A Security Threats Taxonomy for Routing System Intrusion Detection

Mobile agents have been proposed for key applications such as forensics analysis, intrusion detection, e-commerce, and resource management. Yet, they are vulnerable to various security threats by malicious hosts or intruders. Conversely, genuine platforms may run malicious agents. It is essential to establish a truly secure framework for mobile agents to gain trust of clients in the system. Failure to accomplish a trustworthy secured framework for Mobile Agent System (MAS) will limit their deployment into the key applications. This chapter presents a comprehensive taxonomy of various security threats to Mobile Agent System and the existing implemented security mechanisms. Different mechanisms are discussed, and the related security deficiencies are highlighted. The various security properties of the agent and the agent platform are described. The chapter also introduces the properties, advantages, and roles of agents in various applications. It describes the infrastructure of the system and discusses several mobile agent frameworks and the accomplished security level.

Download Full-text

An Introductory Study on Business Intelligence Security

Web Services Security and E-Business ◽

10.4018/978-1-59904-168-1.ch011 ◽

2007 ◽

pp. 204-217

Author(s):

Chan Gaik Yee ◽

G. S. V. Radha Krishna Rao

Keyword(s):

Intrusion Detection ◽

Web Service ◽

Business Intelligence ◽

Security Threats ◽

Knowledge Capital ◽

Intrusion Prevention

Firstly, the fact that business intelligence (BI) applications are growing in importance, and secondly, the growing and more sophisticated attacks launched by hackers, the concern of how to protect the knowledge capital or databases that come along with BI or in another words, BI security, has thus arisen. In this chapter, the BI environment with its security features is explored, followed by a discussion on intrusion detection (ID) and intrusion prevention (IP) techniques. It is understood through a Web-service case study that it is feasible to have ID and IP as countermeasures to the security threats; thus further enhancing the security of the BI environment or architecture.

Download Full-text

A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network

Symmetry ◽

10.3390/sym11040583 ◽

2019 ◽

Vol 11 (4) ◽

pp. 583 ◽

Cited By ~ 13

Author(s):

Muhammad Ashfaq Khan ◽

Md. Rezaul Karim ◽

Yangwoo Kim

Keyword(s):

Intrusion Detection ◽

Information And Communication Technologies ◽

Intrusion Detection System ◽

Large Scale ◽

Detection System ◽

Security Threats ◽

Online Systems ◽

Network Intrusion ◽

Lstm Network ◽

Convolutional Lstm

With the rapid advancements of ubiquitous information and communication technologies, a large number of trustworthy online systems and services have been deployed. However, cybersecurity threats are still mounting. An intrusion detection (ID) system can play a significant role in detecting such security threats. Thus, developing an intelligent and accurate ID system is a non-trivial research problem. Existing ID systems that are typically used in traditional network intrusion detection system often fail and cannot detect many known and new security threats, largely because those approaches are based on classical machine learning methods that provide less focus on accurate feature selection and classification. Consequently, many known signatures from the attack traffic remain unidentifiable and become latent. Furthermore, since a massive network infrastructure can produce large-scale data, these approaches often fail to handle them flexibly, hence are not scalable. To address these issues and improve the accuracy and scalability, we propose a scalable and hybrid IDS, which is based on Spark ML and the convolutional-LSTM (Conv-LSTM) network. This IDS is a two-stage ID system: the first stage employs the anomaly detection module, which is based on Spark ML. The second stage acts as a misuse detection module, which is based on the Conv-LSTM network, such that both global and local latent threat signatures can be addressed. Evaluations of several baseline models in the ISCX-UNB dataset show that our hybrid IDS can identify network misuses accurately in 97.29% of cases and outperforms state-of-the-art approaches during 10-fold cross-validation tests.

