Explore chapters and articles related to this topic
Reconnaissance
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Christos-Minas Mathas, Costas Vassilakis
IDSs monitor network traffic for unusual or malicious behavior. They can be either software and/or hardware devices and can be network-based intrusion detection system (NIDS) or host-based intrusion detection system (HIDS). The detection mechanism can be based on a list of signatures, which include known malicious packet streams, or it can be based on anomaly detection techniques, which initially form a baseline for the “normal” behavior of the network under supervision and detect deviations from this baseline. The two detection approaches may be combined, delivering more effective detection schemes. The signature-based approach will always detect any attack in the signatures list, but is unable to detect any other malicious behavior, including zero-day attacks (for which the signature list has not been yet updated), or polymorphic and encrypted malware [54]. The anomaly-based approach can detect both known and unknown attacks, but due to the probabilistic nature of the algorithms used, it suffers from high false positives and false negatives occurrence rates [55]. Due to the fact that each of the approaches is more successful precisely where the other one is weaker, hybrid solutions have been devised, aiming to combine the advantages of both techniques.
Data Classification Framework for Medical Data through Machine Learning Techniques in Cloud Computing
Published in Jyoti Mishra, Ritu Agarwal, Abdon Atangana, Mathematical Modeling and Soft Computing in Epidemiology, 2020
Saurabh Sharma, Harish K. Shakya, Ashish Mishra
This is a significant assignment to ensure touchy information, precisely the situations when simple access to PCs and systems went a huge increment in instances of psychological oppression and digital fear-mongering. Another serious issue of data security is one-time approval. Typically, work begins with the gadget or IT framework. In this way, the client may represent a genuine risk to the authentication specifically, open sort of field, e.g., clinical offices, with the goal that the framework and EHR information be helpless against a programmer assault. To guarantee a significant security level, mainly clinical data, data frameworks must be predictable to determine the status. Such an observing structure is finished by interruption location intrusion detection system (IDS), which continually tries to screen the client’s activity and afterward, to confirm the individual’s identity. The methodology concerns EHR protection issues; client recognition depends on PC client confirmation and interruption profiling. Data about the client reliance profile is between keystrokes. A host-based intrusion detection system (HIDS) is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces, similar to the way a network-based intrusion detection system (NIDS) operates.
The Kernel-Based Online Anomaly Detection Algorithm
Published in Mohiuddin Ahmed, Abu S. S. M. Barkat Ullah, Al-Sakib Khan Pathan, Security Analytics for the Internet of Everything, 2020
Salva Daneshgadeh, Tarem Ahmed, Al-Sakib Khan Pathan
Cyber attack detection systems are either placed in a single workstation, creating a host-based intrusion detection system (HIDS), or placed as stand-alone devices on a network, to form a network-based intrusion detection system (NIDS). Both HIDSs and NIDSs are classified into two groups called signature/misused-based IDSs and anomaly-based IDSs. Signature-based attack detection methods compare the incoming network traffic with the patterns of known attacks in their database and an alarm is raised if a match is found. The performance of signature-based attack detection methods is close to 100% in detecting known attacks, but they cannot detect zero-day attacks [14]. Snort is a well-known signature-based (rule-based) NIDS, and Tripwire is an example of a signature-based HIDS [15].
Exploiting machine learning and deep learning models for misbehavior detection in VANET
Published in International Journal of Computers and Applications, 2022
Rukhsar Sultana, Jyoti Grover, Jitesh Meghwal, Meenakshi Tripathi
There are several misbehavior detection mechanisms proposed where deterministic mechanisms have been used for misbehavior detection. Zaidi et al. [11] proposed a host-based Intrusion Detection System (IDS) to detect false information and Sybil attacks using hypothesis testing on the data flow. It can achieve a better detection rate and effective information dissemination for lower attacker density, but its performance degrades in the case of high vehicle density. Boualouache et al. [12] designed a Software-Defined Networking (SDN)-based Misbehavior Detection System (MDS) using a trust-based mechanism. This mechanism is an adaptive MDS where the security parameters for the system vary according to the vehicle contexts and provides an enhanced detection ratio in comparison to static MDS at the cost of increased computational overhead for the higher number of interactions.
IoT-Based Intrusion Detection Systems: A Review
Published in Smart Science, 2022
Tamara Saad Mohamed, Sezgin Aydin
lightweight techniques have been used by Khater et al. [28]. This work describes a Host-Based Intrusion Detection System (HIDS) based on lightweight techniques and using Fog Computing devices that use a Modified Vector Space Representation (MVSR) N-gram and Multilayer Perceptron (MLP) model for securing the Internet of Things (IoT). The proposed method with MI achieves 96 percent accuracy, 97 percent recall, 96 percent F1-Measure, 5 percent False Positive Rate (FPR), highest curve of Receiver Operating Characteristic (ROC), and 96 percent Area Under the Curve using a single hidden layer and four nodes (AUC). It also had a low CPU time of 4.404 (ms) milliseconds and an energy consumption of 8.809 (mj) millijoules.
Development of testbed for cyber-manufacturing security issues
Published in International Journal of Computer Integrated Manufacturing, 2020
Mingtao Wu, Jinwoo Song, Snehav Sharma, Jupeng Di, Benliu He, Ziming Wang, Jingkai Zhang, Long Wang Lucas Lin, Emily Ann Greaney, Young Moon
In computer and network security, there are two types of IDS: host-based intrusion detection system (HIDS) and network-based intrusion detection system (NIDS). It typically takes several months to detect and longer to remediate (Minnick 2016) an attack using IDS. Furthermore, IDSs are not designed for cyber-physical attacks. These limitations are critical for manufacturing system since (i) the physical components cannot be backed up and the production period is shorter than detection period and (ii) there is a long-term effect on manufacturing systems: defective products can cause a larger scale of damages among customers and across the supply chain.