation systemData miningArtificial intelligencebusinesscomputer
researchProduct

Privacy Violation Classification of Snort Ruleset

2010

Published version of a paper presented at the 2010 18th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP). (c) 2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. Paper also available from the publisher:http://dx.doi.org/10.1109/PDP.2010.87 It is important to analyse the privacy impact of Intrusion Detection System (IDS) rules, in order to understand a…

VDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424Information privacyNaive Bayes classifierComputer scienceRelational databasePrivacy softwareData securityConfidentialityNetwork monitoringIntrusion detection systemData miningcomputer.software_genrecomputer
researchProduct

A roadmap towards improving managed security services from a privacy perspective

2014

Published version of an article in the journal: Ethics and Information Technology. Also available from the publisher at: http://dx.doi.org/10.1007/s10676-014-9348-3 This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow fo…

VDP::Mathematics and natural science: 400::Information and communication science: 420::Security and vulnerability: 424Information privacymanaged security servicesPrivacy by Designbusiness.industryComputer scienceDigital forensicsBig dataethical awarenesssecurityIntrusion detection systemLibrary and Information SciencesprivacyComputer securitycomputer.software_genreComputer Science ApplicationsOutsourcingInformation sensitivityintrusion detection and prevention systemsoutsourcingbusinesscomputerRegister of data controllersEthics and Information Technology
researchProduct

An accurate and efficient collaborative intrusion detection framework to secure vehicular networks

2015

Display Omitted We design and implement an accurate and lightweight intrusion detection framework, called AECFV.AECFV aims to protect the vehicular ad hoc networks (VANETs) against the most dangerous attacks that could occurred on this network.AECFV take into account the VANET's characteristics such as high node's mobility and rapid topology change.AECFV exhibits a high detection rate, low false positive rate, faster attack detection, and lower communication overhead. The advancement of wireless communication leads researchers to develop and conceive the idea of vehicular networks, also known as vehicular ad hoc networks (VANETs). Security in such network is mandatory due to a vital informa…

Vehicular ad hoc networksEngineeringVehicular ad hoc networkOverheadGeneral Computer Sciencebusiness.industryWireless ad hoc networkIntrusion detection systemNode (networking)Detection rateIntrusion detection system[SPI]Engineering Sciences [physics]Control and Systems EngineeringWirelessOverhead (computing)False positive rateElectrical and Electronic EngineeringDetection timebusinessCluster analysisComputer networkVulnerability (computing)Computers & Electrical Engineering
researchProduct