A Network Intrusion Detection System (NIDS) monitors a network for malicious activities or policy violations [1]. The Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on x86 hardware virtualization extensions [2]. We design and implement a back-propagation network intrusion detection system in KVM. Compared to traditional Back Propagation (BP) NIDS, the Particle Swarm Optimization (PSO) algorithm is applied to improve efficiency. The results show an improved system in terms of recall and precision along with missing detection rates.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORKIJNSA Journal
Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
IRJET-Security Based Data Transfer and Privacy Storage through Watermark Dete...IRJET Journal
Gowtham.T ,Pradeep Kumar.G " Security Based Data Transfer and Privacy Storage through Watermark Detection ", International Research Journal of Engineering and Technology (IRJET), Volume2,issue-01 April 2015.e-ISSN:2395-0056, p-ISSN:2395-0072. www.irjet.net .published by Fast Track Publications
Abstract
Digital watermarking has been proposed as a technology to ensure copyright protection by embedding an imperceptible, yet detectable signal in visual multimedia content such as images or video. In every field key aspect is the security Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service. Several attempts has been made for increasing the security related works and avoidance of data loss. Existing system had attain its solution up to its level where it can be further able to attain the parameter refinement. In this paper improvising factor been made on the successive compressive sensing reconstruction part and Peak Signal-to-Noise Ratio (PSNR).Another consideration factor is to increase (CS) rate through de-emphasize the effect of predictive variables that become uncorrelated with the measurement data which eliminates the need of (CS) reconstruction.
Creation of smart spaces and scaling of devices to achieve miniaturization in pervasive computing environments has put forth a question on the degree of security of such devices. Security being a unique challenge in such environments, solution demands scalability, access control, heterogeneity, trust. Most of the existing cryptographic solutions widely in use rely on the hardness of factorization and number theory
problems. With the increase in cryptanalytic attacks these schemes will soon become insecure. We need an alternate security mechanism which is as hard as the existing number theoretic approaches. In this work, we discuss the aspects of Lattice based cryptography as a new dimension of providing security whose strength lies in the hardness of lattice problems. We discuss about a cryptosystem whose security relies on high lattice dimension.
Secure data aggregation technique for wireless sensor networks in the presenc...LogicMindtech Nologies
NS2 Projects for M. Tech, NS2 Projects in Vijayanagar, NS2 Projects in Bangalore, M. Tech Projects in Vijayanagar, M. Tech Projects in Bangalore, NS2 IEEE projects in Bangalore, IEEE 2015 NS2 Projects, WSN and MANET Projects, WSN and MANET Projects in Bangalore, WSN and MANET Projects in Vijayangar
Network Security: Experiment of Network Health Analysis At An ISPCSCJournals
This paper presents the findings of an analysis performed at an internet service provider. Based on netflow data collected and analyzed using nfdump, it helped assess how healthy is the network of an Internet Service Providers (ISP). The findings have been instrumental in reflection about reshaping the network architecture. And they have also demonstrated the need for consistent monitoring system.
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...IEEEMEMTECHSTUDENTPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
PERFORMANCE EVALUATION OF DIFFERENT KERNELS FOR SUPPORT VECTOR MACHINE USED I...IJCNCJournal
The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and the quantitative or qualitative network traffic data stream with numerous features. As a result, in order to
get rid of this problem, several types of intrusion detection methods with different levels of accuracy have been proposed which leads the choice of an effective and robust method for IDS as a very important topic in information security. In this regard, the support vector machine (SVM) has been playing an important role to provide potential solutions for the IDS problem. However, the practicability of introducing SVM is
affected by the difficulties in selecting appropriate kernel and its parameters. From this viewpoint, this paper presents the work to apply different kernels for SVM in ID Son the KDD’99 Dataset and NSL-KDD dataset as well as to find out which kernel is the best for SVM. The important deficiency in the KDD’99 data set is the huge number of redundant records as observed earlier. Therefore, we have derived a data set RRE-KDD by eliminating redundant record from KDD’99train and test dataset prior to apply different kernel for SVM. This RRE-KDD consists of both KDD99Train+ and KDD99 Test+ dataset for training and testing purposes, respectively. The way to derive RRE-KDD data set is different from that of NSL-KDD
data set. The experimental results indicate that Laplace kernel can achieve higher detection rate and lower false positive rate with higher precision than other kernel son both RRE-KDD and NSL-KDD datasets. It is also found that the performances of other kernels are dependent on datasets.
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLSijcsa
Quantum cryptography is based on quantum mechanics to guarantee secure communication. It allows two
parties to produce a shared random bit string known only to them. These random bits can be used as a key
to encrypt and decrypt messages. The most important and unique property of quantum cryptography is the
ability of the two communicating users to detect the presence of any third party trying to gain knowledge of
the key. It is based on fundamental aspects of quantum mechanics. By using quantum entanglement or
quantum super positions and transmitting information in quantum states, a communication system can be
implemented which detects eavesdropping. Quantum cryptography is used to produce and distribute a key,
not to transmit any message data. This key along with certain encryption algorithm, is used to encrypt (and
decrypt) a message, which can then be transmitted over a standard communication channel. This paper
concentrates on comparison between classical and quantum cryptography as well as survey on various
quantum key distribution protocols used to generate and distribute the key among communicating parties.
A predictive model for network intrusion detection using stacking approach IJECEIAES
Due to the emerging technological advances, cyber-attacks continue to hamper information systems. The changing dimensionality of cyber threat landscape compel security experts to devise novel approaches to address the problem of network intrusion detection. Machine learning algorithms are extensively used to detect intrusions by dint of their remarkable predictive power. This work presents an ensemble approach for network intrusion detection using a concept called Stacking. As per the popular no free lunch theorem of machine learning, employing single classifier for a problem at hand may not be ideal to achieve generalization. Therefore, the proposed work on network intrusion detection emphasizes upon a combinative approach to improve performance. A robust processing paradigm called Graphlab Create, capable of upholding massive data has been used to implement the proposed methodology. Two benchmark datasets like UNSW NB-15 and UGR’ 16 datasets are considered to demonstrate the validity of predictions. Empirical investigation has illustrated that the performance of the proposed approach has been reasonably good. The contribution of the proposed approach lies in its finesse to generate fewer misclassifications pertaining to various attack vectors considered in the study.
Replay of Malicious Traffic in Network TestbedsDETER-Project
In this paper we present tools and methods to integrate attack measurements from the Internet with controlled experimentation on a network testbed. We show that this approach provides greater fidelity than synthetic models. We compare the statistical properties of real-world attacks with synthetically generated constant bit rate attacks on the testbed. Our results indicate that trace replay provides fine time-scale details that may be absent in constant bit rate attacks. Additionally, we demonstrate the effectiveness of our approach to study new and emerging attacks. We replay an Internet attack captured by the LANDER system on the DETERLab testbed within two hours.
