Relevant bibliographies by topics / Network Intrusion Detection Systems (NIDS)

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Network Intrusion Detection Systems (NIDS)'

Author: Grafiati
Published: 4 June 2021
Last updated: 6 September 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Network Intrusion Detection Systems (NIDS).'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Network Intrusion Detection Systems (NIDS)"

1

Kumar, Satish, Sunanda Gupta, and Sakshi Arora. "A comparative simulation of normalization methods for machine learning-based intrusion detection systems using KDD Cup’99 dataset." Journal of Intelligent & Fuzzy Systems 42, no. 3 (February 2, 2022): 1749–66. http://dx.doi.org/10.3233/jifs-211191.

Full text
Abstract:
Network Intrusion detection systems (NIDS) detect malicious and intrusive information in computer networks. Presently, commercial NIDS is based on machine learning approaches that have complex algorithms and increase intrusion detection efficiency and efficacy. These machine learning-based NIDS use high dimensional network traffic data from which intrusive information is to be detected. This high-dimensional network traffic data in NIDS needs to be preprocessed and normalized to make it suitable for machine learning tools. A machine learning approach with appropriate normalization and prepossessing increases NIDS performance. This paper presents an empirical study on various normalization methods implemented on a benchmark network traffic dataset, KDD Cup’99, that has been used to evaluate the NIDS model. The present study shows decimal normalization has a better prediction performance than non-normalized traffic data categorized into ‘normal’ or ‘intrusive’ classes.
APA, Harvard, Vancouver, ISO, and other styles
2

Mulyanto, Mulyanto, Muhamad Faisal, Setya Widyawan Prakosa, and Jenq-Shiou Leu. "Effectiveness of Focal Loss for Minority Classification in Network Intrusion Detection Systems." Symmetry 13, no. 1 (December 22, 2020): 4. http://dx.doi.org/10.3390/sym13010004.

Full text
Abstract:
As the rapid development of information and communication technology systems offers limitless access to data, the risk of malicious violations increases. A network intrusion detection system (NIDS) is used to prevent violations, and several algorithms, such as shallow machine learning and deep neural network (DNN), have previously been explored. However, intrusion detection with imbalanced data has usually been neglected. In this paper, a cost-sensitive neural network based on focal loss, called the focal loss network intrusion detection system (FL-NIDS), is proposed to overcome the imbalanced data problem. FL-NIDS was applied using DNN and convolutional neural network (CNN) to evaluate three benchmark intrusion detection datasets that suffer from imbalanced distributions: NSL-KDD, UNSW-NB15, and Bot-IoT. The results showed that the proposed algorithm using FL-NIDS in DNN and CNN architecture increased the detection of intrusions in imbalanced datasets compared to vanilla DNN and CNN in both binary and multiclass classifications.
APA, Harvard, Vancouver, ISO, and other styles
3

Hu, Qinwen, Muhammad Rizwan Asghar, and Nevil Brownlee. "Effectiveness of Intrusion Detection Systems in High-speed Networks." International Journal of Information, Communication Technology and Applications 4, no. 1 (March 18, 2018): 1–10. http://dx.doi.org/10.17972/ijicta20184138.

Full text
Abstract:
Network Intrusion Detection Systems (NIDSs) play a crucial role in detecting malicious activities within networks. Basically, a NIDS monitors network flows and compares them with a set of pre-defined suspicious patterns. To be effective, different intrusion detection algorithms and packet capturing methods have been implemented. With rapidly increasing network speeds, NIDSs face a challenging problem of monitoring large and diverse traffic volumes; in particular, high packet drop rates can have a significant impact on detection accuracy. In this work, we investigate three popular open-source NIDSs: Snort, Suricata, and Bro along with their comparative performance benchmarks. We investigate key factors (including system resource usage, packet processing speed and packet drop rate) that limit the applicability of NIDSs to large-scale networks. Moreover, we also analyse and compare the performance of NIDSs when configurations and traffic volumes are changed.
APA, Harvard, Vancouver, ISO, and other styles
4

Albasheer, Hashim, Maheyzah Md Siraj, Azath Mubarakali, Omer Elsier Tayfour, Sayeed Salih, Mosab Hamdan, Suleman Khan, Anazida Zainal, and Sameer Kamarudeen. "Cyber-Attack Prediction Based on Network Intrusion Detection Systems for Alert Correlation Techniques: A Survey." Sensors 22, no. 4 (February 15, 2022): 1494. http://dx.doi.org/10.3390/s22041494.

Full text
Abstract:
Network Intrusion Detection Systems (NIDS) are designed to safeguard the security needs of enterprise networks against cyber-attacks. However, NIDS networks suffer from several limitations, such as generating a high volume of low-quality alerts. Moreover, 99% of the alerts produced by NIDSs are false positives. As well, the prediction of future actions of an attacker is one of the most important goals here. The study has reviewed the state-of-the-art cyber-attack prediction based on NIDS Intrusion Alert, its models, and limitations. The taxonomy of intrusion alert correlation (AC) is introduced, which includes similarity-based, statistical-based, knowledge-based, and hybrid-based approaches. Moreover, the classification of alert correlation components was also introduced. Alert Correlation Datasets and future research directions are highlighted. The AC receives raw alerts to identify the association between different alerts, linking each alert to its related contextual information and predicting a forthcoming alert/attack. It provides a timely, concise, and high-level view of the network security situation. This review can serve as a benchmark for researchers and industries for Network Intrusion Detection Systems’ future progress and development.
APA, Harvard, Vancouver, ISO, and other styles
5

Han, Jonghoo, and Wooguil Pak. "Hierarchical LSTM-Based Network Intrusion Detection System Using Hybrid Classification." Applied Sciences 13, no. 5 (February 27, 2023): 3089. http://dx.doi.org/10.3390/app13053089.

