Filters








281 Hits in 4.2 sec

Exploiting SNMP-MIB Data to Detect Network Anomalies using Machine Learning Techniques [article]

Ghazi Al-Naymat, Mouhammd Al-kasassbeh, Eshraq Al-Hawari
2018 arXiv   pre-print
So, there is a need for effective approaches, which can efficiently detect any intrusion in the network.  ...  This paper presents an efficient mechanism for network attacks detection and types of attack classification using the Management Information Base (MIB) database associated with the Simple Network Management  ...  Intrusion detection systems (IDSs) use various data records, collected from target computer or network, to examine them for detecting network attacks [4] .  ... 
arXiv:1809.02611v1 fatcat:ddhukhnafbdsfoehn3wjd3l27u

Attack based DoS attack detection using multiple classifier [article]

Mohamed Abushwereb, Muhannad Mustafa, Mouhammd Al-kasassbeh, Malik Qasaimeh
2020 arXiv   pre-print
As a countermeasure, intrusion detection systems equipped with machine learning classification algorithms were developed to detect anomalies in network traffic.  ...  The results show that most DOS attacks used nowadays can be detected with high accuracy using machine learning classification techniques based on features provided by SNMP-MIB.  ...  In paper [18] , SNMP MIB variable correlation was used for attack detection, the variables totaled to 16 and gathered from 6 groups.  ... 
arXiv:2001.05707v1 fatcat:wdd2xph43bdxlmfpdx7pq3nuxq

Co-operative Wireless Intrusion Detection System Using MIBs From SNMP

Ashvini Vyavhare
2012 International journal of network security and its applications  
It includes mobile agents for intrusion detection which uses SNMP (Simple network Management Protocol) and MIB (Management Information Base) variables for mobile wireless networks.  ...  Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System) methods.  ...  Khatavkar, the guide of the project for guiding and correcting us with attention and care. He has taken efforts to go through the project work and make necessary correction as and when needed.  ... 
doi:10.5121/ijnsa.2012.4211 fatcat:3i7sfq5ayzfodbpvzc3ztpapwq

An empirical evaluation for the intrusion detection features based on machine learning and feature selection methods [article]

Mouhammd Alkasassbeh
2017 arXiv   pre-print
There are many techniques designed for protection such as firewall and intrusion detection systems (IDS).  ...  Two types of anomalies are used in IDS to detect intrusive activities different from normal user behavior.  ...  They selected 16 MIB-II variables from 6 groups to be used for attacks detection.  ... 
arXiv:1712.09623v1 fatcat:6t5fnrlk4zh35gow4hvir4kgz4

Fuzzy Rule Interpolation and SNMP-MIB for Emerging Network Abnormality

Mohammad Almseidin, Mouhammd Al-kasassbeh, Szilveszter Kovacs
2019 International Journal on Advanced Science, Engineering and Information Technology  
This paper aims to introduce a detection approach for defining abnormality by using the Fuzzy Rule Interpolation (FRI) with Simple Network Management Protocol (SNMP) Management Information Base (MIB) parameters  ...  Therefore, combining the SNMP-MIB parameters with the FRI based reasoning could be beneficial for detecting intrusions, even in the case if the fuzzy rule-based intrusion definition is incomplete (not  ...  The dataset has 34 MIB variables from 5 MIB groups in MIB-II. The groups are IF, IP, TCP, UDP, and ICMP. The groups and their variables are listed inTable II. No.  ... 
doi:10.18517/ijaseit.9.3.7360 fatcat:epkw6sclwjcclc5zerhyrwn2rm

Detecting Network Anomalies using Rule-based machine learning within SNMP-MIB dataset [article]

Abdalrahman Hwoij, Mouhammd Al-kasassbeh, Mustafa Al-Fayoumi
2020 arXiv   pre-print
The findings have shown that the ICMP variables are implemented in the identification of ICMP attack, HTTP flood attack, and Slowloris at a high accuracy of approximately 99.7% using PART classifier.  ...  The detection model is built with five Rule-based machine learning classifiers (DecisionTable, JRip, OneR, PART and ZeroR).  ...  For the more accurate detection of network abnormalities, proper SNMP-MIB variables must be chosen as there is no single variable that captures all network abnormalities, minimizing the number of MIB variables  ... 
arXiv:2002.02368v1 fatcat:jdios5wb3vaqznztbfsgprzsyi

Fuzzy Rule Interpolation and SNMP-MIB for Emerging Network Abnormality [article]

Mohammad Almseidin, Mouhammd Alkasassbeh, Szilveszter Kovacs
2018 arXiv   pre-print
This paper aims to introduce a detection approach for defining abnormality by using the Fuzzy Rule Interpolation (FRI) with Simple Network Management Protocol (SNMP) Management Information Base (MIB) parameters  ...  Therefore, combining the SNMP-MIB parameters with the FRI based reasoning could be beneficial for detecting intrusions, even in the case if the fuzzy rule based intrusion definition is incomplete (not  ...  The dataset has 34 MIB variables from 5 MIB groups in MIB-II. The groups are IF, IP, TCP, UDP and ICMP. The groups and their variables are listed in No.  ... 
arXiv:1811.08954v1 fatcat:yxqzq3pxdbboleds6lu3ut3mwi

Network Attacks Anomaly Detection Using SNMP MIB Interface Parameters [article]

