Network Intrusion Detection System:A systematic study of Machine Learning and Deep Learning approaches

The rapid advances in the internet and communication fields have resulted in ahuge increase in the network size and the corresponding data. As a result, manynovel attacks are being generated and have posed challenges for network secu-rity to accurately detect intrusions. Furthermore, the presence of the intruderswiththeaimtolaunchvariousattackswithinthenetworkcannotbeignored.Anintrusion detection system (IDS) is one such tool that prevents the network frompossible intrusions by inspecting the network traffic, to ensure its confidential-ity, integrity, and availability. Despite enormous efforts by the researchers, IDSstillfaceschallengesinimprovingdetectionaccuracywhilereducingfalsealarmrates and in detecting novel intrusions. Recently, machine learning (ML) anddeep learning (DL)-based IDS systems are being deployed as potential solutionsto detect intrusions across the network in an efficient manner. This article firstclarifiestheconceptofIDSandthenprovidesthetaxonomybasedonthenotableML and DL techniques adopted in designing network-based IDS (NIDS) sys-tems. A comprehensive review of the recent NIDS-based articles is provided bydiscussing the strengths and limitations of the proposed solutions. Then, recenttrends and advancements of ML and DL-based NIDS are provided in terms ofthe proposed methodology, evaluation metrics, and dataset selection. Using theshortcomings of the proposed methods, we highlighted various research chal-lenges and provided the future scope for the research in improving ML andDL-based NIDS

Evaluation of Feature Reduction using Principal Component Analysis and Sequential Pattern Matching for Manet

In Mobile Ad hoc Networks (MANETs) there are some security problems because of portability, element topology changes, and absence of any framework. In MANETs, it is of extraordinary significance to identify inconsistency and malignant conduct. With a specific end goal to recognize malignant assaults by means of interruption identification frameworks and dissect the information set, we have to choose some components. Thus, highlight determination assumes basic part in recognizing different assaults. In the writing, there are a few recommendations to choose such elements. For the most part, Principal Component Analysis (PCA) breaks down the information set and the chose highlights. In this paper, we have gathered a list of capabilities from some cutting edge works in the writing. Really, our reproduction demonstrates this list of capabilities identify inconsistency conduct more precise. Likewise, interestingly, we utilize PCA for investigating the information set. In contrast to PCA, our results show Sequential pattern mining (SPM) cannot be affected by outlier data within the network. The  normal and attack states are simulated and the results are analyzed using NS2 simulator

SECURING 5G NETWORKS WITH FEDERATED LEARNING AND GAN

The threat landscape of the 5G network is quite vast due to the complexity of its architecture and its use of virtualized network functions. This landscape can be divided into two categories: Attacks against the Access point and Attacks against the Core. This thesis has been dedicated to analyzing the threats that plague the 5G network with a special focus on the access point. The architecture for the access point was simulated with a federated learning environment to not only secure the privacy of the user data but to also present a realistic scenario from which to perceive the 5G network. The main objective of the thesis was to secure the access point of the 5G network in this federated learning environment. This was accomplished by placing an Intrusion Detection System at the endpoint which would classify the data as either benign or malicious. The effectiveness of this model was checked by simulating a malicious user and con- ducting certain adversarial attacks to determine if the model could defend against them. The study was conducted by performing two specific attacks i.e Label-Flipping attack and Genera- tive Adversarial Networks. The attacks were successful and revealed that a new system should be designed and developed that could be resilient against these types of attacks

Towards Establishing a Change Management Process at an Academic Research Laboratory Network

This report focuses on the evaluation and development of a change management process for the Regis University Academic Research Network (ARNe), and specifically the SEAD Practicum. The author originally proposed expanding on a security audit performed on the ARNe in 2008, and researched, evaluated and presents several risk assessment methodologies. This broad approach was later focused on the practical aspects of developing a change management process for the ARNe/SEAD Practicum, based on researching applicable standards and best practice guidance. A management questionnaire and user survey were developed and distributed to obtain valuable opinions and perspectives from the individuals most directly involved with the administration and use of the ARNe and SEAD Practicum portal