Data and tools from the paper are available at: http://montage.deterlab.net/magi/hst2013tools
Also read the LANDER Blog entry at: http://ant.isi.edu/blog/?p=411
Network Security Enhancement in WSN by Detecting Misbehavioural Activity as C...ijtsrd
This system proposes a centralized system for replica identification. The network is divided into segments and an inspection node is chosen for each segment. Inspection node identifies a clone node by checking the nodes ID and cryptographic key. In this process, Chord algorithm is used to detect the clone node, every node is assigned with random key, before it transmits the data it has to give its key which would be verified by the witness node. If same key is given by another node then the witness node identifies the cloned node. Here every node only needs to know the neighbor list containing all neighbor IDs and its location. In this scheme, Energy Efficient Clustering Protocol EECP protocol is used to implement different energy saving methods. Dr. B. R. Tapas Bapu | Hemavathi S U | Poonkuzhali K | Sweety J "Network Security Enhancement in WSN by Detecting Misbehavioural Activity as Copy Cat Nodes" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31257.pdf Paper Url :https://www.ijtsrd.com/engineering/computer-engineering/31257/network-security-enhancement-in-wsn-by-detecting-misbehavioural-activity-as-copy-cat-nodes/dr-b-r-tapas-bapu
COMPARATIVE ANALYSIS OF DIFFERENT ENCRYPTION TECHNIQUES IN MOBILE AD HOC NETW...IJCNCJournal
In this paper a detailed analysis of Data Encryption Standard (DES), Triple DES (3DES) and Advanced
Encryption Standard (AES) symmetric encryption algorithms in MANET was done using the Network
Simulator 2 (NS-2) in terms of energy consumption, data transfer time, End-to-End delay time and
throughput with varying data sizes. Two simulation models were adopted: the first simulates the network
performance assuming the availability of the common key, and the second simulates the network
performance including the use of the Diffie-Hellman Key Exchange (DHKE) protocol in the key
management phase. The obtained simulation results showed the superiority of AES over DES by 65%, 70%
and 83% in term of the energy consumption, data transfer time, and network throughput respectively. On
the other hand, the results showed that AES is better than 3DES by approximately 90% for all of the
performance metrics. Based on these results the AES was the recommended encryption scheme.
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
Intrusion Detection Systems By Anamoly-Based Using Neural NetworkIOSR Journals
To improve network security different steps has been taken as size and importance of the network has
increases day by day. Then chances of a network attacks increases Network is mainly attacked by some
intrusions that are identified by network intrusion detection system. These intrusions are mainly present in data
packets and each packet has to scan for its detection. This paper works to develop a intrusion detection system
which utilizes the identity and signature of the intrusion for identifying different kinds of intrusions. As network
intrusion detection system need to be efficient enough that chance of false alarm generation should be less,
which means identifying as a intrusion but actually it is not an intrusion. Result obtained after analyzing this
system is quite good enough that nearly 90% of true alarms are generated. It detect intrusion for various
services like Dos, SSH, etc by neural network
NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORKIJNSA Journal
Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
IRJET-Security Based Data Transfer and Privacy Storage through Watermark Dete...IRJET Journal
Gowtham.T ,Pradeep Kumar.G " Security Based Data Transfer and Privacy Storage through Watermark Detection ", International Research Journal of Engineering and Technology (IRJET), Volume2,issue-01 April 2015.e-ISSN:2395-0056, p-ISSN:2395-0072. www.irjet.net .published by Fast Track Publications
Abstract
Digital watermarking has been proposed as a technology to ensure copyright protection by embedding an imperceptible, yet detectable signal in visual multimedia content such as images or video. In every field key aspect is the security Privacy is a critical issue when the data owners outsource data storage or processing to a third party computing service. Several attempts has been made for increasing the security related works and avoidance of data loss. Existing system had attain its solution up to its level where it can be further able to attain the parameter refinement. In this paper improvising factor been made on the successive compressive sensing reconstruction part and Peak Signal-to-Noise Ratio (PSNR).Another consideration factor is to increase (CS) rate through de-emphasize the effect of predictive variables that become uncorrelated with the measurement data which eliminates the need of (CS) reconstruction.
Creation of smart spaces and scaling of devices to achieve miniaturization in pervasive computing environments has put forth a question on the degree of security of such devices. Security being a unique challenge in such environments, solution demands scalability, access control, heterogeneity, trust. Most of the existing cryptographic solutions widely in use rely on the hardness of factorization and number theory
problems. With the increase in cryptanalytic attacks these schemes will soon become insecure. We need an alternate security mechanism which is as hard as the existing number theoretic approaches. In this work, we discuss the aspects of Lattice based cryptography as a new dimension of providing security whose strength lies in the hardness of lattice problems. We discuss about a cryptosystem whose security relies on high lattice dimension.
Secure data aggregation technique for wireless sensor networks in the presenc...LogicMindtech Nologies
NS2 Projects for M. Tech, NS2 Projects in Vijayanagar, NS2 Projects in Bangalore, M. Tech Projects in Vijayanagar, M. Tech Projects in Bangalore, NS2 IEEE projects in Bangalore, IEEE 2015 NS2 Projects, WSN and MANET Projects, WSN and MANET Projects in Bangalore, WSN and MANET Projects in Vijayangar
Network Security: Experiment of Network Health Analysis At An ISPCSCJournals
This paper presents the findings of an analysis performed at an internet service provider. Based on netflow data collected and analyzed using nfdump, it helped assess how healthy is the network of an Internet Service Providers (ISP). The findings have been instrumental in reflection about reshaping the network architecture. And they have also demonstrated the need for consistent monitoring system.
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A probabilistic-misbehavior-de...IEEEMEMTECHSTUDENTPROJECTS
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09666155510, 09849539085 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
PERFORMANCE EVALUATION OF DIFFERENT KERNELS FOR SUPPORT VECTOR MACHINE USED I...IJCNCJournal
The success of any Intrusion Detection System (IDS) is a complicated problem due to its nonlinearity and the quantitative or qualitative network traffic data stream with numerous features. As a result, in order to
get rid of this problem, several types of intrusion detection methods with different levels of accuracy have been proposed which leads the choice of an effective and robust method for IDS as a very important topic in information security. In this regard, the support vector machine (SVM) has been playing an important role to provide potential solutions for the IDS problem. However, the practicability of introducing SVM is
affected by the difficulties in selecting appropriate kernel and its parameters. From this viewpoint, this paper presents the work to apply different kernels for SVM in ID Son the KDD’99 Dataset and NSL-KDD dataset as well as to find out which kernel is the best for SVM. The important deficiency in the KDD’99 data set is the huge number of redundant records as observed earlier. Therefore, we have derived a data set RRE-KDD by eliminating redundant record from KDD’99train and test dataset prior to apply different kernel for SVM. This RRE-KDD consists of both KDD99Train+ and KDD99 Test+ dataset for training and testing purposes, respectively. The way to derive RRE-KDD data set is different from that of NSL-KDD
data set. The experimental results indicate that Laplace kernel can achieve higher detection rate and lower false positive rate with higher precision than other kernel son both RRE-KDD and NSL-KDD datasets. It is also found that the performances of other kernels are dependent on datasets.
A SURVEY ON QUANTUM KEY DISTRIBUTION PROTOCOLSijcsa
Quantum cryptography is based on quantum mechanics to guarantee secure communication. It allows two
parties to produce a shared random bit string known only to them. These random bits can be used as a key
to encrypt and decrypt messages. The most important and unique property of quantum cryptography is the
ability of the two communicating users to detect the presence of any third party trying to gain knowledge of
the key. It is based on fundamental aspects of quantum mechanics. By using quantum entanglement or
quantum super positions and transmitting information in quantum states, a communication system can be
implemented which detects eavesdropping. Quantum cryptography is used to produce and distribute a key,
not to transmit any message data. This key along with certain encryption algorithm, is used to encrypt (and
decrypt) a message, which can then be transmitted over a standard communication channel. This paper
concentrates on comparison between classical and quantum cryptography as well as survey on various
quantum key distribution protocols used to generate and distribute the key among communicating parties.
A predictive model for network intrusion detection using stacking approach IJECEIAES
Due to the emerging technological advances, cyber-attacks continue to hamper information systems. The changing dimensionality of cyber threat landscape compel security experts to devise novel approaches to address the problem of network intrusion detection. Machine learning algorithms are extensively used to detect intrusions by dint of their remarkable predictive power. This work presents an ensemble approach for network intrusion detection using a concept called Stacking. As per the popular no free lunch theorem of machine learning, employing single classifier for a problem at hand may not be ideal to achieve generalization. Therefore, the proposed work on network intrusion detection emphasizes upon a combinative approach to improve performance. A robust processing paradigm called Graphlab Create, capable of upholding massive data has been used to implement the proposed methodology. Two benchmark datasets like UNSW NB-15 and UGR’ 16 datasets are considered to demonstrate the validity of predictions. Empirical investigation has illustrated that the performance of the proposed approach has been reasonably good. The contribution of the proposed approach lies in its finesse to generate fewer misclassifications pertaining to various attack vectors considered in the study.