Ghazi Al-Naymatm, Ahmed Hambouz, Mouhammd Alkasassbeh
2019 arXiv   pre-print
Many approaches have evolved to enhance network attacks detection anomaly using SNMP-MIBs.  ...  In this paper we introduce an efficient detection model to detect network attacks anomaly using Lazy.IBk as a machine learning classifier and Correlation, and ReliefF as attribute evaluators on SNMP-MIB  ...  This SNMP-MIB dataset is composed of 4998 records for network anomaly detection. This dataset was actually based on SNMP variables collected from network devices in a test-bed real network.  ... 
arXiv:1906.00865v2 fatcat:fy2zvezxszhbndjzlzdrbadgb4

Anomaly detection in IP networks

M. Thottan, Chuanyi Ji
2003 IEEE Transactions on Signal Processing  
Network anomaly detection is a vibrant research area. Researchers have approached this problem using various techniques such as artificial intelligence, machine learning, and state machine modeling.  ...  Case studies from real network data that demonstrate the power of the signal processing approach to network anomaly detection are presented.  ...  Hood for their generous help with the campus data collection. They also acknowledge Lucent Technologies for providing data on the enterprise network and thank K.  ... 
doi:10.1109/tsp.2003.814797 fatcat:w2okudwwybc3xm37fgetykghsi

Anomaly Intrusion Detection Based on Hyper-ellipsoid in the Kernel Feature Space

2015 KSII Transactions on Internet and Information Systems  
To evaluate the performance of the proposed approach, we tested it with intrusion detection applications.  ...  Experimental results show the prominence of the proposed approach for anomaly detection compared with the standard SVDD.  ...  The 1998 DARPA Intrusion Detection Evaluation Program collected this dataset during a simulation using U.S. military networks [35] .  ... 
doi:10.3837/tiis.2015.03.019 fatcat:gjiqfla46nehdbj5dlzwtc4my4

Agent-Based Self-Adaptable Context-Aware Network Vulnerability Assessment

F. Jiang, Daoyi Dong, Longbing Cao, M. R. Frater
2013 IEEE Transactions on Network and Service Management  
Index Terms-Vulnerability assessment, threats awareness analysis, intrusion detection system (IDS), management information base (MIB), agent-based system.  ...  Immunology inspired computer security has attracted enormous attention as its potential impacts on the next generation service-oriented network operation system.  ...  TABLE I SOME I MATHMETICAL NOTATIONS USED IN THIS PAPER MV i,j Variable i of element j for Management Information Base (MIB) N j Number of MIB variables of element j S j (t) Symbols set for the MIB  ... 
doi:10.1109/tnsm.2013.090313.120388 fatcat:caotlnitnnbydlj24h4z5pvkb4

DOS and Brute Force Attacks Faults Detection Using an Optimised Fuzzy C-Means

Karwan Qader, Mo Adda
2019 2019 IEEE International Symposium on INnovations in Intelligent SysTems and Applications (INISTA)  
A central task in the detection of the attacks relies on MIB feature behaviours using the suggested SFCM method.  ...  It was concluded that the DOS and Brute Force fault detection results for three different clustering methods demonstrated that the proposed SFCM detected every data point in the related group.  ...  This study's objective is devising a process for detecting attacks and anomalies in the network through the use of datasets which incorporate the aspects of management information bases (MIB) variables  ... 
doi:10.1109/inista.2019.8778238 dblp:conf/inista/QaderA19 fatcat:5u3gmzwwxrchdm5jdygxpybmuq

An SNMP Agent for Stateful Intrusion Inspection [chapter]

Luciano Paschoal Gaspary, Edgar Meneghetti, Liane Rockenbach Tarouco
2003 Integrated Network Management VIII  
There is no Management Information Base (MIB) related to intrusion detection available.  ...  Intrusion Detection Systems employ either anomaly or signature analysis (misuse) to detect attacks.  ...  We have also run the agent on a small production network, characterized as follows: (a) IEEE 802.3 network running at 10 Mbps, (b) 10 hosts (connected to a hub) running Windows operating system and configured  ... 
doi:10.1007/978-0-387-35674-7_1 fatcat:5eojng4xgraelb6vy45h35xrcm

Collecting MIB Data from Network Managed by SNMP using Multi Mobile Agents [article]

Nisreen Madi, Mouhammd Alkasassbeh
2019 arXiv   pre-print
Network anomalies are destructive to networks. Intrusion detection systems monitor network component behavior to detect unusual activity (i.e., possible threats).  ...  Application-layer Simple Network Management Protocol (SNMP) has been used for decades via TCP/IP protocol to manage network devices.  ...  Since SNMP-MIB traditional methods are centralized, we used an MA solution to collect MIB data. The time needed to collect MIB data is very important in enhancing the intrusion detection efficiency.  ... 
arXiv:1909.02547v1 fatcat:zndgdmem6zeoljsypevpy7jidi

A Novel Hybrid Method for Network Anomaly Detection Based on Traffic Prediction and Change Point Detection

Mouhammd Alkasassbeh
2018 Journal of Computer Science  
This approach combines two methods: traffic prediction and changing detection. To the best of our knowledge, such a combination has never been used in this area before.  ...  Moreover, availability and performance are important issues for end users.  ...  Acknowledgement The authors feel greateful to the anonymous reviewer for their valuable comments and sugessions to improve the quality of paper and would like to thank them from core of the heart.  ... 
doi:10.3844/jcssp.2018.153.162 fatcat:i4kpohxa6jgz5egvo4p4zov4ky
« Previous Showing results 1 — 15 out of 281 results