Wireless Sensor Network (WSNs) are deployed at aggressive environments which are vulnerable to various security attacks such as Wormholes, Denial of Attacks and Sybil Attacks. There are various intrusion detection techniques that are used to identify attacks in a network with high accuracy level. This paper has focused on Denial of Service attack, since it is the most common attack that affects the environment severely. Therefore a new hybrid technique combining Hidden Markov Model with Ant Colony Optimization (HMM+ACO) has been
proposed that gives improved performance than the other techniques.
AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHMIJNSA Journal
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have
become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion
Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99
benchmark dataset and obtained reasonable detection rate.
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
A Novel and Advanced Data Mining Model Based Hybrid Intrusion Detection Frame...Radita Apriana
An Intrusion can be defined as any practice or act that attempt to crack the integrity,
confidentiality or availability of a resource. This may contain of a deliberate unauthorized attempt to access
the information, manipulate the data, or make a system unreliable or unusable. With the expansion of
computer networks at an alarming rate during the past decade, security has become one of the serious
issues of computer systems.IDS, is a detection mechanism for detecting the intrusive activities hidden
among the normal activities. The revolutionary establishment of IDS has attracted analysts to work
dedicatedly enabling the system to deal with technological advancements. Hence, in this regard, various
beneficial schemes and models have been proposed in order to achieve enhanced IDS. This paper
proposes a novel hybrid model for intrusion detection. The proposed framework in this paper may be
expected as another step towards advancement of IDS. The framework utilizes the crucial data mining
classification algorithms beneficial for intrusion detection. The Hybrid framework would hence forth, will
lead to effective, adaptive and intelligent intrusion detection.
A NOVEL INTRUSION DETECTION MODEL FOR MOBILE AD-HOC NETWORKS USING CP-KNNIJCNCJournal
Mobile ad-hoc network security problems are the subject of in depth analysis. A group of mobile nodes area unit connected to a set wired backbone. In MANET, the node themselves implement the network management in a very cooperative fashion. All the nodes area unit accountable to create a constellation that is dynamically, modification it and conjointly the absence of any clear network boundaries. We tend to project a completely unique intrusion detection model for mobile ad-hoc network victimization. CP-KNN (Conformal Prediction K-Nearest Neighbor) algorithmic rule is to classify the audit knowledge for anomaly detection. The non-conformity score worth is employed to cut back the classification period of time for multi level iteration. It is effectively notice anomalies with high true positive rate, low false positive rate and high confidence that the progressive of assorted anomaly detection ways. Additionally it is interfered
by “noisy” knowledge (unclean data), the projected technique is strong, effective and conjointly it retains
its smart detection performance and to avoid the abnormal activity.
Now a day the technology is improving day by day. The wired network has been changed to wireless network. There are many advantages of wireless network over wired network. One of the main advantage is we can walk around freely in a network area and accesses internet. Security is one of the challenging issues. Intrusion Detection System is one of the systematic ways to detect malicious node in a mobile ad hoc network MANET and it is driven by battery power. This paper gives a survey on various intrusion detection systems in MANET. Praveen Mourya | Prof. Avinash Sharma ""Review on Intrusion Detection in MANETs"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020, URL: https://www.ijtsrd.com/papers/ijtsrd29970.pdf
Paper Url : https://www.ijtsrd.com/engineering/computer-engineering/29970/review-on-intrusion-detection-in-manets/praveen-mourya
AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHMIJNSA Journal
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have
become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion
Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99
benchmark dataset and obtained reasonable detection rate.
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
A Novel and Advanced Data Mining Model Based Hybrid Intrusion Detection Frame...Radita Apriana
An Intrusion can be defined as any practice or act that attempt to crack the integrity,
confidentiality or availability of a resource. This may contain of a deliberate unauthorized attempt to access
the information, manipulate the data, or make a system unreliable or unusable. With the expansion of
computer networks at an alarming rate during the past decade, security has become one of the serious
issues of computer systems.IDS, is a detection mechanism for detecting the intrusive activities hidden
among the normal activities. The revolutionary establishment of IDS has attracted analysts to work
dedicatedly enabling the system to deal with technological advancements. Hence, in this regard, various
beneficial schemes and models have been proposed in order to achieve enhanced IDS. This paper
proposes a novel hybrid model for intrusion detection. The proposed framework in this paper may be
expected as another step towards advancement of IDS. The framework utilizes the crucial data mining
classification algorithms beneficial for intrusion detection. The Hybrid framework would hence forth, will
lead to effective, adaptive and intelligent intrusion detection.
A NOVEL INTRUSION DETECTION MODEL FOR MOBILE AD-HOC NETWORKS USING CP-KNNIJCNCJournal
Mobile ad-hoc network security problems are the subject of in depth analysis. A group of mobile nodes area unit connected to a set wired backbone. In MANET, the node themselves implement the network management in a very cooperative fashion. All the nodes area unit accountable to create a constellation that is dynamically, modification it and conjointly the absence of any clear network boundaries. We tend to project a completely unique intrusion detection model for mobile ad-hoc network victimization. CP-KNN (Conformal Prediction K-Nearest Neighbor) algorithmic rule is to classify the audit knowledge for anomaly detection. The non-conformity score worth is employed to cut back the classification period of time for multi level iteration. It is effectively notice anomalies with high true positive rate, low false positive rate and high confidence that the progressive of assorted anomaly detection ways. Additionally it is interfered
by “noisy” knowledge (unclean data), the projected technique is strong, effective and conjointly it retains
its smart detection performance and to avoid the abnormal activity.
Now a day the technology is improving day by day. The wired network has been changed to wireless network. There are many advantages of wireless network over wired network. One of the main advantage is we can walk around freely in a network area and accesses internet. Security is one of the challenging issues. Intrusion Detection System is one of the systematic ways to detect malicious node in a mobile ad hoc network MANET and it is driven by battery power. This paper gives a survey on various intrusion detection systems in MANET. Praveen Mourya | Prof. Avinash Sharma ""Review on Intrusion Detection in MANETs"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020, URL: https://www.ijtsrd.com/papers/ijtsrd29970.pdf
Paper Url : https://www.ijtsrd.com/engineering/computer-engineering/29970/review-on-intrusion-detection-in-manets/praveen-mourya
Maximizing network interruption in wirelessIJCNCJournal
With the colossal growth of wireless sensor networks (WSNs) in different applications starting from home
automation to military affairs, the pressure on ensuring security in such a network is paramount.
Considering the security challenges, it is really a hard-hitting effort to develop a secured WSN system.
Moreover, as the information technology is getting popular, the intruders are also planning new ideas to
break the system security, to harm the network and to make the system quality down with the target of
taking the control of the network to corrupt it or to get benefits from it anyway. The intruders corrupt the
system only when the security breaking cost (SBC) is lower compared with the benefits they attained or the
harm it can make to others. In this paper, the authors define the term “maximizing network interruption
problem” and propose a technique, called the grid point approximation algorithm, to estimate the SBC of a
multi-hop WSN so that it can be made tougher for an intruder to break the system security. It is assumed
that the intruder has the complete picture of the entire network. The technique is designed from the
intruder’s point of view for completely jamming all the sensor nodes in the network through placing
jammers or malicious nodes strategically and at the same time keeping the number of jammer nodes to
minimum or near minimum. To the best of the authors’ knowledge, there is no work proposed so far of the
same kind. Experimental results with the changes of the different network parameters show that the
proposed algorithm is able to provide excellent performances to achieve the targets.
