Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Subject: search.filters.subject.Anomaly detection

Search Results

Now showing 1 - 10 of 18
  • No Thumbnail Available
    Item
    Deep learning architecture for big data analytics in detecting intrusions and malicious URL
    (Institution of Engineering and Technology, 2019) Harikrishnan, N.B.; Ravi, R.; Padannayil, K.P.; Poornachandran, P.; Annappa, A.; Alazab, M.
    Security attacks are one of the major threats in today’s world. These attacks exploit the vulnerabilities in a system or online sites for financial gain. By doing so, there arises a huge loss in revenue and reputation for both government and private firms. These attacks are generally carried out through malware interception, intrusions, phishing uniform resource locator (URL). There are techniques like signature-based detection, anomaly detection, state full protocol to detect intrusions, blacklisting for detecting phishing URL. Even though these techniques claim to thwart cyberattacks, they often fail to detect new attacks or variants of existing attacks. The second reason why these techniques fail is the dynamic nature of attacks and lack of annotated data. In such a situation, we need to propose a system which can capture the changing trends of cyberattacks to some extent. For this, we used supervised and unsupervised learning techniques. The growing problem of intrusions and phishing URLs generates a need for a reliable architectural-based solution that can efficiently identify intrusions and phishing URLs. This chapter aims to provide a comprehensive survey of intrusion and phishing URL detection techniques and deep learning. It presents and evaluates a highly effective deep learning architecture to automat intrusion and phishing URL Detection. The proposed method is an artificial intelligence (AI)-based hybrid architecture for an organization which provides supervised and unsupervised-based solutions to tackle intrusions, and phishing URL detection. The prototype model uses various classical machine learning (ML) classifiers and deep learning architectures. The research specifically focuses on detecting and classifying intrusions and phishing URL detection. © The Institution of Engineering and Technology 2020.
  • No Thumbnail Available
    Item
    Machine Learning Based Data Quality Model for COVID-19 Related Big Data
    (Springer Science and Business Media Deutschland GmbH, 2022) Kumar, P.V.; Chandrashekar, A.; Chandrasekaran, K.
    Big Data is being used in various aspects of technology. The quality of the data being used is essential and needs to be accurate, reliable, and free of defects. The difficulty in improving the quality of big data can be overcome by leveraging computing resources and advanced techniques. In this paper, we propose a solution that utilizes a machine learning (ML) model combined with a data quality model to improve the quality of data. An auto encoder neural network that detects the anomalies in the data is used as the Machine Learning model. This is followed by using the data quality model to ensure the data meets appropriate data quality characteristics. The results obtained from our solution show that the quality of data can be improved efficiently and effortlessly which in turn aids researchers to achieve better results. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
  • No Thumbnail Available
    Item
    A two-tier network based intrusion detection system architecture using machine learning approach
    (Institute of Electrical and Electronics Engineers Inc., 2016) Divyatmika; Sreekesh, M.
    Intrusion detection systems are systems that can detect any kind of malicious attacks, corrupted data or any kind of intrusion that can pose threat to our systems. In our paper, we would like to present a novel approach to build a network based intrusion detection system using machine learning approach. We have proposed a two-tier architecture to detect intrusions on network level. Network behaviour can be classified as misuse detection and anomaly detection. As our analysis depends on the network behaviour, we have considered data packets of TCP/IP as our input data. After, pre-processing the data by parameter filtering, we build a autonomous model on training set using hierarchical agglomerative clustering. Further, data gets classified as regular traffic pattern or intrusions using KNN classification. This reduces cost-overheads. Misuse detection is conducted using MLP algorithm. Anomaly detection is conducted using Reinforcement algorithm where network agents learn from the environment and take decisions accordingly. The TP rate of our architecture is 0.99 and false positive rate is 0.01. Thus, our architecture provides a high level of security by providing high TP and low false positive rate. And, it also analyzes the usual network patterns and learns incrementally (to build autonomous system) to separate normal data and threats. © 2016 IEEE.
