57,862 Hits in 3.8 sec

Enhanced Correlation in an Intrusion Detection Process [chapter]

Salem Benferhat, Fabien Autrel, Frédéric Cuppens
2003 Lecture Notes in Computer Science  
Generally, the intruder must perform several actions, organized in an intrusion scenario, t o a c hieve his or her malicious objective.  ...  When an intruder begins his intrusion, we can deduce, from the alerts generated by IDSs, several possible scenarios, by correlating attacks, that leads to multiple intrusion objectives.  ...  Section 4 presents the weighted correlation approach. 2 Modelling the intrusion In order to model the intrusion process, we extend the material de ned in CM02].  ... 
doi:10.1007/978-3-540-45215-7_13 fatcat:okqkcx4xp5dypg5weuqusl5wya

Towards Improved Random Forest based Feature Selection for Intrusion Detection in Smart IOT Environment

In this investigation, Kaggle dataset is measured as benchmark dataset for detecting intrusion is considered initially. These dataset includes 41 essential attributes for intrusion identification.  ...  Henceforth, feature extraction using machine learning approaches for modelling of Intrusion detection system (IDS) have been cast off for identification of threats in IoT devices.  ...  This work defines a pre-processing phase of an intrusion detection system using anticipated IW-RFI method. 3.  ... 
doi:10.35940/ijitee.f1446.0981119 fatcat:3pwdo5khtnam3imeazb4xr7pzy

Intrusion detection and Big Heterogeneous Data: a Survey

Richard Zuech, Taghi M Khoshgoftaar, Randall Wald
2015 Journal of Big Data  
Attempts to use more heterogeneous data sources pose an even greater Big Data challenge. Big Data technologies for Intrusion Detection can help solve these Big Heterogeneous Data challenges.  ...  Intrusion Detection has been heavily studied in both industry and academia, but cybersecurity analysts still desire much more alert accuracy and overall threat analysis in order to secure their systems  ...  In these studies, a prevailing theme is that more diverse heterogeneous sources will enhance Intrusion Detection capabilities through event correlation and a better comprehension of situational awareness  ... 
doi:10.1186/s40537-015-0013-4 fatcat:gkwznr3t5naznhc56nwkikimpm

OSCIDS: An Ontology based SCADA Intrusion Detection Framework

Abdullah Al Balushi, Kieran McLaughlin, Sakir Sezer
2016 Proceedings of the 13th International Joint Conference on e-Business and Telecommunications  
This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system.  ...  The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data.  ...  An ontology can provide several advantages and enables enhanced information analysis to the intrusion detection task.  ... 
doi:10.5220/0005969803270335 dblp:conf/secrypt/BalushiMS16 fatcat:cbxqpqjfnra5vdbnul25kngggq

Optimizing the Effectiveness of Intrusion Detection System by using Pearson Correlation and Tune Model Hyper Parameter on Microsoft Azure Platform

Fuad Mat Isa
2020 International Journal of Advanced Trends in Computer Science and Engineering  
The findings show that the implementation of classifier algorithm and Pearson correlation for an intrusion detection system has been able to improve the effectiveness of intrusion detection system in terms  ...  This paper studies the effectiveness of implementing classifier algorithm and Pearson correlation for an intrusion detection system.  ...  The proposed method, Pearson Correlation with further enhancement by Tune Model Hyperparameter were designed to improve traditional IDS systems in terms of accuracy, detection rate, and building normal  ... 
doi:10.30534/ijatcse/2020/1991.32020 fatcat:rm6r7lx6sjhjtdubvpaqhaqcsu

Alert Correlation for Cyber-Manufacturing Intrusion Detection

Mingtao Wu, Young Moon
2019 Procedia Manufacturing  
In this context, capacity optimization goes beyond the traditional aim of capacity maximization, contributing also for organization's profitability and value.  ...  The study of capacity optimization and costing models is an important research topic that deserves contributions from both the practical and theoretical perspectives.  ...  method defined, an alert correlation process provides a high-level view on the correlating process in a CMS environment.  ... 
doi:10.1016/j.promfg.2019.06.197 fatcat:uprffw3rbfe35ljhtkipuuseze

Improving the Performance of Intrusion Detection System using Machine Learning based Approaches

2020 International Journal of Emerging Trends in Engineering Research  
In this paper importance of machine learning is discussed because of the betterment of the intrusion detection system.  ...  Using a Machine learning Intrusion detection system can make it more efficient and capable to detect new attack patterns by self-learning or acquiring knowledge.  ...  In Data Set Pre Processing, all Non-Numeric and Symbolic Features are removed or exchanged as they don't have any major part to play in the process of Intrusion Detection.  ... 
doi:10.30534/ijeter/2020/09892020 fatcat:x7og7inxjvantgfdjg52qwzvt4

A Distributed Real-Time Event Correlation Architecture for SCADA Security [chapter]

Yi Deng, Sandeep Shukla
2013 IFIP Advances in Information and Communication Technology  
This paper proposes an innovative event correlation mechanism for cyber threat detection, which engages a semantic event hierarchy.  ...  The architecture employs a publish/subscribe mechanism, which decentralizes limited computing resources to distributed field agents in order to enhance real-time attack detection while limiting unnecessary  ...  In traditional information technology (IT) systems, intrusion detection systems (IDSs) are deployed to detect network-borne attacks.  ... 
doi:10.1007/978-3-642-45330-4_6 fatcat:7bfefo7hn5ejnn6llirzvdqzym

