Temporal Weighted Averaging for Asynchronous Federated Intrusion Detection Systems

Computational Intelligence and Neuroscience ◽

10.1155/2021/5844728 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Shaashwat Agrawal ◽

Aditi Chowdhuri ◽

Sagnik Sarkar ◽

Ramani Selvanambi ◽

Thippa Reddy Gadekallu

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Model Averaging ◽

Global Model ◽

Weighted Averaging ◽

Model Parameters ◽

Detection Systems ◽

Performance Accuracy ◽

Temporal Model ◽

Iot Devices

Federated learning (FL) is an emerging subdomain of machine learning (ML) in a distributed and heterogeneous setup. It provides efficient training architecture, sufficient data, and privacy-preserving communication for boosting the performance and feasibility of ML algorithms. In this environment, the resultant global model produced by averaging various trained client models is vital. During each round of FL, model parameters are transferred from each client device to the server while the server waits for all models before it can average them. In a realistic scenario, waiting for all clients to communicate their model parameters, where client models are trained on low-power Internet of Things (IoT) devices, can result in a deadlock. In this paper, a novel temporal model averaging algorithm is proposed for asynchronous federated learning (AFL). Our approach uses a dynamic expectation function that computes the number of client models expected in each round and a weighted averaging algorithm for continuous modification of the global model. This ensures that the federated architecture is not stuck in a deadlock all the while increasing the throughput of the server and clients. To implicate the importance of asynchronicity in cybersecurity, the proposed algorithm is tested using NSL-KDD intrusion detection system datasets. The performance accuracy of the global model is about 99.5% on the dataset, outperforming traditional FL models in anomaly detection. In terms of asynchronicity, we get an increased throughput of almost 10.17% for every 30 timesteps.

Download Full-text

A Fraud Detection System Based on Anomaly Intrusion Detection Systems for E-Commerce Applications

Computer and Information Science ◽

10.5539/cis.v7n2p117 ◽

2014 ◽

Vol 7 (2) ◽

Cited By ~ 4

Author(s):

Daniel Massa ◽

Raul Valverde

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Fraud Detection ◽

Intrusion Detection Systems ◽

Detection Systems ◽

Anomaly Intrusion Detection

Download Full-text

An Intrusion Detection System for Smart Grid Neighborhood Area Network

10.32920/ryerson.14656977.v1 ◽

2021 ◽

Author(s):

Nasim Beigi Mohammadi

Keyword(s):

Intrusion Detection ◽

Smart Grid ◽

Intrusion Detection System ◽

Detection System ◽

Area Network ◽

Wormhole Attack ◽

Detection Systems ◽

Wireless Mesh ◽

First Time ◽

Neighborhood Area Network

Smart grid is expected to improve the efficiency, reliability and economics of current energy systems. Using two-way flow of electricity and information, smart grid builds an automated, highly distributed energy delivery network. In this thesis, we present the requirements for intrusion detection systems in smart grid, neighborhood area network (NAN) in particular. We propose an intrusion detection system (IDS) that considers the constraints and requirements of the NAN. It captures the communication and computation overhead constraints as well as the lack of a central point to install the IDS. The IDS is distributed on some nodes which are powerful in terms of memory, computation and the degree of connectivity. Our IDS uses an analytical approach for detecting Wormhole attack. We simulate wireless mesh NANs in OPNET Modeler and for the first time, we integrate our analytical model in Maple from MapleSoft with our OPNET simulation model.

Download Full-text

THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS

Cybersecurity Education Science Technique ◽

10.28925/2663-4023.2020.7.1730 ◽

2020 ◽

Vol 3 (7) ◽

pp. 17-30

Author(s):

Tamara Radivilova ◽

Lyudmyla Kirichenko ◽

Maksym Tawalbeh ◽

Petro Zinchenko ◽

Vitalii Bulakh

Keyword(s):

Load Balancing ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Deep Packet Inspection ◽

Detection Systems ◽

Network Intrusion ◽

Load Imbalance ◽

Packet Inspection

The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.