  • No Thumbnail Available
    Item
    Identifying Provenance of Information and Anomalous Paths in Attributed Social Networks
    (Institute of Electrical and Electronics Engineers Inc., 2018) Trivedi, H.; Bindu, P.V.; Santhi Thilagam, P.S.
    Information provenance problem is an important and challenging problem in social network analysis and it deals with identifying the origin or source of information spread in a social network. In this paper, an approach for detecting the source of an information spread as well as suspicious anomalous paths in a social network is proposed. An anomalous path is a sequence of nodes that propagates an anomalous information to the given destination nodes who cause an anomalous event. The proposed approach is based on attribute-based anomalies and information cascading technique. The anomalous paths are identified in two steps. The first step assigns an anomalous score to each and every vertex in the given graph based on suspicious attributes. The second step detects the source and suspicious anomalous paths in the network using the anomaly scores. The approach is tested on datasets such as Enron and Facebook to demonstrate its effectiveness. Detecting anomalous paths is useful in several applications including identifying terrorist attacks communication path, disease spreading pattern, and match-fixing hidden path between bookie and a cricketer. © 2018 IEEE.
  • No Thumbnail Available
    Item
    Anomaly-Based NIDS Using Artificial Neural Networks Optimised with Cuckoo Search Optimizer
    (Springer Verlag service@springer.de, 2019) Rithesh, K.
    Anomaly detection in network traffic is one of the major concerns for the researches and the network administrators. Presence of anomalies in network traffic could indicate a possible intrusion on the network, increasing the need for a fast and reliable network intrusion detection system (NIDS). A novel method of using an artificial neural network (ANN) optimised with Cuckoo Search Optimizer (CSO) is developed in this research paper to act as network monitoring and anomaly detection system. Two subsets of the KDD Cup 99 dataset have been considered to train and test our model, one of 2000 instances and the other of 10,000 instances, along with the complete dataset of 61,593 instances and I have compared the result with the BCS-GA algorithm and the fuzzy K-means clustering algorithm optimised with PSO in terms of precision, recall and f1-score, and the training time for the model with the selected database instances. © 2019, Springer Nature Singapore Pte Ltd.
  • No Thumbnail Available
    Item
    Graph based Unsupervised Learning Methods for Edge and Node Anomaly Detection in Social Network
    (Institute of Electrical and Electronics Engineers Inc., 2019) Venkatesan, M.; Prabhavathy, P.
    In the last decade online social networks analysis has become an interesting area of research for researchers, to study and analyze the activities of users using which the user interaction pattern can be identified and capture any anomalies within an user community. Detecting such users can help in identifying malicious individuals such as automated bots, fake accounts, spammers, sexual predators, and fraudsters. An anomaly (outliers, deviant patterns, exceptions, abnormal data points, malicious user) is an important task in social network analysis. The major hurdle in social networks anomaly detection is to identify irregular patterns in data that behaves significantly different from regular patterns. The focus of this paper is to propose graph based unsupervised machine learning methods for edge anomaly and node anomaly detection in social network data. © 2019 IEEE.
  • No Thumbnail Available
    Item
    Robust graph based deep anomaly detection on attributed networks
    (Institute of Electrical and Electronics Engineers Inc., 2021) Daniel, G.; M.Venkatesan
    Anomalous users’ identification on attributed social networks involves finding users whose profile characteristics go amiss fundamentally from the greater part of reference profiles both in terms of network structure and node attributes as well. Most of the existing methods uses graph convolutional networks (GCN) to generate latent representation of nodes for various tasks like node classification, link prediction and anomaly detection. This method primarily represents every node as the aggregate of its neighbouring node’s features. But it has a problem that (i) the representation of normal node is affected by the presence anomalous neighbour nodes and as a result, even normal nodes are considered as anomalous and (ii) anomalous nodes go undetected as their representation is flattened by aggregate operation. To overcome this problem, we propose a robust anomaly detection(RAD) method to better handle the anomaly detection task. weighted aggregate mechanism is employed to distinguish between node’s self features and its neighbourhood. Experiments on twitter,enron and amazon datasets give results which shows that the proposed method is robust in detection of anomalies based on weighted average of self and neighbouring node’s features. © 2021 IEEE
  • No Thumbnail Available
    Item
    Multi-factor Authentication and Data Integrity for WBAN Using Hash-Based Techniques
    (Springer Science and Business Media Deutschland GmbH, 2024) Pabitha, B.; Vani, V.; Sanshi, S.; Karthik, N.
