To see the other types of publications on this topic, follow the link: NETWORK INTRUSION RESPONSE.
Journal articles on the topic 'NETWORK INTRUSION RESPONSE'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'NETWORK INTRUSION RESPONSE.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Reshmi, B. M., S. S. Manvi, and Bhagyavati. "An Agent Based Intrusion Detection Model for Mobile Ad Hoc Networks." Mobile Information Systems 2, no. 4 (2006): 169–91. http://dx.doi.org/10.1155/2006/921047.
Full textAbstract:
Intrusion detection has over the last few years, assumed paramount importance within the broad realm of network security, more so in case of wireless mobile ad hoc networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement traditional security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based mobile wireless ad hoc network environment. The model comprises of a set of static and mobile agents, which are used to detect intrusions, respond to intrusions, and distribute selected and aggregated intrusion information to all other nodes in the network in an intelligent manner. The model is simulated to test its operation effectiveness by considering the performance parameters such as, detection rate, false positives, agent overheads, and intrusion information distribution time. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, flexibility, and customization.
2
Aranganathan, A., and C. D. Suriyakala. "Agent based secure intrusion detection and prevention for rushing attacks in clustering MANETs." International Journal of Engineering & Technology 7, no. 2.20 (April 18, 2018): 22. http://dx.doi.org/10.14419/ijet.v7i2.20.11736.
Full textAbstract:
Intrusion detection is one of challenging issues in wireless networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based Mobile ad hoc network environment. The model comprises of mobile agents, which are used to detect intrusions, respond to intrusions, mainly preventing the routing attacks while securing them and distributing selected and aggregated intrusion information to all other nodes in the network in an intelligent manner to compensate the attack. The model is simulated to test its operation effectiveness by considering various performance parameters such as, packet delivery ratio, communication overhead, throughput. It implements a secure detection and prevention technique that contains the Blowfish algorithm which is a symmetric encryption and decryption algorithm having a secure standard till date against attacks to make the network transmission secure while monitoring malicious nodes and preventing them from compromising the integrity of the network. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, and flexibility.
3
Cai, Yu. "Mobile Agent Based Network Defense System in Enterprise Network." International Journal of Handheld Computing Research 2, no. 1 (January 2011): 41–54. http://dx.doi.org/10.4018/jhcr.2011010103.
Full textAbstract:
Security has become the Achilles’ heel of many organizations in today’s computer-dominated society. In this paper, a configurable intrusion detection and response framework named Mobile Agents based Distributed (MAD) security system was proposed for enterprise network consisting of a large number of mobile and handheld devices. The key idea of MAD is to use autonomous mobile agents as lightweight entities to provide unified interfaces for intrusion detection, intrusion response, information fusion, and dynamic reconfiguration. These lightweight agents can be easily installed and managed on mobile and handheld devices. The MAD framework includes a family of autonomous agents, servers and software modules. An Object-based intrusion modeling language (mLanguage) is proposed to allow easy data sharing and system control. A data fusion engine (mEngine) is used to provide fused results for traffic classification and intrusion identification. To ensure Quality-of-Service (QoS) requirements for end users, adaptive resource allocation scheme is also presented. It is hoped that this project will advance the understanding of complex, interactive, and collaborative distributed systems.
4
Richard Maina Rimiru, Guanzheng Tan, and Cheruiyot Wilson. "Innate-Inspired Automated Intrusion Response Mechanism for a Network Intrusion Detection System." Journal of Convergence Information Technology 7, no. 9 (May 31, 2012): 194–201. http://dx.doi.org/10.4156/jcit.vol7.issue9.24.
Full text
5
Braithwaite, Imothy. "Understanding Network Security Monitoring and Intrusion Response (NSMIR)." EDPACS 28, no. 8 (February 2001): 1–12. http://dx.doi.org/10.1201/1079/43265.28.8.20010201/30381.1.
Full text
6
Shameli-Sendi, Alireza, Julien Desfossez, Michel Dagenais, and Masoume Jabbarifar. "A Retroactive-Burst Framework for Automated Intrusion Response System." Journal of Computer Networks and Communications 2013 (2013): 1–8. http://dx.doi.org/10.1155/2013/134760.
Full textAbstract:
The aim of this paper is to present an adaptive and cost-sensitive model to prevent security intrusions. In most automated intrusion response systems, response selection is performed locally based on current threat without using the knowledge of attacks history. Another challenge is that a group of responses are applied without any feedback mechanism to measure the response effect. We address these problems through retroactive-burst execution of responses and a Response Coordinator (RC) mechanism, the main contributions of this work. The retroactive-burst execution consists of several burst executions of responses with, at the end of each burst, a mechanism for measuring the effectiveness of the applied responses by the risk assessment component. The appropriate combination of responses must be considered for each burst execution to mitigate the progress of the attack without necessarily running the next round of responses, because of the impact on legitimate users. In the proposed model, there is a multilevel response mechanism. To indicate which level is appropriate to apply based on the retroactive-burst execution, we get help from a Response Coordinator mechanism. The applied responses can improve the health of Applications, Kernel, Local Services, Network Services, and Physical Status. Based on these indexes, the RC gives a general overview of an attacker’s goal in a distributed environment.
7
Malialis, Kleanthis, Sam Devlin, and Daniel Kudenko. "Distributed reinforcement learning for adaptive and robust network intrusion response." Connection Science 27, no. 3 (April 15, 2015): 234–52. http://dx.doi.org/10.1080/09540091.2015.1031082.
Full text
8
Jiang, Xue Song, Xiu Mei Wei, and Yu Shui Geng. "The Research of Intrusion Detection System Based on ANN on Cloud Platform." Applied Mechanics and Materials 263-266 (December 2012): 2962–65. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.2962.
Full textAbstract:
Intrusion detection system (IDS) can find the intrusion information before the computer be attacked, and can hold up and response the intrusion in real time. Artificial neural network algorithms play a key role in IDS. The intrusion detection system (ANN) algorithms can analyze the captured data and judge whether the data is intrusion. In this paper we used Back Propagation (BP) network and Radical Basis Function (RBF) network to the IDS. The result of the experiment improve that The RBF neural network is better than BP neural network in the ability of approximation, classification and learning speed. During the procedure there is a large amount of computes. On cloud platform the calculation speed has been greatly increased. So that we can find the invasion more quickly and do the processing works accordingly.
9
G. Murugan, Dr. "Improve secure based multi-path routing to mitigate the intrusion endurance in heterogeneous wireless sensor networks." International Journal of Engineering & Technology 7, no. 4 (September 26, 2018): 2746. http://dx.doi.org/10.14419/ijet.v7i4.17957.
