Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2023 - 20254

Settings

Has files: NoSubject: search.filters.subject.IDS

Search Results

Now showing 1 - 4 of 4
  • No Thumbnail Available
    Item
    A Survey on Threat Intelligence Techniques for Constructing, Detecting, and Reacting to Advanced Intrusion Campaigns
    (Springer, 2023) Anand, A.; Singhal, M.; Guduru, S.; Chandavarkar, B.R.
    The rise of intrusion has increased the need for cybersecurity in various organizations. A set of these intrusions by an adversary against a particular organization are called intrusion campaigns. Threat intelligence techniques help detect and respond to intrusion attempts and help organizations set up a framework that can secure their services and interests. This chapter surveys different parameters and resources required to construct such a threat intelligence technique for an organization. Furthermore, the chapter discusses the various cases and models of an Intrusion Detection System (IDS) and Intrusion Response System (IRS) along with their comparison using the security resources collected during the construction of a Threat Intelligence model. All of this combined forms the threat intelligence technique. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
  • No Thumbnail Available
    Item
    YARS-IDS: A Novel IDS for Multi-Class Classification
    (Institute of Electrical and Electronics Engineers Inc., 2023) Madwanna, Y.; Annappa, B.; Rashmi Adyapady, R.; Sneha, H.R.
    An Intrusion Detection System (IDS) is a defence system that provides safety and security against different threats and attacks, acting as a wall of defence against attackers. As internet usage increases, IDSs are becoming an essential part of day-to-day life. Various Machine Learning (ML) and Deep Learning (DL) based IDS are available, and the domain of IDS is still evolving and growing. Here this paper proposes two DL-based IDSs, first is a combination of LuNet and Bidirectional LSTM (Bi-LSTM) and other is a combination of Temporal Convolutional Network (TCN), CNN and Bi-LSTM. Such IDS must be fed with an efficient number of samples to keep them updated and accurate. The first model has been trained and tested against two benchmark datasets, NSL-KDD and UNSW-NB15. The second model has been trained and tested against the NSL-KDD dataset. To overcome the insufficient number of samples, the models have used a technique called Synthetic Minority Oversampling Technique (SMOTE). These models provided better experimental outcomes than traditional ML-based approaches and many DL approaches. They have better results in classification accuracy and, detection rate. The classification accuracy of the first model for UNSW-NB15 and NSL-KDD is 82.19% and 98.87% respectively. The classification accuracy of the second model for NSL-KDD is 98.8%. © 2023 IEEE.
  • No Thumbnail Available
    Item
    DNS Intrusion Detection (DID) — A SNORT-based solution to detect DNS Amplification and DNS Tunneling attacks
    (Elsevier B.V., 2023) Adiwal, S.; Rajendran, B.; Shetty D, P.S.; Sudarsan, S.D.
    Domain Name System (DNS) plays a critical role in the Internet ecosystem, translating numerical IP addresses to memorable domain names and vice versa. The malicious user targets DNS by taking advantage of vulnerabilities in DNS. The most complex attacks in the DNS attacks vector include Distributed Denial of Service (DDoS) based DNS amplification attacks and sophisticated DNS tunneling attacks. An Intrusion Detection System (IDS) is a solution available to monitor the traffic for intrusion in the network but not exclusively for DNS intrusions. In this research paper, we present – DNS Intrusion Detection (DID), a system integrated into SNORT – a prominent open-source IDS, to detect major DNS-related attacks. We developed novel IDS signatures for various tools used in the tunneling, amplification, and DoS attacks and added them to the existing ruleset file of IDS to detect DNS-based intrusions. Our approach successfully identifies empirical DNS attacks carried out by various known tools available over the Internet. Evaluation of DID showed a high detection rate and a very low false-positive rate. © 2023 The Author(s)
  • No Thumbnail Available
    Item
    Deep learning for network security: a novel GNN-LSTM-based intrusion detection model
    (Inderscience Publishers, 2025) Agrawal, V.K.; Rudra, B.
    The rise in the use of IoT devices in daily life has led to an increase in attacks, making it crucial to protect our devices and information. Intrusion detection system (IDS) is vital in preventing potential attacks. This paper presents a novel IDS architecture using a hybrid GNN-LSTM-based approach. Graph neural network (GNN) is used to extract information from graph-based data, while long short-term memory networks (LSTM) helps learn patterns in the extracted embeddings due to its ability to learn from long-term dependencies in data. We introduce a new mechanism for edge-classification using GNN, eliminating the need for node feature aggregation, followed by edge embedding classification using the LSTM model. We also provide a detailed comparison of our proposed model with state-of-the-art machine learning (ML) and deep learning (DL) algorithms for intrusion detection, demonstrating high accuracy. © © 2025 Inderscience Enterprises Ltd.