Full text
Abstract:
Most existing network intrusion detection systems (NIDSs) perform intrusion detection using only a partial packet data of fixed size, but they suffer to increase the detection rate. In this study, in order to find the cause of a limited detection rate, accurate intrusion detection performance was analyzed by adjusting the amount of information used as features according to the size of the packet and length of the session. The results indicate that the total packet data and all packets in the session should be used for the maximum detection rate. However, existing NIDS cannot be extended to use all packet data of each session because the model could be too large owing to the excessive number of features, hampering realistic training and classification speeds. Therefore, in this paper, we present a novel approach for the classifier of NIDSs. The proposed NIDS can effectively handle the entire packet information using the hierarchical long short-term memory and achieves higher detection accuracy than existing methods. Performance evaluation confirms that detection performance can be greatly improved compared to existing NIDSs that use only partial packet information. The proposed NIDS achieves a detection rate of 95.16% and 99.70% when the existing NIDS show the highest detection rate of 93.49% and 98.31% based on the F1-score using two datasets. The proposed method can improve the limitations of existing NIDS and safeguard the network from malicious users by utilizing information on the entire packet.
APA, Harvard, Vancouver, ISO, and other styles
6

Han, Jonghoo, and Wooguil Pak. "High Performance Network Intrusion Detection System Using Two-Stage LSTM and Incremental Created Hybrid Features." Electronics 12, no. 4 (February 15, 2023): 956. http://dx.doi.org/10.3390/electronics12040956.

Full text
Abstract:
Currently, most network intrusion detection systems (NIDSs) use information about an entire session to detect intrusion, which has the fatal disadvantage of delaying detection. To solve this problem, studies have been proposed to detect intrusions using only some packets belonging to the session but have limited effectiveness in increasing the detection performance compared to conventional methods. In addition, space complexity is high because all packets used for classification must be stored. Therefore, we propose a novel NIDS that requires low memory storage space and exhibits high detection performance without detection delay. The proposed method does not need to store packets for the current session and uses only some packets, as in conventional methods, but achieves very high detection performance. Through experiments, it was confirmed that the proposed NIDS uses only a small memory of 25.8% on average compared to existing NIDSs by minimizing memory consumption for feature creation, while its intrusion detection performance is equal to or higher than those of existing ones. As a result, this method is expected to significantly help increase network safety by overcoming the disadvantages of machine-learning-based NIDSs using existing sessions and packets.
APA, Harvard, Vancouver, ISO, and other styles
7

Kim, Taehoon, and Wooguil Pak. "Integrated Feature-Based Network Intrusion Detection System Using Incremental Feature Generation." Electronics 12, no. 7 (March 31, 2023): 1657. http://dx.doi.org/10.3390/electronics12071657.

Full text
Abstract:
Machine learning (ML)-based network intrusion detection systems (NIDSs) depend entirely on the performance of machine learning models. Therefore, many studies have been conducted to improve the performance of ML models. Nevertheless, relatively few studies have focused on the feature set, which significantly affects the performance of ML models. In addition, features are generated by analyzing data collected after the session ends, which requires a significant amount of memory and a long processing time. To solve this problem, this study presents a new session feature set to improve the existing NIDSs. Current session-feature-based NIDSs are largely classified into NIDSs using a single-host feature set and NIDSs using a multi-host feature set. This research merges two different session feature sets into an integrated feature set, which is used to train an ML model for the NIDS. In addition, an incremental feature generation approach is proposed to eliminate the delay between the session end time and the integrated feature creation time. The improved performance of the NIDS using integrated features was confirmed through experiments. Compared to a NIDS based on ML models using existing single-host feature sets and multi-host feature sets, the NIDS with the proposed integrated feature set improves the detection rate by 4.15% and 5.9% on average, respectively.
APA, Harvard, Vancouver, ISO, and other styles
8

Yang, Hao, Jinyan Xu, Yongcai Xiao, and Lei Hu. "SPE-ACGAN: A Resampling Approach for Class Imbalance Problem in Network Intrusion Detection Systems." Electronics 12, no. 15 (August 3, 2023): 3323. http://dx.doi.org/10.3390/electronics12153323.

Full text
Abstract:
Network Intrusion Detection Systems (NIDSs) play a vital role in detecting and stopping network attacks. However, the prevalent imbalance of training samples in network traffic interferes with NIDS detection performance. This paper proposes a resampling method based on Self-Paced Ensemble and Auxiliary Classifier Generative Adversarial Networks (SPE-ACGAN) to address the imbalance problem of sample classes. To deal with the class imbalance problem, SPE-ACGAN oversamples the minority class samples by ACGAN and undersamples the majority class samples by SPE. In addition, we merged the CICIDS-2017 dataset and the CICIDS-2018 dataset into a more imbalanced dataset named CICIDS-17-18 and validated the effectiveness of the proposed method using the three datasets mentioned above. SPE-ACGAN is more effective than other resampling methods in improving NIDS detection performance. In particular, SPE-ACGAN improved the F1-score of Random Forest, CNN, GoogLeNet, and CNN + WDLSTM by 5.59%, 3.75%, 3.60%, and 3.56% after resampling.
APA, Harvard, Vancouver, ISO, and other styles
9

Wang, Minxiao, Ning Yang, and Ning Weng. "Securing a Smart Home with a Transformer-Based IoT Intrusion Detection System." Electronics 12, no. 9 (May 4, 2023): 2100. http://dx.doi.org/10.3390/electronics12092100.