Replay of Malicious Traffic in Network TestbedsDETER-Project
In this paper we present tools and methods to integrate attack measurements from the Internet with controlled experimentation on a network testbed. We show that this approach provides greater fidelity than synthetic models. We compare the statistical properties of real-world attacks with synthetically generated constant bit rate attacks on the testbed. Our results indicate that trace replay provides fine time-scale details that may be absent in constant bit rate attacks. Additionally, we demonstrate the effectiveness of our approach to study new and emerging attacks. We replay an Internet attack captured by the LANDER system on the DETERLab testbed within two hours.
Data and tools from the paper are available at: http://montage.deterlab.net/magi/hst2013tools
Also read the LANDER Blog entry at: http://ant.isi.edu/blog/?p=411
Network Security Enhancement in WSN by Detecting Misbehavioural Activity as C...ijtsrd
This system proposes a centralized system for replica identification. The network is divided into segments and an inspection node is chosen for each segment. Inspection node identifies a clone node by checking the nodes ID and cryptographic key. In this process, Chord algorithm is used to detect the clone node, every node is assigned with random key, before it transmits the data it has to give its key which would be verified by the witness node. If same key is given by another node then the witness node identifies the cloned node. Here every node only needs to know the neighbor list containing all neighbor IDs and its location. In this scheme, Energy Efficient Clustering Protocol EECP protocol is used to implement different energy saving methods. Dr. B. R. Tapas Bapu | Hemavathi S U | Poonkuzhali K | Sweety J "Network Security Enhancement in WSN by Detecting Misbehavioural Activity as Copy Cat Nodes" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd31257.pdf Paper Url :https://www.ijtsrd.com/engineering/computer-engineering/31257/network-security-enhancement-in-wsn-by-detecting-misbehavioural-activity-as-copy-cat-nodes/dr-b-r-tapas-bapu
COMPARATIVE ANALYSIS OF DIFFERENT ENCRYPTION TECHNIQUES IN MOBILE AD HOC NETW...IJCNCJournal
In this paper a detailed analysis of Data Encryption Standard (DES), Triple DES (3DES) and Advanced
Encryption Standard (AES) symmetric encryption algorithms in MANET was done using the Network
Simulator 2 (NS-2) in terms of energy consumption, data transfer time, End-to-End delay time and
throughput with varying data sizes. Two simulation models were adopted: the first simulates the network
performance assuming the availability of the common key, and the second simulates the network
performance including the use of the Diffie-Hellman Key Exchange (DHKE) protocol in the key
management phase. The obtained simulation results showed the superiority of AES over DES by 65%, 70%
and 83% in term of the energy consumption, data transfer time, and network throughput respectively. On
the other hand, the results showed that AES is better than 3DES by approximately 90% for all of the
performance metrics. Based on these results the AES was the recommended encryption scheme.
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
Intrusion Detection Systems By Anamoly-Based Using Neural NetworkIOSR Journals
To improve network security different steps has been taken as size and importance of the network has
increases day by day. Then chances of a network attacks increases Network is mainly attacked by some
intrusions that are identified by network intrusion detection system. These intrusions are mainly present in data
packets and each packet has to scan for its detection. This paper works to develop a intrusion detection system
which utilizes the identity and signature of the intrusion for identifying different kinds of intrusions. As network
intrusion detection system need to be efficient enough that chance of false alarm generation should be less,
which means identifying as a intrusion but actually it is not an intrusion. Result obtained after analyzing this
system is quite good enough that nearly 90% of true alarms are generated. It detect intrusion for various
services like Dos, SSH, etc by neural network
Firewall and vpn investigation on cloud computing performanceIJCSES Journal
The paper presents the way to provide the security to one of the recent development in computing, cloud
computing. The main interest is to investigate the impact of using Virtual Private Network VPN together
with firewall on cloud computing performance. Therefore, computer modeling and simulation of cloud
computing with OPNET modular simulator has been conducted for the cases of cloud computing with and
without VPN and firewall. To achieve clear idea on these impacts, the simulation considers different
scenarios and different form application traffic applied. Simulation results showing throughput, delay,
servers traffic sent and received have been collected and presented. The results clearly show that there is
impact in throughput and delay through the use of VPN and firewall. The impact on throughput is higher
than that on the delay. Furthermore, the impact show that the email traffic is more affected than web
traffic.
Malware Detection in Cloud Computing Infrastructures
malware detection whole design and working in a short ppt effectively explaining the criteria and infrastructure
International Journal of Engineering Research and Development (IJERD)IJERD Editor
We would send hard copy of Journal by speed post to the address of correspondence author after online publication of paper.
We will dispatched hard copy to the author within 7 days of date of publication
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYijgca
Using Grid Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared networks of configurable computing resources, without the burden of local data storage and maintenance. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). The basic idea of dynamic secrets is to generate a series of secrets from unavoidable transmission errors and other random factors in wireless communications In DSE, the previous packets are coded as binary values 0 and 1 according to whether they are retransmitted due to channel error. This 0/1 sequence is called as retransmission sequence (RS) which is applied to generate dynamic secret (DS). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS.
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYijgca
Using Grid Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared networks of configurable computing resources, without the burden of local data storage and maintenance. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). The basic idea of dynamic secrets is to generate a series of secrets from unavoidable transmission errors and other random factors in wireless communications In DSE, the previous packets are coded as binary values 0 and 1 according to whether they are retransmitted due to channel error. This 0/1 sequence is called as retransmission sequence (RS) which is applied to generate dynamic secret (DS). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS.
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYijgca
Using Grid Storage, users can remotely store their data and enjoy the on-demand high quality applications and services from a shared networks of configurable computing resources, without the burden of local data storage and maintenance. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS. In this project based on the dynamic secrets proposed design an encryption scheme for SG wireless communication, named as dynamic secret-based encryption (DSE). The basic idea of dynamic secrets is to generate a series of secrets from unavoidable transmission errors and other random factors in wireless communications In DSE, the previous packets are coded as binary values 0 and 1 according to whether they are retransmitted due to channel error. This 0/1 sequence is called as retransmission sequence (RS) which is applied to generate dynamic secret (DS). Dynamic encryption key (DEK) is updated by XOR the previous DEK with current DS
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...IJNSA Journal
Intrusion Detection Systems (IDS) form a key part of system defence, where it identifies abnormal
activities happening in a computer system. In recent years different soft computing based techniques have
been proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfect
technology. This has provided an opportunity for data mining to make quite a lot of important
contributions in the field of intrusion detection. In this paper we have proposed a new hybrid technique
by utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzy and radial basis function(RBF) SVM for fortification of the intrusion detection system. The
proposed technique has five major steps in which, first step is to perform the relevance analysis, and then
input data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that each
of the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.
Subsequently, a vector for SVM classification is formed and in the last step, classification using RBF-
SVM is performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 dataset
and we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Our
technique could achieve better accuracy for all types of intrusions. The results of proposed technique are
compared with the other existing techniques. These comparisons proved the effectiveness of our
technique.
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations.
However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent
weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS
attack in IoT networks by classifying incoming network packets on the transport layer as either
“Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep
learning algorithms and two clustering algorithms were independently trained for mitigating DDoS
attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and
UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during
the experimentation phase. The accuracy score and normalized-mutual-information score are used to
quantify the classification performance of the four algorithms. Our results show that the autoencoder
performed overall best with the highest accuracy across all the datasets.
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations. However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS attack in IoT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep learning algorithms and two clustering algorithms were independently trained for mitigating DDoS attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during the experimentation phase. The accuracy score and normalized-mutual-information score are used to quantify the classification performance of the four algorithms. Our results show that the autoencoder performed overall best with the highest accuracy across all the datasets.
