China 
Africa 
Explore chapters and articles related to this topic
Intrusion Detection and Prevention in Wireless Sensor Networks
Published in Shafiullah Khan, Al-Sakib Khan Pathan, Nabil Ali Alrajeh, Wireless Sensor Networks, 2016
Abror Abduvaliyev, Al-Sakib Khan Pathan, Jianying Zhou, Rodrigo Roman, Wai-Choong Wong
As mentioned earlier, an IDS is based on the assumption that there exists a noticeable difference in the behavior of an attacker and a legitimate node in the network such that the IDS can match those preprogrammed or learned rules. Based on the analysis model used for analyzing the audit data to detect intrusions, we classify IDSs into three detection techniques: (1) misuse, (2) anomaly, and (3) specification based. The misuse detection systems are used to detect known patterns of intrusions, while anomaly detection techniques are used to detect new or unknown intrusions. Specification-based detection is based on some deviations from normal behaviors. Figure 17.2 shows the overall taxonomy of various IDSs applied to WSNs.
Intrusion Detection for Big Data
Published in Mohiuddin Ahmed, Al-Sakib Khan Pathan, Data Analytics, 2018
Biozid Bostami, Mohiuddin Ahmed
Signature-based intrusion is also known as misuse detection. It considers the behavior as a mode and matches whether the behavior of the subject conforms to a mode. The modes are also known as signature features. That’s why it is called signature-based intrusion detection. The network specialist can design newer modes based on the attack signature or the behavior, if any unknown attack is found and studied. This type of intrusion detection is very good at detecting the attacks with known signatures and it creates less number of false positive alerts. But if the attack signature is altered then it cannot detect the attacks as efficiently.
Intrusion Detection in Wireless Mesh Networks
Published in Yan Zhang, Jun Zheng, Honglin Hu, Security in Wireless Mesh Networks, 2008
Thomas M. Chen, Geng-Sheng Kuo, Zheng-Ping Li, Guo-Mei Zhu
Currently, there are two basic approaches to analysis: misuse detection and anomaly detection. Misuse detection is also called signature-based detection because the idea is to represent every attack by a signature (pattern or rule of behavior). Rules can be divided into single part (atomic) signatures or multi-part (composite) signatures. It is essentially a problem of matching the observed traffic to signatures. If a matching signature is found, that attack is detected.
Design of advanced intrusion detection systems based on hybrid machine learning techniques in hierarchically wireless sensor networks
Published in Connection Science, 2023
Gebrekiros Gebreyesus Gebremariam, J. Panda, S. Indu
The frequency of cyber-attacks targeting international businesses is increasing, leading to the rapid development of intrusion detection systems (IDS) in both industry and academia (Mahbooba et al., 2021). The availability and confidentiality of the data may have been compromised as a result of attempts by attackers to break the network's security through vulnerabilities in the security measures (Abdulganiyu et al., 2023). IDS is a network security solution that collects and analyses network data to detect abnormal behaviour and protect system resources (Zhang et al., 2020). It is crucial in maintaining network security (Wang et al., 2021). Anomalies and misuse are two types of intrusions that can occur in WSNs. Anomaly detection utilises mathematical models and compares estimated feature values with reference values to identify deviations from normal behaviour (Godala & Vaddella, 2020). Misuse detection, on the other hand, relies on previously observed malicious activities and their specific patterns to identify intrusions.
Intelligent intrusion detection in external communication systems for autonomous vehicles
Published in Systems Science & Control Engineering, 2018
Khattab M. Ali Alheeti, Klaus McDonald-Maier
An IDS is composed of three phases: Data collection phase.Analysis data phase.Response phase. In general, two types of detection systems for behaviour security system that are misuse and anomaly detection system. Each of them has advantages and disadvantages which had direct impact on detection performance of any protection system. Misuse detection is a scheme to identifying network and computer attacks. Abnormal behaviour is established in misuse detection to detect any other behaviour is normal. In the same time, abnormal behaviour is defined in anomaly detection to identify from normal behaviour. However, the misuse detection can not detect novel/new attacks, but it is fast and high accuracy with low rate of false alarms. The high rate of false alarms is big disadvantage of anomaly detection in security system.
Identifying untrusted interactive behaviour in Enterprise Resource Planning systems based on a big data pattern recognition method using behavioural analytics
Published in Behaviour & Information Technology, 2022
Qian Yi, Mengyao Xu, Shuping Yi, Shiquan Xiong
An IDS is an essential component of network security infrastructure, as it monitors, detects, and identifies potential intrusions (Zhang and Zhu 2018). IDSs can be classified as anomaly or misuse detection methods. Misuse detection uses a predefined set of rules or signatures to detect known attacks. Anomaly detection builds a normal activity profile and detects unknown attacks by checking whether the system state varies from the established normal activity profile (Selvakumar and Muneeswaran 2019).