Full text
Abstract:
Machine learning (ML)-based Network Intrusion Detection Systems (NIDSs) can classify each network’s flow behavior as benign or malicious by detecting heterogeneous features, including both categorical and numerical features. However, the present ML-based NIDSs are deemed insufficient in terms of their ability to generalize, particularly in changing network environments such as the Internet of Things (IoT)-based smart home. Although IoT devices add so much to home comforts, they also introduce potential risks and vulnerabilities. Recently, many NIDS studies on other IoT scenarios, such as the Internet of Vehicles (IoV) and smart cities, focus on utilizing the telemetry data of IoT devices for IoT intrusion detection. Because when IoT devices are under attack, their abnormal telemetry data values can reflect the anomaly state of those devices. Those telemetry data-based IoT NIDS methods detect intrusion events from a different view, focusing on the attack impact, from the traditional network traffic-based NIDS, which focuses on analyzing attack behavior. The telemetry data-based NIDS is more suitable for IoT devices without built-in security mechanisms. Considering the smart home IoT scenario, which has a smaller scope and a limited number of IoT devices compared to other IoT scenarios, both NIDS views can work independently. This motivated us to propose a novel ML-based NIDS to combine the network traffic-based and telemetry data-based NIDS together. In this paper, we propose a Transformer-based IoT NIDS method to learn the behaviors and effects of attacks from different types of data that are generated in the heterogeneous IoT environment. The proposed method utilizes a self-attention mechanism to learn contextual embeddings for input network features. Based on the contextual embeddings, our method can solve the feature set challenge, including both continuous and categorical features. Our method is the first to utilize both network traffic data and IoT sensors’ telemetry data at the same time for intrusion detection. Experiments reveal the effectiveness of our method on a realistic network traffic intrusion detection dataset named ToN_IoT, with an accuracy of 97.95% for binary classification and 95.78% for multiple classifications on pure network data. With the extra IoT information, the performance of our method has been improved to 98.39% and 97.06%, respectively. A comparative study with existing works shows that our method can achieve state-of-the-art performance on the ToN_IoT dataset.
APA, Harvard, Vancouver, ISO, and other styles
10

Wang, Zhen Qi, and Dan Kai Zhang. "HIDS and NIDS Hybrid Intrusion Detection System Model Design." Advanced Engineering Forum 6-7 (September 2012): 991–94. http://dx.doi.org/10.4028/www.scientific.net/aef.6-7.991.

Full text
Abstract:
With the popularity of Internet applications, network security has become one of the issues affecting the world economy. Currently, there is a large space to develop for intrusion detection systems as a relatively new field. For the faults of HIDS or NIDS network intrusion detection system, Papers has designed a hybrid HIDS and NIDS intrusion detection system model, and the introduction of Agent systems, finally through analysis the hybrid model of intrusion detection system, we can acquire its advantages.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Network Intrusion Detection Systems (NIDS)"

1

Mahajan, Atul. "High speed circuit techniques for network intrusion detection systems (NIDS) /." Available to subscribers only, 2008. http://proquest.umi.com/pqdweb?did=1650508461&sid=1&Fmt=2&clientId=1509&RQT=309&VName=PQD.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Atakan, Mustafa. "Improving Performance Of Network Intrusion Detection Systems Through Concurrent Mechanisms." Master's thesis, METU, 2004. http://etd.lib.metu.edu.tr/upload/1061399/index.pdf.

Full text
Abstract:
As the bandwidth of present networks gets larger than the past, the demand of Network Intrusion Detection Systems (NIDS) that function in real time becomes the major requirement for high-speed networks. If these systems are not fast enough to process all network traffic passing, some malicious security violations may take role using this drawback. In order to make that kind of applications schedulable, some concurrency mechanism is introduced to the general flowchart of their algorithm. The principal aim is to fully utilize each resource of the platform and overlap the independent parts of the applications. In the sense of this context, a generic multi-threaded infrastructure is designed and proposed. The concurrency metrics of the new system is analyzed and compared with the original ones.
APA, Harvard, Vancouver, ISO, and other styles
3

Schier, Thomas. "NIDS im Campusnetz." Universitätsbibliothek Chemnitz, 2004. http://nbn-resolving.de/urn:nbn:de:swb:ch1-200400501.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Goh, Vik Tor. "Intrusion detection framework for encrypted networks." Thesis, Queensland University of Technology, 2010. https://eprints.qut.edu.au/41733/1/Vik_Tor_Goh_Thesis.pdf.