A survey of Network Intrusion Detection using soft computing Techniqueijsrd.com
with the impending era of internet, the network security has become the key foundation for lot of financial and business application. Intrusion detection is one of the looms to resolve the problem of network security. An Intrusion Detection System (IDS) is a program that analyses what happens or has happened during an execution and tries to find indications that the computer has been misused. Here we propose a new approach by utilizing neuro fuzzy and support vector machine with fuzzy genetic algorithm for higher rate of detection.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
DESIGN AND EFFICIENT DEPLOYMENT OF HONEYPOT AND DYNAMIC RULE BASED LIVE NETWO...IJNSA Journal
The continuously emerging, operationally and managerially independent, geographically distributed computer networks deployable in an evolutionarily manner have created greater challenges in securing them. Several research works and experiments have convinced the security expert that Network Intrusion Detection Systems (NIDS) or Network Intrusion Prevention Systems (NIPS) alone are not capable of securing the Computer Networks from internal and external threats completely. In this paper we present the design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, software tools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules and several customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusual behavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also a formal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept is Proposed.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
A Top-down Hierarchical Multi-hop Secure Routing Protocol for Wireless Sensor...ijasuc
This paper proposes a new top-down hierarchical, multi-hop, secure routing protocol for the wireless
sensor network, which is resilient to report fabrication attack. The report fabrication attack tries to
generate bogus reports by compromising the sensor nodes to mislead the environment monitoring
application executed by randomly deployed wireless sensor nodes. The proposed protocol relies on
symmetric key mechanism which is appropriate for random deployment of wireless sensor nodes. In the
proposed protocol, base station initiates the synthesis of secure hierarchical topology using top down
approach. The enquiry phase of the protocol provides assurance for the participation of all the cluster
heads in secure hierarchical topology formation. Further, this methodology takes care of failure of head
node or member node of a cluster. This protocol ensures confidentiality, integrity, and authenticity of the
final report of the monitoring application. The simulation results demonstrate the scalability of the
proposed protocol.
NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORKIJNSA Journal
Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.
Maximizing network interruption in wirelessIJCNCJournal
With the colossal growth of wireless sensor networks (WSNs) in different applications starting from home
automation to military affairs, the pressure on ensuring security in such a network is paramount.
Considering the security challenges, it is really a hard-hitting effort to develop a secured WSN system.
Moreover, as the information technology is getting popular, the intruders are also planning new ideas to
break the system security, to harm the network and to make the system quality down with the target of
taking the control of the network to corrupt it or to get benefits from it anyway. The intruders corrupt the
system only when the security breaking cost (SBC) is lower compared with the benefits they attained or the
harm it can make to others. In this paper, the authors define the term “maximizing network interruption
problem” and propose a technique, called the grid point approximation algorithm, to estimate the SBC of a
multi-hop WSN so that it can be made tougher for an intruder to break the system security. It is assumed
that the intruder has the complete picture of the entire network. The technique is designed from the
intruder’s point of view for completely jamming all the sensor nodes in the network through placing
jammers or malicious nodes strategically and at the same time keeping the number of jammer nodes to
minimum or near minimum. To the best of the authors’ knowledge, there is no work proposed so far of the
same kind. Experimental results with the changes of the different network parameters show that the
proposed algorithm is able to provide excellent performances to achieve the targets.
A survey of Network Intrusion Detection using soft computing Techniqueijsrd.com
with the impending era of internet, the network security has become the key foundation for lot of financial and business application. Intrusion detection is one of the looms to resolve the problem of network security. An Intrusion Detection System (IDS) is a program that analyses what happens or has happened during an execution and tries to find indications that the computer has been misused. Here we propose a new approach by utilizing neuro fuzzy and support vector machine with fuzzy genetic algorithm for higher rate of detection.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
DESIGN AND EFFICIENT DEPLOYMENT OF HONEYPOT AND DYNAMIC RULE BASED LIVE NETWO...IJNSA Journal
The continuously emerging, operationally and managerially independent, geographically distributed computer networks deployable in an evolutionarily manner have created greater challenges in securing them. Several research works and experiments have convinced the security expert that Network Intrusion Detection Systems (NIDS) or Network Intrusion Prevention Systems (NIPS) alone are not capable of securing the Computer Networks from internal and external threats completely. In this paper we present the design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, software tools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules and several customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusual behavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also a formal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept is Proposed.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
A Top-down Hierarchical Multi-hop Secure Routing Protocol for Wireless Sensor...ijasuc
This paper proposes a new top-down hierarchical, multi-hop, secure routing protocol for the wireless
sensor network, which is resilient to report fabrication attack. The report fabrication attack tries to
generate bogus reports by compromising the sensor nodes to mislead the environment monitoring
application executed by randomly deployed wireless sensor nodes. The proposed protocol relies on
symmetric key mechanism which is appropriate for random deployment of wireless sensor nodes. In the
proposed protocol, base station initiates the synthesis of secure hierarchical topology using top down
approach. The enquiry phase of the protocol provides assurance for the participation of all the cluster
heads in secure hierarchical topology formation. Further, this methodology takes care of failure of head
node or member node of a cluster. This protocol ensures confidentiality, integrity, and authenticity of the
final report of the monitoring application. The simulation results demonstrate the scalability of the
proposed protocol.
NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORKIJNSA Journal
Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.
Review of Security Issues in Mobile Wireless Sensor NetworksEswar Publications
MWSNs are finding applicability in wide range of applications. Applications spread from day to day utilities to military and surveillance, where they may sense information about vehicular movements around border. Considering the importance of data being sent by these nodes, threat of compromising them has also increased. This paper aims to explore various types of attacks and tries to classify them based on some common parameter. Better understanding of various attacks, their style of functioning and point of penetration can help researchers devise better preventive measures.
Kell blood group system most important blood group system following to ABO and Rh blood group system, particularly RhD as far as immunogenicity is concerned and Its clinical importance.
The Internet of Things is one of the single biggest disruptive factors in today’s digital landscape. Companies need to plan out an IoT strategy that allows them to use data to create personalized content for customers across different channels.
Boris Kraft, Chief Visionary Officer of Magnolia, will be explaining the role of the digital business platform, and how it should form the hub for a company’s web, mobile and Internet of Things initiatives.
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...IJNSA Journal
Intrusion Detection Systems (IDS) form a key part of system defence, where it identifies abnormal
activities happening in a computer system. In recent years different soft computing based techniques have
been proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfect
technology. This has provided an opportunity for data mining to make quite a lot of important
contributions in the field of intrusion detection. In this paper we have proposed a new hybrid technique
by utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzy and radial basis function(RBF) SVM for fortification of the intrusion detection system. The
proposed technique has five major steps in which, first step is to perform the relevance analysis, and then
input data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that each
of the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.
Subsequently, a vector for SVM classification is formed and in the last step, classification using RBF-
SVM is performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 dataset
and we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Our
technique could achieve better accuracy for all types of intrusions. The results of proposed technique are
compared with the other existing techniques. These comparisons proved the effectiveness of our
technique.
Three level intrusion detection system based on conditional generative advers...IJECEIAES
Security threat protection is important in the internet of things (IoT) applications since both the connected device and the captured data can be hacked or hijacked or both at the same time. To tackle the above-mentioned problem, we proposed three-level intrusion detection system conditional generative adversarial network (3LIDS-CGAN) model which includes four phases such as first-level intrusion detection system (IDS), second-level IDS, third-level IDS, and attack type classification. In first-level IDS, features of the incoming packets are extracted by the firewall. Based on the extracted features the packets are classified into three classes such as normal, malicious, and suspicious using support vector machine and golden eagle optimization. Suspicious packets are forwarded to the second-level IDS which classified the suspicious packets as normal or malicious. Here, signature-based intrusions are detected using attack history information, and anomaly-based intrusions are detected using event-based semantic mapping. In third-level IDS, adversary packets are detected using CGAN which automatically learns the adversarial environment and detects adversary packets accurately. Finally, proximal policy optimization is proposed to detect the attack type. Experiments are conducted using the NS-3.26 network simulator and performance is evaluated by various performance metrics which results that the proposed 3LIDS-CGAN model outperforming other existing works.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
In recent years, wireless sensor network (WSN) is used in several application areas resembling observance, tracking, and dominant in IoTs. for several applications of WSN, security is a crucial demand. However, security solutions in WSN disagree from ancient networks because of resource limitation and process constraints. This paper analyzes security solutions: TinySec, IEEE 802.15.4, SPINS, MiniSEC, LSec, LLSP, LISA, and LISP in WSN. This paper additionally presents characteristics, security needs, attacks, cryptography algorithms, and operation modes. This paper is taken into account to be helpful for security designers in WSNs.