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Similar to A Back Propagation Neural Network Intrusion Detection System Based on KVM (20)
In order to study the WGS on an industrial scale at a low pressure, the modeling andsimulation of a WGS reactor operating at a pressure close to Patm and processing an industrial charge in the presence of a high temperature shift catalyst (Fe2O3/Cr2O3) were performed. The Profiles of the carbon monoxide conversion, temperature and pressure along the reactor were obtained. The effect of several operating parameters (inlet temperature, H2O/CO ratio) on the conversion of carbon monoxide along the reactor has been determined. The estimated catalytic mass to convert 60.5% of the carbon monoxide contained in the inlet is 170.76 t. The pressure drops in the reactor are not negligible and the maximum temperaturereached is without any harmful effect on the catalyst. The choice of an optimal inlet temperature and a high H2O/CO ratio improves the conversion of carbon monoxide.
As we are all aware,therecent discovery of the Higgs boson has revealed a highly massive particle, the value of which lies between 125and 126.5 GeV/c2.. According to the basic concepts of Quantum Mechanics, and in full compliance with the Uncertainty Principle and Yukawa intuitions, we were able to calculate the maximum limit of the Higgs boson‟s field of action. From the calculations show that the Higgs boson presents a range of action really very small, namely 9.8828∙10-16[cm], that is slightly smaller than 10-15[cm]. This value is justified by the considerable mass that the Higgs bosonacquires, in perfect agreement with the Uncertainty Principle.
The dependencies of total pressure, velocity, vorticity, turbulent length, turbulent dissipation, turbulent viscosity, turbulent energy and turbulent time of moving fluid from a straight pipe length of a circular cross section are presented in graphical and mathematical forms. Changing analysis of considered parameters was performed at mass flow rates of 0.45, 1.0 and 1.5 kg/s. A transition boundary of laminar flow of fluid to turbulent flow is at the distance of 2/5 of length from the inlet of the pipe (at accepted total length of the pipe of 1000 mm).
This paper considers the problem of magneto-hydrodynamics (MHD) Newtonian and non-Newtonian nano fluid flow passing on a magnetic sphere with mixed convection effect. Nano Fluid is a combination of liquid fluid as a base fluid with small solid nano particles. Water is chosen as Newtonian base fluid and oil is chosen as non-Newtonian base fluid. Then, Alumina and Copper are chosen as solid particle in nano fluid. We further construct governing equation by applying continuity equation, momentum equation, and energy equation to obtain dimensional governing equations. The dimensional governing equations that have been obtained are converted into non-dimensional governing equations by substituting non-dimensional variables. The non-dimensional governing equations are further transformed into similarity equations using stream function and solved numerically using Euler Implicit Finite Difference method. We further analyse the effect of magnetic parameter towards velocity and temperature in MHD nano fluid flow. The results show that the increases of magnetic parameter impacts to the decrease of velocity and temperature. Then, the velocity and temperature of Newtonian nano fluid are higher than the velocity and temperature of non-Newtonian nano fluid. Also, the velocity and temperature of copper-water are higher than the velocity and temperature of Alumina-water.
Building materials used for the walls of simple houses in lower-middle-class areas in Indonesia are currently dominated by brick. This study proposes that soil-paper blocks coated with calcium silicate board may be a suitable alternative, with high embodied energy and density. The research aims to obtain an optimal wall thickness to provide protection against cooling and embodied energy in low income houses, as well as against the temperature conditions in these buildings in highland and lowland areas. Determination of wall thickness is performed by simulation of a 9 m2 building model with thick variables. Cooling calculations involved the use of Archipak software. Temperature measurements were carried out using a data logger on a sample of soil-paper blocks. The results indicate that the optimal wall thickness for protection against cooling and embodied energy is 8 cm. Soil-paper block has a lower density than brick. The use of calcium silicate boards does not affect the internal temperature of a low income house, but they can be used as protection against rainwater and as a substitute for wall plastering.
Adaptive-optimal control involves re-identification of the machining process and the model obtained is used to calculate the optimal process parameters.
Optimal control characterizes the addiction of the technical and economic indicators to process parameters. Characteristic for performance technical indicators is that their dependence to parameter values of process has a limitative, what leads to one of the following conclusions, appropriately or inappropriately, and therefore can serve as restrictions in optimization problem.
Economic indicators have a continuous dependence of process parameters and therefore they are used as objective functions.
Knowledge management (KM) has become an effective way of managing organization‟s intellectual capital or, in other words, organization‟s full experience, skills and knowledge that is relevant for more effective performance in future. The paper proposes a knowledge management to achieve a competitive control of the machining systems. Then an application of Knowledge Management in engineering has been attempted to explain. The model can be used by the manager for the choosing of competitive orders.
Ceftriaxone is one of the third generations of cephalosporin antibiotics and commercially found as a sodium salt. The market demand for it is still high in recent years, including in Indonesia. However, there is no local production manufacture yet. A high yield of ceftriaxone sodium would be an advantage in industrial scale. Ceftriaxone was synthesized by reacting 7–amino–3–[(2,5–dihydro–6–hydroxy–2–methyl–5–oxo–1,2,4–triazin–3–yl) thiomethyl] cephalosporanic acid (7-ACT) with 2-Mercaptobenzothiazolyl (Z)-2-(2-Aminothiazole-4-yl)-2-Methoxyimino Acetate (MAEM) then with sodium salt in basic condition. The product was generated by solventing-out using acetone. The products were analyzed by HPLC quantitatively and the structure was confirmed using FTIR, MS and NMR. In this research, the variation in the mole ratio of reactants against the yield of product was evaluated. The result showed that the variations in mole ratio reactants affect the yield production. The higher ratio of MAEM would be the higher yield is obtained. The results show that the yield was 72,17% at mole ratio 1:2 which has 99,32% purity. This result could be a consideration in industrial production scale in ceftriaxone sodium preparation.
The challenges of river water quality management are so enormous, due to the unpredictive modes of contamination. Monitoring different sources of pollutant load contribution to the river basin is also quite tasking, resulting to laborious and expensive process which sometimes lead to analytical errors. This study deals with the assessment of the physico– chemicaland bacteriological parameters of water samples from River Amba during the period of August 2017 to January 2018 and developing regression models. Water quality Parameters such as Temperature, Turbidity (NTU), Suspended solids (mg/l), Colour, Total solids, Total dissolved solids, Electrical conductivity (μs/cm), pH, Hardness, Chemical Oxygen Demand, Dissolved Oxygen (DO), and Total Coliform were obtained and compared with water quality standards. The results of the water quality analysis of the study in comparison with drinking water quality standard issued byWorld Health Organization(WHO) and National Agency for Food and Drug Administration Control (NAFDAC) revealed that most of the water quality parameters were not adequate to pronounce the water potable. Hence adequate water treatment processes should be employed to make the water fit for consumption and other domestic uses. Statistical analysis was done, in which the systematic correlation and regressionanalysis showed a significant linear relationship between different pairs of water quality parameters. The highest correlation coefficient between different pairs of parameters obtained is (r = 0.999), resulting from the correlation between TS and SS. Multiple regression analysis was also carried out and regression equations were developed. It was observed that the parameters studied had a positive correlation with each other.
Time, in the globalized world, is one of the most important factors about the economy, science and health. Mankind has made various efforts to use time efficiently for many years. In these studies transport came to the fore and it has become indispensable. In the light of today's technological conditions, air transport is developing at an increasing rate. Every day many aircrafts are produced, which have different speeds, weight and volume, for serve to transport. Therefore to make structures for easy and safe transport need a stable soil. Particularly suitable areas for the airport grounds in cities today, not being physically proper that construction of the airport made on soil with low bearing capacity, swelling potential of an expansive soil, settlement of soil etc, areas. In this study, soil problems encountered in the construction of airports will be explained and a summary of studies on the solution of these problems will be presented.
