scholarly journals A Novel Intrusion Detection Model Using a Fusion of Network and Device States for Communication-Based Train Control Systems

Electronics ◽  
2020 ◽  
Vol 9 (1) ◽  
pp. 181
Author(s):  
Yajie Song ◽  
Bing Bu ◽  
Li Zhu
Keyword(s):  
Intrusion Detection ◽  
True Positive Rate ◽  
Cyber Attacks ◽  
Physical Systems ◽  
Detection Model ◽  
Detection Systems ◽  
Train Control ◽  
The Status ◽  
Positive Rate ◽  
Systems Simulation

Security is crucial in cyber-physical systems (CPS). As a typical CPS, the communication-based train control (CBTC) system is facing increasingly serious cyber-attacks. Intrusion detection systems (IDSs) are vital to protect the system against cyber-attacks. The traditional IDS cannot distinguish between cyber-attacks and system faults. Furthermore, the design of the traditional IDS does not take the principles of CBTC systems into consideration. When deployed, it cannot effectively detect cyber-attacks against CBTC systems. In this paper, we propose a novel intrusion detection method that considers both the status of the networks and those of the equipment to identify if the abnormality is caused by cyber-attacks or by system faults. The proposed method is verified on a hardware-in-the-loop simulation platform of CBTC systems. Simulation results indicate that the proposed method has achieved 97.64% true positive rate, which can significantly improve the security protection level of CBTC systems.

scholarly journals A Real-time Anomaly-based Intrusion Detection System for Automotive Controller Area Networks

2020 ◽  
Author(s):  
Luís Felipe Prado D'Andrada ◽  
Paulo Freitas de Araujo-Filho ◽  
Divanilson Rodrigo Campelo
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
True Positive Rate ◽  
Detection Algorithm ◽  
Cyber Attacks ◽  
Area Network ◽  
Controller Area Networks ◽  
Positive Rate ◽  
Promising Solution

The Controller Area Network (CAN) is the most pervasive in-vehiclenetwork technology in cars. However, since CAN was designed with no securityconcerns, solutions to mitigate cyber attacks on CAN networks have been pro-posed. Prior works have shown that detecting anomalies in the CAN networktraffic is a promising solution for increasing vehicle security. One of the mainchallenges in preventing a malicious CAN frame transmission is to be able todetect the anomaly before the end of the frame. This paper presents a real-timeanomaly-based Intrusion Detection System (IDS) capable of meeting this dead-line by using the Isolation Forest detection algorithm implemented in a hardwaredescription language. A true positive rate higher than 99% is achieved in testscenarios. The system requires less than 1μs to evaluate a frame’s payload, thusbeing able to detect the anomaly before the end of the frame.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

The Application of BP Neural Network in Network Intrusion Detection

2013 ◽  
Vol 765-767 ◽  
pp. 1415-1418 ◽  
Author(s):  
Ya Fang Lou ◽  
Zhi Jun Yuan ◽  
Hao Wu
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
Practical Significance ◽  
Network Intrusion Detection ◽  
Critical Problem ◽  
Detection Model ◽  
Detection Systems ◽  
Network Intrusion ◽  
Detection Technology

As the network is impacting enormously to all aspects of society, the network security becomes a critical problem. The traditional intrusion detection technology exists some disadvantages: the imperfection of architecture, the slow detecting of system, the vulnerable of itself architecture, and so on. This paper presents an intrusion detection model based on BP neural network which has the incomparable advantages against traditional intrusion detection systems. Therefore, the study of this subject possesses the practical significance.

Intrusion Detection of Cyber-Physical Attacks in Manufacturing Systems: A Review

2019 ◽  
Author(s):  
Mingtao Wu ◽  
Young B. Moon
Keyword(s):  
Intrusion Detection ◽  
Manufacturing Systems ◽  
High Volume ◽  
Cyber Attacks ◽  
Intrusion Detection Systems ◽  
Detection Methods ◽  
False Alarms ◽  
Alert Correlation ◽  
Acoustic Image ◽  
Detection Systems

Abstract Cyber-physical manufacturing system is the vision of future manufacturing systems where physical components are fully integrated through various networks and the Internet. The integration enables the access to computation resources that can improve efficiency, sustainability and cost-effectiveness. However, its openness and connectivity also enlarge the attack surface for cyber-attacks and cyber-physical attacks. A critical challenge in defending those attacks is that current intrusion detection methods cannot timely detect cyber-physical attacks. Studies showed that the physical detection provides a higher accuracy and a shorter respond time compared to network-based or host-based intrusion detection systems. Moreover, alert correlation and management methods help reducing the number of alerts and identifying the root cause of the attack. In this paper, the intrusion detection research relevant to cyber-physical manufacturing security is reviewed. The physical detection methods — using side-channel data, including acoustic, image, acceleration, and power consumption data to disclose attacks during the manufacturing process — are analyzed. Finally, the alert correlation methods — that manage the high volume of alerts generated from intrusion detection systems via logical relationships to reduce the data redundancy and false alarms — are reviewed. The study show that the cyber-physical attacks are existing and rising concerns in industry. Also, the increasing efforts in cyber-physical intrusion detection and correlation research can be utilized to secure the future manufacturing systems.

