Journal Articles

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/19884

Browse

Filters

2023 - 20252

Settings

Has files: NoSubject: search.filters.subject.IDS

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    DNS Intrusion Detection (DID) — A SNORT-based solution to detect DNS Amplification and DNS Tunneling attacks
    (Elsevier B.V., 2023) Adiwal, S.; Rajendran, B.; Shetty D, P.S.; Sudarsan, S.D.
    Domain Name System (DNS) plays a critical role in the Internet ecosystem, translating numerical IP addresses to memorable domain names and vice versa. The malicious user targets DNS by taking advantage of vulnerabilities in DNS. The most complex attacks in the DNS attacks vector include Distributed Denial of Service (DDoS) based DNS amplification attacks and sophisticated DNS tunneling attacks. An Intrusion Detection System (IDS) is a solution available to monitor the traffic for intrusion in the network but not exclusively for DNS intrusions. In this research paper, we present – DNS Intrusion Detection (DID), a system integrated into SNORT – a prominent open-source IDS, to detect major DNS-related attacks. We developed novel IDS signatures for various tools used in the tunneling, amplification, and DoS attacks and added them to the existing ruleset file of IDS to detect DNS-based intrusions. Our approach successfully identifies empirical DNS attacks carried out by various known tools available over the Internet. Evaluation of DID showed a high detection rate and a very low false-positive rate. © 2023 The Author(s)
  • No Thumbnail Available
    Item
    Deep learning for network security: a novel GNN-LSTM-based intrusion detection model
    (Inderscience Publishers, 2025) Agrawal, V.K.; Rudra, B.
    The rise in the use of IoT devices in daily life has led to an increase in attacks, making it crucial to protect our devices and information. Intrusion detection system (IDS) is vital in preventing potential attacks. This paper presents a novel IDS architecture using a hybrid GNN-LSTM-based approach. Graph neural network (GNN) is used to extract information from graph-based data, while long short-term memory networks (LSTM) helps learn patterns in the extracted embeddings due to its ability to learn from long-term dependencies in data. We introduce a new mechanism for edge-classification using GNN, eliminating the need for node feature aggregation, followed by edge embedding classification using the LSTM model. We also provide a detailed comparison of our proposed model with state-of-the-art machine learning (ML) and deep learning (DL) algorithms for intrusion detection, demonstrating high accuracy. © © 2025 Inderscience Enterprises Ltd.