Full textAbstract:
Wireless Sensor Networks (WSNs) have many potential applications. Multi-path routing is widely used in WSN to achieve reliability and perform Fault Tolerance. Multi-path routing determines and assigns multiple routes from a given sensor node to the sink. The transmission of data among the multi-path brings path redundancy, which increases the reliability and reduces the network congestion. In this research work, a dynamic redundancy management algorithm is proposed. To exploit multi-path routing in order to process the user request with existence of defective and malicious nodes. The objective of this work is to analyze the trade-off between energy consumption and Quality of Service (QoS) gain in security and reliability in order to increase the lifetime. The optimized redundancy level of multipath routing is determined dynamically which is used to improve the query response while extending the network lifetime and also for detecting intrusions and send alert to the system through Intrusion Detection System (IDS). Then, a voting-based distributed Intrusion Detection (ID) algorithm is proposed to detect and remove malicious nodes in a sensor network. The malicious node has been determined through number of voters using voting-based distributed ID algorithm. The efficient redundancy management of a clustered Heterogeneous Wireless Sensor Network (HWSN) is to increase the network lifetime in the presence of unreliable and malicious nodes. Therefore, the reliability improved dramatically.
10
An, Xingshuo, Fuhong Lin, Shenggang Xu, Li Miao, and Chao Gong. "A Novel Differential Game Model-Based Intrusion Response Strategy in Fog Computing." Security and Communication Networks 2018 (August 1, 2018): 1–9. http://dx.doi.org/10.1155/2018/1821804.
Full textAbstract:
Fog computing is an emerging network paradigm. Due to its characteristics (e.g., geo-location and constrained resource), fog computing is subject to a broad range of security threats. Intrusion detection system (IDS) is an essential security technology to deal with the security threats in fog computing. We have introduced a fog computing IDS (FC-IDS) framework in our previous work. In this paper, we study the optimal intrusion response strategy in fog computing based on the FC-IDS scheme proposed in our previous work. We postulate the intrusion process in fog computing and describe it with a mathematical model based on differential game theory. According to this model, the optimal response strategy is obtained corresponding to the optimal intrusion strategy. Theoretical analysis and simulation results demonstrate that our security model can effectively stabilize the intrusion frequency of the invaders in fog computing.
11
Du, Jia Wei, Xing Zhang, Ying Zhou, and Yong Qiang Bai. "Active Defense Security Model in the Application of Network Deception System Design." Applied Mechanics and Materials 347-350 (August 2013): 2860–64. http://dx.doi.org/10.4028/www.scientific.net/amm.347-350.2860.
Full textAbstract:
As the traditional network defense is built on intrusion detection and passive protection, which is weak at dynamic response. The network deception technology in active protection is analyzed, and a network deception system based on active security model is proposed in this paper. This system implements a visual service of Honeypot as bait, analyses intrusion data and extracts new features and rules to enlarge the intrusion detection system feature library. The defense policies could be delivered real-time by management center. The problems of false alarm and leaking alarm for firewall or IDS are improved. And the limitations of single technology on the cooperation are overcome by linkage of Honeypot, firewall, IDS and router. The efficiency of unknown intrusion detected is increased.
12
Tang, Jian Gang, Shi Jun Zhang, and Ji Jiang. "Research on Network Security Issues and Security Model." Applied Mechanics and Materials 519-520 (February 2014): 128–31. http://dx.doi.org/10.4028/www.scientific.net/amm.519-520.128.
Full textAbstract:
Network security issues came from traditional network, wireless network and cloud computing environment. Large-scale cloud computing, versatility and virtualization features of network security had become a hidden threat source. This paper analyzed the sources of network security threats, and established a network security model which encompasses all types of currently known network security factors; it could provide countermeasures to ensure network security. The security model had capabilities of real-time detection, rapid response, immediate recovery, and interaction between various independent modules. The security model used such security technologies as firewall, intrusion detection, intrusion deception, security scanning and PKI.
13
Lee, Se-Yul, and Yong-Soo Kim. "Design and Analysis of Probe Detection Systems for TCP Networks." Journal of Advanced Computational Intelligence and Intelligent Informatics 8, no. 4 (July 20, 2004): 369–72. http://dx.doi.org/10.20965/jaciii.2004.p0369.
Full textAbstract:
Advanced computer network technology enables the connectivity of computers in an open network environment. Despite the growing numbers of security threats to networks, most intrusion detection identifies security attacks mainly by detecting misuse using a set of rules based on past hacking patterns. This pattern matching has a high rate of false positives and cannot detect new hacking patterns, making it vulnerable to previously unidentified attack patterns and variations in attack and increasing false negatives. Intrusion detection and prevention technologies are thus required. We propose a network-based intrusion detection model using fuzzy cognitive maps (FCM) that detects intrusion by Denial of Service (DoS) attack detection using packet analysis. A DoS attack typically appears as a Probe and Syn Flooding attack. Syn Flooding Preventer using Fuzzy cognitive maps (SPuF) model captures and analyzes packet information to detect Syn flooding attacks. Using the result of decision module analysis, which used FCM, the decision module measures the degree of danger of the DoS and trains the response module to deal with attacks. The result of simulation using the "KDD’99 Competition Data Set" for the SPuF model shows that Probe detection exceeded 97%.
14
Lin, Tao, Peng Wu, Fengmei Gao, and Tianshu Wu. "Intrusion Detection for Mobile Ad Hoc Networks Based on Node Reputation." INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL 14, no. 5 (November 17, 2019): 660. http://dx.doi.org/10.15837/ijccc.2019.5.3629.
Full textAbstract:
The mobile ad hoc network (MANET) is more vulnerable to attacks than traditional networks, due to the high mobility of nodes, the weakness of transmission media and the absence of central node. To overcome the vulnerability, this paper mainly studies the way to detect selfish nodes in the MANET, and thus prevent network intrusion. Specifically, a data-driven reputation evaluation model was proposed to detect selfish nodes using a new reputation mechanism. The mechanism consists of a monitoring module, a reputation evaluation module, penalty module and a response module. The MANET integrated with our reputation mechanism was compared with the traditional MANET through simulation. The results show that the addition of reputation mechanism can suppress the selfish behavior of network nodes and enhance network security.
15
Shi, Guolong, Yigang He, Lichuan Gu, and Jun Jiao. "Industry 4.0-Oriented Chipless RFID Backscatter Signal Variable Polarization Amplitude Deep Learning Coding." Wireless Communications and Mobile Computing 2021 (September 23, 2021): 1–11. http://dx.doi.org/10.1155/2021/6985420.