Tactical approach to identify and quarantine spurious node participation requ...IJECEIAES
Securing Wireless Sensor Network (WSN) from variable forms of adversary is still an open end challenge. Review of diversified security apprroaches towards such problems that they are highly symptomatic with respect to resiliency strength against attack. Therefore, the proposed system highlights a novel and effective solution that is capable of identify the spurios request for participating in teh network building process from attacker and in return could deviate the route of attacker to some virtual nodes and links. A simple trust based mechanism is constructed for validating the legitimacy of such request generated from adversary node. The proposed system not only presents a security solution but also assists in enhancing the routing process significantly. The simulated outcome of the study shows that proposed system offers significantly good energy conservation, satisfactory data forwarding performance, reduced processing time in contrast to existing standard security practices.
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Data mining approach to analyzing intrusion detection of wireless sensor networknooriasukmaningtyas
Wireless sensor network (WSN) is a collection of wireless sensor nodes
which are distributed in nature and a base station where the dispersed nodes
are used to monitor and the physical conditions of the environment is
recorded and then these data are organized into the base. Its application has
been reached out from critical military application such as battlefield
surveillance to traffic, health, industrial areas, intruder detection, security and
surveillance. Due to various features in WSN it is very prone to various types
external attacks. Preventing such attacks, intrusion detection system (IDS) is
very important so that attacker cannot steal or manipulate data. Data mining
is a technique that can help to discover patterns in large dataset. This paper
proposed a data mining technique for different types of classification
algorithms to detect denial of service (DoS) attacks which is of four types.
They are Grayhole, Blackhole, Flooding and TDMA. A number of data
mining techniques, such as KNN, Naïve Bayes, Logistic Regression, support
vector machine (SVM) and ANN algorithms are applied on the dataset and
analyze their performance in detecting the attacks. The analysis reveals the
applicability of these algorithms for detecting and predicting such attacks and
can be recommended for network specialist and analysts.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An approach for ids by combining svm and ant colony algorithmeSAT Journals
Abstract This piece of work researches the intrusion detection problem of the network sanctuary; the primary task is to classify network behavior as normal or abnormal while reducing misclassification. In this paper, two efficient data mining algorithms are combined together to detect the network intrusion. Combining SVM and Ant colony (CSVAC) used for well-organized data classification, this technique takes the advantage of both the algorithm while avoiding their weaknesses. This algorithm is implemented and evaluated using standard benchmark KDDCUP99 data set. Experimental results drastically well produce superior results than the other algorithm in terms of accuracy rate and run time efficiency, and this algorithm able to detect the new types of attacks Keywords: Intrusion Detection; Support Vector Machine; Ant colony; Combined Support vector with ant colony
Similar to Hybrid Technique for Detection of Denial of Service (DOS) Attack in Wireless Sensor Network (20)
Content-Based Image Retrieval (CBIR) systems have been used for the searching of relevant images in various research areas. In CBIR systems features such as shape, texture and color are used. The extraction of features is the main step on which the retrieval results depend. Color features in CBIR are used as in the color histogram, color moments, conventional color correlogram and color histogram. Color space selection is used to represent the information of color of the pixels of the query image. The shape is the basic characteristic of segmented regions of an image. Different methods are introduced for better retrieval using different shape representation techniques; earlier the global shape representations were used but with time moved towards local shape representations. The local shape is more related to the expressing of result instead of the method. Local shape features may be derived from the texture properties and the color derivatives. Texture features have been used for images of documents, segmentation-based recognition,and satellite images. Texture features are used in different CBIR systems along with color, shape, geometrical structure and sift features.
The cyber attacks have become most prevalent in the past few years. During this time, attackers have discovered new vulnerabilities to carry out malicious activities on the internet. Both the clients and the servers have been victimized by the attackers. Clickjacking is one of the attacks that have been adopted by the attackers to deceive the innocuous internet users to initiate some action. Clickjacking attack exploits one of the vulnerabilities existing in the web applications. This attack uses a technique that allows cross domain attacks with the help of userinitiated clicks and performs unintended actions. This paper traces out the vulnerabilities that make a website vulnerable to clickjacking attack and proposes a solution for the same.
Performance Analysis of Audio and Video Synchronization using Spreaded Code D...Eswar Publications
The audio and video synchronization plays an important role in speech recognition and multimedia communication. The audio-video sync is a quite significant problem in live video conferencing. It is due to use of various hardware components which introduces variable delay and software environments. The objective of the synchronization is used to preserve the temporal alignment between the audio and video signals. This paper proposes the audio-video synchronization using spreading codes delay measurement technique. The performance of the proposed method made on home database and achieves 99% synchronization efficiency. The audio-visual
signature technique provides a significant reduction in audio-video sync problems and the performance analysis of audio and video synchronization in an effective way. This paper also implements an audio- video synchronizer and analyses its performance in an efficient manner by synchronization efficiency, audio-video time drift and audio-video delay parameters. The simulation result is carried out using mat lab simulation tools and simulink. It is automatically estimating and correcting the timing relationship between the audio and video signals and maintaining the Quality of Service.
Due to the availability of complicated devices in industry, models for consumers at lower cost of resources are developed. Home Automation systems have been developed by several researchers. The limitations of home automation includes complexity in architecture, higher costs of the equipment, interface inflexibility. In this paper as we have proposed, the working protocol of PIC 16F72 technology is which is secure, cost efficient, flexible that leads to the development of efficient home automation systems. The system is operational to control various home appliances like fans, Bulbs, Tube light. The following paper describes about components used and working of all components connected. The home automation system makes use of Android app entitled “Home App” which gives
flexibility and easy to use GUI.
Semantically Enchanced Personalised Adaptive E-Learning for General and Dysle...Eswar Publications
E-learning plays an important role in providing required and well formed knowledge to a learner. The medium of e- learning has achieved advancement in various fields such as adaptive e-learning systems. The need for enhancing e-learning semantically can enhance the retrieval and adaptability of the learning curriculum. This paper provides a semantically enhanced module based e-learning for computer science programme on a learnercentric perspective. The learners are categorized based on their proficiency for providing personalized learning environment for users. Learning disorders on the platform of e-learning still require lots of research. Therefore, this paper also provides a personalized assessment theoretical model for alphabet learning with learning objects for
children’s who face dyslexia.
Agriculture plays an important role in the economy of our country. Over 58 percent of the rural households depend on the agriculture sector as their means of livelihood. Agriculture is one of the major contributors to Gross Domestic Product(GDP). Seeds are the soul of agriculture. This application helps in reducing the time for the researchers as well as farmers to know the seedling parameters. The application helps the farmers to know about the percentage of seedlings that will grow and it is very essential in estimating the yield of that particular crop. Manual calculation may lead to some error, to minimize that error, the developed app is used. The scientist and farmers require the app to know about the physiological seed quality parameters and to take decisions regarding their farming activities. In this article a desktop app for seed germination percentage and vigour index calculation are developed in PHP scripting language.
