Search results

This paper aims to propose a multi-dimensional hierarchical K-means clustering algorithm for the purpose of intrusion detection. Initially, the clustering set of rules is proposed to shape some of clusters in the network and then the most beneficial clusters are decided on by the use of Cuckoo search optimization set of rules. Finally, an Artificial Bee Colony primarily based selection tree (ABC-DT) classifier is rented to classify the regular and unusual instances present in the network with the aid of the extracted features.

Intrusion detection system (IDS) is crucial for the network system; the intruder can take sensitive details about the network. IDS are said to be more effective when it has both high intrusion detection rate and low false alarm rate. Numerous strategies including gadget mastering, records mining and statistical techniques were tested for IDS mission. Recent study reveals that combining multiple classifiers, i.e. classifiers ensemble, can also own better performance than unmarried classifier. In this paper, a comparative study is conducted of the overall performance of four classifiers, i.e. hybrid ABC-DT particle swarm optimization-based K-means clustering (PSO-KM), help vector device (SVM) and K-Nearest neighbour (KNN). All the four classifiers are tested with exceptional packet sizes 1470, 1024, 512 and 256. The experiment is carried out for the speed ranging from turned into done for the velocity ranging from 250Mbps, 500Mbps, 750Mbps, 1.0Gpbs, 1.5Gbps, and 2.0Gbps in terms of accuracy, detection charge, specificity, false alarm charge and computational time. The experimental results reveals that the hybridization of classifiers performs better than the base classifiers in all scenarios.

This study analyses the performance of hybrid ABC-DT classifier and compares the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The performances of all the four classifiers are tested with Discovery in Data Mining (KDD) CUP 99 dataset with different packet sizes 1470, 1024, 512 and 256. The results show the classifier performance variations with different speed ranges. From the experimental results and analysis, the hybridization of classifiers such as ABC-DT outperforms the base classifiers in all scenarios.

The novel approach in this paper is used to study the hybrid ABC-DT classifier and compare the performance against three well-known classifiers such as PSO-KM, SVM and K-NN. The discussed concept is used within the network to monitor the traffic to and from all the devices connected in that network.

The purpose of this paper is to build a new hierarchical intrusion detection system (IDS) based on a binary tree of different types of classifiers. The proposed IDS model must possess the following characteristics: combine a high detection rate and a low false alarm rate, and classify any connection in a specific category of network connection.

To build the binary tree, the authors cluster the different categories of network connections hierarchically based on the proportion of false-positives and false-negatives generated between each of the two categories. The built model is a binary tree with multi-levels. At first, the authors use the best classifier in the classification of the network connections in category A and category G2 that clusters the rest of the categories. Then, in the second level, they use the best classifier in the classification of G2 network connections in category B and category G3 that represents the different categories clustered in G2 without category B. This process is repeated until the last two categories of network connections. Note that one of these categories represents the normal connection, and the rest represent the different types of abnormal connections.

The experimentation on the labeled data set for flow-based intrusion detection, NSL-KDD and KDD’99 shows the high performance of the authors' model compared to the results obtained by some well-known classifiers and recent IDS models. The experiments’ results show that the authors' model gives a low false alarm rate and the highest detection rate. Moreover, the model is more accurate than some well-known classifiers like SVM, C4.5 decision tree, MLP neural network and naïve Bayes with accuracy equal to 83.26 per cent on NSL-KDD and equal to 99.92 per cent on the labeled data set for flow-based intrusion detection. As well, it is more accurate than the best of related works and recent IDS models with accuracy equal to 95.72 per cent on KDD’99.

This paper proposes a novel hierarchical IDS based on a binary tree of classifiers, where different types of classifiers are used to create a high-performance model. Therefore, it confirms the capacity of the hierarchical model to combine a high detection rate and a low false alarm rate.

A zero-day vulnerability is a complimentary ticket to the attackers for gaining entry into the network. Thus, there is necessity to device appropriate threat detection systems and establish an innovative and safe solution that prevents unauthorised intrusions for defending various components of cybersecurity. We present a survey of recent Intrusion Detection Systems (IDS) in detecting zero-day vulnerabilities based on the following dimensions: types of cyber-attacks, datasets used and kinds of network detection systems.

Purpose: The study focuses on presenting an exhaustive review on the effectiveness of the recent IDS with respect to zero-day vulnerabilities.

Methodology: Systematic exploration was done at the IEEE, Elsevier, Springer, RAID, ESCORICS, Google Scholar, and other relevant platforms of studies published in English between 2015 and 2021 using keywords and combinations of relevant terms.

Findings: It is possible to train IDS for zero-day attacks. The existing IDS have strengths that make them capable of effective detection against zero-day attacks. However, they display certain limitations that reduce their credibility. Novel strategies like deep learning, machine learning, fuzzing technique, runtime verification technique, and Hidden Markov Models can be used to design IDS to detect malicious traffic.

Implication: This paper explored and highlighted the advantages and limitations of existing IDS enabling the selection of best possible IDS to protect the system. Moreover, the comparison between signature-based and anomaly-based IDS exemplifies that one viable approach to accurately detect the zero-day vulnerabilities would be the integration of hybrid mechanism.

The paper aims to provide methodological support for hybrid project management, in which the discipline of predictive methodologies combines with the flexibility of adaptive ones. Specifically, the paper explores the extent complexity and volatility dimensions of organisational problems inform choices of PM methodologies both theoretically and in current practice, as a first step towards better methodological support for hybridisation.

The paper takes a mixed method approach, including both secondary research and primary research with practitioners. Primary research consists of a small scale survey (n = 31) followed by semi-structured interviews, with findings triangulated against secondary evidence.