Full textAbstract:
Due to the weak network security protection capabilities of control system network protocols under Industry 4.0, the research on industrial control network intrusion detection is still in its infancy. This article discussed and researched the intrusion prevention technology of industrial control networks based on deep learning. According to the electromagnetic scattering theory, the backscatter signal model of the chipless tag was established as a chipless tag structure. Polarized deep learning coding was used for the label; that was, deep learning coding was performed on the copolarization component and the cross-polarization component at the same time, and a 16-bit deep learning coding bit number was obtained. The wave crest deep learning coding was used for the split ellipse ring patch label, and the 6-bit deep learning coding bit number was obtained. Then, the poles of the scattered signal of the tag were extracted to identify the tag. The variable polarization effect was achieved by adopting the dipole resonant unit with the two ends bent. Aiming at the problem of low detection rate caused by the shallow selection of feature classification of intrusion prevention systems, an industrial control network intrusion prevention model based on self-deep learning encoders and extreme learning machines was proposed to extract features from industrial control network data through deep learning. For accurate classification, the theoretical judgment was also verified through simulation experiments, and it was proved that the detection rate of the model has also improved. It forms a set of industrial control network intrusion prevention system with complete functions and superior performance with data acquisition module, system log module, defense response module, central control module, etc. The matrix beam algorithm was used to extract the poles and residues for the late response, and the extracted poles and residues were used to reconstruct the signal. The reconstructed signal was compared with the scattered signal to verify the correctness of the pole extraction. Finally, the tags were processed and tested in the actual environment, and the measured results were consistent with the theoretical analysis and simulation results.
16
Elkabour, Ahmed, and Dr. Rahma Teirab Abaker Haroun. "Mitigating Routing Attacks in Mobile Ad Hoc Networks." International Journal for Innovation Education and Research 7, no. 7 (July 31, 2019): 227–33. http://dx.doi.org/10.31686/ijier.vol7.iss7.1603.
Full textAbstract:
Abstract - Mobile Ad hoc Networks have been highly vulnerable to attacks due to the dynamic nature of its network infrastructure. Among these attacks, routing attacks have received considerable attention since it could cause the most devastating damage to MANET. In existing solutions typically attempt to isolate malicious nodes based on binary or naive fuzzy response decisions. However, binary responses may result in the unexpected network partition, causing additional damages to the network infrastructure. In this paper proposes a risk-aware response mechanism to systematically cope with the identified routing attacks. To avoid the routing attacks Dijkstra’s and Destination sequenced Distance Vector algorithm are used. Dijkstra's algorithm solves the single-source shortest-path problem when all edges have non-negative weights. The primary improvement for ad hoc networks made in DSDV over conventional distance vector is the addition of a sequence number in each routing table entry.
Index Terms - Intrusion response, risk aware, dempster- shafer theory, Dijkstra’s algorithm, Destination sequenced Distance Vector.
17
Cheng, Bing Yuan, Kai Jin Qiu, and Zu Yong Yang. "The Design of FPGA-Based Real Time Intrusion Detection NIC." Applied Mechanics and Materials 58-60 (June 2011): 2585–91. http://dx.doi.org/10.4028/www.scientific.net/amm.58-60.2585.
Full textAbstract:
The amount of intrusion detection calculation based on software is heavy, which can not satisfy the needs of modern network bandwidth; the intrusion detection technology based on hardware is an ideal method for accelerating network processing. The thesis proposes a design scheme for FPGA-based real time intrusion detection NIC, and introduces the hardware and software structure of the system n details. The system communicates with the operation system directly via PCI bus, achieves the organic combination of software detection and hardware detection, and overcomes the slow response speed of the system when only software is used for intrusion detection. In system hardware detection, with FPGA as core, arranging various intrusion detection algorithms in FPGA for parallel running can improve the real time and reliability of the system.
18
Mu, Chengpo, and Yingjiu Li. "An intrusion response decision-making model based on hierarchical task network planning." Expert Systems with Applications 37, no. 3 (March 2010): 2465–72. http://dx.doi.org/10.1016/j.eswa.2009.07.079.
Full text
19
Zhou, Xudong, Jing Wang, and Xiao Zhou. "Security Control Technology and Simulation of Network News Communication under the Environment of Internet of Things." Wireless Communications and Mobile Computing 2021 (July 17, 2021): 1–10. http://dx.doi.org/10.1155/2021/2730916.
Full textAbstract:
Internet of Things is an application of network news communication technology. Based on the Internet, it uses physical access technologies such as radio frequency tag and wireless sensor network news communication and network news communication information transmission technology to build a network news communication information system that can cover people and things. In the physical layer, the relative position of the object is calculated by using multipoint cooperative localization, so as to determine the minimum anonymous region. Generate and maintain the anonymous tree topology on the network news dissemination layer, and provide storage management support for multiple anonymous groups. In the application layer, the object determines the corresponding anonymity degree according to the identity and uses the frame structure to construct and return the new anonymous group consistent with the existing anonymous group, which can prevent the persistent multiprecision query attack. A real-time control method for intrusion response of a security control system is designed, which includes two stages: response task generation and integrated scheduling. An intrusion response task set generation method based on an improved nondominated sorting genetic algorithm is presented, and a distributed integrated task scheduling and optimization algorithm based on a genetic algorithm and a directed acyclic graph is designed. The numerical simulation results show that this method can quickly and smoothly implement the response strategy of information security intrusion without affecting the normal execution of system tasks.
20
Liang, Chao, Bharanidharan Shanmugam, Sami Azam, Asif Karim, Ashraful Islam, Mazdak Zamani, Sanaz Kavianpour, and Norbik Bashah Idris. "Intrusion Detection System for the Internet of Things Based on Blockchain and Multi-Agent Systems." Electronics 9, no. 7 (July 10, 2020): 1120. http://dx.doi.org/10.3390/electronics9071120.
Full textAbstract:
With the popularity of Internet of Things (IoT) technology, the security of the IoT network has become an important issue. Traditional intrusion detection systems have their limitations when applied to the IoT network due to resource constraints and the complexity. This research focusses on the design, implementation and testing of an intrusion detection system which uses a hybrid placement strategy based on a multi-agent system, blockchain and deep learning algorithms. The system consists of the following modules: data collection, data management, analysis, and response. The National security lab–knowledge discovery and data mining NSL-KDD dataset is used to test the system. The results demonstrate the efficiency of deep learning algorithms when detecting attacks from the transport layer. The experiment indicates that deep learning algorithms are suitable for intrusion detection in IoT network environment.
21
Di, Xiao Qiang, Hua Min Yang, and Jin Qing Li. "Intrusion Response Mobile Firewall Design in Ad Hoc Networks and Based on SMP Performance Analysis." Applied Mechanics and Materials 496-500 (January 2014): 1909–14. http://dx.doi.org/10.4028/www.scientific.net/amm.496-500.1909.
Full textAbstract:
According to the characteristics of Ad Hoc networks, distributed intrusion response mobile firewall system is designed based on mobile Agent. Surveillance agent monitors neighbors communication behavior, and reports to the control agent. Control agent is in charge of judging, and activates tracing agent and blocking agent. Defensive agent is set up in system to keep the firewall mobile features. Depending on semi-Markov process (SMP) theory, we have created a dynamic behavior model of the mobile firewall system and analyze the performance of network security.