People in a big city as Antananarivo, capital of Madagascar, have leads to take street foods for their daily nutritional needs. This food habits may be a risk for consumers due to contaminations from street environment and bad practices related to hygiene. This study aimed to examine the quality and safety of street vended foods in Antananarivo, on January 2016 to December 2017.Six hundred and sixty two samples including 126samples of melting salads, 70 beef skewers, 54 chicken skewers, and typical Malagasy foods as : mofoanana (67 samples), mofogasy (64 samples), ramanonaka (64), makasaoka (66), mofoakondro (62) and kobandravina(89);were randomly collected from the streetvendors in Antananarivo marketsto evaluate their bacteriological quality.International Methods (ISO) was adopted for to find the load of Total Aerobic Bacteria andEnterobateriaceae,Escherichia coli and to search pathogen bacteria as Salmonella, Campylobacter jejuni, Escherichia coli O157H7 and Bacillus cereus in these foods.The results revealed that the mean values ofthe Total Aerobic Bacteria count was 0.1x106- 4.8x106cfu/g. Enterobacteriaceaecount range from 0.4x102 to 1.9x102cfu/g. Escherichia coli count range from 0.04x102cfu/g. to 0.19 x102cfu/g.Salmonellawas only present in melting salads, beef skewers and chicken skewers samples. Bacillus cereus count range from 0,1x102 to 1,5x102cfu/g. Campylobacter jejuniwas only present in samples of ramanonaka and kobandravina. Two strains of presumptive Eschercichia coli O157 H7 (βglucuronidase -) were isolated. PCR method was used to confirm the identity of these two isolates. A high contamination above 106 cfu/g food and the presence of potential pathogens bacteria could be hazardous. Systematic inspections and training of food vendors on food hygiene and application of hazard analysis critical control point (HACCP) has been recognised as measures to guarantee improvement of the quality of street foods.
In order to clean up soils contaminated with hydrocarbons, the bioremediation activity of Pseudomonas putida was studied. Pseudomonas putida is a bacterium that can withstand the harshest environmental conditions. It is able to metabolize a wide range of petroleum hydrocarbons which is used as a source of carbon and energy. Given the potential of this microorganism, an experiment wasconducted on this strain.
For the isolation of this microorganism, a sample ofsoil from the Vakinankaratra region in the urban commune of Antsirabe II, Madagascar was microbiologically analysed. The bacterial identification was based on a study of the morphological, physicochemical and sequential analysis of the 16S rDNA gene.
Scored tablets provide dose flexibility, ease of swallowing and cost savings. However, some problems with scored tablets can be confronted like difficulty of breaking, unequally breaking and loss of mass upon breaking. This paper investigates the effect of score lines on the density distribution using continuum modelling. In keeping with previous work in the pharmaceutical field, a modified Drucker Prager Cap model is described briefly and used in the simulations. Coulomb friction is included between powder and tools. The microcrystalline cellulose (MCC) Vivapur® 102 was used to identify the model parameters using experimental tests with instrumented die, shear cell and diametrical crushing. The obtained results indicate that simulations may be useful not only to determine density distributions within tablets, but also may provide indications about performance of score lines.
In a plethora of countries, buildings are adapted to the local climate condition using sustainable architecture techniques and materials, thereby the highest level of climatic comfort is provided. For example, the walls and roofs reflecting sunlight have been used for centuries in the warm regions of the world, while in the cold regions, the maximum use of solar energy has been tended.
The process of modernization has created a high density, thereby demand for fast and affordable constructions in cities has subsequently increased, resulting in reduced attention to environmentally sustainable architecture techniques that, in turn, has led to the financial loss and scarcity of non-renewable energy resources over long periods of time.
Regarding the energy crisis and the necessity of saving non-renewable energy, the reduced need to use heating/cooling systems is assumed to be one of the key goals in advanced building design.
The present study was conducted based on causal research and simulation. Design Builder thermal simulation software was used as the tool to this end. Therefore, a building with/out solar chimney was modeled and analyzed to identify the effect of solar chimney on the amount of energy used for heating.
The control of motor rotation speed by the change of resistor resistance value in armature circuit is called ‘resistor control”. For the regulation of resistance value R0, included in armature winding circuit, we can use various technical solutions. The most used solution is the discrete variation of armature added resistance value by shunting its parts with contactors contacts. Nowadays, the change of resistor resistance in armature circuit can be realized by shunting with a given porosity γ of resistor R0 trough electronic keys. In this paper, we study the design of control system represented on figure 1.
A poultry yield prediction model have then designed using a data mining and machine learning technique called Classification and Regression Tree (CART) algorithm. The developed model has been optimized and pruned using the Reduced Error Pruning (REP) algorithm to improve prediction accuracy. An algorithm to make the prediction model flexible and capable of making predictions irrespective of poultry size or population has been proposed. The model can be used by poultry farmers to predict yield even before a breeding season. The model can also be used to help farmers take decisions to ensure desirable yield at the end of the breeding season.
Today, Web site design is used to make sites useful to users, with accessible functions, resources and information. Therefore, that design involves use of methodologies that allow an adequate structuring of them resources and organization, permitting users to access them quickly, easily and intuitively. This research consisted of a usability study oriented to website structure designers using a methodology based on concepts of ontology design. This study includes a planning to evaluate the design and the structure of website in aspects such as: ease of use, efficient access to information and performance on the tasks focused to total satisfaction of end user. Heuristic tests were used as diagnostic tools to evaluate usability of website design structures; these were supported by a heuristic evaluation guide and in the Sirius methodology[3]. The results obtained from them, allowed us to detect opportunities for improvement and optimization in website design, and in refining the Web interface oriented to end users.
Acceptance of a website is determined by various factors, one of the most important is the organization that allows users to access to functions, resources and information that it contains. This work consisted of a study of comparative usability between a website designed using principles of linguistics and design of ontologies and other using a strategy of a commercial product. A plan was designed and applied to evaluate the following aspects of website: ease of use, efficiency to access its information, efficacy to perform tasks and user satisfaction. Heuristic and user tests were used as diagnostic tools in usability evaluations, and an observation guide was made by an external evaluator as a complement to previous tests. The results clearly shown that is better use the proposed website design methodology. This allows to create site more structured, functional and with greater ease of access to resources that it contain.
Epoxidized sunflower oil (ESO) has been used to toughen epoxy resin GELR 128 cured with an accelerated aliphatic amine curing agent (Kingcure K-11) at room temperature. There was difference in the properties of the polymer composite materials based on epoxy resin GELR 128 cured by Kingcure K-11 between two processes: one-stage process and two-stage process for mixing ESO with epoxy resin GELR 128 at various content of ESO. The results showed that the two-stage process is considered to be more advantageous than the one-stage process. It can be concluded that the impact strength, critical stress intensity factor Kic and decomposition temperature of the polymer composite materials based on epoxy resin GELR 128 cured by Kingcure K-11 with content of ESO 5 phr in two-stage process was greater ones in one-stage process (impact strength: 35.012 kJ/m2, Kic: 2.72 MPa and decomposition temperature: 385.81 0C respectively).
In this paper, we consider the scaling invariant spaces for fractional Navier-Stokes in the
Lebesgue spaces ( ) p n L R and homogeneous Besov spaces
, ( ) s n
p q B R respectively.
More from International Journal of Innovation Engineering and Science Research (20)
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
A Back Propagation Neural Network Intrusion Detection System Based on KVM
1. International Journal of Innovation Engineering and Science Research
Open Access
Volume 2 Issue 4 July-August 2018 1|P a g e
ABSTRACT
A Back Propagation Neural Network Intrusion
Detection System Based on KVM
Jiazuo Wang
Computer Science Department, Bowling Green State University
Bowling Green, OH, United States
Yan Wu
Computer Science Department, Bowling Green State University
Bowling Green, OH, United States
A Network Intrusion Detection System (NIDS) monitors a network for malicious activities or policy violations [1].
The Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on x86 hardware virtualization
extensions [2]. We design and implement a back-propagation network intrusion detection system in KVM.
Compared to traditional Back Propagation (BP) NIDS, the Particle Swarm Optimization (PSO) algorithm is
applied to improve efficiency. The results show an improved system in terms of recall and precision along with
missing detection rates.
