Protection of an intrusion detection engine with watermarking in ad hoc networks

Mobile ad hoc networks have received great attention in recent years, mainly due to the evolution of wireless networking and mobile computing hardware. Nevertheless, many inherent vulnerabilities exist in mobile ad hoc networks and their applications that affect the security of wireless transactions. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient we need a second line of defense, Intrusion Detection. In this pa-per we present an intrusion detection engine based on neural networks and a protection method based on watermarking techniques. In particular, we exploit information visualization and machine learning techniques in order to achieve intrusion detection and we authenticate the maps produced by the application of the intelligent techniques using a novel combined watermarking embedding method. The performance of the proposed model is evaluated under different traffic conditions, mobility patterns and visualization metrics

A Novel Intrusion Detection Approach using Multi-Kernel Functions

Network intrusion detection finds variant applications in computer and network industry. How to achieve high intrusion detection accuracy and speed is still received considerable attentions in this field. To address this issue, this work presents a novel method that takes advantages of multi-kernel computation technique to realize speedy and precise network intrusion detection and isolation. In this new development the multi-kernel function based kernel direct discriminant analysis (MKDDA) and quantum particle swarm optimization (QPSO) optimized kernel extreme learning machine (KELM) were appropriately integrated and thus form a novel method with strong intrusion detection ability. The MKDDA herein was firstly employed to extract distinct features by projecting the original high dimensionality of the intrusion features into a low dimensionality space. A few distinct and efficient features were then selected out from the low dimensionality space. Secondly, the KELM was proposed to provide quick and accurate intrusion recognition on the extracted features. The only parameter need be determined in KELM is the neuron number of hidden layer. Literature review indicates that very limited work has addressed the optimization of this parameter. Hence, the QPSO was used for the first time to optimize the KELM parameter in this paper. Lastly, experiments have been implemented to verify the performance of the proposed method. The test results indicate that the proposed LLE-PSO-KELM method outperforms its rivals in terms of both recognition accuracy and speed. Thus, the proposed intrusion detection method has great practical importance

Application of bagging, boosting and stacking to intrusion detection

This paper investigates the possibility of using ensemble algorithms to improve the performance of network intrusion detection systems. We use an ensemble of three different methods, bagging, boosting and stacking, in order to improve the accuracy and reduce the false positive rate. We use four different data mining algorithms, naïve bayes, J48 (decision tree), JRip (rule induction) and iBK( nearest neighbour), as base classifiers for those ensemble methods. Our experiment shows that the prototype which implements four base classifiers and three ensemble algorithms achieves an accuracy of more than 99% in detecting known intrusions, but failed to detect novel intrusions with the accuracy rates of around just 60%. The use of bagging, boosting and stacking is unable to significantly improve the accuracy. Stacking is the only method that was able to reduce the false positive rate by a significantly high amount (46.84%); unfortunately, this method has the longest execution time and so is insufficient to implement in the intrusion detection fiel

An Efficient Fuzzy Clustering-Based Approach for Intrusion Detection

The need to increase accuracy in detecting sophisticated cyber attacks poses a great challenge not only to the research community but also to corporations. So far, many approaches have been proposed to cope with this threat. Among them, data mining has brought on remarkable contributions to the intrusion detection problem. However, the generalization ability of data mining-based methods remains limited, and hence detecting sophisticated attacks remains a tough task. In this thread, we present a novel method based on both clustering and classification for developing an efficient intrusion detection system (IDS). The key idea is to take useful information exploited from fuzzy clustering into account for the process of building an IDS. To this aim, we first present cornerstones to construct additional cluster features for a training set. Then, we come up with an algorithm to generate an IDS based on such cluster features and the original input features. Finally, we experimentally prove that our method outperforms several well-known methods.Comment: 15th East-European Conference on Advances and Databases and Information Systems (ADBIS 11), Vienna : Austria (2011

Automatic Hyperparameter Tuning Method for Local Outlier Factor, with Applications to Anomaly Detection

In recent years, there have been many practical applications of anomaly detection such as in predictive maintenance, detection of credit fraud, network intrusion, and system failure. The goal of anomaly detection is to identify in the test data anomalous behaviors that are either rare or unseen in the training data. This is a common goal in predictive maintenance, which aims to forecast the imminent faults of an appliance given abundant samples of normal behaviors. Local outlier factor (LOF) is one of the state-of-the-art models used for anomaly detection, but the predictive performance of LOF depends greatly on the selection of hyperparameters. In this paper, we propose a novel, heuristic methodology to tune the hyperparameters in LOF. A tuned LOF model that uses the proposed method shows good predictive performance in both simulations and real data sets.Comment: 15 pages, 5 figure

Proposed neural intrusion detection system to detect denial of service attacks in MANETs

MANTs are groups of mobiles hosts that arrange themselves into a grid lacking some preexist organization where the active network environment makes it simple in danger by an attacker. A node leaves out, and another node enters in the network, making it easy to penetration. This paper aims to design a new method of intrusion detection in the MANET and avoiding Denial of Service (DoS) basis on the neural networks and Zone Sampling-Based Traceback algorithm (ZSBT). There are several restrictions in outdating intrusion detection, such as time-intense, regular informing, non-adaptive, accuracy, and suppleness. Therefore, a novel intrusion detection system is stimulated by Artificial Neural Network and ZSBT algorithm using a simulated MANET. Using KDD cup 99 as a dataset, the experiments demonstrate that the model could can detect DoS effectively