22
Amara Korba, Abdelaziz, Mehdi Nafaa, and Salim Ghanemi. "An efficient intrusion detection and prevention framework for ad hoc networks." Information & Computer Security 24, no. 4 (October 10, 2016): 298–325. http://dx.doi.org/10.1108/ics-08-2015-0034.
Full textAbstract:
Purpose Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and collaborative routing in such networks makes them vulnerable to various security attacks. This paper aims to design and implement a new efficient intrusion detection and prevention framework, called EIDPF, a host-based framework suitable for mobile ad hoc network’s characteristics such as high node’s mobility, resource-constraints and rapid topology change. EIDPF aims to protect an AODV-based network against routing attacks that could target such network. Design/methodology/approach This detection and prevention framework is composed of three complementary modules: a specification-based intrusion detection system to detect attacks violating the protocol specification, a load balancer to prevent fast-forwarding attacks such as wormhole and rushing and adaptive response mechanism to isolate malicious node from the network. Findings A key advantage of the proposed framework is its capacity to efficiently avoid fast-forwarding attacks and its real-time detection of both known and unknown attacks violating specification. The simulation results show that EIDPF exhibits a high detection rate, low false positive rate and no extra communication overhead compared to other protection mechanisms. Originality/value It is a new intrusion detection and prevention framework to protect ad hoc network against routing attacks. A key strength of the proposed framework is its ability to guarantee a real-time detection of known and unknown attacks that violate the protocol specification, and avoiding wormhole and rushing attacks by providing a load balancing route discovery.
23
Korba, Abdelaziz Amara, Mehdi Nafaa, and Salim Ghanemi. "Hybrid Intrusion Detection Framework for Ad hoc networks." International Journal of Information Security and Privacy 10, no. 4 (October 2016): 1–32. http://dx.doi.org/10.4018/ijisp.2016100101.
Full textAbstract:
In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.
24
Eom, Taehoon, Jin B. Hong, SeongMo An, Jong Sou Park, and Dong Seong Kim. "A Framework for Real-Time Intrusion Response in Software Defined Networking Using Precomputed Graphical Security Models." Security and Communication Networks 2020 (February 18, 2020): 1–15. http://dx.doi.org/10.1155/2020/7235043.
Full textAbstract:
Software defined networking (SDN) has been adopted in many application domains as it provides functionalities to dynamically control the network flow more robust and more economical compared to the traditional networks. In order to strengthen the security of the SDN against cyber attacks, many security solutions have been proposed. However, those solutions need to be compared in order to optimize the security of the SDN. To assess and evaluate the security of the SDN systematically, one can use graphical security models (e.g., attack graphs and attack trees). However, it is difficult to provide defense against an attack in real time due to their high computational complexity. In this paper, we propose a real-time intrusion response in SDN using precomputation to estimate the likelihood of future attack paths from an ongoing attack. We also take into account various SDN components to conduct a security assessment, which were not available when addressing only the components of an existing network. Our experimental analysis shows that we are able to estimate possible attack paths of an ongoing attack to mitigate it in real time, as well as showing the security metrics that depend on the flow table, including the SDN component. Hence, the proposed approach can be used to provide effective real-time mitigation solutions for securing SDN.
25
Zhang, Yuhua, Kun Wang, Min Gao, Zhiyou Ouyang, and Siguang Chen. "LKM: A LDA-BasedK-Means Clustering Algorithm for Data Analysis of Intrusion Detection in Mobile Sensor Networks." International Journal of Distributed Sensor Networks 2015 (2015): 1–11. http://dx.doi.org/10.1155/2015/491910.
Full textAbstract:
Mobile sensor networks (MSNs), consisting of mobile nodes, are sensitive to network attacks. Intrusion detection system (IDS) is a kind of active network security technology to protect network from attacks. In the data gathering phase of IDS, due to the high-dimension data collected in multidimension space, great pressure has been put on the subsequent data analysis and response phase. Therefore, traditional methods for intrusion detection can no longer be applicable in MSNs. To improve the performance of data analysis, we applyK-means algorithm to high-dimension data clustering analysis. Thus, an improvedK-means clustering algorithm based on linear discriminant analysis (LDA) is proposed, called LKM algorithm. In this algorithm, we firstly apply the dimension reduction of LDA to divide the high-dimension data set into 2-dimension data set; then we useK-means algorithm for clustering analysis of the dimension-reduced data. Simulation results show that LKM algorithm shortens the sample feature extraction time and improves the accuracy ofK-means clustering algorithm, both of which prove that LKM algorithm enhances the performance of high-dimension data analysis and the abnormal detection rate of IDS in MSNs.
26
Li, Daiyuan, Yongxiang Wu, Erkun Gao, Gaoxu Wang, Yi Xu, Huaping Zhong, and Wei Wu. "Simulation of Seawater Intrusion Area Using Feedforward Neural Network in Longkou, China." Water 12, no. 8 (July 24, 2020): 2107. http://dx.doi.org/10.3390/w12082107.
Full textAbstract:
Reliable simulation of seawater intrusion (SI) is necessary for sustainable groundwater utilization. As a powerful tool, feedforward neural network (FNN) was applied to study seawater intrusion area (SIA) fluctuations in Longkou, China. In the present study, changes of groundwater level (GWL) were modeled by FNN Model 1. Then, FNN Model 2 was developed for fitting the relationship between GWL and SIA. Finally, two models were integrated to simulate SIA changes in response to climatic and artificial factors. The sensitivity analysis of each impact factor was conducted by the “stepwise” method to quantify the relative importance for SIA and GWL. The results from the integrated model indicated that this method could accurately reproduce SIA fluctuations when the Nash–Sutcliffe efficiency coefficient was 0.964, the root mean square error was 1.052 km2, the correlation coefficient was 0.983, and the mean absolute error was 0.782 km2. The results of sensitivity analysis prove that precipitation and groundwater pumping for agriculture mainly affect fluctuations of SIA in the study area. It can be concluded that FNN is effectively used for modeling SI fluctuations together with GWL, which can provide enough support for the sustainable management of groundwater resources with consideration of crucial impact factors of seawater intrusion (SI).
27
Magán-Carrión, Roberto, José Camacho, Gabriel Maciá-Fernández, and Ángel Ruíz-Zafra. "Multivariate Statistical Network Monitoring–Sensor: An effective tool for real-time monitoring and anomaly detection in complex networks and systems." International Journal of Distributed Sensor Networks 16, no. 5 (May 2020): 155014772092130. http://dx.doi.org/10.1177/1550147720921309.