An Information technology controls evaluation prototype for financial institutions in Kenya

Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Technology (MSIT) at Strathmore UniversityIn today’s dynamic and ever complex world, automation has become a competitive edge that many organizations have embraced. Introducing greater efficiencies and cutting edge capabilities, technology has become a key driver of business growth and innovation. Due to this high level of technology adoption, this rapid and ever changing business environment has become a breeding ground to some of the most detrimental threats, attacks and disruptive incidents. These emerging threats can only be managed by having relevant and effective IT controls that will maintain the confidentiality, integrity and availability of the information assets. The financial services sector has been at the edge of introducing new technology driven products and services that promise greater efficiencies, faster transaction processing and enhanced security. However, the financial services space is faced by ever-escalating IT risks from various threats. To effectively leverage on these technical capabilities and effectively manage the inherent IT risks, an effective and comprehensive risk driven control framework must be identified, established and enforced to commensurate the business’ risk appetite and achieve the business goals. The current problem experienced by organizations is enforcing an effective IT controls framework with continuous evaluations to ensure control effectiveness and fit for purpose. This research explored an approach to rolling out an IT controls system based on the NIST 53-800 framework that would be subject to periodic assessments by control owners to gauge its effectiveness for onward improvements and optimization. This research explored quantitative methods in data gathering and analysis with a target study population of the Kenyan financial institutions. The researcher employed convenience sampling and selected seven key financial institutions with a mature controls environment. This study has proposed an evidence based IT controls framework tailored to improve the Governance and oversight within IT in Financial institutions. The prototype was developed using the Rapid development approach embedding the v-process in the iterative build. The prototype developed gives oversight and visibility of all the IT controls enforced in the organization(s) and provide a way to continually monitor control effectiveness, control deficiencies and the remedial actions. Data from the respondents was analyzed to deduce the conclusion to this research. The developed prototype attained a 98% accuracy level in assessing IT controls and provided management a platform for control evidence evaluation to determine control effectiveness

Modelling internet network intrusion detection in smart city ecosystems

Smart city systems are intended to enhance the lives of citizens through the design of systems that promote resource efficiency and the real-time provisioning of resources in cities. The benefits offered by smart cities include the use of internet of things (IoT) sensors to gather useful data such as power demand to inhibit blackouts and the average speed of vehicles to alleviate traffic congestion. Nonetheless, earlier studies have indicated a substantial increase in cyber-security issues due to the increase in the deployment of smart city ecosystems. Consequently, IoT cyber-security is recognised as an area that requires crucial scrutiny. This study begins by investigating the current state of intrusion detection in smart city ecosystems. Current intrusion detection frameworks lack the capability to operate under extremely limiting settings such as conditions of low processing power and fast response times. Moreover, the study also identifies that, despite intrusion detection being a highly researched thematic area, a plethora of previous studies tend to propose intrusion detection frameworks that are more suitable for traditional computer networks rather than wireless sensor networks (WSNs) which consist of heterogeneous settings with diverse devices and communication protocols. Subsequently, this study developed two candidate deep learning models, namely a convolutional neural network (CNN) and a long short-term memory (LSTM) network and presents evidence on their robustness and predictive power. Results have indicated that, unlike the CNN model, the LSTM model can quickly converge and offer high predictive power without the vigorous application of regularisation techniques. The proposed LSTM classification model obtained a remarkable 100% in detection rates and further reported 0% in false alarm and false negative rates. This study gives a broad overview of the current state of intrusion detection mechanisms for smart city ecosystems to guide future studies. The study also demonstrates that existing intrusion detection systems (IDSs) can be enhanced through the development of more robust and lightweight models that offer high detection rates and minimal false alarm rates to prevent security risks in smart city ecosystems to ensure sustainable and safe smart cities.Thesis (MSc) -- Faculty of Science and Agriculture, 202