What happens when adaptive video streaming players compete in time-varying ba...Eswar Publications
Competition among adaptive video streaming players severely diminishes user-QoE. When players compete at a bottleneck link many do not obtain adequate resources. This imbalance eventually causes ill effects such as screen flickering and video stalling. There have been many attempts in recent years to overcome some of these problems. However, added to the competition at the bottleneck link there is also the possibility of varying network bandwidth which can make the situation even worse. This work focuses on such a situation. It evaluates current heuristic adaptive video players at a bottleneck link with time-varying bandwidth conditions. Experimental setup includes the TAPAS player and emulated network conditions. The results show PANDA outperforms FESTIVE, ELASTIC and the Conventional players.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
Spreading Trade Union Activities through Cyberspace: A Case StudyEswar Publications
This report present the outcome of an investigative research conducted to examine the modu-operandi of academic staff union of polytechnics (ASUP) YabaTech. The investigation covered the logistics and cost implication for spreading union activities among members. It was discovered that cost of management and dissemination of information to members was at high side, also logistics problem constitutes to loss of information in transit hence cut away some members from union activities. To curtail the problem identified, we proposed the
design of secure and dynamic website for spreading union activities among members and public. The proposed system was implemented using HTML5 technology, interface frameworks like Bootstrap and j query which enables the responsive feature of the application interface. The backend was designed using PHPMYSQL. It was discovered from the evaluation of the new system that cost of managing information has reduced considerably, and logistic problems identified in the old system has become a forgotten issue.
Identifying an Appropriate Model for Information Systems Integration in the O...Eswar Publications
Nowadays organizations are using information systems for optimizing processes in order to increase coordination and interoperability across the organizations. Since Oil and Gas Industry is one of the large industries in whole of the world, there is a need to compatibility of its Information Systems (IS) which consists three categories of systems: Field IS, Plant IS and Enterprise IS to create interoperability and approach the
optimizing processes as its result. In this paper we introduce the different models of information systems integration, identify the types of information systems that are using in the upstream and downstream sectors of petroleum industry, and finally based on expert’s opinions will identify a suitable model for information systems integration in this industry.
Link-and Node-Disjoint Evaluation of the Ad Hoc on Demand Multi-path Distance...Eswar Publications
This work illustrates the AOMDV routing protocol. Its ancestor, the AODV routing protocol is also described. This tutorial demonstrates how forward and reverse paths are created by the AOMDV routing protocol. Loop free paths formulation is described, together with node and link disjoint paths. Finally, the performance of the AOMDV routing protocol is investigated along link and node disjoint paths. The WSN with the AOMDV routing protocol using link disjoint paths is better than the WSN with the AOMDV routing protocol using node disjoint paths for energy consumption.
Bridging Centrality: Identifying Bridging Nodes in Transportation NetworkEswar Publications
To identify the importance of node of a network, several centralities are used. Majority of these centrality measures are dominated by components' degree due to their nature of looking at networks’ topology. We propose a centrality to identification model, bridging centrality, based on information flow and topological aspects. We apply bridging centrality on real world networks including the transportation network and show that the nodes distinguished by bridging centrality are well located on the connecting positions between highly connected regions. Bridging centrality can discriminate bridging nodes, the nodes with more information flowed through them and locations between highly connected regions, while other centrality measures cannot.
Now a days we are living in an era of Information Technology where each and every person has to become IT incumbent either intentionally or unintentionally. Technology plays a vital role in our day to day life since last few decades and somehow we all are depending on it in order to obtain maximum benefit and comfort. This new era equipped with latest advents of technology, enlightening world in the form of Internet of Things (IoT). Internet of things is such a specified and dignified domain which leads us to the real world scenarios where each object can perform some task while communicating with some other objects. The world with full of devices, sensors and other objects which will communicate and make human life far better and easier than ever. This paper provides an overview of current research work on IoT in terms of architecture, a technology used and applications. It also highlights all the issues related to technologies used for IoT, after the literature review of research work. The main purpose of this survey is to provide all the latest technologies, their corresponding
trends and details in the field of IoT in systematic manner. It will be helpful for further research.
Automatic Monitoring of Soil Moisture and Controlling of Irrigation SystemEswar Publications
In past couple of decades, there is immediate growth in field of agricultural technology. Utilization of proper method of irrigation by drip is very reasonable and proficient. A various drip irrigation methods have been proposed, but they have been found to be very luxurious and dense to use. The farmer has to maintain watch on irrigation schedule in the conventional drip irrigation system, which is different for different types of crops. In remotely monitored embedded system for irrigation purposes have become a new essential for farmer to accumulate his energy, time and money and will take place only when there will be requirement of water. In this approach, the soil test for chemical constituents, water content, and salinity and fertilizer requirement data collected by wireless and processed for better drip irrigation plan. This paper reviews different monitoring systems and proposes an automatic monitoring system model using Wireless Sensor Network (WSN) which helps the farmer to improve the yield.
Multi- Level Data Security Model for Big Data on Public Cloud: A New ModelEswar Publications
With the advent of cloud computing the big data has emerged as a very crucial technology. The certain type of cloud provides the consumers with the free services like storage, computational power etc. This paper is intended to make use of infrastructure as a service where the storage service from the public cloud providers is going to leveraged by an individual or organization. The paper will emphasize the model which can be used by anyone without any cost. They can store the confidential data without any type of security issue, as the data will be altered
in such a way that it cannot be understood by the intruder if any. Not only that but the user can retrieve back the original data within no time. The proposed security model is going to effectively and efficiently provide a robust security while data is on cloud infrastructure as well as when data is getting migrated towards cloud infrastructure or vice versa.
Impact of Technology on E-Banking; Cameroon PerspectivesEswar Publications
The financial services industry is experiencing rapid changes in services delivery and channels usage, and financial companies and users of financial services are looking at new technologies as they emerge and deciding whether or not to embrace them and the new opportunities to save and manage enormous time, cost and stress.
There is no doubt about the favourable and manifold impact of technology on e-banking as pictured in this review paper, almost all banks are with the least and most access e-banking Technological equipments like ATMs and Cards. On the other Hand cheap and readily available technology has opened a favourable competition in ebanking services business with a lot of wide range competitors competing with Commercial Banks in Cameroon in providing digital financial services.
Classification Algorithms with Attribute Selection: an evaluation study using...Eswar Publications
Attribute or feature selection plays an important role in the process of data mining. In general the data set contains more number of attributes. But in the process of effective classification not all attributes are relevant.
Attribute selection is a technique used to extract the ranking of attributes. Therefore, this paper presents a comparative evaluation study of classification algorithms before and after attribute selection using Waikato Environment for Knowledge Analysis (WEKA). The evaluation study concludes that the performance metrics of the classification algorithm, improves after performing attribute selection. This will reduce the work of processing irrelevant attributes.
Mining Frequent Patterns and Associations from the Smart meters using Bayesia...Eswar Publications
In today’s world migration of people from rural areas to urban areas is quite common. Health care services are one of the most challenging aspect that is must require to the people with abnormal health. Advancements in the technologies lead to build the smart homes, which contains various sensor or smart meter devices to automate the process of other electronic device. Additionally these smart meters can be able to capture the daily activities of the patients and also monitor the health conditions of the patients by mining the frequent patterns and
association rules generated from the smart meters. In this work we proposed a model that is able to monitor the activities of the patients in home and can send the daily activities to the corresponding doctor. We can extract the frequent patterns and association rules from the log data and can predict the health conditions of the patients and can give the suggestions according to the prediction. Our work is divided in to three stages. Firstly, we used to record the daily activities of the patient using a specific time period at three regular intervals. Secondly we applied the frequent pattern growth for extracting the association rules from the log file. Finally, we applied k means clustering for the input and applied Bayesian network model to predict the health behavior of the patient and precautions will be given accordingly.
Network as a Service Model in Cloud Authentication by HMAC AlgorithmEswar Publications
Resource pooling on internet-based accessing on use as pay environmental technology and ruled in IT field is the
cloud. Present, in every organization has trusted the web, however, the information must flow but not hold the
data. Therefore, all customers have to use the cloud. While the cloud progressing info by securing-protocols. Third
party observing and certain circumstances directly stale in flow and kept of packets in the virtual private cloud.