Full textAbstract:
Technology evolves quickly. Low-cost and ready-to-connect devices are designed to provide new services and applications. Smart grids or smart health care systems are some examples of these applications. In this totally connected scenario, some security issues arise due to the large number of devices and communications. In this way, new solutions for monitoring and detecting security events are needed to address new challenges brought about by this scenario, among others, the real-time requirement allowing quick security event detection and, consequently, quick response to attacks. In this sense, Intrusion Detection Systems are widely used though their evaluation often relies on the use of predefined network datasets that limit their application in real environments. In this work, a real-time and ready-to-use tool for monitoring and detecting security events is introduced. The Multivariate Statistical Network Monitoring–Sensor is based on the Multivariate Statistical Network Monitoring methodology and provides an alternative way for evaluating Multivariate Statistical Network Monitoring–based Intrusion Detection System solutions. Experimental results based on the detection of well-known attacks in hierarchical network systems prove the suitability of this tool for complex scenarios, such as those found in smart cities or Internet of Things ecosystems.
28
Samkaria, Rohit, Rajesh Singh, Anita Gehlot, Rupendra Pachauri, Amardeep Kumar, Neeraj Kumar Singh, and Kaushal Rawat. "IOT and XBee triggered based adaptive intrusion detection using geophone and quick response by UAV." International Journal of Engineering & Technology 7, no. 2.6 (March 11, 2018): 12. http://dx.doi.org/10.14419/ijet.v7i2.6.10059.
Full textAbstract:
Monitoring of remote areas needs a lot of man power, in this contrast an important additional layer to perimeter protection for home land security application is Seismic footstep detection based systems. This paper mainly concerns with the detection of any human intrusion by the detection of the footsteps from a person from few tens of meters away using an underground seismic sensor, Geophone and placing the intrusion data over the cloud by using IOT. Presence of footstep is indicated by the impulses in the geophone signal. Kurtosis, a statistical measure is used to identify the impulses, can apply for a short duration of time for which a footstep exists. Present method is less complex and computationally efficient, all the input data stored in memory, which are read through microcontroller through ADC and stored in memory is subjected to kurtosis using microcontroller. Many such nodes are connected in a topology to build a Sensor Network. Indication of the intrusion will occur when microcontroller of sensor node calculates higher kurtosis value and will send this value to control room and data is uploaded to cloud at the same time.
29
Muhammad Arifin, Fikri, Giva Andriana Mutiara, and Ismail Ismail. "Implementation of Management and Network Security Using Endian UTM Firewall." IJAIT (International Journal of Applied Information Technology) 1, no. 02 (August 14, 2017): 43–51. http://dx.doi.org/10.25124/ijait.v1i02.874.
Full textAbstract:
Internet is a source of information which is widely used today. However, the mode of internet abused becomes more various and unavoidable. The internet abused can be done from external or internal networks. Unified Threat Management (UTM) is one of a good solution to secure the networks, because it has several security features such as firewall, proxy, Intrusion Prevention System (IPS) and several other security features in one package. Endian is an UTM distro which is an open source in large community. Besides having some security features, Endian also has some network management features such as DHCP, routing, and VPN. This research put Endian as the center of a network topology that connected to the internal network/LAN, DMZ Server, and Internet Network/WAN. The tests are conducted in the form of implementation of DHCP feature, content filtering, port restrictions on interzone, and the response of the IPS features that exist on the Endian while receiving the attack. The results showed that Endian UTM is quite well in maintaining the security of the networks.
30
Silaban, Andreas Jonathan, Satria Mandala, and Erwid Mustofa Jadied. "Increasing Feature Selection Accuracy through Recursive Method in Intrusion Detection System." International Journal on Information and Communication Technology (IJoICT) 4, no. 2 (April 2, 2019): 43. http://dx.doi.org/10.21108/ijoict.2018.42.216.
Full textAbstract:
Artificial intelligence semi supervised-based network intrusion detection system detects and identifies various types of attacks on network data using several steps, such as: data preprocessing, feature extraction, and classification. In this detection, the feature extraction is used for identifying features of attacks from the data; meanwhile the classification is applied for determining the type of attacks. Increasing the network data directly causes slow response time and low accuracy of the IDS. This research studies the implementation of wrapped-based and several classification algorithms to shorten the time of detection and increase accuracy. The wrapper is expected to select the best features of attacks in order to shorten the detection time while increasing the accuracy of detection. In line with this goal, this research also studies the effect of parameters used in the classification algorithms of the IDS. The experiment results show that wrapper is 81.275%. The result is higher than the method without wrapping which is 46.027%.
31
Chang, Min. "Construction of network security job service model based on rough set data analysis algorithm." Journal of Intelligent & Fuzzy Systems 39, no. 4 (October 21, 2020): 4981–87. http://dx.doi.org/10.3233/jifs-179983.
Full textAbstract:
Traditional network security job service model and single security technology cannot keep up with the changes of complex network structure and different intrusion measures. Network security job service model relying on rough dataset analysis algorithm has many advantages, such as low management cost, high flexibility and wide applicability. Rough dataset analysis algorithm can not only collect data, but also process data, but overcome the shortcomings of traditional network security job service model. It will improve response speed and reduce network burden. This paper introduces the construction of network security job service model, which based on rough dataset analysis algorithm into a new network security framework.
32
Gao, Jianlei, Senchun Chai, Baihai Zhang, and Yuanqing Xia. "Research on Network Intrusion Detection Based on Incremental Extreme Learning Machine and Adaptive Principal Component Analysis." Energies 12, no. 7 (March 29, 2019): 1223. http://dx.doi.org/10.3390/en12071223.
Full textAbstract:
Recently, network attacks launched by malicious attackers have seriously affected modern life and enterprise production, and these network attack samples have the characteristic of type imbalance, which undoubtedly increases the difficulty of intrusion detection. In response to this problem, it would naturally be very meaningful to design an intrusion detection system (IDS) to effectively and quickly identify and detect malicious behaviors. In our work, we have proposed a method for an IDS-combined incremental extreme learning machine (I-ELM) with an adaptive principal component (A-PCA). In this method, the relevant features of network traffic are adaptively selected, where the best detection accuracy can then be obtained by I-ELM. We have used the NSL-KDD standard dataset and UNSW-NB15 standard dataset to evaluate the performance of our proposed method. Through analysis of the experimental results, we can see that our proposed method has better computation capacity, stronger generalization ability, and higher accuracy.
33
Sanogo, Yibayiri O., Mark Band, Charles Blatti, Saurabh Sinha, and Alison M. Bell. "Transcriptional regulation of brain gene expression in response to a territorial intrusion." Proceedings of the Royal Society B: Biological Sciences 279, no. 1749 (October 24, 2012): 4929–38. http://dx.doi.org/10.1098/rspb.2012.2087.
