Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
3,280
result(s) for
"Intrusion detection systems (Computer security)"
Sort by:
Network anomaly detection : a machine learning perspective
\"This book discusses detection of anomalies in computer networks from a machine learning perspective. It introduces readers to how computer networks work and how they can be attacked by intruders in search of fame, fortune, or challenge. The reader will learn how one can look for patterns in captured network traffic data to look for anomalous patterns that may correspond to attempts at unauthorized intrusion. The reader will be given a technical and sophisticated description of such algorithms and their applications in the context of intrusion detection in networks\"-- Provided by publisher.
Book
Network Anomaly Detection
This book discusses the detection of anomalies in computer networks from a machine learning perspective. It examines how computer networks work and how they can be attacked by intruders in search of fame, fortune, or challenge. You'll learn how to look for patterns in captured network traffic data to unearth potential intrusion attempts. Coverage includes machine learning techniques and algorithms, a taxonomy of attacks, and practical tools for launching attacks, capturing packet or flow traffic, extracting features, detecting attacks, and evaluating performance.
eBook
Biometric Presentation Attack Detection
This book discusses anti-spoofing techniques in detail. For each anti-spoofing technology, different experimental configurations, processing strategies, scope for generalization, advantages and limitations are detailed. The book also considers applicability of artificial intelligence techniques for automated biometric spoof detection, and future scope of research in this direction.
eBook
Security, Privacy and Reliability in Computer Communications and Networks
Future communication networks aim to build an intelligent and efficient living environment by connecting a variety of heterogeneous networks to fulfill complicated tasks. These communication networks bring significant challenges in building secure and reliable communication networks to address the numerous threat and privacy concerns. New research technologies are essential to preserve privacy, prevent attacks, and achieve the requisite reliability. Security, Privacy and Reliability in Computer Communications and Networks studies and presents recent advances reflecting the state-of-the-art research achievements in novel cryptographic algorithm design, intrusion detection, privacy preserving techniques and reliable routing protocols. • Technical topics discussed in the book include: • Vulnerabilities and Intrusion Detection • Cryptographic Algorithms and Evaluation • Privacy • Reliable Routing Protocols This book is ideal for personnel in computer communication and networking industries as well as academic staff and collegial, master, Ph.D. students in computer science, computer engineering, cyber security, information insurance and telecommunication systems.
eBook
Realguard: A Lightweight Network Intrusion Detection System for IoT Gateways
Cyber security has become increasingly challenging due to the proliferation of the Internet of things (IoT), where a massive number of tiny, smart devices push trillion bytes of data to the Internet. However, these devices possess various security flaws resulting from the lack of defense mechanisms and hardware security support, therefore making them vulnerable to cyber attacks. In addition, IoT gateways provide very limited security features to detect such threats, especially the absence of intrusion detection methods powered by deep learning. Indeed, deep learning models require high computational power that exceeds the capacity of these gateways. In this paper, we introduce Realguard, an DNN-based network intrusion detection system (NIDS) directly operated on local gateways to protect IoT devices within the network. The superiority of our proposal is that it can accurately detect multiple cyber attacks in real time with a small computational footprint. This is achieved by a lightweight feature extraction mechanism and an efficient attack detection model powered by deep neural networks. Our evaluations on practical datasets indicate that Realguard could detect ten types of attacks (e.g., port scan, Botnet, and FTP-Patator) in real time with an average accuracy of 99.57%, whereas the best of our competitors is 98.85%. Furthermore, our proposal effectively operates on resource-constraint gateways (Raspberry PI) at a high packet processing rate reported about 10.600 packets per second.
Journal Article
Classification and Explanation for Intrusion Detection System Based on Ensemble Trees and SHAP Method
In recent years, many methods for intrusion detection systems (IDS) have been designed and developed in the research community, which have achieved a perfect detection rate using IDS datasets. Deep neural networks (DNNs) are representative examples applied widely in IDS. However, DNN models are becoming increasingly complex in model architectures with high resource computing in hardware requirements. In addition, it is difficult for humans to obtain explanations behind the decisions made by these DNN models using large IoT-based IDS datasets. Many proposed IDS methods have not been applied in practical deployments, because of the lack of explanation given to cybersecurity experts, to support them in terms of optimizing their decisions according to the judgments of the IDS models. This paper aims to enhance the attack detection performance of IDS with big IoT-based IDS datasets as well as provide explanations of machine learning (ML) model predictions. The proposed ML-based IDS method is based on the ensemble trees approach, including decision tree (DT) and random forest (RF) classifiers which do not require high computing resources for training models. In addition, two big datasets are used for the experimental evaluation of the proposed method, NF-BoT-IoT-v2, and NF-ToN-IoT-v2 (new versions of the original BoT-IoT and ToN-IoT datasets), through the feature set of the net flow meter. In addition, the IoTDS20 dataset is used for experiments. Furthermore, the SHapley additive exPlanations (SHAP) is applied to the eXplainable AI (XAI) methodology to explain and interpret the classification decisions of DT and RF models; this is not only effective in interpreting the final decision of the ensemble tree approach but also supports cybersecurity experts in quickly optimizing and evaluating the correctness of their judgments based on the explanations of the results.