Download Full-text

Comprehensive Examination of Network Intrusion Detection Models on Data Science

International Journal of Information Retrieval Research ◽

10.4018/ijirr.2021100102 ◽

2021 ◽

Vol 11 (4) ◽

pp. 14-40

Author(s):

Shyla ◽

Vishal Bhatnagar

Keyword(s):

Intrusion Detection ◽

Data Science ◽

Detection System ◽

High Detection Rate ◽

Detection Systems ◽

Network Intrusion ◽

Comprehensive Examination ◽

Security Infrastructure ◽

Science Methodology ◽

Best Fit

The increased requirement of data science in recent times has given rise to the concept of data security, which has become a major issue; thus, the amalgamation of data science methodology with intrusion detection systems as a field of research has acquired a lot of prominence. The level of access to the information system and its visibility to user pursuit was required to operate securely. Intrusion detection has been gaining popularity in the area of data science to incorporate the overall information security infrastructure, where regular operations depend upon shared use of information. The problems are to build an intrusion detection system efficient enough for detecting attacks and to reduce the false positives with a high detection rate. In this paper, the authors analyse various techniques of intrusion detection combined with data science, which will help in understanding the best fit technique under different circumstances.

Download Full-text

A Review of Intrusion Detection Systems in Cloud Computing

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch003 ◽

2019 ◽

pp. 54-83

Author(s):

Chiba Zouhair ◽

Noreddine Abghour ◽

Khalid Moussaid ◽

Amina El Omri ◽

Mohamed Rida

Keyword(s):

Cloud Computing ◽

Intrusion Detection ◽

Detection System ◽

Security Requirements ◽

Intrusion Detection Systems ◽

Cloud Environment ◽

Detection Techniques ◽

Detection Systems ◽

Cloud Architecture ◽

Data Source

Security is a major challenge faced by cloud computing (CC) due to its open and distributed architecture. Hence, it is vulnerable and prone to intrusions that affect confidentiality, availability, and integrity of cloud resources and offered services. Intrusion detection system (IDS) has become the most commonly used component of computer system security and compliance practices that defends cloud environment from various kinds of threats and attacks. This chapter presents the cloud architecture, an overview of different intrusions in the cloud, the challenges and essential characteristics of cloud-based IDS (CIDS), and detection techniques used by CIDS and their types. Then, the authors analyze 24 pertinent CIDS with respect to their various types, positioning, detection time, and data source. The analysis also gives the strength of each system and limitations in order to evaluate whether they carry out the security requirements of CC environment or not.

Download Full-text

A Survey on Intrusion Detection System for Software Defined Networks (SDN)

Research Anthology on Artificial Intelligence Applications in Security ◽

10.4018/978-1-7998-7705-9.ch023 ◽

2021 ◽

pp. 467-489

Author(s):

Yogita Hande ◽

Akkalashmi Muddana

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Network Architecture ◽

Detection System ◽

Learning Approach ◽

Distinctive Features ◽

Detection Systems ◽

Security Challenges ◽

Deep Learning Model

Presently, the advances of the internet towards a wide-spread growth and the static nature of traditional networks has limited capacity to cope with organizational business needs. The new network architecture software defined networking (SDN) appeared to address these challenges and provides distinctive features. However, these programmable and centralized approaches of SDN face new security challenges which demand innovative security mechanisms like intrusion detection systems (IDS's). The IDS of SDN are designed currently with a machine learning approach; however, a deep learning approach is also being explored to achieve better efficiency and accuracy. In this article, an overview of the SDN with its security concern and IDS as a security solution is explained. A survey of existing security solutions designed to secure the SDN, and a comparative study of various IDS approaches based on a deep learning model and machine learning methods are discussed in the article. Finally, we describe future directions for SDN security.