Full textAbstract:
Aggressive behaviour associated with territorial defence is widespread and has fitness consequences. However, excess aggression can interfere with other important biological functions such as immunity and energy homeostasis. How the expression of complex behaviours such as aggression is regulated in the brain has long intrigued ethologists, but has only recently become amenable for molecular dissection in non-model organisms. We investigated the transcriptomic response to territorial intrusion in four brain regions in breeding male threespined sticklebacks using expression microarrays and quantitative polymerase chain reaction (qPCR). Each region of the brain had a distinct genomic response to a territorial challenge. We identified a set of genes that were upregulated in the diencephalon and downregulated in the cerebellum and the brain stem. Cis -regulatory network analysis suggested transcription factors that regulated or co-regulated genes that were consistently regulated in all brain regions and others that regulated gene expression in opposing directions across brain regions. Our results support the hypothesis that territorial animals respond to social challenges via transcriptional regulation of genes in different brain regions. Finally, we found a remarkably close association between gene expression and aggressive behaviour at the individual level. This study sheds light on the molecular mechanisms in the brain that underlie the response to social challenges.
34
Tati Ernawati and Fikri Faiz Fadhlur Rachmat. "Keamanan Jaringan dengan Cowrie Honeypot dan Snort Inline-Mode sebagai Intrusion Prevention System." Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 5, no. 1 (February 28, 2021): 180–86. http://dx.doi.org/10.29207/resti.v5i1.2825.
Full textAbstract:
Computer network systems have been designing to share resources. Sharing resources process, data security, and confidentiality are main issues in anticipating misuse of the access to information by unauthorized parties. The solution to anticipating these problems is the availability of a security system capable of handling various intruders who threaten the system and protect network resources. This study builds and analyzes the performance of computer network security using cowrie honeypot and snort inline-mode as an Intrusion Prevention System (IPS). The development process goes through the stages of analysis, design, implementation, and monitoring. The content analysis method has been using to explore the problems and requirements of the system built. The security system was build by configuring the IP address and network system devices (server, remote admin, client attacker). The test has been carrying out on 3 test parameters (confidentiality, availability, and integrity), comparison testing method has been using to test the integrity parameters. The test results indicate that the system functionality test for user needs have fulfilled, the results of the confidentiality test (83.3%), availability (93.3%), and the integrity of the inline-mode snort show faster response time (0.069 seconds on average) and more CPU resource usage efficient (0.04% average) than the cowrie honeypot. IPS snort inline-mode overall integrity parameter testing is more recommended for used network security systems than cowrie honeypots.
35
Afshar, Abbas, and Ehsan Najafi. "Consequence management of chemical intrusion in water distribution networks under inexact scenarios." Journal of Hydroinformatics 16, no. 1 (July 25, 2013): 178–88. http://dx.doi.org/10.2166/hydro.2013.125.
Full textAbstract:
The US Environmental Protection Agency (EPA)'s Response Protocol Toolbox provides a list of recommendations on actions that may be taken to minimize the potential threats to public health following a contamination threat. This protocol comprises three steps: (1) detection of contaminant presence, (2) source identification and (3) consequence management. This paper intends to explore consequence management under source uncertainty, applying Minimize Maximum Regret (MMR) and Minimize Total Regret (MTR) approaches. An ant colony optimization algorithm is coupled with the EPANET network solver for structuring the MMR and MTR models to present a robust method for consequence management by selecting the best combination of hydrants and valves for isolation and contamination flushing out of the system. The proposed models are applied to network number 3 of EPANET to present its effectiveness and capabilities in developing effective consequence management strategies.
36
Rahouma, Kamel, and Ayman Ali. "Applying Intrusion Detection and Response systems for securing the Client Data Signals in the Egyptian Optical Network." Procedia Computer Science 163 (2019): 538–49. http://dx.doi.org/10.1016/j.procs.2019.12.136.
Full text
37
Martindale, Nathan, Muhammad Ismail, and Douglas A. Talbert. "Ensemble-Based Online Machine Learning Algorithms for Network Intrusion Detection Systems Using Streaming Data." Information 11, no. 6 (June 11, 2020): 315. http://dx.doi.org/10.3390/info11060315.
Full textAbstract:
As new cyberattacks are launched against systems and networks on a daily basis, the ability for network intrusion detection systems to operate efficiently in the big data era has become critically important, particularly as more low-power Internet-of-Things (IoT) devices enter the market. This has motivated research in applying machine learning algorithms that can operate on streams of data, trained online or “live” on only a small amount of data kept in memory at a time, as opposed to the more classical approaches that are trained solely offline on all of the data at once. In this context, one important concept from machine learning for improving detection performance is the idea of “ensembles”, where a collection of machine learning algorithms are combined to compensate for their individual limitations and produce an overall superior algorithm. Unfortunately, existing research lacks proper performance comparison between homogeneous and heterogeneous online ensembles. Hence, this paper investigates several homogeneous and heterogeneous ensembles, proposes three novel online heterogeneous ensembles for intrusion detection, and compares their performance accuracy, run-time complexity, and response to concept drifts. Out of the proposed novel online ensembles, the heterogeneous ensemble consisting of an adaptive random forest of Hoeffding Trees combined with a Hoeffding Adaptive Tree performed the best, by dealing with concept drift in the most effective way. While this scheme is less accurate than a larger size adaptive random forest, it offered a marginally better run-time, which is beneficial for online training.
38
Jusas, Vacius, Saulius Japertas, Tautvydas Baksys, and Sandeepak Bhandari. "Logical filter approach for early stage cyber-attack detection." Computer Science and Information Systems 16, no. 2 (2019): 491–514. http://dx.doi.org/10.2298/csis190122008j.
Full textAbstract:
The planned in advance cyber-attacks cause the most damage for the users of the information systems. Such attacks can take a very long time, require considerable financial and human resources, and therefore, they can only be organized by large interest groups. Furthermore, current intrusion detection systems, intrusion prevention systems and intrusion response systems used to protect against cyber-attacks have several shortcomings. Such systems respond only to the attack itself when it is too late to take a preventive action and they are not suitable for detecting an attack in early stages when it is possible to block the attack and minimize the losses. Early detection requires detailed monitoring of network and system parameters to be able to accurately identify the early stages of the attack when it is still possible to kill the attack chain. In this paper, we propose to consider an attack chain consisting of nine stages. The method to detect early stage cyberattack based on the attack chain analysis using hardware implementation of logical filters is suggested. The performed experiment acknowledges the possibility to detect the attack in the early stages.
39
He, Gao Feng, Tao Zhang, Yuan Yuan Ma, and Xiao Juan Guan. "A Novel and Practical Method for Network Security Situation Prediction." Applied Mechanics and Materials 701-702 (December 2014): 907–10. http://dx.doi.org/10.4028/www.scientific.net/amm.701-702.907.
Full textAbstract:
The real-time prediction of network security situation can significantly improve the monitoring and emergency response capability of the network. However, in practice, if there are a large amount of false predictions, the network administrators should become insensitive and will finally ignore all prediction results. In this paper, we try to solve this issue and propose a novel False Positive Adaptive (FPA) method for network security situation prediction. The main idea of our method is using extrainformation to reduce the number of false positives in prediction. In the model training step, we take advantage of host and network information to eliminate meaningless alerts produced by security tools such as Intrusion Detection System (IDS) and firewall, thus assuring the accuracy of the training samples. In the prediction step, we utilize the detection information from security tools to confirm the prediction results automatically. If the previous predictions are not detected, they will be considered as false positives and the prediction model will be retrained by incremental learning. In our work, the model training and incremental learning is accomplished efficiently by neural network and boosting algorithm.
