|
|
|
 |
Search published articles |
 |
|
Showing 5 results for Intrusion Detection
Narges Salehpour, Mohammad Nazari Farokhi, Ebrahim Nazari Farokhi,
Volume 3, Issue 2 (3-2015)
Abstract
Abstract One of the most important issues in securing computer networks is an Intrusion Detection System. Intrusion detection systems are searching for malicious behavior, deviation normal patterns and attacks on computer networks are discovered. This system recognizes the type of traffic allowed for unauthorized traffic. Since the today's data mining techniques to intrusion detection in computer networks are used. In this research is provided, a method for designing an intrusion detection system based on machine learning. One of the features of neural networks and machine learning systems, training is based on the training data. In this research is used for detecting the intrusion of machine learning to learn the features of the theory of Rough property that has a higher correlation coefficient is used. To train and evaluate has used the proposed approach the KDD CUP 99 dataset. This study, the accuracy of our method compares with feature-based learning algorithm, neural network self and decision tree. The simulation results show that the proposed system has high accuracy and speed of detection based on rough theory is right
Javad Moradi, Majid Ghayoori Sales,
Volume 7, Issue 2 (3-2019)
Abstract
Data is one of the most valuable assets in today's world and is used in the everyday life of every person and organization. This data stores in a database in order to restore and maintain its efficiently. Since there is a database that can be exploited by SQL injection attacks, internal threats, and unknown threats, there are always concerns about the loss or alteration of data by unauthorized people. To overcome these concerns, there are several security layers between the user and the data in the network layer, host, and database. For instance, security mechanisms, including firewall, data encryption, intrusion detection systems, etc., are used to prevent infiltration. Database Intrusion Detection System uses a variety of data mining techniques to detect abnormalities and detect malicious and intrusive activities. In this paper, a category of intrusion detection techniques is presented first in the database, and a review of the general algorithms for intrusion detection in databases is demonstrated. Since signature-based methods are elder and less complex and less diverse, the main focus of this paper is on behavioral methods.
Mohammad Darvishi, Majid Ghayoori,
Volume 8, Issue 2 (2-2020)
Abstract
Intrusion detection systems are responsible for diagnosing and detecting any unauthorized use of the system, exploitation or destruction, which is able to prevent cyber-attacks using the network package analysis. one of the major challenges in the use of these tools is lack of educational patterns of attacks on the part of the engine analysis; engine failure that caused the complete training, the result is in production of high volumes of false warnings. On the other hand, the high level of intrusion detection training time will cause a significant delay in the training system. Therefore, in the analysis section of the intrusion detection system, we need to use an algorithm that shows significant performance with the least educational data, hidden Markov model is one of these successful algorithms in this field.
This Research also is trying to provide a misuse based intrusion detection solution with the focus of the evolutionary Hidden Markov model, the EHMM, which is designed to overcome the challenges posed. The most important part of hidden Markov model is to adjust the values of the parameters, the more adjusted values, optimal values would be more effective. The hidden Markov model is more likely to predict the probability of future values. Therefore, it has been trying to end the mail based on the causative analysis of NSL data sets-KDD using evolutionary programming algorithm for hidden Markov model for the optimal parameters and sort of teach it. Then, using it, the types of attacks in the dataset were identified. To evaluate the success rate in improving the accuracy percentage EHMM proposal intrusion detection, MATLAB System simulation environment has been implemented. The results of the investigation show fitted, EHMM plan, the percentage of the average is 87% of intrusion detection (if hidden Markov model is used normal) to over 92% (in the case of the hidden Markov model using evolutionary) increases. Also after training the training data in both methods based on conventional and evolutionary Markov model, the time of the target system for a training data set is approximately two hundred thousand record from low average of 489 minutes to more than 400 minutes has been dropped in the proposed method. This outcome achievement and making it operational on intrusion detection for the native system, can cause a defensive improvement which can be fitted in front of the other country for hostile cyber.
Masoud Mohammadalipour, Saeed Shokrollahi,
Volume 9, Issue 1 (8-2020)
Abstract
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review of various studies shows that in order to eliminate vulnerabilities, we need to combine appropriate defense solutions with the distributed Software Defined Network structure. Therefore, in this study, a general classification of the types of defense solutions against the above attack is presented. Then, while classifying the intrusion detection solutions into two threshold and non-threshold categories, we examined some practical examples of the above solutions. We conclude that the threshold of intrusion detection method exacerbates the vulnerability, and we are required to use non-threshold defense solutions with flat distributed software defined network architecture.
Seyed Omid Azarkasb, Seyed Hossein Khasteh, Saeed Sedighian Kashi,
Volume 11, Issue 1 (9-2022)
Abstract
Fog is a cloud that closes to the ground. The components of fog and cloud complement each other. These components provide mutually beneficial interdependent services for communication, processing, control, and storage across the network. Attacking the fog nodes are as important as attacking the cloud. Since the fog node has more limited resources, it is more targeted by intruders. In addition, fog nodes are more attractive to attackers because they have less computing power and are located closer to the attacker than the cloud. But the key point is that access to limited resources makes it easier to save the fog node because the fog does not have the complexities of the cloud, and it is easy to run an intrusion detection system on it. In this article, focusing on the resource limitation in the fog node, we will invent a method to save the fog node. In the proposed method, the support vector machines (SVMs) technique is used. Among the advantages of using the support vector machine, we can mention not being trapped in local optima, solving the over fitting problem, and ease of working with high-dimensional data. Based on the research, support vector machine is the most widely used machine learning method for Internet of Things security articles in the literature. In this article, in order to conduct tests, according to published global statistics, the most important category of web attacks, i.e. SQL injection attacks, is considered. The average detection accuracy is obtained and the results of the evaluations indicate the acceptable efficiency of the proposed method.
|
|