Download Full-text

Recent Advancements in Intrusion Detection Systems for the Internet of Things

Security and Communication Networks ◽

10.1155/2019/4301409 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 6

Author(s):

Zeeshan Ali Khan ◽

Peter Herrmann

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Ad Hoc ◽

Denial Of Service ◽

Research Work ◽

Intrusion Detection Systems ◽

Future Research ◽

Detection Systems ◽

Iot Applications ◽

Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

Download Full-text

A Lightweight Perceptron-Based Intrusion Detection System for Fog Computing

Applied Sciences ◽

10.3390/app9010178 ◽

2019 ◽

Vol 9 (1) ◽

pp. 178 ◽

Cited By ~ 16

Author(s):

Belal Sudqi Khater ◽

Ainuddin Wahid Bin Abdul Wahab ◽

Mohd Yamani Idna Bin Idris ◽

Mohammed Abdulla Hussain ◽

Ashraf Ahmed Ibrahim

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Fog Computing ◽

Raspberry Pi ◽

Space Representation ◽

Location Awareness ◽

Resource Limitations ◽

System Calls ◽

Iot Devices ◽

Hidden Layer

Fog computing is a paradigm that extends cloud computing and services to the edge of the network in order to address the inherent problems of the cloud, such as latency and lack of mobility support and location-awareness. The fog is a decentralized platform capable of operating and processing data locally and can be installed in heterogeneous hardware which makes it ideal for Internet of Things (IoT) applications. Intrusion Detection Systems (IDSs) are an integral part of any security system for fog and IoT networks to ensure the quality of service. Due to the resource limitations of fog and IoT devices, lightweight IDS is highly desirable. In this paper, we present a lightweight IDS based on a vector space representation using a Multilayer Perceptron (MLP) model. We evaluated the presented IDS against the Australian Defense Force Academy Linux Dataset (ADFA-LD) and Australian Defense Force Academy Windows Dataset (ADFA-WD), which are new generation system calls datasets that contain exploits and attacks on various applications. The simulation shows that by using a single hidden layer and a small number of nodes, we are able to achieve a 94% Accuracy, 95% Recall, and 92% F1-Measure in ADFA-LD and 74% Accuracy, 74% Recall, and 74% F1-Measure in ADFA-WD. The performance is evaluated using a Raspberry Pi.

Download Full-text

The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems

Sensors ◽

10.3390/s20092559 ◽

2020 ◽

Vol 20 (9) ◽

pp. 2559 ◽

Cited By ~ 9

Author(s):

Celestine Iwendi ◽

Suleman Khan ◽

Joseph Henry Anajemba ◽

Mohit Mittal ◽

Mamdouh Alenezi ◽

...

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

False Alarm ◽

False Alarm Rate ◽

Detection Rate ◽

Detection System ◽

Denial Of Service ◽

Intrusion Detection Systems ◽

Ensemble Models ◽

Detection Systems

The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible to control network intruders. This limitation is what led us to perform dimensionality reduction by means of correlation-based feature selection approach (CFS approach) in addition to a refined ensemble model. The paper aims to improve the Intrusion Detection System (IDS) by proposing a CFS + Ensemble Classifiers (Bagging and Adaboost) which has high accuracy, high packet detection rate, and low false alarm rate. Machine Learning Ensemble Models with base classifiers (J48, Random Forest, and Reptree) were built. Binary classification, as well as Multiclass classification for KDD99 and NSLKDD datasets, was done while all the attacks were named as an anomaly and normal traffic. Class labels consisted of five major attacks, namely Denial of Service (DoS), Probe, User-to-Root (U2R), Root to Local attacks (R2L), and Normal class attacks. Results from the experiment showed that our proposed model produces 0 false alarm rate (FAR) and 99.90% detection rate (DR) for the KDD99 dataset, and 0.5% FAR and 98.60% DR for NSLKDD dataset when working with 6 and 13 selected features.

Download Full-text

A Survey on Intrusion Detection System for Software Defined Networks (SDN)

International Journal of Business Data Communications and Networking ◽

10.4018/ijbdcn.2020010103 ◽

2020 ◽

Vol 16 (1) ◽

pp. 28-47 ◽

Cited By ~ 5

Author(s):

Yogita Hande ◽

Akkalashmi Muddana

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Network Architecture ◽

Detection System ◽

Learning Approach ◽

Distinctive Features ◽

Detection Systems ◽

Security Challenges ◽

Machine Learning Approach

Download Full-text