Using Fuzzy Cognitive Maps to Reduce False Alerts in SOM based Intrusion Detection Sensors

Most of the intrusion detection sensors suffer from the high rate offake alerts that the sensor produce

A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

A Comprehensive Study on Metaheuristic Techniques Using Genetic Approach

Most real-life optimization problems involve multiple objective functions. Finding  a  solution  that  satisfies  the  decision-maker  is  very  difficult  owing  to  conflict  between  the  objectives.  Furthermore,  the  solution  depends  on  the  decision-maker’s preference.  Metaheuristic solution methods have become common tools to solve these problems.  The  task  of  obtaining  solutions  that  take  account  of  a  decision-maker’s preference  is  at  the  forefront  of  current  research.  It  is  also  possible  to  have  multiple decision-makers with different preferences and with different  decision-making  powers. It may not be easy to express a preference using crisp numbers. In this study, the preferences of multiple decision-makers were simulated  and  a solution based on  a genetic  algorithm was  developed  to  solve  multi-objective  optimization  problems.  The  preferences  were collected  as  fuzzy  conditional  trade-offs  and  they  were  updated  while  running  the algorithm interactively with the decision-makers. The proposed method was tested using well-known benchmark problems.  The solutions were found to converge around the Pareto front of the problems

Unsupervised Intrusion Detection with Cross-Domain Artificial Intelligence Methods

Cybercrime is a major concern for corporations, business owners, governments and citizens, and it continues to grow in spite of increasing investments in security and fraud prevention. The main challenges in this research field are: being able to detect unknown attacks, and reducing the false positive ratio. The aim of this research work was to target both problems by leveraging four artificial intelligence techniques. The first technique is a novel unsupervised learning method based on skip-gram modeling. It was designed, developed and tested against a public dataset with popular intrusion patterns. A high accuracy and a low false positive rate were achieved without prior knowledge of attack patterns. The second technique is a novel unsupervised learning method based on topic modeling. It was applied to three related domains (network attacks, payments fraud, IoT malware traffic). A high accuracy was achieved in the three scenarios, even though the malicious activity significantly differs from one domain to the other. The third technique is a novel unsupervised learning method based on deep autoencoders, with feature selection performed by a supervised method, random forest. Obtained results showed that this technique can outperform other similar techniques. The fourth technique is based on an MLP neural network, and is applied to alert reduction in fraud prevention. This method automates manual reviews previously done by human experts, without significantly impacting accuracy

A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF FALSE POSITIVES IN IDS

IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment

Evaluation of deep neural networks for reduction of credit card fraud alerts

Fraud detection systems support advanced detection techniques based on complex rules, statistical modelling and machine learning. However, alerts triggered by these systems still require expert judgement to either confirm a fraud case or discard a false positive. Reducing the number of false positives that fraud analysts investigate, by automating their detection with computer-assisted techniques, can lead to significant cost efficiencies. Alert reduction has been achieved with different techniques in related fields like intrusion detection. Furthermore, deep learning has been used to accomplish this task in other fields. In our paper, a set of deep neural networks have been tested to measure their ability to detect false positives, by processing alerts triggered by a fraud detection system. The performance achieved by each neural network setting is presented and discussed. The optimal setting allowed to capture 91.79% of total fraud cases with 35.16% less alerts. Obtained alert reduction rate would entail a significant reduction in cost of human labor, because alerts classified as false positives by the neural network wouldn't require human inspection

A Survey on Attacks and Advances of Intrusion Detection Systems

Now day’s information of an organization floating over the internet that increases the traffic on the network as well as threats from attackers. To protect these sensitive material Intrusion Detection System (IDS) is situated in the scheme. It is an application software program or hardware mechanism that compacts with assaults by assembling information from a mixture of systems and network resources, then analyzing indications of defense dilemmas. Network Intrusion Detection (NID) is a method that efforts to determine unauthorized entrance to a network through analyzing traffic on the network. There are a variety of advances of intrusion detection, for instance Data Mining, Pattern Matching, Machine Learning and Measure Based Methods. This survey paper aims towards the proper learning of intrusion detection system with the intention that researchers could create employ of it and discover the new methods towards intrusions. Keywords: Intrusion Detection System, Data Mining, Pattern Matching, Anomaly detection, misuse detection, Machine Learning