40
Rivera, Diego, Fernando Monje, Victor Villagrá, Mario Vega-Barbas, Xavier Larriva-Novo, and Julio Berrocal. "Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language." Entropy 21, no. 12 (November 30, 2019): 1180. http://dx.doi.org/10.3390/e21121180.
Full textAbstract:
The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks.
41
Murakami, Tadashi, Fukuko Yuasa, Ryouichi Baba, Teiji Nakamura, Kiyoharu Hashimoto, Soh Y. Suzuki, Mitsuo Nishiguchi, and Toshiaki Kaneko. "Long-term experiences in keeping balance between safety and usability in research activities in KEK." EPJ Web of Conferences 214 (2019): 08001. http://dx.doi.org/10.1051/epjconf/201921408001.
Full textAbstract:
This work aims to provide KEK general-purpose network to support various research activities in the fields of high-energy physics, material physics, and accelerator physics. Since the end of the 20th century, on a daily basis, networks experience cyber-attacks and the methods of attack have rapidly evolved to become more sophisticated over the years. Security measures have been developed to mitigate the effects of cyber-attacks. While security measures may improve safety, restrictions might reduce usability. Therefore, we must keep a balance between safety and usability of the network for a smooth running of research activities. Herein, we present our long-term experience with keeping a balance between safety and usability in KEK research activities. The key points are reasonably ensuring traceability and security management. We have been using security devices, such as firewalls, intrusion detection systems, and vulnerability management systems, to achieve a balance between safety and usability. Also, we present activities of the computer security incident response team (CSIRT) and collaborative activities among research organizations.
42
Zhao, Min, Danyang Qin, Ruolin Guo, and Guangchao Xu. "Efficient Protection Mechanism Based on Self-Adaptive Decision for Communication Networks of Autonomous Vehicles." Mobile Information Systems 2020 (June 10, 2020): 1–9. http://dx.doi.org/10.1155/2020/2168086.
Full textAbstract:
The communication network of autonomous vehicles is composed of multiple sensors working together, and its dynamic topology makes it vulnerable to common attacks such as black hole attack, gray hole attack, rushing attack, and flooding attack, which pose a threat to the safety of passengers and vehicles; most of the existing safety detection mechanisms for a vehicle can only detect attacks but cannot intelligently defend against attacks. To this end, an efficient protection mechanism based on self-adaptive decision (SD-EPM) is proposed, which is divided into the offline phase and the online phase. The online phase consists of two parts: intrusion detection and efficient response. Attack detection and defense in the vehicular ad hoc networks (VANETs) are performed in terms of the attack credibility value (AC), the network performance attenuation value (NPA), and the list of self-adaptive decision. The simulation results show that the proposed mechanism can correctly identify the attack and respond effectively to different attack types. And, the negative impact on VANETs is small.
43
Krishnan Sadhasivan, Dhanalakshmi, and Kannapiran Balasubramanian. "A Fusion of Multiagent Functionalities for Effective Intrusion Detection System." Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/6216078.
Full textAbstract:
Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS) to detect the anomalies in the real-time datasets such as KDD and SCADA. Besides, the feedback loop provides the necessary update of attacks in the database that leads to the improvement in the detection accuracy. The combination of the rules and responsibilities for multiagents effectively detects the anomaly behavior, misuse of response, or relay reports of gas/water pipeline data in KDD and SCADA, respectively. The comparative analysis of the proposed ARMA-IDS with the various existing path mining methods, namely, random forest, JRip, a combination of AdaBoost/JRip, and common path mining on the SCADA dataset conveys that the effectiveness of the proposed ARMA-IDS in the real-time fault monitoring. Moreover, the proposed ARMA-IDS offers the higher detection rate in the SCADA and KDD cup 1999 datasets.
44
Gardine, Matt, Michael West, Cynthia Werner, and Michael Doukas. "Evidence of magma intrusion at Fourpeaked volcano, Alaska in 2006–2007 from a rapid-response seismic network and volcanic gases." Journal of Volcanology and Geothermal Research 200, no. 3-4 (March 2011): 192–200. http://dx.doi.org/10.1016/j.jvolgeores.2010.11.018.
Full text
45
Yazov, Yuri, Oleg Avsentev, Alexander Avsentev, and Irina Rubtsova. "Method for Assessing Effectiveness of Protection of Electronic Document Management using the Petri and Markov Nets Apparatus." SPIIRAS Proceedings 18, no. 6 (November 29, 2019): 1269–300. http://dx.doi.org/10.15622/sp.2019.18.6.1269-1300.
Full textAbstract:
Traditional approaches to assessing the effectiveness of information security, based on a comparison of the possibilities of realizing threats to information security in absence and application of protection measures, do not allow to analyze the dynamics of suppression by security measures of the process of implementing threats. The paper proposes a new indicator of the effectiveness of protection of electronic documents, aimed at assessing the possibility of advancing security measures of the process of implementing threats in electronic document management systems using the probability-time characteristics of the dynamics of the application of protection measures and the implementation of threats to electronic documents. Mathematical models were developed using the Petri-Markov network apparatus and analytical relationships were obtained for calculating the proposed indicator using the example of the "traffic tunneling" threat (placing intruder packets in trusted user packets) and unauthorized access (network attacks) to electronic documents, as well as the threat of intrusion of malicious program by carrying out an "blind IP spoofing" attack (network address spoofing). Examples of calculating the proposed indicator and graphs of its dependence on the probability of detecting network attacks by the intrusion detection system and on the probability of malware detection by the anti-virus protection system are given. Quantitative dependencies are obtained for the effectiveness of protection of electronic documents due to being ahead of protection measures for threat realization processes, both on the probability of detecting an intrusion or the probability of detecting a malicious program, and on the ratio of the time spent by the protection system on detecting an attempt to implement a threat and taking measures to curb its implementation, and threat implementation time. Models allow not only to evaluate the effectiveness of measures to protect electronic documents from threats of destruction, copying, unauthorized changes, etc., but also to quantify the requirements for the response time of adaptive security systems to detectable actions aimed at violating the security of electronic documents, depending on the probability -temporal characteristics of threat realization processes, to identify weaknesses in protection systems related to the dynamics of threat realization and the reaction of defense systems to such threats electronic document.
46
N., Rajendran, Jawahar P.K., and Priyadarshini R. "Makespan of routing and security in Cross Centric Intrusion Detection System (CCIDS) over black hole attacks and rushing attacks in MANET." International Journal of Intelligent Unmanned Systems 7, no. 4 (October 14, 2019): 162–76. http://dx.doi.org/10.1108/ijius-03-2019-0021.
