21,409 research outputs found
The Impact of Stealthy Attacks on Smart Grid Performance: Tradeoffs and Implications
The smart grid is envisioned to significantly enhance the efficiency of
energy consumption, by utilizing two-way communication channels between
consumers and operators. For example, operators can opportunistically leverage
the delay tolerance of energy demands in order to balance the energy load over
time, and hence, reduce the total operational cost. This opportunity, however,
comes with security threats, as the grid becomes more vulnerable to
cyber-attacks. In this paper, we study the impact of such malicious
cyber-attacks on the energy efficiency of the grid in a simplified setup. More
precisely, we consider a simple model where the energy demands of the smart
grid consumers are intercepted and altered by an active attacker before they
arrive at the operator, who is equipped with limited intrusion detection
capabilities. We formulate the resulting optimization problems faced by the
operator and the attacker and propose several scheduling and attack strategies
for both parties. Interestingly, our results show that, as opposed to
facilitating cost reduction in the smart grid, increasing the delay tolerance
of the energy demands potentially allows the attacker to force increased costs
on the system. This highlights the need for carefully constructed and robust
intrusion detection mechanisms at the operator.Comment: Technical report - this work was accepted to IEEE Transactions on
Control of Network Systems, 2016. arXiv admin note: substantial text overlap
with arXiv:1209.176
Machine learning approach for detection of nonTor traffic
Intrusion detection has attracted a considerable interest from researchers and industry. After many years of research the community still faces the problem of building reliable and efficient intrusion detection systems (IDS) capable of handling large quantities of data with changing patterns in real time situations. The Tor network is popular in providing privacy and security to end user by anonymizing the identity of internet users connecting through a series of tunnels and nodes. This work identifies two problems; classification of Tor traffic and nonTor traffic to expose the activities within Tor traffic that minimizes the protection of users in using the UNB-CIC Tor Network Traffic dataset and classification of the Tor traffic flow in the network. This paper proposes a hybrid classifier; Artificial Neural Network in conjunction with Correlation feature selection algorithm for dimensionality reduction and improved classification performance. The reliability and efficiency of the propose hybrid classifier is compared with Support Vector Machine and naïve Bayes classifiers in detecting nonTor traffic in UNB-CIC Tor Network Traffic dataset. Experimental results show the hybrid classifier, ANN-CFS proved a better classifier in detecting nonTor traffic and classifying the Tor traffic flow in UNB-CIC Tor Network Traffic dataset
ANTIDS: Self-Organized Ant-based Clustering Model for Intrusion Detection System
Security of computers and the networks that connect them is increasingly
becoming of great significance. Computer security is defined as the protection
of computing systems against threats to confidentiality, integrity, and
availability. There are two types of intruders: the external intruders who are
unauthorized users of the machines they attack, and internal intruders, who
have permission to access the system with some restrictions. Due to the fact
that it is more and more improbable to a system administrator to recognize and
manually intervene to stop an attack, there is an increasing recognition that
ID systems should have a lot to earn on following its basic principles on the
behavior of complex natural systems, namely in what refers to
self-organization, allowing for a real distributed and collective perception of
this phenomena. With that aim in mind, the present work presents a
self-organized ant colony based intrusion detection system (ANTIDS) to detect
intrusions in a network infrastructure. The performance is compared among
conventional soft computing paradigms like Decision Trees, Support Vector
Machines and Linear Genetic Programming to model fast, online and efficient
intrusion detection systems.Comment: 13 pages, 3 figures, Swarm Intelligence and Patterns (SIP)- special
track at WSTST 2005, Muroran, JAPA
- …