Review on anomaly based network intrusion detection system

Samrin, Rafath; Vasumathi, D.

doi:10.1109/iceeccot.2017.8284655

Cited by 105 publications

(47 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Anomaly-based detection technique utilizes the normal operational profiles of the system to detect malicious activities or events. Machine learning techniques were considered as the most innovative method in anomaly detection [18]. Efstathopolous et al [13] presented a comparative analysis of a supervised machine learning algorithm that includes One Class-SVM, Isolation Forest, Angle-Base Outlier (ABOD).…”

Section: Related Workmentioning

confidence: 99%

SGF-MD: Behavior Rule Specification-Based Distributed Misbehavior Detection of Embedded IoT Devices in a Closed-Loop Smart Greenhouse Farming System

et al. 2020

View full text Add to dashboard Cite

Smart farming is rapidly revolutionizing the agricultural sector where embedded Internet of Things (IoT) devices are integrated into the field to maintain or improve the quality of products as well as increase food production. Despite the tremendous benefits, various cybersecurity threats of IoT can also be inherited by the sector. In this paper, we propose a lightweight specification-based distributed detection to identify the misbehavior of heterogeneous embedded IoT nodes efficiently and effectively in a closed-loop smart greenhouse farming system. To expand the monitoring space of a node, we exploited the Kalman-filter algorithm and simple statistical operations to obtain estimates of data. Accordingly, this enables a monitoring node to assess a target node that has distinct physical characteristics and access to natural phenomena. Along with this, we derive the behavior-rules that are specific to the target system and carefully translate these rules into a state machine diagram. Besides, we formally verify the functional correctness of the monitoring processes as well as ensure that the behavior specifications are completely covered by using the model checker tool UPPAAL. Through extensive experimental simulation using Proteus, we verify its applicability to resource-constrained embedded devices, e.g., Arduino-Uno, as well as show high accuracy in detecting misbehaving nodes while having low false alarms.

show abstract

Section: Related Workmentioning

confidence: 99%

SGF-MD: Behavior Rule Specification-Based Distributed Misbehavior Detection of Embedded IoT Devices in a Closed-Loop Smart Greenhouse Farming System

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Standalone data analytics and machine learning methods are often combined into more advanced hybrid approaches, combining various methods including the use of hierarchical and layered models [4][5][6][7] and anomaly detection models [8,9] or enhancing the machine learning models with knowledge-based approaches [10,11]. The overall motivation of those approaches is usually aimed to provide the capability of detection of rare attacks without sacrificing the detection accuracy of the frequent ones and, on the other hand, minimizing the false alarm rate in such attacks.…”

Section: Related Workmentioning

confidence: 99%

Hierarchical Intrusion Detection Using Machine Learning and Knowledge Model

Sarnovský

Paralič

2020

Symmetry

View full text Add to dashboard Cite

Intrusion detection systems (IDS) present a critical component of network infrastructures. Machine learning models are widely used in the IDS to learn the patterns in the network data and to detect the possible attacks in the network traffic. Ensemble models combining a variety of different machine learning models proved to be efficient in this domain. On the other hand, knowledge models have been explicitly designed for the description of the attacks and used in ontology-based IDS. In this paper, we propose a hierarchical IDS based on the original symmetrical combination of machine learning approach with knowledge-based approach to support detection of existing types and severity of new types of network attacks. Multi-stage hierarchical prediction consists of the predictive models able to distinguish the normal connections from the attacks and then to predict the attack classes and concrete attack types. The knowledge model enables to navigate through the attack taxonomy and to select the appropriate model to perform a prediction on the selected level. Designed IDS was evaluated on a widely used KDD 99 dataset and compared to similar approaches.

show abstract

“…In computer network security, identifying the intrusion attacks is the most challenging issues. The methods of anomaly detection include predictive pattern generation, neural network, sequence matching, statistics and supervising [1]. IDS are becoming the main part for many organizations after deploying firewall technology at the network perimeter.…”

Section: Literature Surveymentioning

confidence: 99%

Intrusion Detection System using ELK Stack

Kumar¹

2019

IJRASET

View full text Add to dashboard Cite

Network security is an unavoidable scenario in present network driven world. with many new attacks emerging, securing these are tedious job, yet it developing drastically. with many tools and security system available, the need for more robust features and techniques is mandatory. For high end solution developing a customized tool is necessary, which will not only improve overall security system but also gives an easy monitoring ways. hence this paper aims to build a security system with intrusion detection using elk stack. the configuration, its advantages and disadvantages are mentioned.

show abstract

Review on anomaly based network intrusion detection system

Cited by 105 publications

References 33 publications

SGF-MD: Behavior Rule Specification-Based Distributed Misbehavior Detection of Embedded IoT Devices in a Closed-Loop Smart Greenhouse Farming System

SGF-MD: Behavior Rule Specification-Based Distributed Misbehavior Detection of Embedded IoT Devices in a Closed-Loop Smart Greenhouse Farming System

Hierarchical Intrusion Detection Using Machine Learning and Knowledge Model

Intrusion Detection System using ELK Stack

Contact Info

Product

Resources

About