    In recent days, a wireless body area network (WBAN) has been developed as part of the Internet of Things (IoT) with sensors and actuators in three different modes, building its network, i.e., in-body sensors, wearable sensors, and on-body sensors. The doctor’s access the data recorded and monitored by the sensor embedded in the patient to treat critical situations immediately. Maintaining data integrity and guarding against threats is necessary to secure sensitive patient information. Several people have proposed schemes for authenticating data access through formal and informal verification. In this research work, we carry out multi-factor authentication extensively using zero-knowledge proofs. The anomaly detection of the sensors is detected using machine learning algorithms, which help tune the sensors to their correct working conditions. The work aims to concentrate on sensor working conditions promptly and to handle attacks like masquerade, forgery, and key escrow attacks. To assess whether performance metrics are superior in computing cost, storage overhead, and communication overhead, utilize the BAN logic tool. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.
  • No Thumbnail Available
    Item
    Experimental Study on Detection of Household Electrical Appliance Energy Consumption Deviation
    (Springer Science and Business Media Deutschland GmbH, 2024) Nayak, R.; Jaidhar, C.D.
    The energy efficiency of buildings is compromised due to the wastage of power and the unidentified abnormal power consumption. Identifying the patterns within a dataset that drastically vary from the usual pattern or behavior is known as anomaly detection. With anomalous power consumption detection, it is possible to respond quickly to problems like malfunctioning appliances, energy waste, or unusual usage patterns, improving energy management, reducing costs, and improving safety. This work is an experimental study on detecting electrical appliance energy consumption deviation using a micro-moment labeled appliance power consumption dataset named ‘SimDataset’. Two sets of experiments were conducted: the first was by using the original dataset without removing any features, and in the second experiment, highly correlated redundant features were removed from the original dataset. Experiments are conducted based on an 80:20 split of the dataset and also on tenfold cross-validation. Experimental results depicted that the Random Forest (RF) classifier performed best, and its performance is consistent among different experiments. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2024.
  • No Thumbnail Available
    Item
    Mining social networks for anomalies: Methods and challenges
    (Academic Press, 2016) Bindu, P.V.; Santhi Thilagam, P.S.
    Online social networks have received a dramatic increase of interest in the last decade due to the growth of Internet and Web 2.0. They are among the most popular sites on the Internet that are being used in almost all areas of life including education, medical, entertainment, business, and telemarketing. Unfortunately, they have become primary targets for malicious users who attempt to perform illegal activities and cause harm to other users. The unusual behavior of such users can be identified by using anomaly detection techniques. Anomaly detection in social networks refers to the problem of identifying the strange and unexpected behavior of users by exploring the patterns hidden in the networks, as the patterns of interaction of such users deviate significantly from the normal users of the networks. Even though a multitude of anomaly detection methods have been developed for different problem settings, this field is still relatively young and rapidly growing. Hence, there is a growing need for an organized study of the work done in the area of anomaly detection in social networks. In this paper, we provide a comprehensive review of a large set of methods for mining social networks for anomalies by providing a multi-level taxonomy to categorize the existing techniques based on the nature of input network, the type of anomalies they detect, and the underlying anomaly detection approach. In addition, this paper highlights the various application scenarios where these methods have been used, and explores the research challenges and open issues in this field. © 2016 Elsevier Ltd. All rights reserved.