Full text
Abstract:
Network-based Intrusion Detection Systems (NIDSs) monitor network traffic for signs of malicious activities that have the potential to disrupt entire network infrastructures and services. NIDS can only operate when the network traffic is available and can be extracted for analysis. However, with the growing use of encrypted networks such as Virtual Private Networks (VPNs) that encrypt and conceal network traffic, a traditional NIDS can no longer access network traffic for analysis. The goal of this research is to address this problem by proposing a detection framework that allows a commercial off-the-shelf NIDS to function normally in a VPN without any modification. One of the features of the proposed framework is that it does not compromise on the confidentiality afforded by the VPN. Our work uses a combination of Shamir’s secret-sharing scheme and randomised network proxies to securely route network traffic to the NIDS for analysis. The detection framework is effective against two general classes of attacks – attacks targeted at the network hosts or attacks targeted at framework itself. We implement the detection framework as a prototype program and evaluate it. Our evaluation shows that the framework does indeed detect these classes of attacks and does not introduce any additional false positives. Despite the increase in network overhead in doing so, the proposed detection framework is able to consistently detect intrusions through encrypted networks.
APA, Harvard, Vancouver, ISO, and other styles
5

Andersson, Michael, and Andreas Mickols. "A study of Centralized Network Intrusion Detection System using low end single board computers." Thesis, Högskolan Dalarna, Datateknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:du-25552.

Full text
Abstract:
The use of Intrusion Detection Systems is a normal thing today in bigger companies, butthe solutions that are to be found in market is often too expensive for the smallercompany. Therefore, we saw the need in investigating if there is a more affordablesolution. In this report, we will show that it is possible to use low cost single boardcomputers as part of a bigger centralized Intrusion Detection System. To investigate this,we set up a test system including 2 Raspberry Pi 3 Model B, a cloud server and the use oftwo home networks, one with port mirroring implemented in firmware and the other withdedicated span port. The report will show how we set up the environment and the testingwe have done to prove that this is a working solution.
APA, Harvard, Vancouver, ISO, and other styles
6

Silva, Eduardo Germano da. "A one-class NIDS for SDN-based SCADA systems." reponame:Biblioteca Digital de Teses e Dissertações da UFRGS, 2007. http://hdl.handle.net/10183/164632.

Full text
Abstract:
Sistemas elétricos possuem grande influência no desenvolvimento econômico mundial. Dada a importância da energia elétrica para nossa sociedade, os sistemas elétricos frequentemente são alvos de intrusões pela rede causadas pelas mais diversas motivações. Para minimizar ou até mesmo mitigar os efeitos de intrusões pela rede, estão sendo propostos mecanismos que aumentam o nível de segurança dos sistemas elétricos, como novos protocolos de comunicação e normas de padronização. Além disso, os sistemas elétricos estão passando por um intenso processo de modernização, tornando-os altamente dependentes de sistemas de rede responsáveis por monitorar e gerenciar componentes elétricos. Estes, então denominados Smart Grids, compreendem subsistemas de geração, transmissão, e distribuição elétrica, que são monitorados e gerenciados por sistemas de controle e aquisição de dados (SCADA). Nesta dissertação de mestrado, investigamos e discutimos a aplicabilidade e os benefícios da adoção de Redes Definidas por Software (SDN) para auxiliar o desenvolvimento da próxima geração de sistemas SCADA. Propomos também um sistema de detecção de intrusões (IDS) que utiliza técnicas específicas de classificação de tráfego e se beneficia de características das redes SCADA e do paradigma SDN/OpenFlow. Nossa proposta utiliza SDN para coletar periodicamente estatísticas de rede dos equipamentos SCADA, que são posteriormente processados por algoritmos de classificação baseados em exemplares de uma única classe (OCC). Dado que informações sobre ataques direcionados à sistemas SCADA são escassos e pouco divulgados publicamente por seus mantenedores, a principal vantagem ao utilizar algoritmos OCC é de que estes não dependem de assinaturas de ataques para detectar possíveis tráfegos maliciosos. Como prova de conceito, desenvolvemos um protótipo de nossa proposta. Por fim, em nossa avaliação experimental, observamos a performance e a acurácia de nosso protótipo utilizando dois tipos de algoritmos OCC, e considerando eventos anômalos na rede SCADA, como um ataque de negação de serviço (DoS), e a falha de diversos dispositivos de campo.
Power grids have great influence on the development of the world economy. Given the importance of the electrical energy to our society, power grids are often target of network intrusion motivated by several causes. To minimize or even to mitigate the aftereffects of network intrusions, more secure protocols and standardization norms to enhance the security of power grids have been proposed. In addition, power grids are undergoing an intense process of modernization, and becoming highly dependent on networked systems used to monitor and manage power components. These so-called Smart Grids comprise energy generation, transmission, and distribution subsystems, which are monitored and managed by Supervisory Control and Data Acquisition (SCADA) systems. In this Masters dissertation, we investigate and discuss the applicability and benefits of using Software-Defined Networking (SDN) to assist in the deployment of next generation SCADA systems. We also propose an Intrusion Detection System (IDS) that relies on specific techniques of traffic classification and takes advantage of the characteristics of SCADA networks and of the adoption of SDN/OpenFlow. Our proposal relies on SDN to periodically gather statistics from network devices, which are then processed by One- Class Classification (OCC) algorithms. Given that attack traces in SCADA networks are scarce and not publicly disclosed by utility companies, the main advantage of using OCC algorithms is that they do not depend on known attack signatures to detect possible malicious traffic. As a proof-of-concept, we developed a prototype of our proposal. Finally, in our experimental evaluation, we observed the performance and accuracy of our prototype using two OCC-based Machine Learning (ML) algorithms, and considering anomalous events in the SCADA network, such as a Denial-of-Service (DoS), and the failure of several SCADA field devices.
APA, Harvard, Vancouver, ISO, and other styles
7

Akhlaq, Monis. "Improved performance high speed network intrusion detection systems (NIDS) : a high speed NIDS architectures to address limitations of packet loss and low detection rate by adoption of dynamic cluster architecture and traffic anomaly filtration (IADF)." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5377.

