Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Subject: search.filters.subject.Intrusion detection

Search Results

Now showing 1 - 7 of 7
  • No Thumbnail Available
    Item
    Deep learning architecture for big data analytics in detecting intrusions and malicious URL
    (Institution of Engineering and Technology, 2019) Harikrishnan, N.B.; Ravi, R.; Padannayil, K.P.; Poornachandran, P.; Annappa, A.; Alazab, M.
    Security attacks are one of the major threats in today’s world. These attacks exploit the vulnerabilities in a system or online sites for financial gain. By doing so, there arises a huge loss in revenue and reputation for both government and private firms. These attacks are generally carried out through malware interception, intrusions, phishing uniform resource locator (URL). There are techniques like signature-based detection, anomaly detection, state full protocol to detect intrusions, blacklisting for detecting phishing URL. Even though these techniques claim to thwart cyberattacks, they often fail to detect new attacks or variants of existing attacks. The second reason why these techniques fail is the dynamic nature of attacks and lack of annotated data. In such a situation, we need to propose a system which can capture the changing trends of cyberattacks to some extent. For this, we used supervised and unsupervised learning techniques. The growing problem of intrusions and phishing URLs generates a need for a reliable architectural-based solution that can efficiently identify intrusions and phishing URLs. This chapter aims to provide a comprehensive survey of intrusion and phishing URL detection techniques and deep learning. It presents and evaluates a highly effective deep learning architecture to automat intrusion and phishing URL Detection. The proposed method is an artificial intelligence (AI)-based hybrid architecture for an organization which provides supervised and unsupervised-based solutions to tackle intrusions, and phishing URL detection. The prototype model uses various classical machine learning (ML) classifiers and deep learning architectures. The research specifically focuses on detecting and classifying intrusions and phishing URL detection. © The Institution of Engineering and Technology 2020.
  • No Thumbnail Available
    Item
    Computer controlled intrusion-detector and automatic firing-unit for border security
    (2010) Vittal, K.P.; Ajay, P.P.; Shenoy, S.B.; Srinivas Rao, C.H.S.
    This paper describes a novel computer-controlled intrusion-detector and automatic firing unit, which may be used for the surveillance of borders, either of a country, or of areas requiring high security, especially in regions of extreme climatic conditions, where it is difficult to deploy personnel. This system not only detects intrusion but also provides a video-coverage of the suspicious area, for remote vigilance, via a satellite based communication system. It is also provided with automatic firing mechanisms which can be used to automatically locate and fire at the target. Thus, several kilometres of the borders, which would have otherwise required several hundred personnel, can be effortlessly monitored with this system, with only a few personnel. Since, the actual firing occurs only after an authoritative personnel has doubly confirmed the presence of an intruder, chances of firing at innocent people are completely ruled out. As thermal cameras are used for imaging, this system is immune to changes in ambient conditions, and therefore, is equally suited for operation during the night. This paper also throws light on the prototype of this system, which has been successfully developed. © 2010 IEEE.
  • No Thumbnail Available
    Item
    A framework to monitor cloud infrastructure in service oriented approach
    (2013) Veigas, J.P.; Chandra Sekaran, K.
    Cloud computing processes and stores the organization's sensitive data in the third party infrastructure. Monitoring these activities within the cloud environment is a major task for the security analysts and the cloud consumer. The cloud service providers may voluntarily suppress the security threats detected in their Infrastructure from the consumers. The goal is to decouple Intrusion Detection System (IDS) related logic from individual application business logic and adhere to the Service Oriented Architecture Standards. This paper provides a framework for Intrusion Detection and reporting service to the cloud consumers based on the type of applications and their necessary security needs. Cloud consumers can choose the desired signatures from this framework to protect their applications. The proposed technique is deployed in existing open source cloud environment with minimum changes. A proof-of-concept prototype has been implemented based on Eucalyptus open source packages to show the feasibility of this approach. Our results show that this framework provides effective way to monitor the cloud infrastructure in service oriented approach. © 2013 IEEE.
  • No Thumbnail Available
    Item
    Feature selection using fast ensemble learning for network intrusion detection
    (Springer Verlag service@springer.de, 2020) Pasupulety, U.; Adwaith, C.D.; Hegde, S.; Patil, N.