Journal Article
Attacks to Automatous Vehicles: A Deep Learning Algorithm for Cybersecurity
Rapid technological development has changed drastically the automotive industry. Network communication has improved, helping the vehicles transition from completely machine- to software-controlled technologies. The autonomous vehicle network is controlled by the controller area network (CAN) bus protocol. Nevertheless, the autonomous vehicle network still has issues and weaknesses concerning cybersecurity due to the complexity of data and traffic behaviors that benefit the unauthorized intrusion to a CAN bus and several types of attacks. Therefore, developing systems to rapidly detect message attacks in CAN is one of the biggest challenges. This study presents a high-performance system with an artificial intelligence approach that protects the vehicle network from cyber threats. The system secures the autonomous vehicle from intrusions by using deep learning approaches. The proposed security system was verified by using a real automatic vehicle network dataset, including spoofing, flood, replaying attacks, and benign packets. Preprocessing was applied to convert the categorical data into numerical. This dataset was processed by using the convolution neural network (CNN) and a hybrid network combining CNN and long short-term memory (CNN-LSTM) models to identify attack messages. The results revealed that the model achieved high performance, as evaluated by the metrics of precision, recall, F1 score, and accuracy. The proposed system achieved high accuracy (97.30%). Along with the empirical demonstration, the proposed system enhanced the detection and classification accuracy compared with the existing systems and was proven to have superior performance for real-time CAN bus security.
Journal Article
A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data
Anomaly detection is the process of identifying unexpected items or events in datasets, which differ from the norm. In contrast to standard classification tasks, anomaly detection is often applied on unlabeled data, taking only the internal structure of the dataset into account. This challenge is known as unsupervised anomaly detection and is addressed in many practical applications, for example in network intrusion detection, fraud detection as well as in the life science and medical domain. Dozens of algorithms have been proposed in this area, but unfortunately the research community still lacks a comparative universal evaluation as well as common publicly available datasets. These shortcomings are addressed in this study, where 19 different unsupervised anomaly detection algorithms are evaluated on 10 different datasets from multiple application domains. By publishing the source code and the datasets, this paper aims to be a new well-funded basis for unsupervised anomaly detection research. Additionally, this evaluation reveals the strengths and weaknesses of the different approaches for the first time. Besides the anomaly detection performance, computational effort, the impact of parameter settings as well as the global/local anomaly detection behavior is outlined. As a conclusion, we give an advise on algorithm selection for typical real-world tasks.
Journal Article
Transfer-Learning-Based Intrusion Detection Framework in IoT Networks
Cyberattacks in the Internet of Things (IoT) are growing exponentially, especially zero-day attacks mostly driven by security weaknesses on IoT networks. Traditional intrusion detection systems (IDSs) adopted machine learning (ML), especially deep Learning (DL), to improve the detection of cyberattacks. DL-based IDSs require balanced datasets with large amounts of labeled data; however, there is a lack of such large collections in IoT networks. This paper proposes an efficient intrusion detection framework based on transfer learning (TL), knowledge transfer, and model refinement, for the effective detection of zero-day attacks. The framework is tailored to 5G IoT scenarios with unbalanced and scarce labeled datasets. The TL model is based on convolutional neural networks (CNNs). The framework was evaluated to detect a wide range of zero-day attacks. To this end, three specialized datasets were created. Experimental results show that the proposed TL-based framework achieves high accuracy and low false prediction rate (FPR). The proposed solution has better detection rates for the different families of known and zero-day attacks than any previous DL-based IDS. These results demonstrate that TL is effective in the detection of cyberattacks in IoT environments.
Journal Article
Malware analysis using visualized images and entropy graphs
Today, along with the development of the Internet, the number of malicious software, or malware, distributed especially for monetary profits, is exponentially increasing, and malware authors are developing malware variants using various automated tools and methods. Automated tools and methods may reuse some modules to develop malware variants, so these reused modules can be used to classify malware or to identify malware families. Therefore, similarities may exist among malware variants can be analyzed and used for malware variant detections and the family classification. This paper proposes a new malware family classification method by converting binary files into images and entropy graphs. The experimental results show that the proposed method can effectively distinguish malware families.
Journal Article