Global security statistics in the year 2017, hacking sensitive information in cloud approximately maybe 75.35%,
and the world security analyzer said this calculation maybe reached to 100%. For this cause, this proposed
research work concentrates on Authentication-Message-Digest-Key with authentication in routing the Network as
a Service of packets in OSPF (Open Shortest Path First) implementing Cloud with GNS3 has tested them to
securing from attackers.
Microstrip patch antennas are recently used in wireless detection applications due to their low power consumption, low cost, versatility, field excitation, ease of fabrication etc. The microstrip patch antennas are also called as printed antennas which is suffer with an array elements of antenna and narrow bandwidth. To overcome the above drawbacks, Flame Retardant Material is used as the substrate. Rectangular shape of microstrip patch antenna with FR4 material as the substrate which is more suitable for the explosive detection applications. The proposed printed antenna was designed with the dimension of 60 x 60 mm2. FR-4 material has a dielectric constant value of 4.3 with thickness 1.56 mm, length and width 60 mm and 60 mm respectively. One side of the substrate contains the ground plane of dimensions 60 x60 mm2 made of copper and the other side of the substrate contains the patch which have dimensions 34 x 29 mm2 and thickness 0.03mm which is also made of copper. RMPA without slot, Vertical slot RMPA, Double horizontal slot RMPA and Centre slot RMPA structures were
designed and the performance of the antennas were analysed with various parameters such as gain, directivity, Efield, VSWR and return loss. From the performance analysis, double horizontal slot RMPA antenna provides a better result and it provides maximum gain (8.61dB) and minimum return loss (-33.918dB). Based on the E-field excitation value the SEMTEX explosive material is detected and it was simulated using CST software.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Mind map of terminologies used in context of Generative AI
Hybrid Technique for Detection of Denial of Service (DOS) Attack in Wireless Sensor Network
1. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2674
Hybrid Technique for Detection of Denial of
Service (DOS) Attack in Wireless Sensor
Network
S.Sumitha Pandit1
1
Research Scholar, Department Of Computer Science, Avinashilingam Institute for Home Science and Higher
Education for Women, Coimbatore, TamilNadu, India
Email: sumitha975@gmail.com
Dr.B.Kalpana2
2
Professor, Department Of Computer Science, Avinashilingam Institute for Home Science and Higher Education for
Women, Coimbatore, TamilNadu, India
Email: kalpanacsekar@gmail.com
-----------------------------------------------------------------------ABSTRACT-----------------------------------------------------------
Wireless Sensor Network (WSNs) are deployed at aggressive environments which are vulnerable to various
security attacks such as Wormholes, Denial of Attacks and Sybil Attacks. There are various intrusion detection
techniques that are used to identify attacks in a network with high accuracy level. This paper has focused on
Denial of Service attack, since it is the most common attack that affects the environment severely. Therefore a new
hybrid technique combining Hidden Markov Model with Ant Colony Optimization (HMM+ACO) has been
proposed that gives improved performance than the other techniques.
Keywords – ACO, Denial of Service, HMM ,Intrusion Detection,Wireless Sensor Network
------------------------------------------------------------------------------------------------------------------------------------------------
Date of Submission: Sep 17, 2015 Date of Acceptance: Oct 09, 2015
------------------------------------------------------------------------------------------------------------------------------------------------
1.INTRODUCTION
1.1 Wireless Sensor Network (WSN)
Wireless Sensor Networks have been widely
applied in various fields such as environmental
monitoring, healthcare management, battlefield
surveillance and industry control. Wireless Sensor
Networks (WSNs) is one of the most important
technologies for the twenty-first century. Wireless sensor
network (WSN) connects the distributed autonomous
sensors for collecting the data from sensors or distribute
the data into sensors. Wireless sensor networks (WSNs)
consist of a large number of low-cost, low-power, and
multi-functional sensor nodes. These sensor nodes are
small in size, equipped with sensors, embedded
microprocessors, and radio transceivers [12]. They
communicate over a short distance and collaborate to
accomplish any task. The aim of security mechanism in
WSN is to guard the information from attacks. This
security mechanism which is provided for wireless sensor
network makes sure that network services are available in
presence of any vulnerability. There are security
mechanism is based on five principles [17]
confidentiality, authenticity, Integrity, availability and
data freshness.
To cope up with the attacks, the concept of
Intrusion detection was invented by James Anderson in
1980 and a method based on this was introduced by
Denning in 1987.Intrusion Detection System (IDS) is a
device or software application that monitors the activities
to identify malicious behavior or suspicious event in
different environment. Intrusion Detection System is a
type of sensor that raise the alarm when specific event
occurs and it produces the log report to the management
system. Intrusions are caused by inside attackers and
authorized users attempting to gain and misuse
unauthorized privileges [9]. The various causes of
intrusions include incorrect algorithms, architectures,
vulnerabilities/flaws, implementation mistakes,
component defects and external disturbances [2]. There
are different security attacks in WSN are as follows,
Denial-of-Service (DoS) attacks
Sinkhole/Black hole attacks
Selective forwarding attack
Node Replication attacks
HELLO Flood attacks
Wormhole attacks
Sybil attack
1.2 Denial of Service
The Denial of Service (DoS) attack
frequently sends unwanted packets and it tries to utilize
the bandwidth of network. It legitimates the network user
from accessing the system or resources when required.
The DoS attack can present itself in physical layer, link
layer, network layer and transport layer. DoS attack can
be prevented by strong authentication and identification
built into the intrusion detection system. Other DoS
attacks are very harsh and it reacts in two ways such as
jamming and tampering.
Jamming is the deliberate interference
on the wireless communication channel. This attack is a
2. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2675
common one in which the attacker tries to disrupt the
operations of entire network or a particular small portion
of it. Jamming may be consistent or irregular. To handle
jamming at network layer deals with mapping jamming
area in the network or in neighboring routing area. The
attack is simple and effective when the network is based
on single frequency otherwise the attack should be
eliminated since it uses various forms of spread spectrum.
Tampering is one of the physical
attacks, which targets the hardware of the sensor nodes.
Tampering attack is not feasible to manage hundreds of
nodes extend over an area of several kilometers.
Tampering attackers may dig out the sensitive information
like cryptographic key from node by damaging it to get
access to higher level of communication. The only
security mechanism against tempering is to temper-proof
physical packaging. But it costs additional. [1]
2. RELATED WORK
Shi-Jinn Horng et al [26] have designed a new
flow for intrusion detection system using SVM technique.
The famous KDD Cup 1999 dataset was used to evaluate
the proposed system. Compared with other intrusion
detection systems that are based on the same dataset, this
system showed better performance in the detection of DoS
and Probe attacks, and the best performance in overall
accuracy.
Hayoung Oh et al [5] have proposed a real-time
intrusion and anomaly detection system using SOM. This
system labels the map produced by SOM using
correlations between features. It classifies neurons as
normal or attacks. In the case of attack neurons, they have
classified them again into the types of attacks. When a
malicious behavior is caught, this system detects the
intrusion as previously known attack or a new untrained
attack.
Mohammad Wazid [10] has used hybrid anomaly
detection technique with the k-means clustering. WSN are
simulated using OPNET simulator and the resultant dataset
consists of traffic data with end to end delay data which has
been clustered using WEKA 3.6. In this experiment, it has
been observed that two types of anomalies (misdirection
and black hole attacks) are activated in the network.
Shun-Sheng Wang et al [18] have designed an
integrated intrusion detection system using intrusion
dataset from UCI repository .The dataset trained well
using BPN and the output is used as an important
parameter in ART model to cluster the data. Finally the
outputs received from both techniques are compared and
the ART model provides the best accuracy rate and
overall performance.
Mohit Malik et al [11] have applied the rule
based technique for detecting the security attack in WSN.
They have discovered ten important security attack type in
their work and the parameters of those attack have been
developed fuzzy rule based system for calculating the
impact of security attack on the wireless sensor network.
Once the system has been executed it shows the impact of
attack in the network.
Reda M. Elbasiony et al [14] have proposed a
hybrid detection framework i.e. in anomaly detection, k-
means clustering algorithm is used to detect novel
intrusions by clustering the network connection’s data to
collect the most of intrusions together in one or more
clusters. In this proposed hybrid framework, the anomaly
part are improved by replacing the k-means algorithm
with another one called weighted k-means algorithm, In
this approaches Knowledge Discovery and Data Mining
(KDD’99) datasets are used.
LeventKoc et al [7] have proposed a new
technique HNB model which exhibits a superior overall
performance in terms of accuracy, error rate and
misclassification cost .In early stages the traditional Naïve
Bayes model are used but the result produced by HNB is
better than traditional Naïve Bayes. The results they have
produced indicate that this model significantly improves
the accuracy of detecting denial-of-services (DoS) attacks.
WenyingFenga et al [22] have introduced a new
way of combining algorithm for the better result in
detecting intrusions. They have classified the network
activities into normal or abnormal by reducing the
misclassification rate. In this work the author combined
Support Vector Machine method and the Clustering based
on Self-Organized Ant Colony Network to take the
advantages by avoiding their weaknesses. This
Experiments show that CSVAC (Combining Support
Vectors with Ant Colony) outperforms better the SVM or
CSOACN in terms of both classification rate and run-time
efficiency.
MeghaBandgaret al [8] have described a novel
approach using Hidden Markov Models (HMM) to detect
Internet attacks and they have described about an
intrusion detection system for detecting a signature based
attack. They have performed single and multiple HMM
model for source separation both on IP and port
information of source and destination. In this approach
they have reduced the false positive rate.
Dat Tran et al [3] have proposed Fuzzy Gaussian
mixture modeling method for network anomaly detection.
In this work a mixture of Gaussian distributions are used
to represent the network data in multi-dimensional feature
space. Using fuzzy C-means estimation, Gaussian
parameters were estimated and the whole work is carried
out with the KDD Cup data set. The proposed method
produced here is more effective than the vector
quantization method.
VahidGolmah [19] has been developed a hybrid
technique using C5.0 and SVM algorithm and they have
investigated and evaluate the performance of this hybrid
technique with DARPA dataset. The motivation for using
this hybrid approach is to improve the accuracy of the
intrusion detection system when compared to using
individual SVM and C50. By combining the SVM and
C5.0 this technique took less of execution time.
PunamMulak [13] has used hybrid technique by
combining Boundary cutting algorithm and clustering
algorithm. The motivation for using this hybrid approach
is to improve the accuracy of the intrusion detection
system and to provide better result than other clustering.
3. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2676
VenkataSuneethaTakkellapati [21] has proposed
a new system where Information Gain (IG) and Triangle
Area based KNN algorithm are used for selecting more
discriminative features. Then Greedy k-means clustering
algorithm is combined with SVM classifier to detect
Network attacks. This system achieves with high accuracy
detection rate and less error rate .All this work are carried
out in KDD CUP 1999 training data set.
Vaishali Kosamkar [20] has followed same
technique of combining C4.5 Decision Tree and Support
Vector Machine (SVM) algorithm in order to achieve high
accuracy and diminish the false alarm rate. In feature
selection stage, Correlation- Based Feature Selection
(CFS) algorithm is used for better accuracy result.
HarmeetKaurl [7] has designed their work to
reduce the delay in the network and to produce end to end
data in good speed. So in order to achieve, they have
simulated WSN using SPEED protocol. They have used
two performance parameters throughput and energy
consumption for analysis. BCO (Bee Colony
Optimization) algorithm is used to give better results with
high throughput and low energy consumption. All the
simulations are carried out in MATLAB.
3. METHODOLOGY
This research work aims at detecting DoS attack
in WSN using Hybrid technique. The objective is to
improve accuracy level and reduce misclassification and
false positive rate. The steps involved in this proposed
research design are shown in fig1.
Figure 1.Overview of Methodology
3.1 Pre-processing
It is the main step in improve the data quality.
Data from the dump area or from real-time environment
consists of noise, inconsistent, incomplete, missing value,
numeric and non-numeric data. Such type of data must be
cleaned using preprocessing techniques. Since in this
work both TCP dump and simulated dataset are used,
probability method is used to convert all non-numeric
values into numeric values in both datasets.
3.2 Normalization
Data normalization is a method to convert the
data vector into a new data vector where numeric values
fall within a specified range, such as scaling values
between [0,1]. This allows better comparisons or
visualizations of attributes that are of different units.
There are many types of normalization such as min-max,
z-score and decimal scaling normalization. The
normalization method used for this data is Min-Max
Method. It transforms all feature value to fall between
specified range [0, 1], since each value has different
ranges. The normalized value of ei for variable E in the ith
row is calculated as:
� � � ����� �� =
�� − � �
� �� − � �
Where,
Emin = the minimum value for variable E
Emax = the maximum value for variable E
If Emax is equal to Emin then Normalized (ei) is set to 0.5.
3.3 Feature Selection
Using Feature Selection technique it selects specific
subset of features to achieve the target output. The main
aim of feature selection is to remove the redundant and
irrelevant attributes (features), it is also named as attribute
subset selection [15].Through this selection, the level of
accuracy increases, with a reduction on dimensionality
and over fitting. Principal Component Analysis
approach monitors the variables and their relationship to
one another. It reduces the number of variables in
regression and clustering, for example. Each principal
component in Principal Component Analysis is the
linear combination of the variables which gives a
maximized variance. The steps in PCA are as follows:-
i) it assign scoring to each feature and based on the
scoring the features are either kept or removed from
dataset to achieve the target output and
ii) It finds a linear projection in high dimensional data
and converts them into lower dimensional subspace
that helps to minimize the reconstruction error.
Figure 2. Procedure for PCA
Subtract the mean from the dataset in all the
n-dimensions
Calculate the covariance matrix of this mean
subtracted dataset.
Calculated the eigenvalues and eigenvectors
of the covariance matrix found in step2.
Forming a feature vector by selecting the
eigenvector with the largest eigenvalues
Finally Results are produced.
Benchmark
Dataset
Simulated
Dataset
Preprocessing
Normalization
ACO
Feature
Selection
Performance
Evaluation
HMM+ACOHMM
4. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2677
3.4 Techniques
3.4.1 Hidden Markov Model (HMM)
In this work, HMM perform a generative model
that can model data sequentially in nature. HMM is used
to model data by assuming Markov property .Suppose a
system with N states and at discrete time intervals
transition take place among states. Let these instances be
t, t = 1, 2, 3 ... .any process is said to be a Markovian, if
only if the conditional probability of future states, depend
only upon the present state. The identification and
equations of HMM consists of 5tuples i.e. [N,M,A,B,π]
[20].
Where,
N denotes the number of states Q = {Q1, Q2,.....Qn}.
M, number of observation symbols, V= {V1, V2 ... VM}.
Hidden Markov Model use two different algorithms which
perform different task, they are Baum- Welch and Forward
–Backward algorithm. Baum-Welch algorithm learns only
the parameter of the model {A, B, π} and Forward-
Backward algorithm learns the probability of occurrence of
an observation sequence from the given model, P|O|λ. Here
HMM algorithm learn the parameter, and compute the
probability of an output sequence on both dataset using
Forward-Backward technique.
Figure 3.Pseudocode for HMM
3.4.2 Ant Colony Optimization (ACO)
Ant colony optimization is a probabilistic
technique initially used for solving computational problem,
later it was used for finding good path through graph. ACO
algorithm belongs to the class of swarm intelligence
methods, it constitutes some novel optimizations. To
achieve the goal of finding an optimal path in a graph,
ACO algorithm follows the behavior of an ant in seeking
its food in its own colony. When an ant runs for food into
an object automatically it measures ‘colony similarity’
within its local range. This run decides whether to pick up
or drop the object according to the value of probability.
That finally diversified to solve a wider class of numerical
problems, and as a result, several problems have emerged,
drawing on various aspects of the behavior of ants.
Figure 4. Pseudo code for ACO
A definition of colony similarity is the similarity between
an un-clustering object and other objects within its local
range [9] .It possesses properties like flexibility,
robustness, decentralization, and self-organization; it can
suggest very interesting heuristics and it is used in both
dataset.
3.4.3 Hidden Markov Model combined with Ant
Colony Optimization (HMM+ACO)
Combination of techniques is the best way to
improve the overall performance in intrusion detecting
system .Here new hybrid algorithm is developed by
combining the two existing algorithm that is discussed
above (HMM and ACO).In this algorithm, both HMM
and ACO are two interactive phase which multiples the
Iterate the following stages until the termination
condition is met:
Forward stage
Initialize alpha0(start state) = 1, and alpha0(s) =
0 for all other states ‘s’.
Repeat for each i from 0 up to k-1:For each
state s: alphai+1(s) = sumall states s'alphai(s')*ps, s’*q
(yi+1 | s <-- s')
Backward stage
Initialize betak(s) = 1 for all states s
Repeat for each i from k down to 1:For each
state s: betai-1(s) = sumall states s'ps',s*q (yi | s' <--
s)*betai(s')
Initialization
for i=1 to I (I=cycle number)
If i=1 then generate m random ant within
range
else reduce FS within range [xt-1
best
+β; xt-1
best
-
β]
end if
for i =1 to m
Determine f (xt
best
)
Save xt
best
end
Pheromone Update
Pheromone evaporation
Update Pheromone trail
Solution phase
Determine search direction
Generate the values of α vector
for i= 1 to m
Determine the values of new colony
Determine new f ( xt
best
)
Save xt
best
end
If f(xt
best
)new
≤ (xt
best
)old
then xglobalmin
=
( xt
best
)new
else xglobalmin
=( xt
best
)old
end if
end
5. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2678
iteration and executing time. HMM generates ‘pState’
value as output whereas ACO produce ‘GlobalMin’ value
as output .To enhance the result of HMM and ACO, both
values are hybridized to give a new optimization structure
and a better result.
Figure 5.Pseudocode for ACO
4. RESULTS AND DISSCUSSION
4.1. Experimental Setup
In this work, two different types of dataset i.e. i)
Benchmark Dataset and ii) Simulated Dataset are used
and performance is evaluated using MATLAB13b.
4.1.1 Benchmark Dataset
This experiment uses Intrusion Detection
Evaluation dataset which was first used in “The Third
International Knowledge Discovery and Data Mining
Tools Competition”. This dataset contains TCP dump
generated data over a nine week periods of simulated
network traffic in a hypothetical military LAN. It includes
7 million TCP connection records which have 21 types of
attacks in that only DoS attacks are considered such as
Back, Neptune, Pod, Smurf, Teardrop and normal attack
and it has 41 features which is categorized as follow:
Basic TCP features (1-9) are derived from packet
headers without inspecting the payload.
Time- and Host-Based Traffic features (10-28)
capture both present and historical data
Content features (29-41) are domain knowledge
which is used to assess the payload of the TCP
packets. i.e. no of failed login attempts.
4.1.2 Simulated Dataset
In this experiment, MATLAB software is used to
simulate a WSN based on LEACH protocol with and
without attack .Initially nodes are distributed randomly in
the network topology in a square area of 100m*100m.
Various parameters used for simulation are shown in
Table 1
Table. 1 Simulation Parameters
Simulated dataset are based on different
scenarios i.e. normal mode and attack mode. Initially in
normal mode, an event occurs in network and sensor
nodes transmit packets to the base station in each round of
simulation. In attack mode, once DoS attack is detected at
any node, the service passing through that particular node
automatically stops during simulation of ‘n’ no of nodes
where n is varied from 50-200 nodes. From the
experimental setup, the extracted features are extracted
and it is given as input for pre-processing and then
normalized using min-max normalization. Then principal
component analysis (PCA) is applied to reduce the
dimensionality of the normalized features. Finally a
hybrid technique is applied to classify it as normal or
abnormal and the performance is evaluated.
4.2 Performance Evaluation
The parameters used to evaluate the performance
of proposed approach are Accuracy, False Positive Rate
(FAR), and Misclassification Rate. They are defined as
follows,
1) Accuracy
The Accuracy is defined as the number of
intrusion instances detected divided by the total number of
intrusion instances present in the data set. The formula to
estimate the Accuracy is,
Accu�acy =
Numbe� of Int�u�ion� detected
Total Numbe� of Int�u�ion� P�e�ent
X
2) False Positive Rate (FPR)
False positive rate (FPR) is defined as the ratio of
the numbers of abnormal measurements that are
incorrectly misclassified as normal to the total number of
normal measurements.
Simulation Parameters Value
Field Dimensions(in meters) 100 *100m
Packet size 4000 bits
Number of Nodes 50,100,150,
200
Optimal Election Probability of
a node to become cluster
head(p)
0.1
Tx& Rx Antenna gain (Gt=Gr) 50j/energy
Tx& Rx Antenna heights (in m) 1
Percentage of attack node Upto 1%
Maximum number of rounds (r) 250
Input: A new data item x.
Input: GlobalMin (ACO) and pStates (HMM)
from Individual algorithm.
Output: L – the label of x.
Begin
LH ←performance of x with HMM;
LA ← performance of x with ACO;
if LH = LA = normal then
L ← normal;
else if LH<>LA then
L ← amphibious;
else
L ← LA;
(Generate new optimization iteration)
(A sub-class of abnormal is detected by the
HMM+ACO abnormal algorithm.)
end
end
6. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2679
FPR =
Numbe� of mi�cla��ified abno�mal mea�u�ement�
Total Numbe� of no�mal mea�u�ement�
X
3) Misclassification Rate
It is defined as the degree of errors
encountered during data transmission over a
communications or network connection. It is also denoted
as “Error Rate”.
Mi�cla��ification Rate =
−
Numbe� of co��ected cla��ified connection�
Total Numbe� of connection�
X
The performance results are obtained and the
proposed method of HMM+ACO is compared with
HMM, ACO are tabulated in the following table. From the
tables it is observed that hybrid technique (HMM+ACO)
gives improved results when compared to HMM and
ACO in all metrics.
4.3 Results:
A sample results for 150 nodes with DOS
attacks is shown in the following figures 6, 7 and 8.
Table .2 Comparison of HMM, ACO and HMM+ACO on
Benchmark dataset
Benchmark Dataset
Metrics HMM ACO HMM+ACO
Accuracy 79.5 73.4 84.39
False Positive
Rate (FPR)
0.905 0.423 0.074
Misclassification
Rate
0.204 0.265 0.166
Table .3 Comparison of HMM, ACO and HMM+ACO on
Simulated dataset.
Simulated Dataset
Metrics HMM ACO HMM+ACO
Accuracy 89.55 82.66 93.83
False Positive
Rate (FPR)
0.100 0.452 0.077
Misclassification
Rate
0.104 0.173 0.061
Figure 6.Detection of Attacker Nodes using 150 nodes
Figure 7. DOS attack occur at 20th
node using 150 nodes
7. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2680
Figure 8. Packets sent to Base Station using 150 nodes.
From the experimental results, it is concluded
that hybrid technique gives improved results than HMM
and ACO. Accuracy result has been increased almost 10%
in the case of both datasets. False Positive Rate and
Misclassification rate has decreased by 2% almost using
the both datasets.
5. CONCLUSION AND FUTURE
ENHNCEMENT
There are different intrusion detection
mechanisms available in the literature. There are many
intrusions that affect the network day to day life but DoS
is the most common attack that affects the environment.
Therefore, the work has focused on detecting DoS attack
using hybrid technique in WSN. The experimental results
showed that the proposed technique achieves better
Accuracy when compared to existing algorithms. The
proposed hybrid technique (HMM+ACO) results are
compared with earlier algorithms such as HMM and
ACO.
Following are identified as the scope for future
enhancement,
In the future, Candid-Covariance free Incremental
Principal Component Analysis (CCIPCA) can be
operated instead of Principal Component Analysis
(PCA) for dimensionality reduction .It can be used in
the incremental mode to simulate the real time
applications.
The simulated data set can be further analyzed for
classifying of other different type of attacks (i.e. Sink
attack, Hello attack etc) where proposed technique can
be used.
REFERENCES
[1] Amit Kumar Mishra, Sunil Ghildiyal, Ashish Gupta,
Neha Garg ,” Analysis Of Denial Of Service (Dos)
Attacks In Wireless Sensor Networks”, IJRET:
International Journal of Research in Engineering and
Technology, Volume: 03 Special Issue: 10 |
NCCOTII 2014 | Jun-2014.
[2] Animesh Patcha and Jung-Min Park, “An overview of
anomaly detection techniques: Existing solutions and
latest technological trends”, Elsevier Computer
Networks, Vol. 51, 2007.
[3] Dat Tran, Wanli Ma, and Dharmendra Sharma,”
Network Anomaly Detection using Fuzzy Gaussian
Mixture Models”, International Journal of Future
Generation Communication and Networking, pp.37-
42, 2012.
[4] Harmeet Kaur , Ravneet Kaur, “ Crossbreed Routing
Protocol for SPEED Terminology in Wireless Sensor
Networks”, International Journal of Advance
Research in Computer Science and management
Studies, Volume 2, Issue 7, ISSN: 2321-7782, July
2014.
[5] Hayoung Oh,” Attack Classification based on Data
Mining Technique and its application for Reliable
Medical Sensor Communication”, International
Journal of Computer Science and Applications, Vol.
6, No. 3, pp 20 – 32, 2009.
[6] Jue Lu, Rongqiang Hu, “A new hybrid clustering
algorithm based on K-means and ant colony
algorithm”, Proceedings of the 2nd International
Conference on Computer Science and Electronics
Engineering (ICCSEE 2013).
[7] Levent Koc , Thomas A. Mazzuchi, Shahram Sarkani,
“A network intrusion detection system based on a
Hidden Naïve Bayes multiclass classifier”, Elsevier,
pp.13492–13500, 2012.
[8] Megha Bandgar, Komal dhurve, Sneha Jadhav,Vicky
Kayastha,Prof. T.J Parvat, “ Intrusion Detection
System using Hidden Markov Model (HMM)”,
IOSR Journal of Computer Engineering (IOSR-
JCE) e-ISSN: 2278-0661, p- ISSN: 2278-
8727Volume 10, Issue 3, pp.66-70, (Mar. - Apr.
2013).
[9] Miao Xie, SongHan, BimingTian and, SaziaParvin,”
Anomaly detection in wireless sensor networks: A
survey”, Elsevier Journal of Network and
Computer Applications, Vol.34, pp. 1302-1325,
2011.
[10] Mohammad Wazid , “ Hybrid Anomaly Detection
using K-Means Clustering in Wireless Sensor
8. Int. J. Advanced Networking and Applications
Volume: 07 Issue: 02 Pages: 2674-2681 (2015) ISSN: 0975-0290
2681
Networks” , Center for Security, Theory and
Algorithmic Research, pp. 1-17.
[11] Mohit Malik, Namarta kapoor, Esh naryan, Aman
Preet Singh,” Rule Based Technique detecting
Security attack for Wireless Sensor network using
fuzzy logic”, International Journal of Advanced
Research in Computer Engineering & Technology
,Volume 1, Issue 4, , ISSN: 2278 – 1323, June
2012.
[12] Murad A.Rassam, Anazida Zainal and Mohd
Aizaini Maarof,”An Efficient distributed anomaly
detection model for wireless sensor networks”,
Elsevier AASRI Procedia, No.5, pp. 9-14, 2013.
[13] Punam Mulak, Nitin R. Talhar, “Novel Intrusion
Detection System Using Hybrid Approach”,
International Journal of Advanced Research in
Computer Science and Software Engineering,
Volume 4, Issue 11, ISSN: 2277 128X, November
2014.
[14] Reda M. Elbasiony , Elsayed A. Sallam , Tarek E.
Eltobely ,Mahmoud M. Fahmy ,” A hybrid
network intrusion detection framework based on
random forests and weighted k-means” Ain Shams
Engineering Journal”, vol 4, pp.753–762,2013.
[15] Revathi, T. S. (2013). "Survey: Effective Feature
Subset Selection Methods and Algorithms for High
Dimensional Data". International Journal of
Advanced Research in Computer Engineering &
Technology (IJARCET).
[16] Shi-Jinn Horng , Ming-Yang Su , Yuan-Hsin Chen ,
Tzong-Wann Kao, Rong-Jian Chen, Jui- Lin Lai ,
Citra Dwi Perkasa ,” A novel intrusion detection
system based on hierarchical clustering and
support vector machines” , Elsevier Computer
Network pp.306–313, 2010.
[17] Kumar Singh 1, M P Singh 2, and D K Singh, "A
Survey on Network Security and Attack Defense
Mechanism for Wireless Sensor Networks",
International Journal of Computer Trends and
Technology- May to June Issue 2011.
[18] Shun-Sheng Wang, Kuo-Qin Yan , Shu-Ching
Wang , Chia-Wei Liu ,” An Integrated Intrusion
Detection System for Cluster-based Wireless
Sensor Networks”, Elsevier, pp. 15234–15243,
2011.
[19] Vahid Golmah, “ An Efficient Hybrid Intrusion
Detection System based on C5.0 and SVM”,
International Journal of Database Theory and
Application Vol.7, No.2 ,pp.59-70, (2014).
[20] Vaishali Kosamkar, Sangita S Chaudhari,”
Improved Intrusion Detection System using
C4.5Decision Tree and Support Vector Machine”,
International Journal of Computer Science and
Information Technologies, Vol. 5 (2) , pp. 1463-
1467, 2014
[21] Venkata Suneetha Takkellapati1 , G.V.S.N.R.V
Prasad,” Network Intrusion Detection system based
on Feature Selection and Triangle area Support
Vector Machine”, International Journal of
Engineering Trends and Technology-
Volume3Issue4- 2012
[22] Wenying Fenga, Qinglei Zhangc, Gongzhu Hud,
Jimmy Xiangji Huange, “Mining network data for
intrusion detection through combining SVMs with
ant colony networks”, Elsevier , pp. 127-140, 2013
BIODATA OF THE AUTHORS
Ms.S.Sumitha Pandit has received her
MCA degree in 2014 from
Avinashilingam Institute for Home
Science and Higher Education for
Women, Coimbatore, TamilNadu, India.
She is now completed her M.Phil in 2015 in
Avinashilingam Institute for Home Science and Higher
Education for Women, Coimbatore, TamilNadu, India.
Her areas of interest are Wireless Sensor Networks and
Data Mining.
Dr.B.Kalpana Professor in Computer
Science, Avinashilingam University for
Women, Coimbatore, has around 25 years
of teaching and research experience. Her
areas of interest include Data mining and
Wireless sensor networks. She has served as a reviewer
for several journals in computer science. She has been
the Principal Investigator for a project funded by the
NRB in the area of wireless sensor networks. She has to
her credit research papers and book chapters in several
reputed national and international journals/books.