oalib

Publish in OALib Journal

ISSN: 2333-9721

APC: Only $99

Submit

Any time

2019 ( 14 )

2018 ( 187 )

2017 ( 217 )

2016 ( 224 )

Custom range...

Search Results: 1 - 10 of 8348 matches for " Intrusion Detection "
All listed articles are free for downloading (OA Articles)
Page 1 /8348
Display every page Item
Software Intrusion Detection Evaluation System: A Cost-Based Evaluation of Intrusion Detection Capability  [PDF]
Agbotiname L. Imoize, Taiwo Oyedare, Michael E. Otuokere, Sachin Shetty
Communications and Network (CN) , 2018, DOI: 10.4236/cn.2018.104017
Abstract: In this paper, we consider a cost-based extension of intrusion detection capability (CID). An objective metric motivated by information theory is presented and based on this formulation; a package for computing the intrusion detection capability of intrusion detection system (IDS), given certain input parameters is developed using Java. In order to determine the expected cost at each IDS operating point, the decision tree method of analysis is employed, and plots of expected cost and intrusion detection capability against false positive rate were generated. The point of intersection between the maximum intrusion detection capability and the expected cost is selected as the optimal operating point. Considering an IDS in the context of its intrinsic ability to detect intrusions at the least expected cost, findings revealed that the optimal operating point is the most suitable for the given IDS. The cost-based extension is used to select optimal operating point, calculate expected cost, and compare two actual intrusion detectors. The proposed cost-based extension of intrusion detection capability will be very useful to information technology (IT), telecommunication firms, and financial institutions, for making proper decisions in evaluating the suitability of an IDS for a specific operational environment.
Hybrid Key Duplication Hashing Techniques for IP Address Lookup  [PDF]
Rujiroj Tiengtavat, Wei-Ming Lin
Int'l J. of Communications, Network and System Sciences (IJCNS) , 2011, DOI: 10.4236/ijcns.2011.45037
Abstract: This In the past decade there has been an increasing need for designs to address the time and cost efficiency issues from various computer network applications such as general IP address lookup and specific network intrusion detection. Hashing techniques have been widely adopted for this purpose, among which XOR-operation-based hashing is one of most popular techniques due to its relatively small hash process delay. In most current commonly used XOR-hashing algorithms, each of the hash key bits is usually explicitly XORed only at most once in the hash process, which may limit the amount of potential randomness that can be introduced by the hashing process. In [1] a series of bit duplication techniques are proposed by systematically duplicating one row of key bits. This paper further looks into various ways in duplicating and reusing key bits to maximize randomness needed in the hashing process so as to enhance the overall performance further. Our simulation results show that, even with a slight increase in hardware requirement, a very significant reduction in the amount of hash collision can be obtained by the proposed technique.
Research on Access Network Intrusion Detection System Based on DMT Technology  [PDF]
Lingxi Wu, Jie Zhan, Qiange He, Shuiyan He
Int'l J. of Communications, Network and System Sciences (IJCNS) , 2010, DOI: 10.4236/ijcns.2010.35064
Abstract: Analysis is done on the inter-carrier interference (ICI) that caused by multi-carrier communication system frequency offset. The application model of DFT/IDFT in ADSL access network is analyzed further; the hardware detection and software analysis scheme of the system are proposed for the accessing network. Experiments have proved that monitoring system can filter the network data flow and carry on statistical and analysis, achieving real-time monitoring.
Detection of Sophisticated Network Enabled Threats via a Novel Micro-Proxy Architecture  [PDF]
Andrew Blyth
Journal of Information Security (JIS) , 2014, DOI: 10.4236/jis.2014.52004
Abstract:

With the increasing use of novel exploitation techniques in modern malicious software it can be argued that current intrusion detection and intrusion prevention systems are failing to keep pace. While some intrusion prevention systems have the capability to detect evasion techniques they all fail to detect novel unknown exploitation techniques. Traditional proxy approaches have failed to protect the universe of discourse that a network enabled service can be engaged in as they view all information flows of the same type in a uniform manner. In this paper we propose a micro-proxy architecture that utilizes reverse engineering techniques to identify a valid universe of discourse for a network service. This valid universe of discourse is then applied to validate legitimate transactions to a service. Thus in effect, the micro proxy implements a default deny policy via the analysis of the application level discourse.

Information Theory and Data-Mining Techniques for Network Traffic Profiling for Intrusion Detection  [PDF]
Pablo Velarde-Alvarado, Rafael Martinez-Pelaez, Joel Ruiz-Ibarra, Victor Morales-Rocha
Journal of Computer and Communications (JCC) , 2014, DOI: 10.4236/jcc.2014.211003
Abstract:

In this paper, information theory and data mining techniques to extract knowledge of network traffic behavior for packet-level and flow-level are proposed, which can be applied for traffic profiling in intrusion detection systems. The empirical analysis of our profiles through the rate of remaining features at the packet-level, as well as the three-dimensional spaces of entropy at the flow-level, provide a fast detection of intrusions caused by port scanning and worm attacks.

