Detection and Recognition of Atomic Evasions Against Network Intrusion Detection/Prevention Systems

Jin, Jia; Kehua, Chen; Jia, Chen; Zhou, Dengwen; Ma, Wei

doi:10.1109/access.2019.2925639

Cited by 9 publications

(2 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The techniques for detecting intrusions are divided into three categories: misuse, anomaly, and hybrid model [6,11,18,19,23,25,29,32,38,41] . The misuse detection establishes patterns of illegal conduct, referred to as signatures, in particular to foresee and identify later attempts that would be similar.…”

Section: Related Research Workmentioning

confidence: 99%

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

D. Rajagopal

2023

IJRITCC

View full text Add to dashboard Cite

Objectives: The objective of the paper is to discuss the proposed dynamic software model to detect and prevent intrusion in the cloud network. Methods: The Behavior Profiling Algorithm (BPA) has been used to detect the intrusion in cloud network. For finding the intruder in the network the Event Log Entries and the network Unique Identification Address (UIA) has been fetched from the server and then the collected attribute values have been transferred to prevention module. In the prevention module the dynamic statistical approach model has been used to prevent the network systems and data which are available in the Cloud Network. Findings: For testing the proposed model the 100 cloud network systems were taken and based on the loss of packets (in MB) ranges the samples were classified as 0-100, 101-200, 201-300, 301-400, 401-500, 501-600, 601-700 respectively. The range of data loss is assumed to be an interval of 100 Mbps. It is assumed that the higher the data loss ranges, the more data is lost. The mean, variance, and standard deviation were calculated to verify the data loss ranges. The mean (average) of the data loss in the ranges 0-100 is 060.77 and the mean in the ranges 101-200 is 144.714 data losses, which gradually increases in proportion to the data loss ranges, and in the ranges 601-700 it is 665.769 data losses. From the statistical approach model, the differences between mean and variance indicated that the intruder attacked the files during the data transformation in the network. Therefore, the administrator has to monitor the warning message from the proposed IPS model and get data packet losses in the transformation. If the frequency of data loss is low, the administrator can assume that the data flow is low due to network problems. On the other hand, if the frequency of data loss in the network system is high, he can block the transformation and protect the data file. This paper concludes that the behavioral profiling algorithm combined with a statistical model achieves an efficiency of over 96% in wired networks, over 97.6% in wireless networks, and over 98.7% in cloud networks. Novelty: In the previous paper discussed the approach which has been implemented with 40 nodes and the result of the proposed algorithm produced above 90%, 96% and 98% in the wired, wireless and cloud network respectively. Now, the model has been implemented with 100 nodes the result has been increased. This study concluded that, the efficient algorithm to detect the intrusion is behaviour profiling algorithm, while join with the statistical approach model, it produces efficient result.

show abstract

Section: Related Research Workmentioning

confidence: 99%

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

D. Rajagopal

2023

IJRITCC

View full text Add to dashboard Cite

show abstract

“…2) Access control technologies, including firewall technology, Discretionary Access Control (DAC), Mandatory Access Control (MAC) [9], Role-Based Access Control (RBAC) [10], [11], Attribute-Based Access Control (ABAC) [12], etc. 3) Security monitoring technology, including intrusion detection and prevention systems [13], [14], biometrics [15], honeypot technology [16], information filtering, and more. Although technologies are emerging in an endless stream, they are generally limited by the following deficiencies.…”

Section: Introductionmentioning

confidence: 99%

A Smart Collaborative Authentication Framework for Multi-Dimensional Fine-Grained Control

Liu

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The emergence of the 5G network has brought broad prospects for the massive terminal access and ubiquitous Internet of Things (IoTs). Potential attacking opportunities triggered by this progress are severely impacting the security fortress of current networks, especially in the edge access part. However, due to the unitary protection and inferior isolation, available security schemes are incapable of effectively eliminating these hidden perils. Motivated by these facts, we propose a Multi-dimensional Fine-grained Control (MFC) framework to strengthen safety and reliability in Radio Access Networks (RANs). First, we comprehensively survey and summarize the existing security schemes to grasp respective effects and limitations. Second, the MFC framework is established to describe the model structure and implementation processes. An identifier mapping mechanism is designed to achieve network isolation. We perform the security analysis of MFC by theoretically comparing diversified policies. Third, an integrated set of the authentication prototype system is created with wireless environment parameters settings. Specific verification scenarios are illustrated. Finally, we test the performances of the MFC framework. Validation results demonstrate that the proposed scheme can accomplish reliable security control at the access side. Comparing to multiple schemes, the performances, in terms of time and concurrency, are optimized. Therefore, the MFC framework is feasible for applications in 5G or IoT.

show abstract

Using Partial Signatures in Intrusion Detection for Multipath TCP

et al. 2019

View full text Add to dashboard Cite

Detection and Recognition of Atomic Evasions Against Network Intrusion Detection/Prevention Systems

Cited by 9 publications

References 28 publications

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

A Smart Collaborative Authentication Framework for Multi-Dimensional Fine-Grained Control

Using Partial Signatures in Intrusion Detection for Multipath TCP

Contact Info

Product

Resources

About