Full text
Abstract:
Intrusion Detection Systems (IDS) are considered as a vital component in network security architecture. The system allows the administrator to detect unauthorized use of, or attack upon a computer, network or telecommunication infrastructure. There is no second thought on the necessity of these systems however; their performance remains a critical question. This research has focussed on designing a high performance Network Intrusion Detection Systems (NIDS) model. The work begins with the evaluation of Snort, an open source NIDS considered as a de-facto IDS standard. The motive behind the evaluation strategy is to analyze the performance of Snort and ascertain the causes of limited performance. Design and implementation of high performance techniques are considered as the final objective of this research. Snort has been evaluated on highly sophisticated test bench by employing evasive and avoidance strategies to simulate real-life normal and attack-like traffic. The test-methodology is based on the concept of stressing the system and degrading its performance in terms of its packet handling capacity. This has been achieved by normal traffic generation; fussing; traffic saturation; parallel dissimilar attacks; manipulation of background traffic, e.g. fragmentation, packet sequence disturbance and illegal packet insertion. The evaluation phase has lead us to two high performance designs, first distributed hardware architecture using cluster-based adoption and second cascaded phenomena of anomaly-based filtration and signature-based detection. The first high performance mechanism is based on Dynamic Cluster adoption using refined policy routing and Comparator Logic. The design is a two tier mechanism where front end of the cluster is the load-balancer which distributes traffic on pre-defined policy routing ensuring maximum utilization of cluster resources. The traffic load sharing mechanism reduces the packet drop by exchanging state information between load-balancer and cluster nodes and implementing switchovers between nodes in case the traffic exceeds pre-defined threshold limit. Finally, the recovery evaluation concept using Comparator Logic also enhance the overall efficiency by recovering lost data in switchovers, the retrieved data is than analyzed by the recovery NIDS to identify any leftover threats. Intelligent Anomaly Detection Filtration (IADF) using cascaded architecture of anomaly-based filtration and signature-based detection process is the second high performance design. The IADF design is used to preserve resources of NIDS by eliminating large portion of the traffic on well defined logics. In addition, the filtration concept augment the detection process by eliminating the part of malicious traffic which otherwise can go undetected by most of signature-based mechanisms. We have evaluated the mechanism to detect Denial of Service (DoS) and Probe attempts based by analyzing its performance on Defence Advanced Research Projects Agency (DARPA) dataset. The concept has also been supported by time-based normalized sampling mechanisms to incorporate normal traffic variations to reduce false alarms. Finally, we have observed that the IADF has augmented the overall detection process by reducing false alarms, increasing detection rate and incurring lesser data loss.
APA, Harvard, Vancouver, ISO, and other styles
8

Niyaz, Quamar. "Design and Implementation of a Deep Learning based Intrusion Detection System in Software-Defined Networking Environment." University of Toledo / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=toledo1501785493311223.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Alserhani, Faeiz. "A framework for correlation and aggregation of security alerts in communication networks : a reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspective." Thesis, University of Bradford, 2011. http://hdl.handle.net/10454/5430.

Full text
Abstract:
The tremendous increase in usage and complexity of modern communication and network systems connected to the Internet, places demands upon security management to protect organisations' sensitive data and resources from malicious intrusion. Malicious attacks by intruders and hackers exploit flaws and weakness points in deployed systems through several sophisticated techniques that cannot be prevented by traditional measures, such as user authentication, access controls and firewalls. Consequently, automated detection and timely response systems are urgently needed to detect abnormal activities by monitoring network traffic and system events. Network Intrusion Detection Systems (NIDS) and Network Intrusion Prevention Systems (NIPS) are technologies that inspect traffic and diagnose system behaviour to provide improved attack protection. The current implementation of intrusion detection systems (commercial and open-source) lacks the scalability to support the massive increase in network speed, the emergence of new protocols and services. Multi-giga networks have become a standard installation posing the NIDS to be susceptible to resource exhaustion attacks. The research focuses on two distinct problems for the NIDS: missing alerts due to packet loss as a result of NIDS performance limitations; and the huge volumes of generated alerts by the NIDS overwhelming the security analyst which makes event observation tedious. A methodology for analysing alerts using a proposed framework for alert correlation has been presented to provide the security operator with a global view of the security perspective. Missed alerts are recovered implicitly using a contextual technique to detect multi-stage attack scenarios. This is based on the assumption that the most serious intrusions consist of relevant steps that temporally ordered. The pre- and post- condition approach is used to identify the logical relations among low level alerts. The alerts are aggregated, verified using vulnerability modelling, and correlated to construct multi-stage attacks. A number of algorithms have been proposed in this research to support the functionality of our framework including: alert correlation, alert aggregation and graph reduction. These algorithms have been implemented in a tool called Multi-stage Attack Recognition System (MARS) consisting of a collection of integrated components. The system has been evaluated using a series of experiments and using different data sets i.e. publicly available datasets and data sets collected using real-life experiments. The results show that our approach can effectively detect multi-stage attacks. The false positive rates are reduced due to implementation of the vulnerability and target host information.
APA, Harvard, Vancouver, ISO, and other styles
10

Kabir-Querrec, Maëlle. "Cyber sécurité des systèmes industriels pour les smart-grids : détection d'intrusion dans les réseaux de communication IEC 61850." Thesis, Université Grenoble Alpes (ComUE), 2017. http://www.theses.fr/2017GREAT032/document.