Keywords—NIDS, KVM, back-propagation, PSO algorithm
I. INTRODUCTION
The rapid development of cloud computing provides a new computing model for users with powerful
and cheap customized services including networks, servers, storage, and applications [2].
A. Background
The continuous improvement of cloud computing technology and competition among cloud providers
help users spend less in exchange for enhanced cloud resources. This enables legitimate users to
experience greater benefits by using cloud services with better quality. On the other hand, it
simultaneously enables malicious users to pay less to contract a substantial configuration of cloud
resources for launching an attack, which threatens other legitimate users on the same cloud platform.
The existing security technology in cloud computing environments is facing various problems, such as
large amounts of data, concurrent access, hardware resource sharing, and network compatibility.
Compared with traditional computer systems, cloud computing is more prone to large-scale, dangerous
attacks. Users store important information in the cloud platform from which malicious users may launch
attacks or steal information. The intruder may also use the powerful computing capabilities of the cloud
platform for malicious attacks on its own virtual machine. Typical attacks include the Resident attack,
Trojan, and Distributed Denial-of-Service (DDoS) attacks. In other words, with the rapid development of
cloud services, cloud computing applications are facing enhanced security threats.
B. Virtual Network Environment Security
The critical structural differences between cloud computing and traditional systems result in traditional
intrusion detection techniques not fitting in the cloud computing virtualization environment. All services
are provided by the server virtual machine where the security mechanism is deployed. To ensure the
safe operation of the virtual machine, the intrusion detection system must be installed on all virtual
machines on the same server in the cloud detection system. There are usually many virtual machines
on each cloud server, so the above scheme will require a significant amount of the cloud service
provider's computer resources, which greatly reduces the overall performance of the platform. To solve
this problem, the intrusion detection system is deployed on a privileged virtual machine, which is
responsible for the intrusion detection of all other virtual machines on the same server.
Today, mainstream network security technologies include encryption, firewall, and intrusion detection
systems. As a common intrusion detection technology, the artificial neural network (ANN) includes
2. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 2|P a g e
capabilities such as nonlinear elastic modeling, strong generalization, learning, and large-scale parallel
computing [3]. The forward neural network is one of the most widely used neural networks, and the BP
neural network is one of the most commonly used feedforward neural networks. The BP network, also
known as the error back propagation network, is a multi-layer mapping network that transmits
information forward with the minimum error propagating backward. A single hidden layer BP neural
network can approximate any nonlinear function with arbitrary precision. This characteristic makes the
BP neural network a common nonlinear detection system.
II. LITERATURE REVIEW
A significant amount of literature exists on cloud computing virtualization security research. Ficco et al.
[4] introduce cloud computing in virtual environments and a variety of safety-related research results
from different aspects, such as IDS and honeypot. Patel et al. [5] and Su et al. [6] list and analyze a
variety of cloud computing environment intrusion detection technologies and the detection strategies.
Lee and Yu [7] summarize the detection and defense model in a cloud environment. To ensure the
security of a cloud computing network, an intrusion detection system (IDS) acts as the second line of
defense in the computer network. It is responsible for processing and analyzing key information from
internal and external computer networks to collect and then raise alarms for any violations of the
security policy. A new virtual self-checking system is proposed in [8] to protect Kernel-based Virtual
Machines (KVM) from a malicious attack on the virtual machine. However, the study needs to establish
a complete set of rules in advance. Nantes et al. proposed a way for IDS to establish an efficient model
to gain the optimal number of features with reduced usage of computer resources including memory
and CPU time [9]. To deal with a large number of network access streams, control data, and
applications in the cloud, Dhage and Meshram proposed a new multi-thread distributed intrusion
detection model, which effectively integrates knowledge and behavior analysis into intrusion detection
while processing, analyzing, and generating a large number of data streams [10]. However, this model
is more complex and offers low efficiency.
Also, Rocha and Correia [11] show how malicious insiders can steal confidential data, indicating that
the current cloud computing application environment contains many security vulnerabilities. Greamo
and Gosh [12] cited the impact of malware on the cloud computing environment, and Hegazy et al. [13]
use agent-based technology to describe the framework of intrusion detection in cloud computing.
HishamA.Kholidy et al. [1] presents a computational framework for an intrusion detection system (IDS)
deployed in all nodes including databases in the cloud, which may cause central server overload,
communication, and excessive computation cost of each node.
III. KEY TECHNOLOGY OF KVM AND IDS
A. KVM
Virtualization is the abstraction of computing resources, such as servers, networks, memory, and
storage, to enhance functionalities [14]. According to the definition of virtualization, a variety of
computer resources are virtual objects, such as software, hardware, and the network. The functions
available in the non-virtual environments can nearly all be realized in a virtual environment. Also, the
virtual computer resources are merely logical resources for users. KVM is a fully virtualized technology
based on the Linux environment and is responsible for the completion of the Linux kernel virtualization
features running on x86 and x64 architectures. It is a kernel module in the Linux kernel, which is a
virtual machine monitor in the Linux environment.
B. IDS
Two types of intrusion detection methods are common: misuse detection and anomaly detection [15].
Misuse detection first analyzes various possible intrusion behaviors and means, then summarizes the
special collection of rules. In the process of detection, the matching rule is used to process the
behavior of the detected object and then match the feature set and rule base. If the match is
successful, the behavior is considered an intrusion. Anomaly detection records the past normal
3. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 3|P a g e
behavior to establish a normal behavior model. When the behavior of the system is significantly
different from the expected normal behavior, it is regarded as an intrusion behavior. Two common
techniques used for anomaly detection are neural networks and swarm intelligence algorithms.
Intrusion detection processes usually involve the following: the system first obtains the required
sample, then processes and analyzes the sample. Finally, the system proceeds according to the test
results.
C. Back-propagation Neural Network
A BP neural network contains an input layer, a hidden layer, and an output layer [16]. The signal
propagates forward by passing from the input layer to the output layer. The error is considered back
propagating as it modifies the weights and thresholds according to the gradient descent algorithm [16].
The specific process is described as follows.
1) Signal forward propagation
1. Obtain BP network training samples.
2. According to the structure and weight of the network, the signal passes from the input layer
to the output layer.
a. Calculate the output of the hidden layer as
Ah = f(W1
T
Xh – b1), h∈[1,hSize] (1)
b. Calculate the output layer as
Ao = f(W2
T
Xo – b2), o∈[1,oSize] (2)
In equations (1) and (2), hSize is the number of nodes in the hidden layer, oSize is the number of
nodes in the output layer, W1 and b1 represent the weights and thresholds of the input and hidden
layers, respectively, W2 and b2 represent the weights and thresholds of the hidden and output layers,
respectively, Ah is the output of the hidden layer, and Ao is the output of the output layer [17].
2) Error back propagation
1. Calculate the mean square error (MSE) value based on the real output and the desired
output of the network [17].
2. Adjust the weights and thresholds based on the method of minimizing errors.
The error signal passes from the output layer to the input layer. The weights are adjusted according to
the error feedback method, which gradually brings the actual output of the network close to the desired
output [17].
Δw(k +1)
= -η (∂Εk
)/(∂ωk
) + α∆wk
(3)
In equation (3), Δw(k +1)
is the modified vector of the first k+1 modification, ηis the learning rate, and Ek
is the error function of the neural network [17].
D. PSO algorithm
A BP network is very sensitive to the initial weights and thresholds. If the values and parameters are
not set properly, it may cause shock effect and slow the convergence speed [18]. In this paper, PSO is
used to search the optimal initial weights and thresholds of a BP neural network. PSO offers simple
calculation and good robustness as well as good performance in multi-dimension continuous space,
neural network training, combinatorial optimization, and other optimization problems. The primary
particle swarm optimization algorithm for position and velocity update [19] is expressed as: vi(t+1) =
ω(t)vi(t)+c1r1(pBesti(t) - xi(t))+ c2r2(gBest(t) - xi(t))
In this section, v represents speed, x represents the location, i is the current particle number, t is the
current number of iterations, c1 and c2 are learning factors, r1 and r2 are random values in [0,1], PBest
is the individual extremum for a single particle, and GBest is the global extremum found for the whole
particle swarm [19].