Research on Distributed Intrusion Detection Model Based on Information Fusion

2010 ◽  
Vol 121-122 ◽  
pp. 528-533
Author(s):  
Ping Du ◽  
Wei Xu
Keyword(s):  
Intrusion Detection ◽  
Information Fusion ◽  
Detection System ◽  
False Positive Rate ◽  
Prototype System ◽  
Security Risk ◽  
Source Information ◽  
Detection Model ◽  
Distributed Intrusion Detection ◽  
Positive Rate

The research actuality of Intrusion Detection System(IDS) were analyzed, Due to the defects of IDS such as high positive rate of IDS and incapable of effective detection of dispersed coordinated attacks on the time and space, the ideas of the multi-source information fusion were introduced in the paper, a multi-level IDS reasoning framework and prototype system were presented. The prototype adds analysis engine to the existing IDS Sensor, We used Bayesian Network as a tool for multi-source information fusion, and we used goal-tree to analyze the attempts of coordinated attacks and quantify the security risk of system. Compared to the existing IDS, the prototype is more integrated and more capable in finding coordinated attacks with lower false positive rate.

Rough Set-hypergraph-based Feature Selection Approach for Intrusion Detection Systems

2016 ◽  
Vol 66 (6) ◽  
pp. 612 ◽  
Author(s):  
M.R. Gauthama Raman ◽  
K. Kannan ◽  
S.K. Pal ◽  
V. S. Shankar Sriram
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Rough Set ◽  
Network Architecture ◽  
Cyber Attacks ◽  
Intrusion Detection Systems ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Detection Systems ◽  
Helly Property

Immense growth in network-based services had resulted in the upsurge of internet users, security threats and cyber-attacks. Intrusion detection systems (IDSs) have become an essential component of any network architecture, in order to secure an IT infrastructure from the malicious activities of the intruders. An efficient IDS should be able to detect, identify and track the malicious attempts made by the intruders. With many IDSs available in the literature, the most common challenge due to voluminous network traffic patterns is the curse of dimensionality. This scenario emphasizes the importance of feature selection algorithm, which can identify the relevant features and ignore the rest without any information loss. In this paper, a novel rough set κ-Helly property technique (RSKHT) feature selection algorithm had been proposed to identify the key features for network IDSs. Experiments carried using benchmark KDD cup 1999 dataset were found to be promising, when compared with the existing feature selection algorithms with respect to reduct size, classifier’s performance and time complexity. RSKHT was found to be computationally attractive and flexible for massive datasets.

MODELLING OF AN INTRUSION DETECTION SYSTEM USING C4.5 MACHINE LEARNING ALGORITHM

2021 ◽  
Vol 4 (4) ◽  
pp. 454-459
Author(s):  
Oyenike Mary Olanrewaju ◽  
Faith Oluwatosin Echobu ◽  
Abubakar Mogaji
Keyword(s):  
Intrusion Detection ◽  
Security Policy ◽  
Learning Algorithm ◽  
Detection System ◽  
Knowledge Discovery In Databases ◽  
Protocol Violation ◽  
Detection Model ◽  
Software Applications ◽  
Detection Systems ◽  
Proposed Model

The increasing growth of wireless networking and new mobile computing devices has caused boundaries between trusted and malicious users to be blurred. The shift in security priorities from the network perimeter to information protection and user resources security is an open area for research which is concerned with the protection of user information’s confidentiality, integrity and availability. Intrusion detection systems are programs or software applications embedded in sophisticated devices to monitor the activities on networks or systems for security, policy or protocol violation or malicious activities detection. In this work, an intrusion detection model was proposed using C4.5 algorithm which was implemented with WEKA tool and RAPID MINER. The model showed good performance when trained and tested with validation techniques. Implementation of the proposed model was conducted on the Network Security Laboratory Knowledge Discovery in Databases (NSL-KDD) dataset, an improved version of KDD 99 dataset, which showed that the proposed model approach has an average detection rate of 99.62% and reduced false alarm rate of 0.38%.

scholarly journals A Review of Intrusion Detection Systems Using Machine and Deep Learning in Internet of Things: Challenges, Solutions and Future Directions

Electronics ◽  
2020 ◽  
Vol 9 (7) ◽  
pp. 1177
Author(s):  
Javed Asharf ◽  
Nour Moustafa ◽  
Hasnat Khurshid ◽  
Essam Debie ◽  
Waqas Haider ◽  
...  
Keyword(s):  
Deep Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Cyber Attacks ◽  
The Internet ◽  
Cyber Attack ◽  
Control Approach ◽  
Detection Systems ◽  
Desktop Computers ◽  
Iot Devices

The Internet of Things (IoT) is poised to impact several aspects of our lives with its fast proliferation in many areas such as wearable devices, smart sensors and home appliances. IoT devices are characterized by their connectivity, pervasiveness and limited processing capability. The number of IoT devices in the world is increasing rapidly and it is expected that there will be 50 billion devices connected to the Internet by the end of the year 2020. This explosion of IoT devices, which can be easily increased compared to desktop computers, has led to a spike in IoT-based cyber-attack incidents. To alleviate this challenge, there is a requirement to develop new techniques for detecting attacks initiated from compromised IoT devices. Machine and deep learning techniques are in this context the most appropriate detective control approach against attacks generated from IoT devices. This study aims to present a comprehensive review of IoT systems-related technologies, protocols, architecture and threats emerging from compromised IoT devices along with providing an overview of intrusion detection models. This work also covers the analysis of various machine learning and deep learning-based techniques suitable to detect IoT systems related to cyber-attacks.

Analysis of Intrusion Detection System

2011 ◽  
Vol 460-461 ◽  
pp. 451-454
Author(s):  
Yue Sheng Gu ◽  
Hong Yu Feng ◽  
Jian Ping Wang
Keyword(s):  
Information Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Model ◽  
Detection Systems ◽  
Detection Technology ◽  
Technology Concepts

Intrusion detection system is an important device of information security. This article describes intrusion detection technology concepts, classifications and universal intrusion detection model, and analysis of the intrusion detection systems weaknesses and limitations. Finally, some directions for future research are addressed.

Sign in / Sign up

Export Citation Format

Share Document