Full text
Abstract:
Les systèmes de contrôle et d'automatisation industriels (IACS - Industrial Control and Automation Systems) reposent largement et de plus en plus sur les Technologies de l'Information et de la Communication. A l'origine, les IACS utilisaient des protocoles propriétaires sur des réseaux fermés, assurant ainsi une sécurité par obscurité et isolement. Mais les technologies et les usages ont évolué et cette sécurité intrinsèque n'existe plus désormais. Cette évolution concerne entre autre le domaine électrique : le réseau électrique devenant le "smart grid".Le standard IEC 61850 est un pilier pour le développement du smart grid. Il a pour objectif de rendre possible l'interopérabilité dans les "Systèmes et réseaux de communication pour l'automatisation des services de distribution d'énergie". Pour cela, la norme définit un modèle de données commun ainsi qu'une pile de protocoles répondant à divers besoins de communication.Le standard IEC 61850 n'aborde pas la question de la cyber sécurité malgré une prise de conscience générale qu'un risque cyber pèse sur les IACS.Ces travaux de recherche proposent de répondre à cette question de la cyber sécurité par de la détection d'intrusion dans les réseaux IEC 61850, et plus précisément dans les communications temps-réel GOOSE. L'idée est d'exploiter au maximum les sources d'informations que sont les spécifications du protocole et la configuration du système pour développer un système de détection d'intrusion réseau (NIDS - Network Intrusion Detection System) sur mesure. Cette approche comportementale déterministe est un gage de précision de détection.Ce manuscrit compte quatre chapitres. Les deux premiers consistent en un état de l'art détaillé sur les NIDS pour les IACS d'une part, et l'analyse du risque cyber d'autre part. Les deux autres chapitres présentent les contributions proprement dites de ces travaux de thèse. Le chapitre 3 explore tout d'abord le risque cyber pesant sur un poste électrique et pouvant compromettre la sûreté de fonctionnement du système. Dans un deuxième temps, est proposée une extension du modèle de données IEC 61850 dédiées à la détection d'intrusion dans les communication GOOSE. Le chapitre 4 commence avec la démonstration expérimentale de la faisabilité d'une attaque de type injection de données sur le protocole GOOSE, puis explique comment utiliser les fichiers de configuration du système pour spécifier les règles de détection. Un analyseur syntaxique pour le protocole GOOSE a été intégré à l'analyseur de trafic open source Bro, permettant l'implémentation d'un algorithme de détection
Information and Communication Technologies have been pervading Industrial Automation and Control Systems (IACS) for a few decades now. Initially, IACS ran proprietary protocols on closed networks, thus ensuring some level of security through obscurity and isolation. Technologies and usages have evolved and today this intrinsic security does not exist any longer, though. This transition is in progress in the electricity domain, the power infrastructure turning into the "smart grid".The IEC 61850 standard is key to the smart grid development. It is aimed at making interoperability possible in ``Communication networks and systems for power utility automation''. It thus defines a common data object model and a stack of protocols answering different purposes.Although the cyber risk in IACS is now widely acknowledged, IEC 61850 does not address cyber security in any way whatsoever.This work tackles the question of cyber security through network intrusion detection in IEC 61850 networks, and more specifically in real-time GOOSE communications. The idea is to get the most out of the protocol specifications and system configuration while developing a tailored NIDS. This enables detection accuracy
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Network Intrusion Detection Systems (NIDS)"

1

1980-, Lu Wei, and Tavallaee Mahbod, eds. Network intrusion detection and prevention: Concepts and techniques. New York: Springer, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint. New York, NY: Springer New York, 2001.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Implementing intrusion detection systems: A hands-on guide for securing the network. Indianapolis, IN: Wiley Pub., 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Ning, Peng. Intrusion Detection in Distributed Systems: An Abstraction-Based Approach. Boston, MA: Springer US, 2004.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Stephen, Northcutt, and Edmead Mark T, eds. Inside network perimeter security: The definitive guide to firewalls, VPNs, routers, and intrusion detection systems. Indianapolis, Ind: New Riders, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Network anomaly detection: A machine learning perspective. Boca Raton: CRC Press, Taylor & Francis Group, 2014.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Network Intrusion Analysis. Syngress Publishing, 2012.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Bennett, Jeremy, and Brian Hernacki. Testing Network Security, Evaluating Intrusion Detection and Prevention Systems. Pearson Education, Limited, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Network Defense-in-Depth: Evaluating Host-Based Intrusion Detection Systems. Storming Media, 2001.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Crothers, Tim. Implementing Intrusion Detection Systems: A Hands-On Guide for Securing the Network. Wiley, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Network Intrusion Detection Systems (NIDS)"

1

Deng, Lirui, Youjian Zhao, and Heng Bao. "A Self-supervised Adversarial Learning Approach for Network Intrusion Detection System." In Communications in Computer and Information Science, 73–85. Singapore: Springer Nature Singapore, 2022. http://dx.doi.org/10.1007/978-981-19-8285-9_5.