The paper provides empirical insights on how complexity and volatility of organisational problems can inform hybrid project management practices. Specifically, it suggests a mapping between volatility and complexity dimensions and predictive and adaptive risk controls as a first step towards the systematisation of hybrid combinations in projects.

Due to the small participant sample, the research results may lack generalisability.

The paper includes implications for the development of methodological support for setting up hybrid projects in practice.

The paper addresses a gap acknowledged both in the literature and by practitioners.

Integrated health care delivery (IHCD), as a major issue of managed care, was considered the panacea to rising health care costs. In theory it would simultaneously provide high-quality and continuous care. However, owing to the backlash of managed care at the turn of the century many health care providers today refrain from using further integrative activities. Based on transaction cost economics, this chapter investigates why IHCD is deemed appropriate in certain circumstances and why it failed in the past. It explores the new understanding of IHCD, which focuses on actual integration through virtual integration instead of aggregation of health care entities. Current success factors of virtually integrated hybrid structures, which have been evaluated in a long-term case study conducted in the San Francisco Bay Area from July 2001 to September 2002, will elucidate the further development of IHCD and the implications for other industrialized countries, such as Germany.

The paper addresses various cyber threats and their effects on the internet. A review of the literature on intrusion detection systems (IDSs) as a means of mitigating internet attacks is presented, and gaps in the research are identified. The purpose of this paper is to identify the limitations of the current research and presents future directions for intrusion/malware detection research.

The paper presents a review of the research literature on IDSs, prior to identifying research gaps and limitations and suggesting future directions.

The popularity of the internet makes it vulnerable against various cyber-attacks. Ongoing research on intrusion detection methods aims to overcome the limitations of earlier approaches to internet security. However, findings from the literature review indicate a number of different limitations of existing techniques: poor accuracy, high detection time, and low flexibility in detecting zero-day attacks.

This paper provides a review of major issues in intrusion detection approaches. On the basis of a systematic and detailed review of the literature, various research limitations are discovered. Clear and concise directions for future research are provided.

Anomaly detection of network attacks has become a high priority because of the need to guarantee security, privacy and reliability. This work aims to describe both intelligent immunological approaches and traditional monitoring systems for anomaly detection.

Author investigated different artificial immune system (AIS) theories and proposes how to combine different ideas to solve problems of network security domain. An anomaly detection system that applies those ideas was built and tested in a real time environment, to test the pros and cons of AIS and clarify its applicability. Rather than building a detailed signature based model of intrusion detection system, the scope of this study tries to explore the principle in an immune network focusing on its self-organization, adaptive learning capability, and immune feedback.

The natural immune system has its own intelligent mechanisms to detect the foreign bodies and fight them and without it, an individual cannot live, even just for several days. Network attackers evolved new types of attacks. Attacks became more complex, severe and hard to detect. This results in increasing needs for network defense systems, especially those with ability to extraordinary approaches or to face the dynamic nature of continuously changing network threats. KDD CUP'99 dataset are used as a training data to evaluate the proposed hybrid artificial immune principles anomaly detection. The average cost of the proposed model was 0.1195 where that the wining of KDD99 dataset computation had 0.233.

It is original to introduce investigation on the vaccination biological process. A special module was built to perform this process and check its usage and how it could be formulated in artificial life.

Nowadays, more interest is found among the researchers in MANETs in practical and theoretical areas and their performance under various environments. WSNs have begun to combine with the IoT via the sensing capability of Internet-connected devices and the Internet access ability of sensor nodes. It is essential to shelter the network from attacks over the Internet by keeping the secure router.

This paper plans to frame an effective literature review on diverse intrusion detection and prevention systems in Wireless Sensor Networks (WSNs) and Mobile Ad hoc NETworks (MANETs) highly suitable for security in Internet of Things (IoT) applications. The literature review is focused on various types of attacks concentrated in each contribution and the adoption of prevention and mitigation models are observed. In addition, the types of the dataset used, types of attacks concentrated, types of tools used for implementation, and performance measures analyzed in each contribution are analyzed. Finally, an attempt is made to conclude the review with several future research directions in designing and implementing IDS for MANETs that preserve the security aspects of IoT.

It observed the different attack types focused on every contribution and the adoption of prevention and mitigation models. Additionally, the used dataset types, the focused attack types, the tool types used for implementation, and the performance measures were investigated in every contribution.

This paper presents a literature review on diverse contributions of attack detection and prevention, and the stand of different machine learning and deep learning models along with the analysis of types of the dataset used, attacks concentrated, tools used for implementation and performance measures on the network security for IoT applications.

Nowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that represent basic units of computation. These ECUs communicate with each other over the Controller Area Network (CAN) bus protocol which ensures a high communication rate. Even though it is an efficient standard which provides communication for in-vehicle networks, it is prone to various cybersecurity attacks. This paper aims to present a systematic literature review (SLR) which focuses on potential attacks on CAN bus networks. Then, it surveys the solutions proposed to overcome these attacks. In addition, it investigates the validation strategies aiming to check their accuracy and correctness.

The authors have adopted the SLR methodology to summarize existing research papers that focus on the potential attacks on CAN bus networks. In addition, they compare the selected papers by classifying them according to the adopted validation strategies. They identify also gaps in the existing literature and provide a set of open challenges that can significantly improve the existing works.

The study showed that most of the examined papers adopted the simulation as a validation strategy to imitate the system behavior and evaluate a set of performance criteria. Nevertheless, a little consideration has been given to the formal verification of the proposed systems.

Unlike the existing surveys, this paper presents the first SLR that identifies local and remote security attacks that can compromise in-vehicle and inter-vehicle communications. Moreover, it compares the reviewed papers while focusing on the used validation strategies.