Anomalies Correlation for Risk-Aware Access Control Enhancement

Pierrette Annie Evina, Faten Labbene Ayachi, Faouzi Jaidi, Adel Bouhoula
2018 Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering  
This system must detect and analyze the correlation between anomalies since we believe that handling correlations between anomalies can reveal sophisticated intrusion scenarios in DBMS.  ...  CORMSYS is composed of four main parts: (i) the Correlation Definition and Analysis subsystem; (ii) the Users Tracking subsystem; (iii) the Intrusion Scenario Identification subsystem and (iv) the Illegal  ...  A correlation between anomalies underlies an elaborate scenario of policy corruption and therefore an elaborate scenario of intrusion.  ... 
doi:10.5220/0006766802990304 dblp:conf/enase/EvinaAJB18 fatcat:bmntox3ma5dg3jdrrbqdtrs3fq

Hybridized Design For Feature Optimization and Reduction of Intrusion Detection Systems Alert in a Correlation Framework

Macarthy Osuo-Genseleke, Ojekudo Nathaniel
2020 International Journal of Innovative Science and Research Technology  
The Intrusion Detection System (IDS) produces a large number of alerts.  ...  An improved hybridized model was developed to assess and reduce IDS alerts using the combination of the Genetic Algorithm (GA) and Support Vector Machine (SVM) Algorithm in a correlation framework.  ...  INTRUSION DETECTION SYSTEM Intrusion Detection System (IDS) plays an important key role in information security in that, it detects intrusions by using the audit data creäted by systems.  ... 
doi:10.38124/ijisrt20jul783 fatcat:j7hgqa2bkjethphjx2dmk6mqda

A Blacklist Process Model to Enhance the IDS Using Similarity Measurements

Enas Ayman Al-Utrakchi, Mohammad Rasmi Al-Mousa
2015 Journal of Internet Technology and Secured Transaction  
Nowadays, Intrusion Detection Systems (IDSs) are used as main security perspective in order to detect any breaches and to measures security level for most of the organizations.  ...  The purpose of this paper is to introduce a new blacklist model in order to enhance the accuracy of the IDS.  ...  Most intrusion analysis approaches are based on alert correlation techniques.  ... 
doi:10.20533/jitst.2046.3723.2015.0052 fatcat:dv4y5hrcqfg6rgwjtkhmtrxk4e

Integrated Intrusion Detection Approach for Cloud Computing

C. Ambikavathi, S. K. Srivatsa
2016 Indian Journal of Science and Technology  
Objectives: Intrusion Detection System (IDS) models and methods are integrated for better detection of intruders and mitigation of false alarms.  ...  Integrated IDS is proposed to provide security in a cloud environment.  ...  Here Snort is installed in an intrusion detection mode. New rules are updated in the snort knowledge base while new attacks detected.  ... 
doi:10.17485/ijst/2016/v9i22/95170 fatcat:3eh655jbtragvlfqclpk2dkf2i

A collaborative framework for intrusion detection (C-NIDS) in Cloud computing

Zayed Al Haddad, Mostafa Hanoune, Abdelaziz Mamouni
2016 2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech)  
In order to solve these problems, we propose a Collaborative Network Intrusion Detection System (C-NIDS) to detect network attacks in Cloud by monitoring network traffic, while offering high accuracy by  ...  addressing newer challenges, namely, intrusion detection in virtual network, monitoring high traffic, scalability and resistance capability.  ...  For this, the intrusion detection systems (IDS) come into play. It serves to automating the process of intrusion detection.  ... 
doi:10.1109/cloudtech.2016.7847708 fatcat:ppx3j7pbabfcrd2snoyfvvxuha

Enhancing Collaborative Intrusion Detection Methods Using a Kademlia Overlay Network [chapter]

Zoltán Czirkos, Gábor Hosszú
2012 Lecture Notes in Computer Science  
The two important problems of collaborative intrusion detection are aggregation and correlation of intrusion events.  ...  In this article we show that a distributed hash table based approach can reduce both network and computational load of intrusion detection, while providing almost the same accuracy of detection as centralized  ...  The work reported in the paper has been developed in the framework of the project "Talent care and cultivation in the scientific workshops of BME".  ... 
doi:10.1007/978-3-642-32808-4_6 fatcat:tohgx4hv3rd73o4fah3bg3lm6i

Intrusion Monitoring in Process Control Systems

Alfonso Valdes, Steven Cheung
2009 2009 42nd Hawaii International Conference on System Sciences  
Also, we leverage some of the characteristics of process control systems such as the regularity of network traffic patterns to perform intrusion detection, with the potential to detect unknown attacks.  ...  To protect process control networks from cyber intrusions, preventive security measures such as perimeter defenses (for example, network firewalls and demilitarized zones) and secure versions of process  ...  This report was prepared as an account of work sponsored by an agency of the United States Government.  ... 
doi:10.1109/hicss.2009.273 dblp:conf/hicss/ValdesC09 fatcat:p2cvzzjhv5hp7hmgwxu6droe4e
« Previous Showing results 1 — 15 out of 57,862 results