Full text
Abstract:
AbstractThe network intrusion detection system (NIDS) plays an essential role in network security. Although many data-driven approaches from the field of machine learning have been proposed to increase the efficacy of NIDSs, it still suffers from extreme data imbalance and the performance of existing algorithms depends highly on training datasets. To counterpart the class-imbalanced problem in network intrusion detection, it is necessary for models to capture more representative clues within same categories instead of learning from only classification loss. In this paper, we proposed a self-supervised adversarial learning approach for intrusion detection, which utilize instance-level discrimination for better representation learning and employs a adversarial perturbation styled data augmentation to improve the robustness of NIDS on rarely seen attacking types. State-of-the-art result was achieved on multiple frequently-used datasets and experiment conducted on cross-dataset setting demonstrated good generalization ability.
APA, Harvard, Vancouver, ISO, and other styles
2

Dominique, Nyiribakwe, and Zhuo Ma. "Enhancing Network Intrusion Detection System Method (NIDS) Using Mutual Information (RF-CIFE)." In Security with Intelligent Computing and Big-data Services, 329–42. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-16946-6_26.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

de Loiola Costa, Wagner Elvio, Denivaldo Lopes, Zair Abdelouahab, and Bruno Froz. "Network Intrusion Detection System Based on SOA (NIDS-SOA): Enhancing Interoperability Between IDS." In Lecture Notes in Electrical Engineering, 935–48. New York, NY: Springer New York, 2012. http://dx.doi.org/10.1007/978-1-4614-3535-8_78.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Mantur, Bhimshankar, Abhijeet Desai, and K. S. Nagegowda. "Centralized Control Signature-Based Firewall and Statistical-Based Network Intrusion Detection System (NIDS) in Software Defined Networks (SDN)." In Emerging Research in Computing, Information, Communication and Applications, 497–506. New Delhi: Springer India, 2015. http://dx.doi.org/10.1007/978-81-322-2550-8_48.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Keserwani, Pankaj Kumar, Mridul Mittal, and Mahesh Chandra Govil. "An Improved NIDS Using RF-Based Feature Selection Technique and Voting Classifier." In Artificial Intelligence for Intrusion Detection Systems, 133–54. Boca Raton: Chapman and Hall/CRC, 2023. http://dx.doi.org/10.1201/9781003346340-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Akhlaq, Monis, Faeiz Alserhani, Irfan U. Awan, Andrea J. Cullen, John Mellor, and Pravin Mirchandani. "Virtualization in Network Intrusion Detection Systems." In Lecture Notes in Computer Science, 6–8. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-05290-3_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Pomerleau, Pierre-Luc, and David Maimon. "Network security and intrusion detection systems." In Evidence-Based Cybersecurity, 85–108. Boca Raton: CRC Press, 2022. http://dx.doi.org/10.1201/9781003201519-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

He, Guofeng, Qing Lu, Guangqiang Yin, and Hu Xiong. "Network Intrusion Detection Based on Hybrid Neural Network." In Wireless Algorithms, Systems, and Applications, 644–55. Cham: Springer Nature Switzerland, 2022. http://dx.doi.org/10.1007/978-3-031-19214-2_54.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Park, Woo Young, Sang Hyun Kim, Duy-Son Vu, Chang Han Song, Hee Soo Jung, and Hyeon Jo. "Intrusion Detection System for Industrial Network." In Lecture Notes in Networks and Systems, 646–58. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-16075-2_48.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Ziai, Amir. "Active Learning for Network Intrusion Detection." In Transactions on Computer Systems and Networks, 3–14. Singapore: Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-1681-5_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Network Intrusion Detection Systems (NIDS)"

1

Raghunath, Bane Raman, and Shivsharan Nitin Mahadeo. "Network Intrusion Detection System (NIDS)." In 2008 First International Conference on Emerging Trends in Engineering and Technology. IEEE, 2008. http://dx.doi.org/10.1109/icetet.2008.252.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Radhi Hadi, Mhmood, and Adnan Saher Mohammed. "A Novel Approach to Network Intrusion Detection System using Deep Learning for SDN: Futuristic Approach." In 4th International Conference on Machine Learning & Applications (CMLA 2022). Academy and Industry Research Collaboration Center (AIRCC), 2022. http://dx.doi.org/10.5121/csit.2022.121106.

Full text
Abstract:
Software-Defined Networking (SDN) is the next generation to change the architecture of traditional networks. SDN is one of the promising solutions to change the architecture of internet networks. Attacks become more common due to the centralized nature of SDN architecture. It is vital to provide security for the SDN. In this study, we propose a Network Intrusion Detection System-Deep Learning module (NIDS-DL) approach in the context of SDN. Our suggested method combines Network Intrusion Detection Systems (NIDS) with many types of deep learning algorithms. Our approach employs 12 features extracted from 41 features in the NSL-KDD dataset using a feature selection method. We employed classifiers (CNN, DNN, RNN, LSTM, and GRU). When we compare classifier scores, our technique produced accuracy results of (98.63%, 98.53%, 98.13%, 98.04%, and 97.78%) respectively. The novelty of our new approach (NIDS-DL) uses 5 deep learning classifiers and made pre-processing dataset to harvests the best results. Our proposed approach was successful in binary classification and detecting attacks, implying that our approach (NIDS-DL) might be used with great efficiency in the future.
APA, Harvard, Vancouver, ISO, and other styles
3