Download Full-text

6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach

International Journal of Communication Systems ◽

10.1002/dac.2356 ◽

2012 ◽

Vol 25 (9) ◽

pp. 1189-1212 ◽

Cited By ~ 76

Author(s):

Anhtuan Le ◽

Jonathan Loo ◽

Aboubaker Lasebae ◽

Mahdi Aiash ◽

Yuan Luo

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

System Approach ◽

Detection System ◽

Security Threats

Download Full-text

PERFORMANCE ANALYSIS OF EFFECT RATE OF CROSS LAYER BASED INTRUSION DETECTION FOR WIRELESS LAN

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v5i2.3526 ◽

2013 ◽

Vol 5 (2) ◽

pp. 80-84

Author(s):

Dr. Vinod Kumar ◽

Mr Avtar Singh ◽

Mrs. Ritika Narang

Keyword(s):

Intrusion Detection ◽

Wireless Ad Hoc Networks ◽

Wireless Lan ◽

Ad Hoc ◽

Cross Layer ◽

Security Threats ◽

Wireless Medium ◽

Multiple Levels ◽

Ease Of Access ◽

Hoc Networks

Wireless ad-hoc networks are vulnerable to various kinds of security threats and attacks due to relative ease of access to wireless medium and lack of a centralized infrastructure. Security is an alarming concern, as everything being transmitted is available in the air. The current paper deals with Study of effect of rate on performance of cross layer based intrusion detection for WLAN reflects the significance of cross layer technique in detecting intruder on WLAN. Exploiting the information available across different layers of the protocol stack by triggering multiple levels of detection enhances the accuracy of detection. We validate our design through simulations and also demonstrate lower occurrence of false positives.

Download Full-text

Types of Threats and Appropriate Countermeasures for Internet Communications

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2021.01.03 ◽

2021 ◽

Vol 10 (1) ◽

pp. 27-37

Author(s):

Irina-Bristena BACÎŞ

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Configuration Management ◽

Identity Theft ◽

Security Threats ◽

Security Measures ◽

Protection Measures ◽

Ip Address ◽

Network Flooding

Threats can translate into various types of attacks an intruder can take on entities in a network: flooding the target with protocol messages, smurfing (targeted broadcasting of an ICMP protocol-based messaging protocol), distributed attacks that lead to blocking the service for legitimate users, IP address theft and flooding targets with unsolicited emails, identity theft, or fraudulent routing. Against these threats, a variety of security measures can be implemented, such as: configuration management, firewall installation, intrusion detection system installation. Used separately or together, these protection measures can eliminate or even minimize the probability of materializing security threats and preventing attacks on the security features of a system.

Download Full-text

Anomaly Detection in Cloud Environments

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch006 ◽

2019 ◽

pp. 140-164

Author(s):

Angelos K. Marnerides

Keyword(s):

Intrusion Detection ◽

Anomaly Detection ◽

Empirical Mode Decomposition ◽

State Of The Art ◽

Detection System ◽

Security Threats ◽

Accurate Identification ◽

Mode Decomposition ◽

Operational Characteristics ◽

Cloud Environments

Cloud environments compose unique operational characteristics and intrinsic capabilities such as service transparency and elasticity. By virtue of their exclusive properties as being outcomes of their virtualized nature, these environments are prone to a number of security threats either from malicious or legitimate intent. By virtue of the minimal proactive properties attained by off-the-shelf signature-based commercial detection solutions employed in various infrastructures, cloud-specific Intrusion Detection System (IDS) Anomaly Detection (AD)-based methodologies have been proposed in order to enable accurate identification, detection, and clustering of anomalous events that could manifest. Therefore, in this chapter the authors firstly aim to provide an overview in the state of the art related with cloud-based AD mechanisms and pinpoint their basic functionalities. They subsequently provide an insight and report some results derived by a particular methodology that jointly considers cloud-specific properties and relies on the Empirical Mode Decomposition (EMD) algorithm.

