Tree-based Intelligent Intrusion Detection System in Internet of Vehicles

The use of autonomous vehicles (AVs) is a promising technology in Intelligent Transportation Systems (ITSs) to improve safety and driving efficiency. Vehicle-to-everything (V2X) technology enables communication among vehicles and other infrastructures. However, AVs and Internet of Vehicles (IoV) are vulnerable to different types of cyber-attacks such as denial of service, spoofing, and sniffing attacks. In this paper, an intelligent intrusion detection system (IDS) is proposed based on tree-structure machine learning models. The results from the implementation of the proposed intrusion detection system on standard data sets indicate that the system has the ability to identify various cyber-attacks in the AV networks. Furthermore, the proposed ensemble learning and feature selection approaches enable the proposed system to achieve high detection rate and low computational cost simultaneously.Comment: Accepted in IEEE Global Communications Conference (GLOBECOM) 201

Detection and avoidance of routing attack in mobile ad-hoc network using intelligent node

The routing attacks are created in order to damage the network in Mobile Ad-hoc. Previously, Dempster-shafer theory introduced a solution for these routing attacks where it entirely works on the principle of Dempster rule with various important factors to mitigate these critical routing attacks. Previously the system contains an Intrusion detection mechanism which is used to create a message whenever the attacker attacks the network. This Intrusion detection system sends an alert message to each mobile node in the network, when the attacker attacks the network. Then, Routing table change Detector identifies exactly how many changes has occurred in each node after receiving the alert messages from the intrusion detection system and also it make some changes in the routing table of each node in the network. From these changes, the Intrusion detection system identifies the attackers and these attackers are isolated from the network. The main drawback of this existing system is whenever the attacker is occurred, the Intrusion detection system has to send an alert message every time and the routing table change detector has to make some changes in the routing table. In order to avoid these drawbacks, the knowledge based intelligent system is proposed. In this proposed system, initially a source node has to get an authorized path from the intelligent node (a node with high energy) to send a data to the destination node. This proposed system discussed with the four routing attacks such as route salvage, sleep deprivation, colluding miss relay and collision attack

Network Attacks Detection by Hierarchical Neural Network

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not. Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifie

Multi-Agent Security System based on Neural Network Model of User's Behavior

It is proposed an agent approach for creation of intelligent intrusion detection system. The system allows detecting known type of attacks and anomalies in user activity and computer system behavior. The system includes different types of intelligent agents. The most important one is user agent based on neural network model of user behavior. Proposed approach is verified by experiments in real Intranet of Institute of Physics and Technologies of National Technical University of Ukraine "Kiev Polytechnic Institute”

Statistical analysis driven optimized deep learning system for intrusion detection

Attackers have developed ever more sophisticated and intelligent ways to hack information and communication technology systems. The extent of damage an individual hacker can carry out upon infiltrating a system is well understood. A potentially catastrophic scenario can be envisaged where a nation-state intercepting encrypted financial data gets hacked. Thus, intelligent cybersecurity systems have become inevitably important for improved protection against malicious threats. However, as malware attacks continue to dramatically increase in volume and complexity, it has become ever more challenging for traditional analytic tools to detect and mitigate threat. Furthermore, a huge amount of data produced by large networks has made the recognition task even more complicated and challenging. In this work, we propose an innovative statistical analysis driven optimized deep learning system for intrusion detection. The proposed intrusion detection system (IDS) extracts optimized and more correlated features using big data visualization and statistical analysis methods (human-in-the-loop), followed by a deep autoencoder for potential threat detection. Specifically, a pre-processing module eliminates the outliers and converts categorical variables into one-hot-encoded vectors. The feature extraction module discard features with null values and selects the most significant features as input to the deep autoencoder model (trained in a greedy-wise manner). The NSL-KDD dataset from the Canadian Institute for Cybersecurity is used as a benchmark to evaluate the feasibility and effectiveness of the proposed architecture. Simulation results demonstrate the potential of our proposed system and its outperformance as compared to existing state-of-the-art methods and recently published novel approaches. Ongoing work includes further optimization and real-time evaluation of our proposed IDS.Comment: To appear in the 9th International Conference on Brain Inspired Cognitive Systems (BICS 2018

Power Efficient Circuits for Intrusion Detection using Memristor Crossbars

Intrusion Detection System (IDS) is an intelligent specialized system designed to interpret the intrusion attempts in incoming network traffic. IDS aims at minimizing the risk of accessing the unauthorized data and potential vulnerabilities of critical systems by the examining the every packet entering into the system. Deep Packet inspection and Pattern matching are computationally intensive processes and most power hungry functionalities in network intrusion detection systems. In particular, every incoming packet is well screened by string matching with previously known malicious signatures/contents essentially known as attacks or intrusions. In particular, nearly 70 % of the execution time and power is utilized against matching the malicious contents against all the incoming packets. Indeed, the heart of every IDS is the detection process itself hence our key focus and efforts are towards developing a memristor crossbar based low power intrusion detection system that would reduce the execution time and power consumption due to its high density grid and massive parallelism. We propose a brute force string matching algorithm implementation on a low power memristor based cross bar array giving rise to detection accuracy of 100% and 0% false positive consuming 0.013mW/signature. As it turns out, memristor cross bar designed, trigger only if there is an exact match between the stored and incoming pattern extending its applications towards text processing, speech processing, computational biology, etc. besides intrusion detection.https://ecommons.udayton.edu/stander_posters/1647/thumbnail.jp

Incorporating Temporal Constraints in the Analysis Task of a Hybrid Intelligent IDS

This paper presents an extension of MOVICAB-IDS, a Hybrid Intelligent Intrusion Detection System characterized by incorporating temporal control to enable real-time processing and response. The original formulation of MOVICAB-IDS combines different Computational Intelligence techniques within a multiagent system to perform Intrusion Detection in dynamic computer networks. This work extends the initial proposal by incorporating temporal constraints in the analysis step of the Intrusion Detection process, when a neural projection model is applied