14,658 research outputs found
A consensus based network intrusion detection system
Network intrusion detection is the process of identifying malicious behaviors
that target a network and its resources. Current systems implementing intrusion
detection processes observe traffic at several data collecting points in the
network but analysis is often centralized or partly centralized. These systems
are not scalable and suffer from the single point of failure, i.e. attackers
only need to target the central node to compromise the whole system. This paper
proposes an anomaly-based fully distributed network intrusion detection system
where analysis is run at each data collecting point using a naive Bayes
classifier. Probability values computed by each classifier are shared among
nodes using an iterative average consensus protocol. The final analysis is
performed redundantly and in parallel at the level of each data collecting
point, thus avoiding the single point of failure issue. We run simulations
focusing on DDoS attacks with several network configurations, comparing the
accuracy of our fully distributed system with a hierarchical one. We also
analyze communication costs and convergence speed during consensus phases.Comment: Presented at THE 5TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND
SECURITY 2015 IN KUALA LUMPUR, MALAYSI
Modeling and performance evaluation of stealthy false data injection attacks on smart grid in the presence of corrupted measurements
The false data injection (FDI) attack cannot be detected by the traditional
anomaly detection techniques used in the energy system state estimators. In
this paper, we demonstrate how FDI attacks can be constructed blindly, i.e.,
without system knowledge, including topological connectivity and line reactance
information. Our analysis reveals that existing FDI attacks become detectable
(consequently unsuccessful) by the state estimator if the data contains grossly
corrupted measurements such as device malfunction and communication errors. The
proposed sparse optimization based stealthy attacks construction strategy
overcomes this limitation by separating the gross errors from the measurement
matrix. Extensive theoretical modeling and experimental evaluation show that
the proposed technique performs more stealthily (has less relative error) and
efficiently (fast enough to maintain time requirement) compared to other
methods on IEEE benchmark test systems.Comment: Keywords: Smart grid, False data injection, Blind attack, Principal
component analysis (PCA), Journal of Computer and System Sciences, Elsevier,
201
- …