Because of an increasing number of users in cloud computing and the cloud expansion of application
environments, a malicious intrusion or attack on a cloud environment can interfere with the availability,
confidentiality, and integrity of the resources and services of cloud computing service providers. An
4. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 4|P a g e
IDS, as a kind of active monitoring technology and protection mechanism, can prevent the destruction
of critical IT infrastructure. Intruders can destroy sensitive data and critical applications through network
attacks.
IDS can be divided into the two categories of misuse detection and anomaly detection [15]. Previously,
IDS could protect the cloud system from various types of attacks, but could not identify suspicious
activities in a cloud environment. IDS can also be classified based on the source of the data. Host-
based IDS intrusion detection sensors are focused on a single host, while IDS based on the network
will put all the sensors on a sensor network segment. The anomaly detection mechanism can improve
the ability of the system to detect unknown intrusion attacks, which is especially important in the virtual
network model.
IV. METHODOLOGY
Based on the analysis of the KVM network structure, this paper proposes an intrusion detection model
based on an improved BP neural network and a KVM NAT bridge structure. First, this model analyzes
the KVM network model and uses the NAT bridge pattern to design the data capture module to retrieve
the virtual machine’s communication information. Next, it analyzes and extracts the data packets in
turn, then sends the data to the neural network detection engine.
Several modules are included in this model. The data capture module sets the data capture mode
based on the network mode of the virtual environment and submits the captured data to the data
packet analysis module. The packet-parsing module analyzes the captured data packets based on the
network protocol and submits the analytical results to the feature extraction module. Based on the
characteristics of the intrusion detection system, the feature extraction module extracts the specific
features from the data [20]. Based on the improved BP neural network algorithm, the engine
determines whether the data is the invasion of the data, and the results are submitted to the intrusion
response module.
Because the performance of the BP algorithm is largely dependent on the initial weights and
thresholds, this research to improve the BP network is important to improve the convergence speed of
the network. In this report, the PSO algorithm is introduced to optimize the initial weights and
thresholds of the BP. The algorithm is based on momentum factor, adaptive learning rate, and PSO.
The design idea of the algorithm is as follows: The system combines the global search ability of the
PSO algorithm and the gradient descent local search of the BP algorithm. The PSO algorithm is
introduced into the optimization of the initial weights and thresholds of the BP. By using the momentum
factor and adaptive learning rate methods, the convergence speed of the BP neural network is
accelerated, and the local minimum is avoided. Finally, the algorithm is used to build an intrusion
detection system in a cloud environment.
The specific process of the algorithm includes the following steps:
Step 1: initialize the parameters of BP neural network, set the number of nodes in each layer.
Step 2: initialize the parameters of the particle swarm and calculate the particle dimension D. The
system initializes the cluster and generates parameters, such as the initial position and the velocity of
the particle.
Step 3: calculate the fitness value of each particle compared with the current best fitness value,
PBest. If the value is better, update PBest. Then, compare the PBest with the optimal global value of
GBest. If the value is better, then use PBest to update GBest.
Step 4: update the inertia weight and adjust the position and speed of the particle.
Step 5: if current iteration achieves the maximum or error is in the scope, the initial weights and
thresholds should be the current global extreme GBest, otherwise, return to Step 3.
5. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 5|P a g e
Step 6: use the system to train the BP neural network, and establish the intrusion detection model
with the initial weights and threshold optimization based on the value from Step 5.
A flowchart of the algorithm is shown in Fig. 1.
Figure 1. Structure of algorithm
start
The initial population size is N
and the number of iterations is
1,000
Coding of
particles
the G satisfies
requirement
Update the particle position code
to initialize the weights of the
neural network
Update particle position
Use the BP algorithm to train the
neural network
Detection of neural networks
using test samples
End
Update particle velocity
Calculate fitness and
evaluate
Update global optimal
individuals and their
fitness values
6. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 6|P a g e
To illustrate the feasibility and effectiveness of this algorithm, its performance is analyzed with
experiments using the intrusion detection dataset KDD Cup 99 [21]. This is a commonly-used intrusion
detection algorithm training and testing data set, which includes the majority of the types of attacks
faced by cloud computing virtualization environments.
Each sample (connection record) in the KDD dataset contains 42 attributes, and their details and serial
numbers are presented in Table I.
TABLE I.PROPERTIES OF RECORDS [21].
SID property SID property SID property
1 Duration 15 Su_attempted 29 Sam_srv_rate
2 Protocol_type 16 Num_root 30 Diff_srv_rate
3 Service 17 Num_file_creations 31 Srv_diff_host_rate
4 Flag 18 Num_shells 32 Dst_host_count
5 Src_bytes 19 Num_access_file 33 Dst_host_srv_count
6 Dst_bytes 20 Num_outbound_cmds 34 Dst_host_same_srv_rate
7 Land 21 Is_hot_login 35 Dst_host_diff_srv_rate
8 Wrong_fragment 22 Is_guest_login 36 Dst_host_same_src_prot_rate
9 Urgent 23 Count 37 Dst_host_srv_diff_host_rate
10 Hot 24 Srv_cound 38 Dst_host_ serror_rate
11 Num_failed_logins 25 Serror_rate 39 Dst_host_srv_serror_rate
12 Logged_in 26 Srv_serror_rate 40 Dst_host_rerror_rate
13 Num_compromised 27 Rerror_rate 41 Dst_host_srv_rerror_rate
14 Root_shell 28 Srv_rerror_rate 42 Normal_or_attack
There is a significant difference between the values and data types of each attribute for each original
sample in the KDD dataset. In addition, the range of the BP neural network training data and test data
should be consistent with the range of the activation function of the neurons in each layer. Also, the
input attributes should be numeric values. Therefore, to apply the KDD data to the BP neural network
detection model, we need to preprocess the original KDD data samples.
The neural network is trained and tested using the test data, and the experimental results are
subsequently compared with the ordinary BP algorithm. The metrics include accuracy, precision, and
recall. Accuracy is defined as the ratio of the number of samples correctly classified to the total sample
size for a given test set. Precision shows the percentage of positive samples among all reported. The
recall rate is for the original sample indicating how many of the positive samples in the sample are
correctly predicted.
In this experiment, three layers of the BP neural network are selected, and the number of neuron in
each layer is all in the order of 1. The input layer and the hidden layer activation function use a tangent
S-type function. Since the number of samples is 42, the number of neurons in the input layer is also 42.
If the output results can be judged as intrusion behavior, the number of neurons in the output layer is 1,
thus obtaining o = 1. The number of neurons in the hidden layer settings has no normative theoretical
guidance. The usual method is based on many experiments to determine the appropriate number of
neurons. After the experiment, the hidden layer node is set to 22.
The particle size of the PSO algorithm is determined according to the particle coding and obtain the
dimension D = 969. In this paper, the population size N = 30, the maximum velocity of the particle is set
to 3, the minimum speed is -3, and the search space of the particle is set to [-1,1]. The velocity and
trajectory of the particles depend on the set of learning factors G, O and the inertia weight W, which
have great influence on the global search ability and convergence speed of the particle swarm. To
ensure better global search ability and local search performance, we set C1 = C2 = 2 and w = 0.7.
7. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 7|P a g e
V. RESULTS
First, the performance of the PSO algorithm is analyzed by looking at the change tendency of the
fitness function of the PSO algorithm for the training data. We used the training data to carry out 50
experiments on the PSO, and the average values were calculated. The results show that the MSE
value reaches the minimum value of 0.015 when the PSO algorithm runs in about 150 iterations, which
is the optimal particle, and it can be decoded as the initial weight and threshold value of the artificial
neural network.