A New FLAME Selection Method for Intrusion Detection (FLAME-ID)  [PDF]
Wafa Alsharafat
Communications and Network (CN) , 2019, DOI: 10.4236/cn.2019.111002
Abstract: Due to the ever growing number of cyber attacks, especially of the online systems, development and operation of adaptive Intrusion Detection Systems (IDSs) is badly needed so as to protect these systems. It remains as a goal of paramount importance to achieve and a serious challenge to address. Different selection methods have been developed and implemented in Genetic Algorithms (GAs) to enhance the rate of detection of the IDSs. In this respect, the present study employed the eXtended Classifier System (XCS) for detection of intrusions by matching the incoming environmental message (packet) with a classifiers pool to determine whether the incoming message is a normal request or an intrusion. Fuzzy Clustering by Local Approximation Membership (FLAME) represents the new selection method used in GAs. In this study, Genetic Algorithm with FLAME selection (FGA) was used as a production engine for the XCS. For comparison purposes, different selection methods were compared with FLAME selection and all experiments and evaluations were performed by using the KDD’99 dataset.
The Use of Multi-Objective Genetic Algorithm Based Approach to Create Ensemble of ANN for Intrusion Detection  [PDF]
Gulshan Kumar, Krishan Kumar
International Journal of Intelligence Science (IJIS) , 2012, DOI: 10.4236/ijis.2012.224016
Abstract: Due to our increased dependence on Internet and growing number of intrusion incidents, building effective intrusion detection systems are essential for protecting Internet resources and yet it is a great challenge. In literature, many researchers utilized Artificial Neural Networks (ANN) in supervised learning based intrusion detection successfully. Here, ANN maps the network traffic into predefined classes i.e. normal or specific attack type based upon training from label dataset. However, for ANN-based IDS, detection rate (DR) and false positive rate (FPR) are still needed to be improved. In this study, we propose an ensemble approach, called MANNE, for ANN-based IDS that evolves ANNs by Multi Objective Genetic algorithm to solve the problem. It helps IDS to achieve high DR, less FPR and in turn high intrusion detection capability. The procedure of MANNE is as follows: firstly, a Pareto front consisting of a set of non-dominated ANN solutions is created using MOGA, which formulates the base classifiers. Subsequently, based upon this pool of non-dominated ANN solutions as base classifiers, another Pareto front consisting of a set of non-dominated ensembles is created which exhibits classification tradeoffs. Finally, prediction aggregation is done to get final ensemble prediction from predictions of base classifiers. Experimental results on the KDD CUP 1999 dataset show that our proposed ensemble approach, MANNE, outperforms ANN trained by Back Propagation and its ensembles using bagging & boosting methods in terms of defined performance metrics. We also compared our approach with other well-known methods such as decision tree and its ensembles using bagging & boosting methods.
INTRUSION DETECTION IN COMPUTER NETWORK USING GENETIC ALGORITHM APPROACH: A SURVEY
S. N. Pawar
International Journal of Advances in Engineering and Technology , 2013,
Abstract: The intrusion detection problem is becoming a challenging task due to the proliferation of heterogeneous computer networks since the increased connectivity of computer systems gives greater access to outsiders and makes it easier for intruders to avoid identification [1]. Intrusion detection systems are used to detect unauthorized access to a computer system. A number of soft computing based approaches are being used for detecting network intrusions. This paper presents a survey on intrusion detection techniques that use genetic algorithm approach.
Designing Intrusion Detection System for Web Documents Using Neural Network  [PDF]
Hari Om, Tapas K. Sarkar
Communications and Network (CN) , 2010, DOI: 10.4236/cn.2010.21008
Abstract: Cryptographic systems are the most widely used techniques for information security. These systems however have their own pitfalls as they rely on prevention as their sole means of defense. That is why most of the organizations are attracted to the intrusion detection systems. The intrusion detection systems can be broadly categorized into two types, Anomaly and Misuse Detection systems. An anomaly-based system detects com-puter intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous. Misuse detection systems can detect almost all known attack patterns; they however are hardly of any use to de-tect yet unknown attacks. In this paper, we use Neural Networks for detecting intrusive web documents avail-able on Internet. For this purpose Back Propagation Neural (BPN) Network architecture is applied that is one of the most popular network architectures for supervised learning. Analysis is carried out on Internet Security and Acceleration (ISA) server 2000 log for finding out the web documents that should not be accessed by the unau-thorized persons in an organization. There are lots of web documents available online on Internet that may be harmful for an organization. Most of these documents are blocked for use, but still users of the organization try to access these documents and may cause problem in the organization network.
A Comparative Study of Related Technologies of Intrusion Detection & Prevention Systems  [PDF]
Indraneel Mukhopadhyay, Mohuya Chakraborty, Satyajit Chakrabarti
Journal of Information Security (JIS) , 2011, DOI: 10.4236/jis.2011.21003
Abstract: The rapid growth of computer networks has changed the prospect of network security. An easy accessibility condition causes computer networks to be vulnerable against numerous and potentially devastating threats from hackers. Up to the moment, researchers have developed Intrusion Detection Systems (IDS) capable of detecting attacks in several available environments. A boundlessness of methods for misuse detection as well as anomaly detection has been applied. Intrusion Prevention Systems (IPS) evolved after that to resolve am-biguities in passive network monitoring by placing detection systems on the line of attack. IPS in other words is IDS that are able to give prevention commands to firewalls and access control changes to routers. IPS can be seen as an improvement upon firewall technologies. It can make access control decisions based on application content, rather than IP address or ports as traditional firewalls do. The next innovation is the combination of IDS and IPS known as Intrusion Detection and Prevention Systems (IDPS) capable of de-tecting and preventing attacks from happening. This paper presents an overview of IDPS followed by their classifications and applications. A new signature based IDPS architecture named HawkEye Solutions has been proposed by the authors. Authors have presented the basic building blocks of the IDS, which include mechanisms for carrying out TCP port scans, Traceroute scan, ping scan and packet sniffing to monitor net-work health detect various types of attacks. Real time implementation results of the system have been pre-sented. Finally a comparative analysis of various existing IDS/IPS solutions with HawkEye Solutions em-phasizes its significance.
Page 1 /8348
Display every page Item


Home
Copyright © 2008-2017 Open Access Library. All rights reserved.