ISM-AC: an immune security model based on alert correlation and software-defined networking

Melo, Roberto Vasconcelos; Macedo, Douglas Dyllon Jerônimo de; Kreutz, Diego; Benedictis, Alessandra De; Fiorenza, Maurício

doi:10.1007/s10207-021-00550-x

Cited by 8 publications

(3 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kodati et al (2023) described an ensemble framework of artificial immune system (AIS) based on network intrusion detection system [18]. Melo et al (2022) inspired by the human immune system and proposed an immune security model, ISM-AC, which based on alert correlation and software-defined networking [19]. Sanders et al (2019) mentioned in their research that traditional methods treat network security and public safety protection methods as independent of each other, managed by different departments, and responded to by different technical means [20].…”

Section: Introductionmentioning

confidence: 99%

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Lan,

Li,

Huang

et al. 2024

Preprint

View full text Add to dashboard Cite

The cyber physical systems of smart cities are facing increasingly severe attack situations, and traditional separate protection methods are difficult to effectively respond to. It is urgent to coordinate public security and network security protection. However, the integration of the two faces many challenges and is a very promising research field. The aim of this study is to investigate technical approaches for the synergy between public safety and cyber security. This paper proposes a smart city safety protection model inspired by the human immune mechanism. It was found that through a three line defense architecture similar to the human immune mechanism, and with the help of certain algorithms and functional middleware modules, public security and network security protection components can be dynamically combined to achieve collaboration. This work has verified through experiments a promising path to effectively resist complicated attack threats intertwined with public safety and cyber security factors.

show abstract

Section: Introductionmentioning

confidence: 99%

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Lan,

Li,

Huang

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Kodati et al (2023) described an ensemble framework of the artificial immune system (AIS) based on a network intrusion detection system [18]. Melo et al (2022) were inspired by the human immune system and proposed an immune security model, ISM-AC, which is based on alert correlation and software-defined networking [19]. Sanders et al (2019) mentioned in their research that traditional methods treat cybersecurity and public safety protection methods as independent of each other, managed by different departments, and responded to by different technical means [20].…”

Section: Introductionmentioning

confidence: 99%

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Lan,

Li,

Huang

et al. 2024

Electronics

View full text Add to dashboard Cite

The cyberphysical systems of smart cities are facing increasingly severe attack situations, and traditional separate protection methods are difficult to effectively respond to. It is urgent to coordinate public safety and cybersecurity protection. However, the integration of the two faces many challenges and is a very promising research field. The aim of this study is to investigate technical approaches for the synergy between public safety and cybersecurity. This paper proposes a smart city safety protection model inspired by the human immune mechanism. It was found that through a three-line defense architecture similar to the human immune mechanism, and with the help of certain algorithms and functional middleware modules, public safety and cybersecurity protection components can be dynamically combined to achieve collaboration. This work has verified through experiments a valuable path to effectively resist complicated attack threats intertwined with public safety and cybersecurity factors.

show abstract

“…Statistical traffic estimation-the main application of this estimation is to detect alerts, which are regularly repeated to find their repetition pattern. The patterns of occurred alerts are recognized, and the repetition pattern is derived based on the statistical data of each alert and detects the dissimilarity with these patterns in the future [51,52].…”

mentioning

confidence: 99%

Cyber-Attack Prediction Based on Network Intrusion Detection Systems for Alert Correlation Techniques: A Survey

Albasheer

Siraj

Mubarakali

et al. 2022

Sensors

View full text Add to dashboard Cite

Network Intrusion Detection Systems (NIDS) are designed to safeguard the security needs of enterprise networks against cyber-attacks. However, NIDS networks suffer from several limitations, such as generating a high volume of low-quality alerts. Moreover, 99% of the alerts produced by NIDSs are false positives. As well, the prediction of future actions of an attacker is one of the most important goals here. The study has reviewed the state-of-the-art cyber-attack prediction based on NIDS Intrusion Alert, its models, and limitations. The taxonomy of intrusion alert correlation (AC) is introduced, which includes similarity-based, statistical-based, knowledge-based, and hybrid-based approaches. Moreover, the classification of alert correlation components was also introduced. Alert Correlation Datasets and future research directions are highlighted. The AC receives raw alerts to identify the association between different alerts, linking each alert to its related contextual information and predicting a forthcoming alert/attack. It provides a timely, concise, and high-level view of the network security situation. This review can serve as a benchmark for researchers and industries for Network Intrusion Detection Systems’ future progress and development.

show abstract

ISM-AC: an immune security model based on alert correlation and software-defined networking

Cited by 8 publications

References 43 publications

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Immunity-Empowered Collaboration Security Protection for Mega Smart Cities

Cyber-Attack Prediction Based on Network Intrusion Detection Systems for Alert Correlation Techniques: A Survey

Contact Info

Product

Resources

About