Download Full-text

WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks

Journal of Sensors ◽

10.1155/2016/4731953 ◽

2016 ◽

Vol 2016 ◽

pp. 1-16 ◽

Cited By ~ 43

Author(s):

Iman Almomani ◽

Bassam Al-Kasasbeh ◽

Mousa AL-Akhras

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Intrusion Detection ◽

Cross Validation ◽

Denial Of Service ◽

Wireless Sensor ◽

Security Threats ◽

Dos Attacks ◽

Wide Range ◽

Fold Cross Validation

Wireless Sensor Networks (WSN) have become increasingly one of the hottest research areas in computer science due to their wide range of applications including critical military and civilian applications. Such applications have created various security threats, especially in unattended environments. To ensure the security and dependability of WSN services, an Intrusion Detection System (IDS) should be in place. This IDS has to be compatible with the characteristics of WSNs and capable of detecting the largest possible number of security threats. In this paper a specialized dataset for WSN is developed to help better detect and classify four types of Denial of Service (DoS) attacks: Blackhole, Grayhole, Flooding, and Scheduling attacks. This paper considers the use of LEACH protocol which is one of the most popular hierarchical routing protocols in WSNs. A scheme has been defined to collect data from Network Simulator 2 (NS-2) and then processed to produce 23 features. The collected dataset is called WSN-DS. Artificial Neural Network (ANN) has been trained on the dataset to detect and classify different DoS attacks. The results show that WSN-DS improved the ability of IDS to achieve higher classification accuracy rate. WEKA toolbox was used with holdout and 10-Fold Cross Validation methods. The best results were achieved with 10-Fold Cross Validation with one hidden layer. The classification accuracies of attacks were 92.8%, 99.4%, 92.2%, 75.6%, and 99.8% for Blackhole, Flooding, Scheduling, and Grayhole attacks, in addition to the normal case (without attacks), respectively.

Download Full-text

Intrusion detection using clustering

International Journal of Computer and Communication Technology ◽

10.47893/ijcct.2010.1052 ◽

2010 ◽

pp. 248-255

Author(s):

Kusum Kumari Bharti ◽

Sanyam Shukla ◽

Sweta Jain

Keyword(s):

Data Mining ◽

Intrusion Detection ◽

Hybrid Model ◽

Clustering Algorithm ◽

Security Threats ◽

Network Environment ◽

Data Set ◽

Proposed Model ◽

The One ◽

Increasing Trends

In increasing trends of network environment every one gets connected to the system. So there is need of securing information, because there are lots of security threats are present in network environment. A number of techniques are available for intrusion detection. Data mining is the one of the efficient techniques available for intrusion detection. Data mining techniques may be supervised or unsuprevised.Various Author have applied various clustering algorithm for intrusion detection, but all of these are suffers form class dominance, force assignment and No Class problem. This paper proposes a hybrid model to overcome these problems. The performance of proposed model is evaluated over KDD Cup 1999 data set.

Download Full-text

A Multi-Layered Approach to the Design of Intelligent Intrusion Detection and Prevention System (IIDPS)

10.28945/3370 ◽

2009 ◽

Author(s):

Oludele Awodele ◽

Sunday Idowu ◽

Omotola Anjorin ◽

Vincent Joshua

Keyword(s):

User Interface ◽

Intrusion Detection ◽

Security Threats ◽

Host System ◽

Prevention System ◽

Single Host ◽

System Resource ◽

Layered Approach ◽

Intrusion Detection And Prevention

Ignoring security threats can have serious consequences; therefore host machines in network must continually be monitored for intrusions since they are the final endpoint of any network. As a result, this paper presents an Intelligent Intrusion Detection and Prevention System (IIDPS), which monitors a single host system from three different layers; files analyzer, system resource and connection layers. The approach introduced, a multi - layered approach, in which each layer harnesses both aspects of existing approach, signature and anomaly approaches, to achieve a better detection and prevention capabilities. The design of IIDPS consist of three basic components; the Executive which is an agent that runs in the background, iBaseline which is a database that stores the signatures of intrusions and the iManager which is a user Interface that serves as an intermediary between the IIDPS and the user. This work serves as a foundation upon which interested researchers can further build on to achieve better detection and prevention capabilities.

Download Full-text