    Network security plays a critical role in today’s digital system infrastructure. Everyday, there are hundreds of cases of data theft or loss due to the system’s integrity being compromised. The root cause of this issue is the lack of systems in place which are able to foresee the advent of such attacks. Network Intrusion detection techniques are important to prevent any system or network from malicious behavior. By analyzing a dataset with features summarizing the method in which connections are made to the network, any attempt to access it can be classified as malicious or benign. To improve the accuracy of network intrusion detection, various machine learning algorithms and optimization techniques are used. Feature selection helps in finding important attributes in the dataset which have a significant effect on the final classification. This results in the reduction of the size of the dataset, thereby simplifying the task of classification. In this work, we propose using multiple techniques as an ensemble for feature selection. To reduce training time and retain accuracy, the important features of a subset of the KDD Network Intrusion detection dataset were analyzed using this ensemble learning technique. Out of 41 possible features for network intrusion, it was found that host-based statistical features of network flow play an import role in predicting network intrusion. Our proposed methodology provides multiple levels of overall selected features, correlated to the number of individual feature selection techniques that selected them. At the highest level of selected features, our experiments yielded a 6% increase in intrusion detection accuracy, an 81% decrease in dataset size and a 5.4× decrease in runtime using a Multinomial Naive Bayes classifier on the original dataset. © Springer Nature Switzerland AG 2020.
  • No Thumbnail Available
    Item
    Intrusion Detection Techniques for Detection of Cyber Attacks
    (Springer Science and Business Media Deutschland GmbH, 2021) Ahmed, S.S.; Kankar, M.; Rudra, B.
    Intrusion detection system (IDS) is a software-related application where we can detect the system or network activities and notice if any suspicious task happens. Excellent broadening and the use of the Internet lift examine the communication and save the digital information securely. Nowadays, attackers use variety of attacks for fetching private data. Most of the IDS techniques, algorithms, and methods assist to find those various attacks. The central aim of the project is to come up with an overall study about the intrusion detection mechanism, various types of attacks, various tools and techniques, and challenges. We used various machine learning algorithms and found performance metrics like accuracy, recall, and F-measure and compared with the existing work. After this research, we got good results that can help to detect the cyber attacks being performed in the network. © 2021, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
  • No Thumbnail Available
    Item
    Reputation-based cross-layer intrusion detection system for wormhole attacks in wireless mesh networks
    (John Wiley and Sons Inc 410 Park Avenue, 15th Floor, 287 pmb New York NY 10022, 2014) Karri, G.R.; Santhi Thilagam, P.
    Wireless mesh networks provide long-distance wireless network connectivity over heterogeneous devices for greater scalability and availability. However, protecting legitimate long-distance wireless links from wormhole attacks is an important yet challenging security issue in wireless mesh networks. In this paper, we propose a reputation-based cross-layer intrusion detection system to effectively detect various wormhole attacks. The proposed system analyses the behaviours of the routing paths in wireless mesh networks to correctly isolate the malicious wormhole paths from legitimate long-distance wireless links. It uses reputation and cross-layer parameters for comprehensive ability to isolate the wormhole attacks in routing paths. This isolation ensures full utilisation of legitimate long-distance wireless links in wireless mesh networks, which is not possible with the existing wormhole attack detection approaches. Experimental results show that the proposed system increases the detection rate, decreases the false alarm rate, and secures legitimate long-distance wireless links in wireless mesh networks. © 2014 John Wiley & Sons, Ltd.
  • No Thumbnail Available
    Item
    A Quantitative Method for Measuring Health of Authoritative Name Servers
    (IGI Global, 2022) Adiwal, S.; Rajendran, B.; Shetty D, P.D.
    The domain name system (DNS) is regarded as one of the critical infrastructure components of the global internet because a large-scale DNS outage would effectively take a typical user offline. Therefore, the internet community should ensure that critical components of the DNS ecosystem—that is, root name servers, top-level domain registrars and registries, authoritative name servers, and recursive resolvers—function smoothly. To this end, the community should monitor them periodically and provide public alerts about abnormal behavior. The authors propose a novel quantitative approach for evaluating the health of authoritative name servers – a critical, core, and a large component of the DNS ecosystem. The performance is typically measured in terms of response time, reliability, and throughput for most of the internet components. This research work proposes a novel list of parameters specifically for determining the health of authoritative name servers: DNS attack permeability, latency comparison, and DNSSEC validation. The aim is to understand the general behavior of authoritative name servers, detect sluggishness in their performance, and arrive at a score of their health through the aforesaid parameters. The effectiveness of identified parameters is evaluated by devising the corresponding probing algorithms and experimented with them among the authoritative name servers serving the world’s top 500 domains. This approach could be used periodically to assess and take necessary measures to protect authoritative domain name servers from abuse. © © 2022, IGI Global.