To analyze the performance of the system, ten experiments were carried out. The accuracy results of
these two algorithms are shown in Fig. 2, precision results are shown in Fig. 3, and recall results are
shown in Fig. 4.
Figure 2. The accuracy of the two algorithms.
Figure 3. The precision of the two algorithms. Figure 4. The recall of two algorithms.
As seen from the figures, the accuracy of the PSO-BP algorithm is slightly higher than the pure BP
algorithm. First, the momentum factor and the adaptive rate algorithm introduced by the PSO-BP
algorithm accelerated the convergence speed of the BP algorithm and avoided falling into a local
minimum. Second, the PSO algorithm has a significant advantage in global optimization to enable a
more stable precision compared to the traditional BP algorithm. Also, as seen in Figure 4, the recall of
the PSO-BP algorithm is slightly better than the traditional BP algorithm.
0.82
0.84
0.86
0.88
0.9
0.92
0.94
0.96
1 2 3 4 5 6 7 8 9 10
BP PSO-BP
0.85
0.9
0.95
1
1.05
1 2 3 4 5 6 7 8 9 10
BP PSO-BP
0.94
0.96
0.98
1
1 2 3 4 5 6 7 8 9 10
BP PSO-BP
8. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 8|P a g e
In summary, the overall detection performance of the proposed PSO-BP detection algorithm is superior
to the traditional BP detection algorithm.
VI. CONCLUSION
This paper presents a virtual intrusion detection model based on different types of virtual network
structures in KVM. The model is implemented in the KVM network model of a NAT bridge, including the
data capture, packet parsing, feature extraction, and neural network detection modules. It is compatible
with different network modes in KVM virtualization environments and can capture, process, and
analyze the virtual machine communication data flow under different network modes. It provides
intrusion detection services for a cloud computing virtualization environment and responds to the
attacks of malicious virtual machines.
Aiming at the problem that a BP algorithm is easy to fall into a local minimum [22], this paper proposes
an improved BP detection algorithm based on the PSO algorithm, which combines the global search
ability of the PSO algorithm and the gradient descent local search of the BP algorithm. The PSO
algorithm is introduced to optimize the initial weights and threshold values of the BP algorithm [23]. By
using momentum factor and adaptive learning rate method [24], the convergence speed of BP neural
network is accelerated and prevented from falling into a local minimum, which improves the detection
performance of the algorithm. The experimental results show that the average detection rate of the
improved algorithm is higher. It has better detection performance, and can effectively and reliably
provide intrusion detection services for cloud computing environments.
REFERENCES
[1] H. A. Kholidy and F. Baiardi, “CIDS: A framework for intrusion detection in cloud systems,” 2012 Ninth International
Conference on Information Technology: New Generations (ITNG), IEEE Press, Las Vegas, Nevada, USA, April 16-
18,2012,pp.379-385.
[2] S. de Chaves, C. Westphall, and F. Lamin. "SLA Perspective in Security Management for Cloud Computing," 2010 Sixth
International Conference on Networking and Services, 2010.
[3] C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, and M. Rajarajan, "A survey of intrusion detection techniques in
Cloud," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42-57, 2013.
[4] M. Ficco, L. Tasquier, and R. Aversa, "Intrusion Detection in Cloud Computing," 2013 Eighth International Conference on
P2P, Parallel, Grid, Cloud and Internet Computing, 2013.
[5] A. Patel, M. Taghavi, K. Bakhtiyari, and J. Celestino Júnior, "An intrusion detection and prevention system in cloud
computing: A systematic review," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 25-41, 2013.
[6] Chien-Chung Su, Ko-Ming Chang, Yau-Hwang Kuo, and Mong-Fong Horng, "The new intrusion prevention and detection
approaches for clustering-based sensor networks," IEEE Wireless Communications and Networking Conference, 2005.
[7] Sheng-Wei Lee and Fang Yu, "Securing KVM-Based Cloud Systems via Virtualization Introspection," 2014 47th Hawaii
International Conference on System Sciences, 2014.
[8] H. Wang, H. Zhou, and C. Wang, "Virtual Machine-based Intrusion Detection System Framework in Cloud Computing
Environment," Journal of Computers, vol. 7, no. 10, 2012.
[9] A. Nantes, R. Brown, and F. Maire, "Neural network-based detection of virtual environment anomalies," Neural Computing
and Applications, vol. 23, no. 6, pp. 1711-1728, 2012.
[10] S. Dhage and B. Meshram, "Intrusion detection system in cloud computing environment," International Journal of Cloud
Computing, vol. 1, no. 23, p. 261, 2012.
[11] F. Rocha and M. Correia, "Lucy in the sky without diamonds: Stealing confidential data in the cloud," 2011 IEEE/IFIP 41st
International Conference on Dependable Systems and Networks Workshops (DSN-W), 2011.
[12] C. Greamo and A. Ghosh, "Sandboxing and Virtualization: Modern Tools for Combating Malware," IEEE Security &
Privacy Magazine, vol. 9, no. 2, pp. 79-82, 2011.
[13] I. Hegazy, T. Al-Arif, Z. Fayed, and H. Faheem, "A multi-agent based system for intrusion detection," IEEE Potentials, vol.
22, no. 4, pp. 28-31, 2003.
[14] M. Laureano, C. Maziero, and E. Jamhour, "Intrusion detection in virtual machine environments," Proceedings of the 30th
Euromicro Conference, 2004.
[15] X. Zhang, Q. Li, S. Qing, and H. Zhang, "VNIDA: Building an IDS Architecture Using VMM-Based Non-Intrusive
Approach," First International Workshop on Knowledge Discovery and Data Mining (WKDD 2008), 2008.
9. Wu.et al. “International Journal of Innovation Engineering and Science Research”
Volume 2 Issue 4 July-August 2018 9|P a g e
[16] J. Ticknor, "A Bayesian regularized artificial neural network for stock market forecasting," Expert Systems with
Applications, vol. 40, no. 14, pp. 5501-5506, 2013.
[17] L. Wang, Y. Zeng, J. Zhang, W. Huang, and Y. Bao, "The Criticality of Spare Parts Evaluating Model Using Artificial Neural
Network Approach," Computational Science – ICCS 2006, pp. 728-735, 2006.
[18] A. Aslanargun, M. Mammadov, B. Yazici, and S. Yolacan, "Comparison of ARIMA, neural networks and hybrid models in
time series: tourist arrival forecasting," Journal of Statistical Computation and Simulation, vol. 77, no. 1, pp. 29-53, 2007.
[19] J. Zhang, J. Zhang, T. Lok, and M. Lyu, "A hybrid particle swarm optimization–back-propagation algorithm for feedforward
neural network training," Applied Mathematics and Computation, vol. 185, no. 2, pp. 1026-1037, 2007.
[20] J. Vesterstrom and R. Thomsen, "A comparative study of differential evolution, particle swarm optimization, and
evolutionary algorithms on numerical benchmark problems," Proceedings of the 2004 Congress on Evolutionary
Computation (IEEE Cat. No.04TH8753).
[21] R. Eberhart and J. Kennedy, "A new optimizer using particle swarm theory," MHS'95. Proceedings of the Sixth
International Symposium on Micro Machine and Human Science, 1995.
[22] S. Bharadwaja, W. Sun, M. Niamat, and F. Shen, "Collabra: A Xen Hypervisor Based Collaborative Intrusion Detection
System," 2011 Eighth International Conference on Information Technology: New Generations, 2011.
[23] P. Angin, B. Bhargava, R. Ranchal, N. Singh, M. Linderman, L. Othmane, and L. Lilien, "An Entity-Centric Approach for
Privacy and Identity Management in Cloud Computing," 29th IEEE Symposium on Reliable Distributed Systems, 2010.
[24] J. Arshad, P. Townend, and J. Xu, "An automatic intrusion diagnosis approach for clouds," International Journal of
Automation and Computing, vol. 8, no. 3, pp. 286-296, 2011.