Al-Maksousy, Hassan Hadi, Michele C. Weigle, and Cong Wang. "NIDS: Neural Network based Intrusion Detection System." In 2018 IEEE International Symposium on Technologies for Homeland Security (HST). IEEE, 2018. http://dx.doi.org/10.1109/ths.2018.8574174.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Alnajjar, Yazan, and Jinane Mounsef. "Next-Generation Network Intrusion Detection System (NG-NIDS)." In 2021 15th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS). IEEE, 2021. http://dx.doi.org/10.1109/telsiks52058.2021.9606424.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Alalmaie, Abeer, Priyadarsi Nanda, and Xiangjian He. "ZT-NIDS: Zero Trust, Network Intrusion Detection System." In 20th International Conference on Security and Cryptography. SCITEPRESS - Science and Technology Publications, 2023. http://dx.doi.org/10.5220/0012080000003555.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Messer, Winston. "NIDS in Airgapped LANs--Does it Matter?" In 2022 KSU CONFERENCE ON CYBERSECURITY EDUCATION, RESEARCH AND PRACTICE. Kennesaw State University, 2022. http://dx.doi.org/10.32727/28.2023.3.

Full text
Abstract:
This paper presents an assessment of the methods and benefits of adding network intrusion detection systems (NIDS) to certain high-security airgapped isolated local area networks. The proposed network architecture was empirically tested via a series of simulated network attacks on a virtualized network. The results show an improvement of double the chances of an analyst receiving a specific, appropriately-severe alert when NIDS is implemented alongside host-based measures when compared to host-based measures alone. Further, the inclusion of NIDS increased the likelihood of the analyst receiving a high-severity alert in response to the simulated attack attempt by four times when compared to host-based measures alone. Despite a tendency to think that networks without cross-boundary traffic do not require boundary defense measures, such measures can significantly improve the efficiency of incident response operations on such networks.
APA, Harvard, Vancouver, ISO, and other styles
7

Ramesh Kumar, M., and Pradeep Sudhakaran. "Comprehensive Survey on Detecting Security Attacks of IoT Intrusion Detection Systems." In International Research Conference on IOT, Cloud and Data Science. Switzerland: Trans Tech Publications Ltd, 2023. http://dx.doi.org/10.4028/p-270t9z.

Full text
Abstract:
With the growth of Internet of Things (IoT), which connects billions of small, smart devices to the Internet, cyber security has become more difficult to manage. These devices are vulnerable to cyberattacks because they lack defensive measures and hardware security support. In addition, IoT gateways provide the most fundamental security mechanisms like firewall, antivirus and access control mechanism for identifying such attacks. In IoT setting, it is critical to maintain security, and protecting the network is even more critical in an IoT network. Because it works directly at local gateways, the Network Intrusion Detection System (NIDS) is one of the most significant solutions for securing IoT devices in a network. This research includes various IoT threats as well as different intrusion detection systems (IDS) methodologies for providing security in an IoT environment, with the goal of evaluating the pros and drawbacks of each methodology in order to discover future IDS implementation paths.
APA, Harvard, Vancouver, ISO, and other styles
8

Subba, Basant. "A Neural Network based NIDS framework for intrusion detection in contemporary network traffic." In 2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). IEEE, 2019. http://dx.doi.org/10.1109/ants47819.2019.9117966.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Caruso, Luis Carlos, Guilherme Guindani, Hugo Schmitt, Ney Calazans, and Fernando Moraes. "SPP-NIDS - A Sea of Processors Platform for Network Intrusion Detection Systems." In 18th IEEE/IFIP International Workshop on Rapid System Prototyping. IEEE, 2007. http://dx.doi.org/10.1109/rsp.2007.35.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Prabhakaran, Ayonya, Vijay Kumar Chaurasiya, Sunakshi Singh, and Suneel Yadav. "An Optimized Deep Learning Framework for Network Intrusion Detection System (NIDS)." In 2020 International Conference Engineering and Telecommunication (En&T). IEEE, 2020. http://dx.doi.org/10.1109/ent50437.2020.9431266.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Network Intrusion Detection Systems (NIDS)"

1

Tayeb, Shahab. Taming the Data in the Internet of Vehicles. Mineta Transportation Institute, January 2022. http://dx.doi.org/10.31979/mti.2022.2014.

Full text
Abstract:
As an emerging field, the Internet of Vehicles (IoV) has a myriad of security vulnerabilities that must be addressed to protect system integrity. To stay ahead of novel attacks, cybersecurity professionals are developing new software and systems using machine learning techniques. Neural network architectures improve such systems, including Intrusion Detection System (IDSs), by implementing anomaly detection, which differentiates benign data packets from malicious ones. For an IDS to best predict anomalies, the model is trained on data that is typically pre-processed through normalization and feature selection/reduction. These pre-processing techniques play an important role in training a neural network to optimize its performance. This research studies the impact of applying normalization techniques as a pre-processing step to learning, as used by the IDSs. The impacts of pre-processing techniques play an important role in training neural networks to optimize its performance. This report proposes a Deep Neural Network (DNN) model with two hidden layers for IDS architecture and compares two commonly used normalization pre-processing techniques. Our findings are evaluated using accuracy, Area Under Curve (AUC), Receiver Operator Characteristic (ROC), F-1 Score, and loss. The experimentations demonstrate that Z-Score outperforms no-normalization and the use of Min-Max normalization.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Network Intrusion Detection Systems (NIDS)' for particular source types:
Journal articles Dissertations / Theses
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography