Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an Enterprise Network
This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter. This system is built on attack graph-based analytical models based on classification process and reconfigurable through update solutions to virtual network-based countermeasures.
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
This document summarizes a research paper that proposes using mobile agents to improve intrusion detection systems. The paper presents an architecture for an intrusion detection system that uses mobile agents to autonomously collect intrusion-related information from systems on a network. Information collector agents gather data, while chasing agents work to trace the path of intrusions and locate their origin. The paper evaluates this approach and discusses how mobile agents can enhance intrusion detection through their mobility and autonomous functionality.
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
International Journal of Computational Science and Information Technology (I...ijcsity
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.Network is collection of nodes that interconnect with each other for exchange the Information. This information is required for that node is kept confidentially. Attacker in network computer captures this information that is confidential and misuse the network. Hence security is one of the major issues. There are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,survey on different mechanism to prevent DDoS.
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
The Internet Threat Monitoring (ITM) is an efficient monitoring system used globally to measure, detect, characterize and track threats such as denial of service (DoS) and distributed Denial of Service (DDoS) attacks and worms. . To block the monitoring system in the internet the attackers are targeted the ITM system. In this paper we address the flooding attack of DDoS against ITM monitors to exhaust the network resources, such as bandwidth, computing power, or operating system data structures by sending the malicious traffic. We propose an information-theoretic frame work that models the flooding attacks using Botnet on ITM. One possible way to counter DDoS attacks is to trace the attack sources and punish the perpetrators. we propose a novel traceback method for DDoS using Honeypots. IP tracing through honeypot is a single packet tracing method and is more efficient than commonly used packet marking techniques.
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
An Efficient Classification Mechanism For Network Intrusion Detection System Based on Data Mining
Techniques:A Survey..........................................................................................................................1
Subaira A. S. and Anitha P.
Automated Biometric Verification: A Survey on Multimodal Biometrics ..............................................1
Rupali L. Telgad, Almas M. N. Siddiqui and Dr. Prapti D. Deshmukh
Design and Implementation of Intelligence Car Parking Systems ........................................................1
Ogunlere Samson, Maitanmi Olusola and Gregory Onwodi
Intrusion Detection Techniques for Mobile Ad Hoc and Wireless Sensor Networks..............................1
Rakesh Sharma, V. A. Athavale and Pinki Sharma
Performance Evaluation of Sentiment Mining Classifiers on Balanced and Imbalanced Dataset ...........1
G.Vinodhini and R M. Chandrasekaran
Demosaicing and Super-resolution for Color Filter Array via Residual Image Reconstruction and Sparse
Representation..................................................................................................................................1
Jie Yin, Guangling Sun and Xiaofei Zhou
Determining Weight of Known Evaluation Criteria in the Field of Mehr Housing using ANP Approach ..1
Saeed Safari, Mohammad Shojaee, Mohammad Tavakolian and Majid Assarian
Application of the Collaboration Facets of the Reference Model in Design Science Paradigm ...............1
Lukasz Ostrowski and Markus Helfert
Personalizing Education News Articles Using Interest Term and Category Based Recommender
Approaches .......................................................................................................................................1
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
This document summarizes a research paper that proposes using mobile agents to improve intrusion detection systems. The paper presents an architecture for an intrusion detection system that uses mobile agents to autonomously collect intrusion-related information from systems on a network. Information collector agents gather data, while chasing agents work to trace the path of intrusions and locate their origin. The paper evaluates this approach and discusses how mobile agents can enhance intrusion detection through their mobility and autonomous functionality.
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
International Journal of Computational Science and Information Technology (I...ijcsity
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.Network is collection of nodes that interconnect with each other for exchange the Information. This information is required for that node is kept confidentially. Attacker in network computer captures this information that is confidential and misuse the network. Hence security is one of the major issues. There are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,survey on different mechanism to prevent DDoS.
IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Ho...IJNSA Journal
The Internet Threat Monitoring (ITM) is an efficient monitoring system used globally to measure, detect, characterize and track threats such as denial of service (DoS) and distributed Denial of Service (DDoS) attacks and worms. . To block the monitoring system in the internet the attackers are targeted the ITM system. In this paper we address the flooding attack of DDoS against ITM monitors to exhaust the network resources, such as bandwidth, computing power, or operating system data structures by sending the malicious traffic. We propose an information-theoretic frame work that models the flooding attacks using Botnet on ITM. One possible way to counter DDoS attacks is to trace the attack sources and punish the perpetrators. we propose a novel traceback method for DDoS using Honeypots. IP tracing through honeypot is a single packet tracing method and is more efficient than commonly used packet marking techniques.
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
An Efficient Classification Mechanism For Network Intrusion Detection System Based on Data Mining
Techniques:A Survey..........................................................................................................................1
Subaira A. S. and Anitha P.
Automated Biometric Verification: A Survey on Multimodal Biometrics ..............................................1
Rupali L. Telgad, Almas M. N. Siddiqui and Dr. Prapti D. Deshmukh
Design and Implementation of Intelligence Car Parking Systems ........................................................1
Ogunlere Samson, Maitanmi Olusola and Gregory Onwodi
Intrusion Detection Techniques for Mobile Ad Hoc and Wireless Sensor Networks..............................1
Rakesh Sharma, V. A. Athavale and Pinki Sharma
Performance Evaluation of Sentiment Mining Classifiers on Balanced and Imbalanced Dataset ...........1
G.Vinodhini and R M. Chandrasekaran
Demosaicing and Super-resolution for Color Filter Array via Residual Image Reconstruction and Sparse
Representation..................................................................................................................................1
Jie Yin, Guangling Sun and Xiaofei Zhou
Determining Weight of Known Evaluation Criteria in the Field of Mehr Housing using ANP Approach ..1
Saeed Safari, Mohammad Shojaee, Mohammad Tavakolian and Majid Assarian
Application of the Collaboration Facets of the Reference Model in Design Science Paradigm ...............1
Lukasz Ostrowski and Markus Helfert
Personalizing Education News Articles Using Interest Term and Category Based Recommender
Approaches .......................................................................................................................................1
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile...IJNSA Journal
This paper proposes a fault tolerant distributed intrusion detection system architecture that uses mobile agents. The architecture includes a mobile agent platform (MAP) that provides an execution environment for mobile agents (MAs) to run specialized monitoring tasks. When the main IDS server goes down, the MAP on backup client hosts can collectively take over server responsibilities according to priority. MAs dispatch from the MAP to detect intrusions by invoking filter, correlator and interpreter agents. The paper outlines this architecture and discusses directions for implementing an IDS using the MAP, MAs, detection engines and XML data storage. This approach aims to improve scalability, platform independence and reliability over other IDS models.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
This document summarizes a proposed network attack alerting system that aims to reduce redundant alerts from intrusion detection systems (IDS). The system uses both network-based and host-based IDS to detect attacks launched using the Backtrack penetration testing tool on a virtual network environment. Well-known open source IDS tools from the Security Onion distribution are used to generate alerts. The system builds a database of alerts and defines rules to eliminate duplicate alerts for the same attack based on attributes like source/destination IP and port. It also establishes a severity classification scheme using threshold values of alerts and time to help administrators prioritize responses.
The document provides a review of recent intrusion detection systems for wireless sensor networks. It begins with an introduction to wireless sensor networks and different types of intrusions. It then analyzes 14 recent intrusion detection systems, listing their advantages and disadvantages. Finally, it concludes that future work is needed to develop systems that can accurately detect intrusions in an energy-efficient manner.
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYijasa
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.
Network is collection of nodes that interconnect with each other for exchange the Information. This
information is required for that node is kept confidentially. Attacker in network computer captures this
information that is confidential and misuse the network. Hence security is one of the major issues. There
are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed
denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to
target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its
intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.
Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,
survey on different mechanism to prevent DDoS
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Survey on Host and Network Based Intrusion Detection SystemEswar Publications
With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS) is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.
Pattern Analysis and Signature Extraction for Intrusion Attacks on Web ServicesIJNSA Journal
The increasing popularity of web service technology is attracting hackers and attackers to hack the web services and the servers on which they run. Organizations are therefore facing the challenge of implementing adequate security for Web Services. A major threat is that of intruders which may maliciously try to access the data or services. The automated methods of signature extraction extract the binary pattern blindly resulting in more false positives. In this paper a semi automated approach is proposed to analyze the attacks and generate signatures for web services. For data collection, apart from the conventional SOAP data loggers, honeypots are also used that collect small data which is of high value. To filter out the most suspicious part of the data, SVM based classifier is employed to aid the system administrator. By applying an attack signature algorithm on the filtered data, a more balanced attack signature is extracted that results in fewer false positives and negatives. It helps the Security Administrator to identify the web services that are vulnerable or are attacked more frequently.
This document discusses network security. It begins by defining network security and explaining the three main types: physical, technical, and administrative security controls. It then defines vulnerabilities as weaknesses that can be exploited by threats such as unauthorized access or data modification. Common network attacks are described as reconnaissance, access, denial of service, and worms/viruses. Emerging attack trends include malware, phishing, ransomware, denial of service attacks, man-in-the-middle attacks, cryptojacking, SQL injection, and zero-day exploits. The document aims to help students understand vulnerabilities, threats, attacks, and trends regarding network security.
This document describes a system for detecting denial-of-service (DoS) attacks based on multivariate correlation analysis (MCA). The system generates normal traffic profiles using MCA to analyze legitimate training records. It then measures the dissimilarity between live traffic and normal profiles using Mahalanobis distance, flagging records above a threshold as potential attacks. If a record's distance exceeds the threshold, it is identified as a DoS attack. The system is intended to accurately detect both known and unknown DoS attacks compared to existing detection methods.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
Nowadays, cyber-attacks from botnets are increasing at a faster rate than any other malware spread. Detecting the botmaster who commands the tasks has become more difficult. Most of the detecting methods are based on the features of any communication protocol or the history of the network traffic. In this paper, a rational approach is brought for the live detection of the botmaster in the internal network. The victim machine monitors its packets and compromises the bots in the network and finds the traces to the botmaster. This approach works independent of the structure of the botnet, and will be a better option for online detection of the botmaster.
Autonomic Anomaly Detection System in Computer Networksijsrd.com
This paper describes how you can protect your system from Intrusion, which is the method of Intrusion Prevention and Intrusion Detection .The underlying premise of our Intrusion detection system is to describe attack as instance of ontology and its first need is to detect attack. In this paper, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-governing: self-labeling, self-updating and self-adapting. Our structure employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies.
Detection of Distributed Denial of Service Attacksijdmtaiir
Denial-of-Service attacks, a type of attack on
a network that is designed to bring the network to its knees by
flooding it with useless traffic. Many Dos attacks, such as
the Ping of Death ,Teardrop attacks etc., exploit the limitations
in the TCP/IP protocols. like viruses, new Dos attacks are
constantly being dreamed up by hackers.So the users have to
take own effort of a large number of protected system such as
Firewall or up-to-date antivirus software. . If the system or
links are affected from an attack then the legitimate clients may
not be able to connect it.. This detection system is the next
level of the security to protect the server from major problems
occurs such as Dos attacks, Flood IP attacks, and also the
Proxy Surfer. So these kinds of anonymous activities barred
out by using this Concept
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
Client side attacks are those which exploits the vulnerabilities in client side applications such as browsers, plug-ins etc. The remote attackers execute the malicious code in end user’s system without his knowledge. Here in this research, we propose to detect and measure the drive by download class of malware which infect the end user’s system through HTTP based propagation mechanism. The purpose of this research is to introduce a class of technology known as client honeypot through which we execute the domains in a virtual machine in more optimized manner. Those virtual machines are the controlled environment for the execution of those URLs. During the execution of the websites, the PE files dropped into the system are logged and further analyzed for categorization of malware. Further the critical analysis has been performed by applying some reverse engineering techniques to categories the class of malware and source of infections performed by the malware.
Distributed Denial of Service (DDoS) attack is the most severe cyber-attack that
affects the availability of critical applications. The attackers identify the weakness in
the machines and compromise them to involve in the flooding attack. During the
DDOS attack generation, they also gain access to secret information. These
computers are then used to wage a DDoS Attack in host’s computer. Through many
security measures have been taken in order to stop DDOS Attack to be protect our
data, the attackers have developed new techniques and attack methodology. Hence it
is very important that instead of reacting to new attacks, it is necessary to build a
complete DDoS solution that will defend all types of DDoS attacks. So, the
researchers must understand the cyber space and methods utilized to block the DDoS
attacks. The proposed system provides a unique method to detect DDoS attack using
Splunk. We propose two methods for prevention of DDoS attack. One is using
Randomly generated Captchas and other one is using Linux bash script to prevent
DDoS attack by automatically blocking IP of the client, who is sending multiple
request at a time.
This document summarizes intrusion detection systems (IDS), including that an IDS monitors network traffic to detect unwanted activity like illegal access. IDS can be classified based on anomaly detection, signature-based detection, host-based monitoring of operating systems, or network-based analysis of packet traffic. The document also discusses benefits of IDS like reduced costs and real-time detection, and notes the future includes better integrating network and host-based IDS to detect novel attacks.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
Haralick Texture Features based Syriac(Assyrian) and English or Arabic docume...Editor IJCATR
This document presents a method for classifying Syriac, English, and Arabic script documents using Haralick texture features and a k-nearest neighbor algorithm. 300 text blocks were extracted from documents in the three scripts and rotated between 0-135 degrees. 13 Haralick texture features were extracted from each block to form vectors for classification. Using a kNN classifier with k=3, the method achieved 100% accuracy in classifying Syriac vs. English text blocks and Syriac vs. Arabic text blocks, even when the scripts were rotated, demonstrating the potential of Haralick texture features for script identification.
Fuzzy Goal Programming Techniques for Production Planning in IndustryEditor IJCATR
This document presents a fuzzy goal programming model to solve a production planning problem for a company that manufactures three types of cups. The company has four goals: 1) produce 1000 cups per day, 2) achieve a profit of at least £1250, 3) minimize extra furnace and finishing hours, and 4) manufacture at least 300 of each cup type. The model formulates these goals as fuzzy constraints and maximizes a weighted fuzzy achievement function. The results show the model was able to partially satisfy all goals by producing 280.5, 265, and 260 cups of each type, achieving a profit of £1250, and using 2396 and 4766.5 furnace and finishing hours respectively.
Automatic License Plate Recognition using OpenCV Editor IJCATR
Automatic License Plate Recognition system is a real time embedded system which automatically recognizes the license plate of vehicles. There are many applications ranging from complex security systems to common areas and from parking admission to urban traffic control. Automatic license plate recognition (ALPR) has complex characteristics due to diverse effects such as of light and speed. Most of the ALPR systems are built using proprietary tools like Matlab. This paper presents an alternative method of implementing ALPR systems using Free Software including Python and the Open Computer Vision Library.
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile...IJNSA Journal
This paper proposes a fault tolerant distributed intrusion detection system architecture that uses mobile agents. The architecture includes a mobile agent platform (MAP) that provides an execution environment for mobile agents (MAs) to run specialized monitoring tasks. When the main IDS server goes down, the MAP on backup client hosts can collectively take over server responsibilities according to priority. MAs dispatch from the MAP to detect intrusions by invoking filter, correlator and interpreter agents. The paper outlines this architecture and discusses directions for implementing an IDS using the MAP, MAs, detection engines and XML data storage. This approach aims to improve scalability, platform independence and reliability over other IDS models.
International Journal of Computational Engineering Research(IJCER)ijceronline
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology.
This document summarizes a proposed network attack alerting system that aims to reduce redundant alerts from intrusion detection systems (IDS). The system uses both network-based and host-based IDS to detect attacks launched using the Backtrack penetration testing tool on a virtual network environment. Well-known open source IDS tools from the Security Onion distribution are used to generate alerts. The system builds a database of alerts and defines rules to eliminate duplicate alerts for the same attack based on attributes like source/destination IP and port. It also establishes a severity classification scheme using threshold values of alerts and time to help administrators prioritize responses.
The document provides a review of recent intrusion detection systems for wireless sensor networks. It begins with an introduction to wireless sensor networks and different types of intrusions. It then analyzes 14 recent intrusion detection systems, listing their advantages and disadvantages. Finally, it concludes that future work is needed to develop systems that can accurately detect intrusions in an energy-efficient manner.
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGYijasa
Denial of Service (DoS) or Distributed-Denial of Service (DDoS) is major threat to network security.
Network is collection of nodes that interconnect with each other for exchange the Information. This
information is required for that node is kept confidentially. Attacker in network computer captures this
information that is confidential and misuse the network. Hence security is one of the major issues. There
are one or many attacks in network. One of the major threats to internet service is DDoS (Distributed
denial of services) attack. DDoS attack is a malicious attempt to suspending or interrupting services to
target node. DDoS or DoS is an attempt to make network resource or the machine is unavailable to its
intended user. Many ideas are developed for avoiding the DDoS or DoS. DDoS happen in two ways
naturally or it may due to some botnets .Various schemes are developed defense against to this attack.
Main idea of this paper is present basis of DDoS attack. DDoS attack types, DDoS attack components,
survey on different mechanism to prevent DDoS
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Survey on Host and Network Based Intrusion Detection SystemEswar Publications
With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS) is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.
Pattern Analysis and Signature Extraction for Intrusion Attacks on Web ServicesIJNSA Journal
The increasing popularity of web service technology is attracting hackers and attackers to hack the web services and the servers on which they run. Organizations are therefore facing the challenge of implementing adequate security for Web Services. A major threat is that of intruders which may maliciously try to access the data or services. The automated methods of signature extraction extract the binary pattern blindly resulting in more false positives. In this paper a semi automated approach is proposed to analyze the attacks and generate signatures for web services. For data collection, apart from the conventional SOAP data loggers, honeypots are also used that collect small data which is of high value. To filter out the most suspicious part of the data, SVM based classifier is employed to aid the system administrator. By applying an attack signature algorithm on the filtered data, a more balanced attack signature is extracted that results in fewer false positives and negatives. It helps the Security Administrator to identify the web services that are vulnerable or are attacked more frequently.
This document discusses network security. It begins by defining network security and explaining the three main types: physical, technical, and administrative security controls. It then defines vulnerabilities as weaknesses that can be exploited by threats such as unauthorized access or data modification. Common network attacks are described as reconnaissance, access, denial of service, and worms/viruses. Emerging attack trends include malware, phishing, ransomware, denial of service attacks, man-in-the-middle attacks, cryptojacking, SQL injection, and zero-day exploits. The document aims to help students understand vulnerabilities, threats, attacks, and trends regarding network security.
This document describes a system for detecting denial-of-service (DoS) attacks based on multivariate correlation analysis (MCA). The system generates normal traffic profiles using MCA to analyze legitimate training records. It then measures the dissimilarity between live traffic and normal profiles using Mahalanobis distance, flagging records above a threshold as potential attacks. If a record's distance exceeds the threshold, it is identified as a DoS attack. The system is intended to accurately detect both known and unknown DoS attacks compared to existing detection methods.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
Nowadays, cyber-attacks from botnets are increasing at a faster rate than any other malware spread. Detecting the botmaster who commands the tasks has become more difficult. Most of the detecting methods are based on the features of any communication protocol or the history of the network traffic. In this paper, a rational approach is brought for the live detection of the botmaster in the internal network. The victim machine monitors its packets and compromises the bots in the network and finds the traces to the botmaster. This approach works independent of the structure of the botnet, and will be a better option for online detection of the botmaster.
Autonomic Anomaly Detection System in Computer Networksijsrd.com
This paper describes how you can protect your system from Intrusion, which is the method of Intrusion Prevention and Intrusion Detection .The underlying premise of our Intrusion detection system is to describe attack as instance of ontology and its first need is to detect attack. In this paper, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-governing: self-labeling, self-updating and self-adapting. Our structure employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies.
Detection of Distributed Denial of Service Attacksijdmtaiir
Denial-of-Service attacks, a type of attack on
a network that is designed to bring the network to its knees by
flooding it with useless traffic. Many Dos attacks, such as
the Ping of Death ,Teardrop attacks etc., exploit the limitations
in the TCP/IP protocols. like viruses, new Dos attacks are
constantly being dreamed up by hackers.So the users have to
take own effort of a large number of protected system such as
Firewall or up-to-date antivirus software. . If the system or
links are affected from an attack then the legitimate clients may
not be able to connect it.. This detection system is the next
level of the security to protect the server from major problems
occurs such as Dos attacks, Flood IP attacks, and also the
Proxy Surfer. So these kinds of anonymous activities barred
out by using this Concept
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
Client side attacks are those which exploits the vulnerabilities in client side applications such as browsers, plug-ins etc. The remote attackers execute the malicious code in end user’s system without his knowledge. Here in this research, we propose to detect and measure the drive by download class of malware which infect the end user’s system through HTTP based propagation mechanism. The purpose of this research is to introduce a class of technology known as client honeypot through which we execute the domains in a virtual machine in more optimized manner. Those virtual machines are the controlled environment for the execution of those URLs. During the execution of the websites, the PE files dropped into the system are logged and further analyzed for categorization of malware. Further the critical analysis has been performed by applying some reverse engineering techniques to categories the class of malware and source of infections performed by the malware.
Distributed Denial of Service (DDoS) attack is the most severe cyber-attack that
affects the availability of critical applications. The attackers identify the weakness in
the machines and compromise them to involve in the flooding attack. During the
DDOS attack generation, they also gain access to secret information. These
computers are then used to wage a DDoS Attack in host’s computer. Through many
security measures have been taken in order to stop DDOS Attack to be protect our
data, the attackers have developed new techniques and attack methodology. Hence it
is very important that instead of reacting to new attacks, it is necessary to build a
complete DDoS solution that will defend all types of DDoS attacks. So, the
researchers must understand the cyber space and methods utilized to block the DDoS
attacks. The proposed system provides a unique method to detect DDoS attack using
Splunk. We propose two methods for prevention of DDoS attack. One is using
Randomly generated Captchas and other one is using Linux bash script to prevent
DDoS attack by automatically blocking IP of the client, who is sending multiple
request at a time.
This document summarizes intrusion detection systems (IDS), including that an IDS monitors network traffic to detect unwanted activity like illegal access. IDS can be classified based on anomaly detection, signature-based detection, host-based monitoring of operating systems, or network-based analysis of packet traffic. The document also discusses benefits of IDS like reduced costs and real-time detection, and notes the future includes better integrating network and host-based IDS to detect novel attacks.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
Haralick Texture Features based Syriac(Assyrian) and English or Arabic docume...Editor IJCATR
This document presents a method for classifying Syriac, English, and Arabic script documents using Haralick texture features and a k-nearest neighbor algorithm. 300 text blocks were extracted from documents in the three scripts and rotated between 0-135 degrees. 13 Haralick texture features were extracted from each block to form vectors for classification. Using a kNN classifier with k=3, the method achieved 100% accuracy in classifying Syriac vs. English text blocks and Syriac vs. Arabic text blocks, even when the scripts were rotated, demonstrating the potential of Haralick texture features for script identification.
Fuzzy Goal Programming Techniques for Production Planning in IndustryEditor IJCATR
This document presents a fuzzy goal programming model to solve a production planning problem for a company that manufactures three types of cups. The company has four goals: 1) produce 1000 cups per day, 2) achieve a profit of at least £1250, 3) minimize extra furnace and finishing hours, and 4) manufacture at least 300 of each cup type. The model formulates these goals as fuzzy constraints and maximizes a weighted fuzzy achievement function. The results show the model was able to partially satisfy all goals by producing 280.5, 265, and 260 cups of each type, achieving a profit of £1250, and using 2396 and 4766.5 furnace and finishing hours respectively.
Automatic License Plate Recognition using OpenCV Editor IJCATR
Automatic License Plate Recognition system is a real time embedded system which automatically recognizes the license plate of vehicles. There are many applications ranging from complex security systems to common areas and from parking admission to urban traffic control. Automatic license plate recognition (ALPR) has complex characteristics due to diverse effects such as of light and speed. Most of the ALPR systems are built using proprietary tools like Matlab. This paper presents an alternative method of implementing ALPR systems using Free Software including Python and the Open Computer Vision Library.
The increasing availability of COTS (commercial-off-the-shelf) components in the market of software
development has concretized the opportunity of building whole systems based on previously built components. Component-
Based Software Engineering (CBSE) is an approach which is used to improve efficiency and productivity of software system
with the help of reusability. CBSE approach improves software development productivity and software quality by selecting
pre-existing software components. Reusability in Component-Based Software Development (CBSD) not only reduces the
time to market in development but also brings the cost down of development heavily. This paper represents the challenges
which are faced by software developer during component selection like reliability, time, components size, fault tolerance,
performance, components functionality and components compatibility. This paper also summarizes algorithms used for
component retrieval according to availability of component subset.
Identification of Spam Emails from Valid Emails by Using VotingEditor IJCATR
In recent years, the increasing use of e-mails has led to the emergence and increase of problems caused by mass unwanted
messages which are commonly known as spam. In this study, by using decision trees, support vector machine, Naïve Bayes theorem
and voting algorithm, a new version for identifying and classifying spams is provided. In order to verify the proposed method, a set of
a mails are chosen to get tested. First three algorithms try to detect spams, and then by using voting method, spams are identified. The
advantage of this method is utilizing a combination of three algorithms at the same time: decision tree, support vector machine and
Naïve Bayes method. During the evaluation of this method, a data set is analyzed by Weka software. Charts prepared in spam
detection indicate improved accuracy compared to the previous methods.
THE CRITICAL ORGANIZATIONAL FACTORS OF E-GOVERNMENT IN KENYA Editor IJCATR
eGovernment focusses on the use of technology to achieve levels of improvement in various areas of government, transforming the nature of politics and relations between the government and citizens. However, in Kenya, just like in other developing nations, many eGovernment projects have either stalled or failed to meet their objectives due to some key organizational factors. This study therefore highlights critical organizational factors affecting eGovernment projects and the nature of their relationships with eGovernment performance. The study employed cross-sectional survey design. Targeting the entire 18 eGovernment projects implemented through the Information Communications Authority of Kenya since 2005. Both primary and secondary data was collected and analyzed based on response from 217 respondents out of the 300 who participated (72% response rate). At the end, it emerged that out of the various organizational factors hypothesized to predict eGovernment projects Performance, only organizational structure, prioritization of deliverables, and organizational culture are critical in Kenyan context. Others identified in previous studies such as future needs of the organization, power distribution, structure, information system strategy alignment, prioritization of deliverables, and training were also important but not critical.
In this paper we propose a system that allows a safe and secure data transfer in MANETs between the source and the destination. As MANETs are unplanned networks and networks of instant communication, they are prone to attacks like disclosure, brute force attacks etc. In this paper we mainly concentrate on limiting the disclosure attacks in MANETs. Disclosure attack means that the network is monitored quietly without modifying it. The monitoring of network is possible only if the traffic is known. Hiding of traffic between the source and destination would prevent disclosure attacks in MANETs. To hide the traffic between the source and destination we must identify it. The traffic is identified using STARS(Statistical Traffic Pattern Discovery System for MANETs) technique. Using this technique, the traffic is made observable only for the intermediary nodes and the data is sent via intermediary nodes to the destination as single hop. The data which is sent as single hop by hop via intermediary nodes prevents the malicious node from knowing the original source and destination and thus preventing MANETs from disclosure attack.
Project Scheduling: Survey and Research PotentialsEditor IJCATR
project scheduling is very critical topic in project management. Resource constrained project scheduling problem (RCPSP) consists of activities that must be scheduled based on dependencies relationships and priorities of activities. In the recent years there have been many survey papers around the area of project scheduling, as many researchers developed both exact and heuristic scheduling schemes. This paper give an over view around the resource constrained project scheduling problem (RCPSP).
Secure Personal Health Records Using Encryption Editor IJCATR
In the dispersed world, health information is exchanged based on the patients Personal Health Records (PHRs). Due to this reason, the construction and maintenance are focused by data centers, which are used for persons to gain high cost. The cloud providers are used in most of the PHR services to outsource the PHRs, which are stored by third party. The privacy is main anxiety because the PHRs information is shared to third party servers and illegal parties. To avoid this problem and to provide the guarantee security for PHRs, the encryption is applied for all PHRs before it is outsourcing. After encryption is applied still few major issues are present such as, flexible access, scalability in key organizations and well organized user revocation. These are the residual important challenges. In this proposed system, a patient-centric model has been generated with appropriate mechanisms for accessing PHR which are stored in semi confidential servers. Here the Attribute Based Encryption technique is used to encrypt every patients PHR’s. To support on demand, user revocations are also enabled dynamically based on the variations of access policies or file attributes to improve the process.
Efficient Fuzzy-Based System for the Diagnosis and Treatment of Tuberculosis ...Editor IJCATR
The aim of this study is to design a FuzzyBased Expert System for Tuberculosis diagnosis
and Treatment. The designed system made use of General Hospital Adikpo, patient database. The system
has 18 input fields and five outputs field. Input fields are Chest pain (CP), cough duration (CD), fever
duration (FV), night sweats (NS), weight loss (WL), loss of appetite (LOA), change in bowel habits
(CBH), variations in mental behaviour (VMB), masses along the neck (MAN), draining sinus (DS),
coma (seizure) (CO), stiff Neck (SN), headache (HD), abdominal Pain (AP), painful or uncomfortable
urination (PU), hemopysis (coughing up blood) (CUB), fatigue (FA) and blood present in urine (BPU).
The output fields refers to the class/group of tuberculosis disease in the patient. This system uses
Mamdani inference method. The results obtained from designed system are compared with the data in
the database and observed results of designed system are correct. The system was designed with Java
(Jfuzzylogic), Microsoft visio (2013), mySql workbench, MySql database, JSP and XHML.
Consequences of Road Traffic Accident in Nigeria: Time Series Approach Editor IJCATR
Road traffic accident in Nigeria is increasing at a worrying rate and has raised one of the country major concerns. We provided appropriate and suitable time series model for the consequences of road accident, the injured, killed and total casualty of the road accident in Nigeria. The most widely used conventional method, Autoregressive Integrated Moving Average (ARIMA) model of time series, also known as Box-Jenkins method is applied to yearly data on the consequences of road accident data in Nigeria from 1960-2013 to determine patterns of road traffic accident consequences; injured, killed and total casualty of the road accident along the Nigeria motorway. Appropriate models are developed for the accident consequences; injured, killed and total casualty. ARIMA (0; 2; 1) model is obtained for the injury and total casualty consequences, whilst ARIMA(1,2,2) model is obtained for the killed consequences, using the data from 1960-2011. The adequacy and the performance of the model are tested on the remaining data from 2012 to 2013. Seven years forecast are provided using the developed models and showed that road traffic accident consequences examined; injured, killed and total casualty would continue to increase on average.
Real time implementation of the software system requires being more versatile. In the maintenance phase, the modified system under regression testing must assure that the existing system remains defect free. Test case prioritization technique of regression testing includes code as well as model based methods of prioritizing the test cases. System model based test case prioritization can detect the severe faults early as compare to the code based test case prioritization. Model based prioritization techniques based on requirements in a cost effective manner has not been taken for study so far. Model based testing used to test the functionality of the software system based on requirement. An effective model based approach is defined for prioritizing test cases and to generate the effective test sequence. The test cases are rescheduled based on requirement analysis and user view analysis. With the use of weighted approach the overall cost is estimated to test the functionality of the model elements. Here, the genetic approach has been applied to generate efficient test path. The regression cost in terms of effort has been reduced under model based prioritization approach.
Guarding Against Large-Scale Scrabble In Social NetworkEditor IJCATR
Generally, the botnet is one of the most dangerous threats in the network. It has number attackers in the network. The
attacker consists of DDOS attack, remote attack, etc., Bots perform perform repetitive tasks automatically or on a schedule over the
internet, tasks that would be too mundane or time-consuming for an actual person. But the botnets have stealthy behavior as they are
very difficult to identify. These botnets have to be identified and the internet have to be protected. Also the the activity of botnets must
be prevented to provide the users, a reliable service. The past of botnet detection has a transaction process which is not secure. A
efficient stastical data classifier is required to train the botent preventions system. To provide the above features clustering based
analysis is done. our approach can detect and profile various P2P applications rather than identifying a specific P2P application.
Anomaly based detection technique is used to obtain this goal.
Performance Evaluation using Blackboard Technique in Software ArchitectureEditor IJCATR
This document proposes an approach to evaluate software performance using the blackboard technique at the software architecture level. It begins by describing blackboard technique, performance modeling in UML, and timed colored Petri nets. It then outlines an algorithm to convert a UML model of a software architecture using blackboard technique into an executable timed colored Petri net model. This would allow evaluating non-functional requirements like response time at the architecture level before implementation. As a case study, it applies the method to a hotel reservation system modeled with UML diagrams and implemented using the blackboard technique. The performance is then evaluated by analyzing the resulting timed colored Petri net model.
A Privacy Preserving Attribute Based Access Control Mechanism In Distributed ...Editor IJCATR
We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous
authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user’s identity before
storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored
information. The scheme prevents replay attacks and supports creation, modification, and reading data stored in the cloud. We also
address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access
control schemes designed for clouds which are centralized. The communication, computation, and storage overheads are comparable
to centralized approaches.
Pricing Models for Cloud Computing Services, a SurveyEditor IJCATR
Recently, citizens and companies can access utility computing services by using Cloud Computing. These services such as
infrastructures, platforms and applications could be accessed on-demand whenever it is needed. In Cloud Computing, different types of
resources would be required to provide services, but the demands such as requests rates and user's requirements of these services and
the cost of the required resources are continuously varying. Therefore, Service Level Agreements would be needed to guarantee the
service's prices and the offered Quality of Services which are always dependable and interrelated to guarantee revenues maximization
for cloud providers as well as improve customers' satisfaction level. Cloud consumers are always searching for a cloud provider who
provides good service with the least price, so Cloud provider should use advanced technologies and frameworks to increase QoS, and
decrease cost. This paper provides a survey on cloud pricing models and analyzes the recent and relevant research in this field.
Implementation of Adaptive Digital Beamforming using CordicEditor IJCATR
This document summarizes an article that proposes implementing adaptive digital beamforming using the CORDIC (COordinate Rotation DIgital Computer) algorithm. It first provides background on beamforming, sonar imaging, and the CORDIC theory. It then describes the proposed work of using CORDIC-based beamforming in an underwater sonar system to detect objects and determine angles. The system would transmit beamformed data, generate beamformed data at the receiver, and then use an optimized CORDIC algorithm to eliminate interference and noise from the received data.
Information and communication Technology is a gateway through which large population of students has been addressed. Mobile learning technology the latest arrival highly changing the way the students learn, interact, access up to data information. It mainly satisfies the current and future generation which needs information at the earliest rather than later few touches. The World Wide Web acts as an interface in E- learning as well as in mobile learning (M-learning) environments. It supports and facilitates the delivery of teaching and learning materials. M-learning provides quality educational content with the help of semantic web technologies like Ontology. This study presents Mobile Learning framework for making efficient learning with a case study on cyber security.
A review botnet detection and suppression in cloudsAlexander Decker
This document provides a summary of a journal article that reviews techniques for detecting and suppressing botnets in cloud computing environments. It discusses how botnets pose a security threat and how cloud environments provide botmasters rich computing resources to deploy attacks. The document reviews literature on various botnet detection techniques including network-based, host-based, and those using intrusion detection system data. It also discusses an active analysis technique using honeypots and honeynets, and a passive analysis technique using darknets. Finally, it introduces a distributed botnet suppression system for clouds and a collaborative network security system to automatically detect and process botnet traffic across networks.
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. It has been implemented in VC++. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
MACHINE LEARNING AND DEEP LEARNING MODEL-BASED DETECTION OF IOT BOTNET ATTACKS.IRJET Journal
This document discusses machine learning and deep learning models for detecting IoT botnet attacks. It begins with an abstract that outlines the challenges of securing the growing number of IoT devices and describes how machine learning and deep learning techniques like LSTM RNN can be used to develop effective detection systems. The introduction provides background on botnets, distributed denial of service attacks, and the need for detection systems. The literature review then summarizes several previous works that used techniques such as Bayesian classifiers, random neural networks, decision trees, and other machine learning algorithms for attack detection. The methodology section outlines the general approach of anomaly-based intrusion detection systems and different learning methods. The experimental setup describes collecting and preprocessing data, feature extraction, model training and evaluation
Nowadays maintaining security in the networking domain is very important and essential since the network is hacked by the unauthorized people. There are various strategies and mechanism have been applied which provide the security to some extent. Most of these security mechanisms principles are similar to encryption and firewall. Even though this mechanism provides security, but these strategies are failed to detect the intrusions in which there is a need for development of new technology and it is known as Intrusion detection system. The Intrusion detection systems are used to identify the problems like unauthorized use, misuse and abuse of computer networking systems. Outside attackers are not only the problem, the threat of authorized users misusing and abusing their privileges is an equally pressing concern. Intrusion detection systems are used to analyze the event occurrence in a system with the goal to indicate security issues. An intrusion detection system display networked units and appears for anomalous or malicious conduct within the patterns of exercise within the audit stream.This paper studied the basic concepts of intrusion detection, its need, components and challenges.
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
End users are increasingly vulnerable to attacks directed at web browsers which make the most of popularity of today’s web services. While organizations deploy several layers of security to protect their systems and data against unauthorised access, surveys reveal that a large fraction of end users do not utilize and/or are not familiar with any security tools. End users’ hesitation and unfamiliarity with security products contribute vastly to the number of online DDoS attacks, malware and Spam distribution. This work on progress paper proposes a design focused on the notion of increased participation of internet service providers in protecting end users. The proposed design takes advantage of three different detection tools to identify the maliciousness of a website content and alerts users through utilising Internet Content Adaptation Protocol (ICAP) by an In-Browser cross-platform messaging system. The system also incorporates the users’ online behaviour analysis to minimize the scanning intervals of malicious websites database by client honeypots. Findings from our proof of concept design and other research indicate that such a design can provide a reliable hybrid detection mechanism while introducing low delay time into user browsing experience.
Malicious activities (malcodes) are self replicating
malware and a major security threat in a network environment.
Timely detection and system alert flags are very essential to
prevent rapid malcodes spreading in the network. The difficulty
in detecting malcodes is that they evolve over time. Despite the fact
that signature-based tools, are generally used to secure systems,
signature-based malcode detectors neglect to recognize muddled
and beforehand concealed malcode executables. Automatic signature
generation systems has likewise been use to address the issue
of malcodes, yet there are many works required for good detection.
Base on the behavior way of malcodes, a behavior approach is
required for such detection. Specifically, we require a dynamic
investigation and behavior Rule Base system that distinguishes
malcodes without erroneously block legitimate traffic or increase
false alarms. This paper proposed and discussed the approach
using Machine learning and Indicators of Compromise (IOC) to
analyze intrusion in a network, to identify the cause of the attack
and to provide future detection. This paper proposed the use of
behaviour malware analysis framework to analyze intrusion data,
apply clustering algorithm on the analyzed data and generate IOC
from the clustered data for IOCRule, which will be implemented
into Snort Intrusion Detection System (IDS) for malicious code
detection.
Optimized Intrusion Detection System using Deep Learning Algorithmijtsrd
A method and a system for the detection of an intrusion in a computer network compare the network traffic of the computer network at multiple different points in the network. In an uncompromised network the network traffic monitored at these two different points in the network should be identical. A network intrusion detection system is mostly place at strategic points in a network, so that it can monitor the traffic traveling to or from different devices on that network. The existing Software Defined Network SDN proposes the separation of forward and control planes by introducing a new independent plane called network controller. Machine learning is an artificial intelligence approach that focuses on acquiring knowledge from raw data and, based at least in part on the identified flow, selectively causing the packet, or a packet descriptor associated with the packet. The performance is evaluated using the network analysis metrics such as key generation delay, key sharing delay and the hash code generation time for both SDN and the proposed machine learning SDN. Prof P. Damodharan | K. Veena | Dr N. Suguna "Optimized Intrusion Detection System using Deep Learning Algorithm" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21447.pdf
Paper URL: https://www.ijtsrd.com/engineering/other/21447/optimized-intrusion-detection-system-using-deep-learning-algorithm/prof-p-damodharan
A Mitigation Technique For Internet Security Threat of Toolkits AttackCSCJournals
The development of attack toolkits conforms that cybercrime is driven primarily by financial motivations as noted from the significant profits made by both the developers and buyers. In this paper, an enhanced hybrid attack toolkit mitigation model was designed to tackle the economy of the attack toolkits using different techniques to discredit it. The mitigation looked into Zeus, a common and the most frequently used attack toolkit to discover the hidden information used by the attackers to launch attacks. This information helped in creating honey toolkits, honeybot and honeytokens. Honeybots are used to submit honeytoken to botmasters, who sells to the internet black market. Both the botmasters, his mules and buyers attempts to steal huge amount of money using the stolen credentials which includes both real and honeytokens and will be detected by an attack detector which sends an alert on any transaction involving the honeytokens. A reconfirmation process which is secured using enhanced RC6 cryptosystem is enacted. The reconfirmation message in plain text is securely encrypted into cipher text and transmitted from the bank to the legitimate account owner and vise visa. The result of the crypto analysis carried out on the encrypted text using RC6 encryption algorithm showed that the cipher text is not transparent.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document summarizes a proposed network attack alerting system that aims to reduce the large number of alerts generated by intrusion detection systems (IDS). The system uses both network-based and host-based IDS to detect attacks launched using the Backtrack attacking tools on a virtual network lab environment. Well-known open source security tools on the Security Onion Linux distribution are used to generate alerts. The system defines rules to identify important alert types and stores alerts in a database. It aims to eliminate redundant alerts for the same attack by analyzing attributes like source/destination IP and port. Alert severity levels are defined using threshold counts and times to classify alerts and help administrators respond appropriately.
This document discusses securing healthcare networks against cyber attacks. It proposes using intrusion detection systems to continuously monitor networks, firewalls to ensure endpoint devices comply with security policies, and biometrics for identity-based network access control. This would help protect patient privacy by safeguarding electronic health records and enhancing the security of hospital networks. The growing adoption of electronic records and devices in healthcare has increased risks of attacks that could intercept patient data or take over entire hospital networks. Strong network security measures are needed to address these risks.
A Comprehensive Review On Intrusion Detection System And TechniquesKelly Taylor
This document discusses machine learning techniques for intrusion detection systems (IDS). It provides an overview of the research progress using machine learning to improve intrusion detection in networks. Machine learning and data mining techniques have been widely used to automatically detect network traffic anomalies. The goal is to summarize and compare research contributions of IDS using machine learning, define existing challenges, and discuss anticipated solutions. Commonly used machine learning techniques for IDS are reviewed along with some existing machine learning-based IDS proposed by researchers.
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
The data that is stored on the computer may be confidential or
sensitive according to its applications or usage. The data must
be protected from unauthorized users. This paper analyses the
security attacks in a) stand-alone computers and b) in cloud
computing. A study of existing protective mechanisms is also
presented.
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET Journal
The document discusses a proposed method for detecting viruses and malware that evade existing antivirus software. It uses a combination of analyzing files with VirusTotal's database of known threats and applying natural language processing techniques like suffix trees and TF-IDF to identify malicious patterns in files. An evaluation shows the proposed method can detect viruses that existing antivirus and VirusTotal miss, achieving a 97% accuracy rate in testing.
The document provides an overview of cyber security concepts including definitions of cyber security, hackers, and types of cyber attacks such as web-based attacks, system-based attacks, and common attack methods like phishing, brute force attacks, and denial of service attacks. It also discusses cyber security defenses, tools, and strategies such as firewalls, antivirus software, intrusion detection systems, access controls, encryption, employee training, and security audits. Key terms like ports, IP addresses, port scanning, security operations centers (SOCs), zero-trust models, and ethical hacking are also defined.
Botnets are collections of internet-connected computers that are controlled by cybercriminals without the owners' knowledge. The document discusses how botnets work through command-and-control servers, the threats they pose such as distributed denial-of-service attacks and spam, and methods for detecting and preventing botnet infections and activity. It also analyzes the findings of a study on botnet technologies, including their propagation, exploits, evasion techniques, and implications for security research.
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
This document proposes a new framework for detecting HTTP botnets using an Artificial Immune System (AIS). AIS is a bio-inspired model that applies concepts from the human immune system to solve information security problems. The proposed framework uses AIS techniques to detect malicious activities like spamming and port scanning on networks infected with HTTP bots. Experimental evaluations showed the approach can successfully detect HTTP botnet activities with high efficiency and low false positive rates.
Survey on classification techniques for intrusion detectioncsandit
Intrusion detection is the most essential component
in network security. Traditional Intrusion
Detection methods are based on extensive knowledge
of signatures of known attacks. Signature-
based methods require manual encoding of attacks by
human experts. Data mining is one of the
techniques applied to Intrusion Detection that prov
ides higher automation capabilities than
signature-based methods. Data mining techniques suc
h as classification, clustering and
association rules are used in intrusion detection.
In this paper, we present an overview of
intrusion detection, KDD Cup 1999 dataset and detai
led analysis of different classification
techniques namely Support vector Machine, Decision
tree, Naïve Bayes and Neural Networks
used in intrusion detection.
Broadband network virus detection system based on bypass monitorUltraUploader
The document describes a Broadband Network Virus Detection System (VDS) based on bypass monitoring that can detect viruses on high-speed networks. The VDS uses four detection engines to analyze network traffic for viruses based on binary content, URLs, emails, and scripts. It accurately logs statistical information on detected viruses like name, source/target IPs, and spread frequency. The VDS mirrors network traffic to a detection engine in real-time without needing to reassemble packets into files. This allows it to efficiently detect viruses directly in network packets or data streams on gigabit-speed networks.
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...IIJSRJournal
With the rapid advancement of computer technology during the last couple of decades. Computer systems are commonly used in manufacturing, corporate, as well as other aspects of human living. As a result, constructing dependable infrastructures is a major challenge for IT managers. On the contrary side, this same rapid advancement of technology has created numerous difficulties in building reliable networks which are challenging tasks. There seem to be numerous varieties of attacks that affect the accessibility, authenticity, as well as secrecy of communications systems. In this paper, an in-depth and all-inclusive description of artificial intelligence methods used for the detection of network intrusions is discussed in detail.
Similar to Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks (20)
Text Mining in Digital Libraries using OKAPI BM25 ModelEditor IJCATR
The emergence of the internet has made vast amounts of information available and easily accessible online. As a result, most libraries have digitized their content in order to remain relevant to their users and to keep pace with the advancement of the internet. However, these digital libraries have been criticized for using inefficient information retrieval models that do not perform relevance ranking to the retrieved results. This paper proposed the use of OKAPI BM25 model in text mining so as means of improving relevance ranking of digital libraries. Okapi BM25 model was selected because it is a probability-based relevance ranking algorithm. A case study research was conducted and the model design was based on information retrieval processes. The performance of Boolean, vector space, and Okapi BM25 models was compared for data retrieval. Relevant ranked documents were retrieved and displayed at the OPAC framework search page. The results revealed that Okapi BM 25 outperformed Boolean model and Vector Space model. Therefore, this paper proposes the use of Okapi BM25 model to reward terms according to their relative frequencies in a document so as to improve the performance of text mining in digital libraries.
Green Computing, eco trends, climate change, e-waste and eco-friendlyEditor IJCATR
This document discusses green computing practices and sustainable IT services. It provides an overview of factors driving adoption of green computing to reduce costs and environmental impact of data centers, such as rising energy costs and density. Green strategies discussed include improving infrastructure efficiency, power management, thermal management, efficient product design, and virtualization to optimize resource utilization. The document examines how green computing aims to lower costs and environmental footprint, and how sustainable IT services take a broader approach considering economic, environmental and social impacts.
Policies for Green Computing and E-Waste in NigeriaEditor IJCATR
Computers today are an integral part of individuals’ lives all around the world, but unfortunately these devices are toxic to the environment given the materials used, their limited battery life and technological obsolescence. Individuals are concerned about the hazardous materials ever present in computers, even if the importance of various attributes differs, and that a more environment -friendly attitude can be obtained through exposure to educational materials. In this paper, we aim to delineate the problem of e-waste in Nigeria and highlight a series of measures and the advantage they herald for our country and propose a series of action steps to develop in these areas further. It is possible for Nigeria to have an immediate economic stimulus and job creation while moving quickly to abide by the requirements of climate change legislation and energy efficiency directives. The costs of implementing energy efficiency and renewable energy measures are minimal as they are not cash expenditures but rather investments paid back by future, continuous energy savings.
Performance Evaluation of VANETs for Evaluating Node Stability in Dynamic Sce...Editor IJCATR
Vehicular ad hoc networks (VANETs) are a favorable area of exploration which empowers the interconnection amid the movable vehicles and between transportable units (vehicles) and road side units (RSU). In Vehicular Ad Hoc Networks (VANETs), mobile vehicles can be organized into assemblage to promote interconnection links. The assemblage arrangement according to dimensions and geographical extend has serious influence on attribute of interaction .Vehicular ad hoc networks (VANETs) are subclass of mobile Ad-hoc network involving more complex mobility patterns. Because of mobility the topology changes very frequently. This raises a number of technical challenges including the stability of the network .There is a need for assemblage configuration leading to more stable realistic network. The paper provides investigation of various simulation scenarios in which cluster using k-means algorithm are generated and their numbers are varied to find the more stable configuration in real scenario of road.
Optimum Location of DG Units Considering Operation ConditionsEditor IJCATR
The optimal sizing and placement of Distributed Generation units (DG) are becoming very attractive to researchers these days. In this paper a two stage approach has been used for allocation and sizing of DGs in distribution system with time varying load model. The strategic placement of DGs can help in reducing energy losses and improving voltage profile. The proposed work discusses time varying loads that can be useful for selecting the location and optimizing DG operation. The method has the potential to be used for integrating the available DGs by identifying the best locations in a power system. The proposed method has been demonstrated on 9-bus test system.
Analysis of Comparison of Fuzzy Knn, C4.5 Algorithm, and Naïve Bayes Classifi...Editor IJCATR
Early detection of diabetes mellitus (DM) can prevent or inhibit complication. There are several laboratory test that must be done to detect DM. The result of this laboratory test then converted into data training. Data training used in this study generated from UCI Pima Database with 6 attributes that were used to classify positive or negative diabetes. There are various classification methods that are commonly used, and in this study three of them were compared, which were fuzzy KNN, C4.5 algorithm and Naïve Bayes Classifier (NBC) with one identical case. The objective of this study was to create software to classify DM using tested methods and compared the three methods based on accuracy, precision, and recall. The results showed that the best method was Fuzzy KNN with average and maximum accuracy reached 96% and 98%, respectively. In second place, NBC method had respective average and maximum accuracy of 87.5% and 90%. Lastly, C4.5 algorithm had average and maximum accuracy of 79.5% and 86%, respectively.
Web Scraping for Estimating new Record from Source SiteEditor IJCATR
Study in the Competitive field of Intelligent, and studies in the field of Web Scraping, have a symbiotic relationship mutualism. In the information age today, the website serves as a main source. The research focus is on how to get data from websites and how to slow down the intensity of the download. The problem that arises is the website sources are autonomous so that vulnerable changes the structure of the content at any time. The next problem is the system intrusion detection snort installed on the server to detect bot crawler. So the researchers propose the use of the methods of Mining Data Records and the method of Exponential Smoothing so that adaptive to changes in the structure of the content and do a browse or fetch automatically follow the pattern of the occurrences of the news. The results of the tests, with the threshold 0.3 for MDR and similarity threshold score 0.65 for STM, using recall and precision values produce f-measure average 92.6%. While the results of the tests of the exponential estimation smoothing using ? = 0.5 produces MAE 18.2 datarecord duplicate. It slowed down to 3.6 datarecord from 21.8 datarecord results schedule download/fetch fix in an average time of occurrence news.
Evaluating Semantic Similarity between Biomedical Concepts/Classes through S...Editor IJCATR
Most of the existing semantic similarity measures that use ontology structure as their primary source can measure semantic similarity between concepts/classes using single ontology. The ontology-based semantic similarity techniques such as structure-based semantic similarity techniques (Path Length Measure, Wu and Palmer’s Measure, and Leacock and Chodorow’s measure), information content-based similarity techniques (Resnik’s measure, Lin’s measure), and biomedical domain ontology techniques (Al-Mubaid and Nguyen’s measure (SimDist)) were evaluated relative to human experts’ ratings, and compared on sets of concepts using the ICD-10 “V1.0” terminology within the UMLS. The experimental results validate the efficiency of the SemDist technique in single ontology, and demonstrate that SemDist semantic similarity techniques, compared with the existing techniques, gives the best overall results of correlation with experts’ ratings.
Semantic Similarity Measures between Terms in the Biomedical Domain within f...Editor IJCATR
The techniques and tests are tools used to define how measure the goodness of ontology or its resources. The similarity between biomedical classes/concepts is an important task for the biomedical information extraction and knowledge discovery. However, most of the semantic similarity techniques can be adopted to be used in the biomedical domain (UMLS). Many experiments have been conducted to check the applicability of these measures. In this paper, we investigate to measure semantic similarity between two terms within single ontology or multiple ontologies in ICD-10 “V1.0” as primary source, and compare my results to human experts score by correlation coefficient.
A Strategy for Improving the Performance of Small Files in Openstack Swift Editor IJCATR
This is an effective way to improve the storage access performance of small files in Openstack Swift by adding an aggregate storage module. Because Swift will lead to too much disk operation when querying metadata, the transfer performance of plenty of small files is low. In this paper, we propose an aggregated storage strategy (ASS), and implement it in Swift. ASS comprises two parts which include merge storage and index storage. At the first stage, ASS arranges the write request queue in chronological order, and then stores objects in volumes. These volumes are large files that are stored in Swift actually. During the short encounter time, the object-to-volume mapping information is stored in Key-Value store at the second stage. The experimental results show that the ASS can effectively improve Swift's small file transfer performance.
Integrated System for Vehicle Clearance and RegistrationEditor IJCATR
Efficient management and control of government's cash resources rely on government banking arrangements. Nigeria, like many low income countries, employed fragmented systems in handling government receipts and payments. Later in 2016, Nigeria implemented a unified structure as recommended by the IMF, where all government funds are collected in one account would reduce borrowing costs, extend credit and improve government's fiscal policy among other benefits to government. This situation motivated us to embark on this research to design and implement an integrated system for vehicle clearance and registration. This system complies with the new Treasury Single Account policy to enable proper interaction and collaboration among five different level agencies (NCS, FRSC, SBIR, VIO and NPF) saddled with vehicular administration and activities in Nigeria. Since the system is web based, Object Oriented Hypermedia Design Methodology (OOHDM) is used. Tools such as Php, JavaScript, css, html, AJAX and other web development technologies were used. The result is a web based system that gives proper information about a vehicle starting from the exact date of importation to registration and renewal of licensing. Vehicle owner information, custom duty information, plate number registration details, etc. will also be efficiently retrieved from the system by any of the agencies without contacting the other agency at any point in time. Also number plate will no longer be the only means of vehicle identification as it is presently the case in Nigeria, because the unified system will automatically generate and assigned a Unique Vehicle Identification Pin Number (UVIPN) on payment of duty in the system to the vehicle and the UVIPN will be linked to the various agencies in the management information system.
Assessment of the Efficiency of Customer Order Management System: A Case Stu...Editor IJCATR
The Supermarket Management System deals with the automation of buying and selling of good and services. It includes both sales and purchase of items. The project Supermarket Management System is to be developed with the objective of making the system reliable, easier, fast, and more informative.
Energy-Aware Routing in Wireless Sensor Network Using Modified Bi-Directional A*Editor IJCATR
Energy is a key component in the Wireless Sensor Network (WSN)[1]. The system will not be able to run according to its function without the availability of adequate power units. One of the characteristics of wireless sensor network is Limitation energy[2]. A lot of research has been done to develop strategies to overcome this problem. One of them is clustering technique. The popular clustering technique is Low Energy Adaptive Clustering Hierarchy (LEACH)[3]. In LEACH, clustering techniques are used to determine Cluster Head (CH), which will then be assigned to forward packets to Base Station (BS). In this research, we propose other clustering techniques, which utilize the Social Network Analysis approach theory of Betweeness Centrality (BC) which will then be implemented in the Setup phase. While in the Steady-State phase, one of the heuristic searching algorithms, Modified Bi-Directional A* (MBDA *) is implemented. The experiment was performed deploy 100 nodes statically in the 100x100 area, with one Base Station at coordinates (50,50). To find out the reliability of the system, the experiment to do in 5000 rounds. The performance of the designed routing protocol strategy will be tested based on network lifetime, throughput, and residual energy. The results show that BC-MBDA * is better than LEACH. This is influenced by the ways of working LEACH in determining the CH that is dynamic, which is always changing in every data transmission process. This will result in the use of energy, because they always doing any computation to determine CH in every transmission process. In contrast to BC-MBDA *, CH is statically determined, so it can decrease energy usage.
Security in Software Defined Networks (SDN): Challenges and Research Opportun...Editor IJCATR
In networks, the rapidly changing traffic patterns of search engines, Internet of Things (IoT) devices, Big Data and data centers has thrown up new challenges for legacy; existing networks; and prompted the need for a more intelligent and innovative way to dynamically manage traffic and allocate limited network resources. Software Defined Network (SDN) which decouples the control plane from the data plane through network vitalizations aims to address these challenges. This paper has explored the SDN architecture and its implementation with the OpenFlow protocol. It has also assessed some of its benefits over traditional network architectures, security concerns and how it can be addressed in future research and related works in emerging economies such as Nigeria.
Measure the Similarity of Complaint Document Using Cosine Similarity Based on...Editor IJCATR
Report handling on "LAPOR!" (Laporan, Aspirasi dan Pengaduan Online Rakyat) system depending on the system administrator who manually reads every incoming report [3]. Read manually can lead to errors in handling complaints [4] if the data flow is huge and grows rapidly, it needs at least three days to prepare a confirmation and it sensitive to inconsistencies [3]. In this study, the authors propose a model that can measure the identities of the Query (Incoming) with Document (Archive). The authors employed Class-Based Indexing term weighting scheme, and Cosine Similarities to analyse document similarities. CoSimTFIDF, CoSimTFICF and CoSimTFIDFICF values used in classification as feature for K-Nearest Neighbour (K-NN) classifier. The optimum result evaluation is pre-processing employ 75% of training data ratio and 25% of test data with CoSimTFIDF feature. It deliver a high accuracy 84%. The k = 5 value obtain high accuracy 84.12%
Hangul Recognition Using Support Vector MachineEditor IJCATR
The recognition of Hangul Image is more difficult compared with that of Latin. It could be recognized from the structural arrangement. Hangul is arranged from two dimensions while Latin is only from the left to the right. The current research creates a system to convert Hangul image into Latin text in order to use it as a learning material on reading Hangul. In general, image recognition system is divided into three steps. The first step is preprocessing, which includes binarization, segmentation through connected component-labeling method, and thinning with Zhang Suen to decrease some pattern information. The second is receiving the feature from every single image, whose identification process is done through chain code method. The third is recognizing the process using Support Vector Machine (SVM) with some kernels. It works through letter image and Hangul word recognition. It consists of 34 letters, each of which has 15 different patterns. The whole patterns are 510, divided into 3 data scenarios. The highest result achieved is 94,7% using SVM kernel polynomial and radial basis function. The level of recognition result is influenced by many trained data. Whilst the recognition process of Hangul word applies to the type 2 Hangul word with 6 different patterns. The difference of these patterns appears from the change of the font type. The chosen fonts for data training are such as Batang, Dotum, Gaeul, Gulim, Malgun Gothic. Arial Unicode MS is used to test the data. The lowest accuracy is achieved through the use of SVM kernel radial basis function, which is 69%. The same result, 72 %, is given by the SVM kernel linear and polynomial.
Application of 3D Printing in EducationEditor IJCATR
This paper provides a review of literature concerning the application of 3D printing in the education system. The review identifies that 3D Printing is being applied across the Educational levels [1] as well as in Libraries, Laboratories, and Distance education systems. The review also finds that 3D Printing is being used to teach both students and trainers about 3D Printing and to develop 3D Printing skills.
Survey on Energy-Efficient Routing Algorithms for Underwater Wireless Sensor ...Editor IJCATR
In underwater environment, for retrieval of information the routing mechanism is used. In routing mechanism there are three to four types of nodes are used, one is sink node which is deployed on the water surface and can collect the information, courier/super/AUV or dolphin powerful nodes are deployed in the middle of the water for forwarding the packets, ordinary nodes are also forwarder nodes which can be deployed from bottom to surface of the water and source nodes are deployed at the seabed which can extract the valuable information from the bottom of the sea. In underwater environment the battery power of the nodes is limited and that power can be enhanced through better selection of the routing algorithm. This paper focuses the energy-efficient routing algorithms for their routing mechanisms to prolong the battery power of the nodes. This paper also focuses the performance analysis of the energy-efficient algorithms under which we can examine the better performance of the route selection mechanism which can prolong the battery power of the node
Comparative analysis on Void Node Removal Routing algorithms for Underwater W...Editor IJCATR
The designing of routing algorithms faces many challenges in underwater environment like: propagation delay, acoustic channel behaviour, limited bandwidth, high bit error rate, limited battery power, underwater pressure, node mobility, localization 3D deployment, and underwater obstacles (voids). This paper focuses the underwater voids which affects the overall performance of the entire network. The majority of the researchers have used the better approaches for removal of voids through alternate path selection mechanism but still research needs improvement. This paper also focuses the architecture and its operation through merits and demerits of the existing algorithms. This research article further focuses the analytical method of the performance analysis of existing algorithms through which we found the better approach for removal of voids
Decay Property for Solutions to Plate Type Equations with Variable CoefficientsEditor IJCATR
In this paper we consider the initial value problem for a plate type equation with variable coefficients and memory in
1 n R n ), which is of regularity-loss property. By using spectrally resolution, we study the pointwise estimates in the spectral
space of the fundamental solution to the corresponding linear problem. Appealing to this pointwise estimates, we obtain the global
existence and the decay estimates of solutions to the semilinear problem by employing the fixed point theorem
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfTechgropse Pvt.Ltd.
In this blog post, we'll delve into the intersection of AI and app development in Saudi Arabia, focusing on the food delivery sector. We'll explore how AI is revolutionizing the way Saudi consumers order food, how restaurants manage their operations, and how delivery partners navigate the bustling streets of cities like Riyadh, Jeddah, and Dammam. Through real-world case studies, we'll showcase how leading Saudi food delivery apps are leveraging AI to redefine convenience, personalization, and efficiency.
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks
1. International Journal of Computer Applications Technology and Research
Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656
www.ijcat.com 103
Malware Hunter: Building an Intrusion Detection System
(IDS) to Neutralize Botnet Attacks
R. Kannan
Department of Computer Science
Sri Ramakrishna Mission Vidyalaya
College of Arts and Science
Coimbatore ,Tamilnadu,India.
A.V.Ramani
Department of Computer Science
Sri Ramakrishna Mission Vidyalaya
College of Arts and Science
Coimbatore ,Tamilnadu,India
Abstract: Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded
threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user
interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control
remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are
remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to
the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central
server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in
new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets
are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an
Enterprise Network
This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of
component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter. This system
is built on attack graph-based analytical models based on classification process and reconfigurable through update solutions to virtual
network-based countermeasures.
Key words: IRC, IDS, Anomaly, Countermeasure, Denial of Service.
1. INTRODUCTION
Network security consists of the requirements
and policies adopted by a network administrator to prevent
and monitor various forms of intrusion and attacks on
services obtained via Net[2]. To access the data over network,
an efficient authentication is needed which is provided and
verified by the administrators. The user gets user
identification and password to get access to the targeted
network. The network security encompasses all types of
networks including private ones[9]. All types of transactions
whether public or private such as government services,
business activities etc need security for their data and other
resources of a computer network. The Network security
system secures and protects the net based resources. The
proposed framework leverages hierarchical models to build a
monitoring and control process to classify the network traffic
data to the virtual machine to significantly improve attack
detection and mitigate attack consequences[8].
1.1 Problem Definition:
Data and Network security is one of most important
area that has attracted a lot of research and development effort
in recent times, particularly, in the area of cloud data
protection. The vital information of all types have to be
secured against attackers to prevent from exploring the
vulnerabilities of a cloud system and prevent them from
compromising the virtual machines by deploying a large-scale
Distributed Denial-of-Service (DDoS) system. DDoS attacks
usually involve early stage actions such as multistep
exploitation, scanning, and convert the virtual machines and
do attacks through the compromised machine (zombies)
which have been taken over by botmasters to hide from
detection. In the cloud also, i.e IaaS cloud[2], the detection is
difficult in case of attack with novel characteristics. This is
because cloud users may have installed vulnerable
applications on their virtual machines.
1.2 Botnet
A botnet is a collection of Internet-connected
programs communicating with other similar programs in order
to perform tasks. This can be of any type such as taking
control of an Internet Relay Chat (IRC) channel or sending of
spam mail or participation in DDoS attacks. Botnet is a name
constructed by joining the terms robot and network[3][4].
There are many types of attacks and detection systems with
the malware help. The classification of attacks are as given
below
In DDoS attacks, various sources submit multiple
requests to a single Internet based accessible point and
overload it with fake request and prevent the point from
accessing needed data For instance if a phone number
which tries to connect to internet[1][9]
Adware intrusion hides the original advertisements with
fake ones on web pages
Spyware is software which sends information to its
creators about the activities of the users. Compromised
systems exist in an establishment network can be useful
since they possess information useful for the
2. International Journal of Computer Applications Technology and Research
Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656
www.ijcat.com 104
organization. The valuable data are stolen by these
spywares and misused by the intruders
E-mail spam contain advertisements and malicious
contents.
When a false web traffic is generated for some gain it is
called Click fraud [9].
Fast flux is a DoS attack the botnet uses to hide the
phishing and malware delivery sites behind an ever-
changing network of compromised hosts acting as
proxies.
Brute is way of making remote machine services such
as FTP,
Worms. The botnet focuses on recruiting other hosts.
Scare ware is software that is marketed by exploiting the
fear of users. This kind of scare ware make the attacked
computer as a bot and induce the user to buy a rogue
anti-virus to regain access to their computer.[9]
An intrusion detection system (IDS) is an
application program that monitors network and system
functioning for malicious activities or policy violations and
produces reports to a server which supervises it. Various
methods are adopted to detect traffic which are suspicious in
nature. Generally the IDS are classified in to two, namely
Network based detection system (NIDS) and host based
detection systems (HIDS). The Intrusion detection and
prevention systems (IDPS) concentrate on identifying possible
incidents of logging information about them and inform the
attack attempts.
Types of Intrusion Detection system
1) Network Intrusion Detection Systems:
Network Intrusion Detection Systems (NIDS) are
placed at a strategic point or points i.e in between the server to
which the system connected and to the Internet. It analyses the
traffic and matches the traffic that is passed on the subnets to
the library of earlier attacks. On finding the attack it alerts the
administrator[2][3].
2) Host Intrusion Detection Systems
Host Intrusion Detection Systems (HIDS) run on
individual hosts or devices connected to network. A Host
Intrusion Detection Systems scans the data and will alert the
user or administrator of suspicious activity is detected. It
compares the existing system files with the earlier files. If any
mismatch is found it alerts the administrator. The example of
the Host Intrusion Detection Systems are useful in the mission
critical machines that are not expected to change their
configuration. The HIDS (Host Intrusion Detection Systems)
can be customised to the specific needs of systems.
Statistical Detection Techniques used in
Intrusion Detection System
A. Statistical anomaly-based IDS
An Intrusion Detection System (IDS) which is
structured on anomaly will monitor network traffic and
compare it with standards. The Intrusion Detection System
will find the deviations from the standards for the network and
other parameters such as protocol, bandwidth and allied
devices and alert the administrator or user when traffic is
detected which is anomalous or different to significant level
than the preset standard. However there is a possibility for
False alerts even for a legitimate use of bandwidth if the
baselines are not intelligently configured.[2]
B. Signature-based IDS
A signature based IDS will monitor packets on the network
and compare them against a database of signatures or
attributes from identified threats. This kind of antivirus
program detects malwares in this way only. The real problem
is identifying the fresh threats and the signature for detecting
that threat being applied to Intrusion Detection System.
Hence identifying new threats will be a problem [4] in this
method of detection.
Problem Objective:
However, all the above threats fall in to the category
of Botnet. This study proposes a new solution to mitigate the
malicious activities of botnet attacks through a detection
mechanism and gives a strategy for counter. To prevent attack
on virtual machines which exist in the cloud, a multistage
distributed attack detection system through the Principle of
component analysis of each traffic data, measurement and
countermeasure selection mechanism called Malware Hunter.
This system is built on attack graph-based analytical models
based on classification process and reconfigurable through
update solutions to virtual network-based countermeasures.
The proposed framework leverages hierarchical models to
build a monitoring system and control process to classify the
network traffic data to the virtual machine to significantly
improve attack detection and to eliminate risk.
2. SURVEY OF LITERATURE
2.1. Detection of Spam Zombies
This study focuses on compromising of the
machines which is one of the key security threats on the
Internet. This technique is used in preventing various forms of
security attack. The attack of spamming provides an economic
incentive for attackers to recruit the large number of
compromised machines, here the aim is to focus on the
detection of the compromised machines in a network that send
spam, which are called as spam zombies. The development of
a good spam zombie detection procedure named SPOT by
monitoring outgoing messages from network. SPOT is system
designed and named based on a powerful statistical tool
Sequential Probability Ratio Test. Additionally, the
performance evaluation of SPOT using a two-month e-mail
trace.
The evaluation studies show that SPOT is an
effective and efficient system in automatically detecting
compromised machines. For instance, among the given IP
addresses which were observed in tracing e-mails, SPOT
identified more than one quarter were connected to bots. Of
these bots except very few could be confirmed independently
and these few were with possibility for attack. Further the
SPOT failed to detect only seven machines in the process of
tracing. In fact SPOT out performed, other two detection
3. International Journal of Computer Applications Technology and Research
Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656
www.ijcat.com 105
algorithms which used the method of comparing number and
percentage of spam messages enter, efficiently.
2.2. Detecting Malware Infection through
IDS-driven Dialog Correlation
In this study, a new kind of ―Network perimeter
monitoring strategy‖, was used to check the correspondence
during the period of an infected system. Monitoring system is
process developed to track the two-way communication flows
between internal assets and external systems that match a
state-based modeled on sequence of infection. It consists of a
correlation engine that is driven by three malware-focused
―network packet sensors‖, to find malware infection in
various forms and activities and to prevent attacks on external
systems
The Monitoring system finds such internal external
system links and indicates that there is an infection in the
local computer(s). The Monitoring system matches infection
dialog model with actual infection, generates a report and lists
out the relevant events and event sources that played a role in
the infection process. The method of analytical strategy
matches the flow of correspondence between the intra and the
Internet. This contrasts the strategy to other intrusion
detection and alert methods. Here the results are given using
Monitoring system in both virtual and live testing
environments and discuss our Internet release of the
Monitoring system prototype. The monitoring system is made
available for operational use and to help stimulate research in
understanding the life cycle of malware infections.
2.3. Scalable, graph-based network
vulnerability analysis
Well secured networks are also vulnerable
frequently due to constant innovation by attackers. New
combinations of exploits are innovative ways through which
attackers do attacks. The researchers forth a multiple graph-
based algorithms in the form of trees/graph attacks. The
proposed trees/graphs consider all possible types of attacks to
penetrate in to a system or network, using previous exploits
also.
The latest approach uses a modified version of the
model checker NuSMV as a powerful inference engine for
chaining together network exploits, already happened. In this
study the researchers argued that the method gave more data
than actual need for analysis and its ability to handle bigger
size of networks and they proposed a representation compact
size and scalable.
They claimed that it was possible to produce attack
trees from their representation with even more information for
bigger networks, even when they if they do not go through
attack tree. The claim of them stated that attacker can bypass
backtracking. This assumption eliminated the need for
analysis at higher level unnecessarily and made larger
network within the reach of analysis.
2.4. MulVAL(Multivalue): A Logic- Based
Network Security Analyzer
This study determines the security impact software
vulnerabilities on a particular network, and considers
interactions among multiple network elements. For a useful
vulnerability analysis tool there are two factors to be taken in
to consideration namely, the ability to integrate the given
vulnerability specifications automatically from bug-reporters
and the scalability with larger networks. They proposed to
develop MulVAL, a overall framework to conduct the
analysis of vulnerability on multiple hosts and multiple stages
on networks. The MulVAL adopts Data log as the modeling
language for the elements in the analysis in specification of
bugs, describes the configuration defines rules for reasoning
to find malware, getting permission of OS and provide model
for privileges etc. They leveraged the vulnerability-database
existed and scanned tools by expressing their output in Data
log and feeding it to their MulVAL reasoning engine. The
collection of information helps to analyze in a shorter span of
time even for larger networks.
2.5. Scalable Optimal Countermeasure
Selection Using Implicit Enumeration on
Attack Countermeasure Trees
The constraints, on the basis of investment cost on
security preclude a security decision maker from
implementing all possible measures to counter. Present
security optimization strategies based on analytical model do
not prevail for the following reasons:
(i) No method provides an optimal security solution in
the absence of probability assignments to the model.
(ii) When size of network grows, the efficiency of the
tool decreases
(iii) The methods which follow attack trees (AT)
normally do not allow for the inclusion of countermeasures
On the other hand the non-state-space model (e.g., attack
response tree) responses are modified in to state-space model
and cause state-space explosion.
This researcher proposes a new AT paradigm and
named it attack countermeasure tree (ACT) whose structure
takes into account attacks as well as countermeasures (in the
form of detection and mitigating attack events). They used
techniques of branch and bound, greedy method etc to study
multiple objective functions with goals such as minimizing
the number of countermeasures, the cost of security of ACT
and maximizing the benefit from implementing a certain
countermeasure set in the ACT under various constraints.
They formed every problem of optimization as an integer
programming problem which also allowed them to find
optimal solution even in the absence of probability
assignments to the model. Their method of scales suited for
larger ACTs and they compared its efficiency with other
approaches.
4. International Journal of Computer Applications Technology and Research
Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656
www.ijcat.com 106
3. METHODOLOGY
Intranet / Internet/ Cloud/Virtual Server
Client-Server/ PC
Fire Wall
Fig 1: Architecture Diagram of the Malware Hunter
Establishment of a Host and Network layer to monitor the
Network
Host based intrusion detection [3] system is
modeled to capture the attack to the host through monitoring
and prediction process. In fig 2, the architecture for the
proposed security model has been shown.
Fig: 2 Architecture of Network Based Intrusion Detection
System (IDS)
Threats faced by the applications can be categorized
based on the goals and purposes of the attacks. A through
exposure to the forms and purposes of threats put a person in
an advantageous position in detecting the threats and
neutralize them.
The properties of attack and Identification
of various forms of attack.
Network performance is abnormally slow (when files are
opened or access to web sites)[9]
Non availability of access to a given web site
Inability to access any web site
Increase in count of the number of spam emails
received—(this type of DoS attack is considered an e-mail
bomb)
Frequent Disconnection to Internet
Denial of Internet access to the Net[10].
Denial-of-service attacks can also lead to problems
in the network 'branches' around the target computer. For
instance, if a router of a LAN and Internet is attacked, it may
compromise all the computers connected to the Network. In
case of larger scale attacks, Networks at regional level may be
infected, irrespective of the intention of the attackers.
Procedure 1: Reading the File through
Buffer Reader
Step 1: Start
Step 2: Create a File
Step 3: Copying the File & then it will compare with each
node & Reading the List.
Step 4: Condition is checked, it’s true it will attach the file in
to buffer reader.
Step 5: If it’s False then copy the file into Buffer.
Step 6: File will be monitored.
Procedure 2: Reading and Writing a file in
Buffer
Step 1: Start
Step 2: Create a File
Step 3: Copying the File, Then it will compare with each node
& reading the list
Step 4: Condition is checked, it is true it will attach the file
into buffer writer
Step 5: If it’s false, then malware type will be stored in buffer
writer
Formatting the threat forms
Novel threats in the network and host system is
difficult to identify due to the changing strategy of attackers.
An efficient novel attack detection system has the
characteristics of each event (i.e., the pockets of IP / the TCP
connection) such as payload strings and induction of
conditional rules which have a very low probability of being
violated shall be framed[3][4].
Learning Rules for anomaly detection
1. We extend the network traffic model to include
needed quantum of attributes and payload application.
2. We introduce a non-stationary model, in which the
event probability (an attribute having some value) depends on
the time of its most recent happening.
3. We introduce an efficient algorithm for selecting
good rules for anomaly detection from a rule space that is
exponentially large in the number of attributes.
4. RESULT AND ANALYSIS
The system against botnet and DOS attacks which
are shown below. Most of the attacks shown with some
evidence, so here the results are simplified and report the
detections.
User
Malware Hunter
List of threats proposed
DDos Attacks
Adware intrusion
Spyware
E-mail
Click fraud
Fast Flux
Brute
Worms
Scare ware etc..
As per User Need
No Yes
To the
User/Request
To Library /
for Rejection
5. International Journal of Computer Applications Technology and Research
Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656
www.ijcat.com 107
It illustrates how to dynamically add malware
behaviors. In each system call concerned, we set up needed
checkpoints and each of these check points is responsible for
checking the behaviors belonging to the same operation with
the support of a modifiable behavior list in memory.
The performance results provide us a benchmark
for the given hardware setup and shows how much traffic can
be handled by using a single detection area. Construction of a
distributed model to scale up to a data center-level IDS is
needed.
Fig 3: Detection Accuracy of the Malware Hunter
Data Recovery process
Fig 4: Rate of data recovery
5. CONCLUSION
The results show that the Detection of Accuracy of
the Malware hunter in multiphase distributed vulnerability
detection through the Principle of component analysis. Each
traffic data is under the dynamic attack evolution capacity and
countermeasure selection mechanism called Malware Hunter
which uses graph-based analytical model for its formation,
uses the classification and reconfigurable process against
update solutions to virtual network-based counter measures.
The classification is done using the principle component
analysis to establish the efficient detection mechanism against
various types of attacks. The modeling parameters have been
constructed for attack detection solutions of botnet attacks.
The framework proposed provides hierarchical models to
build a monitor and control process to classify the network
traffic data to the virtual machine to significantly improve
attack detection and mitigate attack consequences. Hence
malware hunter achieves the good detection performance
against all types of network and host based intrusion evolving.
6. ACKNOWLEDGMENT
I would like to express my deep thankful to
Dr.A.V.RAMANI, M.Sc.M.PhIl.Ph.D Head & Guide,
Department of Computer Science, Sri Ramakrishna Mission
Vidyalaya college of Arts and Science, Coimbatore for his
valuable guidance and encouragement throughout the paper
and providing necessary facilities to this work.
7. REFERENCES
[1] Z. Duan, P. Chen, F. Sanchez, Y. Dong, M. Stephenson,
and J. Barker, ―Detecting Spam Zombies by Monitoring
Outgoing Messages,‖ IEEE Trans. Dependable and Secure
Computing, vol. 9, no. 2, pp. 198-210, Apr. 2012.
[2] NICE: Network Intrusion Detection and
Countermeasure selection in Virtual Network
Systems, Ritika Saroha and Sunita, International Journal of
Computer Science Engineering and Technology( IJCSET) |
May 2014 | Vol 4, Issue 5,158-160, ISSN : 2231- 0711
[3] G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee,
―BotHunter: Detecting Malware Infection through IDS-driven
Dialog Correlation,‖ Proc. 16th USENIX Security Symp. (SS
’07), pp. 12:1-12:16, Aug. 2007.
[4] G. Gu, J. Zhang, and W. Lee, ―BotSniffer: Detecting
Botnet Command and Control Channels in Network Traffic,‖
Proc. 15th
Ann. Network and Distributed Sytem Security
Symp. (NDSS ’08), Feb. 2008.
[5] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M.
Wing, ―Automated Generation and Analysis of Attack
Graphs,‖ Proc. IEEE Symp. Security and Privacy, pp. 273-
284, 2002,
[6] ―NuSMV: A New Symbolic Model Checker,‖
http://afrodite.itc. it:1024/nusmv. Aug. 2012. R. Sadoddin and
A. Ghorbani, ―Alert Correlation Survey: Framework and
Techniques,‖ Proc. ACM Int’l Conf. Privacy, Security and
Trust: Bridge the Gap between PST Technologies and
Business Services (PST ’06), pp. 37:1-37:10, 2006.
[7] L. Wang, A. Liu, and S. Jajodia, ―Using Attack Graphs for
Correlating, Hypothesizing, and Predicting Intrusion Alerts,‖
Computer Comm., vol. 29, no. 15, pp. 2917-2933, Sept. 2006.
[8] S. Roschke, F. Cheng, and C. Meinel, ―A New Alert
Correlation Algorithm Based on Attack Graph,‖ Proc. Fourth
Int’l Conf. Computational Intelligence in Security for
Information Systems, pp. 58-67, 2011.
[9] M. Frigault and L. Wang, ―Measuring Network Security
UsingBayesian Network-Based Attack Graphs,‖ Proc. IEEE
32nd Ann.Int’l Conf. Computer Software and Applications
(COMPSAC ’08),pp. 698-703, Aug. 2008.
[10] K. Kwon, S. Ahn, and J. Chung, ―Network Security
ManagementUsing ARP Spoofing,‖ Proc. Int’l Conf.
Computational Science and ItsApplications (ICCSA ’04), pp.
142-149, 2004.
Detection of
Malware
Orginal (Not
Affected)
Similar messages
finded (To Be
Affected)
0
10
20
30
40
50
60
70
Detection
of
Malware
Orginal
(Not
Affected)
Similar
messages
finded (To
Be
Affected)
Series1