Full textAbstract:
Purpose The purpose of this paper is to apply security policies over the mobile ad hoc networks. A mobile ad hoc network refers to infrastructure-less, persistently self-designing systems; likewise, there is a noteworthy innovation that supplies virtual equipment and programming assets according to the requirement of mobile ad hoc network. Design/methodology/approach It faces different execution and effectiveness-based difficulties. The major challenge is the compromise of performance because of unavailable resources with respect to the MANET. In order to increase the MANET environment’s performance, various techniques are employed for routing and security purpose. An efficient security module requires a quality-of-service (QoS)-based security policy. It performs the task of routing and of the mobile nodes, and it also reduces the routing cost by finding the most trusted node. Findings The experimental results specify that QoS-based security policy effectively minimizes the cost, response time as well as the mobile makespan (routing cost and response time) of an application with respect to other existing approaches. Research limitations/implications In this paper, the authors proposed an enhancement of Cross Centric Intrusion Detection System named as PIHNSPRA Routing Algorithm (PIHNSPRA). Practical implications It maps the security with the secure IDS communication and distributes the packets among different destinations, based on priority. This calculation is proposed for the purpose of routing and security by considering greatest throughput with least routing cost and reaction time. Social implications When the concept is applied to practical applications. Quality of Service introduced in the proposed research reduces the cost of routing and improves the throughput. Originality/value The proposed calculation is tested by NS2 simulator and the outcomes showed that the execution of the calculation is superior to other conventional algorithms.
47
P, Muneeshwari, and Kishanthini M. "A New Framework for Anomaly Detection in NSL-KDD Dataset using Hybrid Neuro-Weighted Genetic Algorithm." Journal of Computational Science and Intelligent Technologies 1, no. 1 (2020): 29–36. http://dx.doi.org/10.53409/mnaa.jcsit1105.
Full textAbstract:
There are an increasing number of security threats to the Internet and computer networks. For new kinds of attacks constantly emerging, a major challenge is the development of versatile and innovative security-oriented approaches. Anomaly-based network intrusion detection techniques are in this sense a valuable tool for defending target devices and networks from malicious activities. With testing dataset, this work was able to use the NSL-KDD data collection, the binary and multiclass problems. With that inspiration, data mining techniques are used to offer an automated platform for network attack detection. The system is based on the Hybrid Genetic Neuro-Weighted Algorithm (HNWGA).In this weighted genetic algorithm is used for the selection of features and in this work a neuro-genetic fuzzy classification algorithm has been proposed which is used to identify malicious users by classifying user behaviors. The main benefit of this proposed framework is that it reduces the attacks by highly accurate detection of intruders and minimizes false positives. The evaluation of the performance is performed in NSL-KDD dataset. The experimental result shows of that the proposed work attains better accuracy when compared to previous methods. Such type of IDS systems are used in the identification and response to malicious traffic / activities to improve extremely accuracy.
48
Burrell, Darrell Norman. "Understanding the Talent Management Intricacies of Remote Cybersecurity Teams in Covid-19 Induced Telework Organizational Ecosystems." Land Forces Academy Review 25, no. 3 (September 1, 2020): 232–44. http://dx.doi.org/10.2478/raft-2020-0028.
Full textAbstract:
AbstractThe unanticipated disruption triggered by Coronavirus, also known as COVID-19, has accelerated the shift to virtual workplace ecosystems for employees in the government, business, and the military. The accelerated move to whole organization telework has also created new complex challenges around managing cybersecurity risks. Complex business and governmental organizational ecosystems have several significant and critical job tasks around cybersecurity. These roles have the involved responsibility of functioning as effective teams to handle incident responses, intrusion evaluations, crisis management, crisis communications, forensic data examinations, malware analyzations, firewall assessments, penetration testing, disaster recovery, emergency response planning, risk management, human factor analyzation, training assessment, and active network monitoring. This qualitative research study explores the nuances of employee engagement, organizational development, and the management of virtual and remote cybersecurity teams in ways that enhance complex business and organizational ecosystems in the world of professional practice.
49
Osuo-Genseleke, Macarthy, and Ojekudo Nathaniel. "Hybridized Design For Feature Optimization and Reduction of Intrusion Detection Systems Alert in a Correlation Framework." International Journal of Innovative Science and Research Technology 5, no. 7 (August 7, 2020): 1051–55. http://dx.doi.org/10.38124/ijisrt20jul783.
Full textAbstract:
The Intrusion Detection System (IDS) produces a large number of alerts. Many large organizations deploy numerous IDSs in their network, generating an even larger quantity of these alerts, where some are real or true alerts and several others are false positives. These alerts cause very severe complications for IDS and create difficulty for the security administrators to ascertain effective attacks and to carry out curative measures. The categorization of such alerts established on their level of attack is necessary to ascertain the most severe alerts and to minimize the time required for response. An improved hybridized model was developed to assess and reduce IDS alerts using the combination of the Genetic Algorithm (GA) and Support Vector Machine (SVM) Algorithm in a correlation framework. The model is subsequently referred to as GA-SVM Alert Correlation (GASAC) model in this study. Our model was established employing the object-oriented analysis and design software methodology and implemented with Java programming language. This study will be benefitted by cooperating with networked organizations since only real alerts will be generated in a way that security procedures can be quickly implemented to protect the system from both interior and exterior attacks
50
Papadopoulou, Maria P., Ioannis K. Nikolos, and George P. Karatzas. "Computational benefits using artificial intelligent methodologies for the solution of an environmental design problem: saltwater intrusion." Water Science and Technology 62, no. 7 (October 1, 2010): 1479–90. http://dx.doi.org/10.2166/wst.2010.442.
Full textAbstract:
Artificial Neural Networks (ANNs) comprise a powerful tool to approximate the complicated behavior and response of physical systems allowing considerable reduction in computation time during time-consuming optimization runs. In this work, a Radial Basis Function Artificial Neural Network (RBFN) is combined with a Differential Evolution (DE) algorithm to solve a water resources management problem, using an optimization procedure. The objective of the optimization scheme is to cover the daily water demand on the coastal aquifer east of the city of Heraklion, Crete, without reducing the subsurface water quality due to seawater intrusion. The RBFN is utilized as an on-line surrogate model to approximate the behavior of the aquifer and to replace some of the costly evaluations of an accurate numerical simulation model which solves the subsurface water flow differential equations. The RBFN is used as a local approximation model in such a way as to maintain the robustness of the DE algorithm. The results of this procedure are compared to the corresponding results obtained by using the Simplex method and by using the DE procedure without the surrogate model. As it is demonstrated, the use of the surrogate model accelerates the convergence of the DE optimization procedure and additionally provides a better solution at the same number of exact evaluations, compared to the original DE algorithm.