scholarly journals Standalone Behaviour-Based Attack Detection Techniques for Distributed Software Systems via Blockchain

2021 ◽  
Vol 11 (12) ◽  
pp. 5685
Author(s):  
Hosam Aljihani ◽  
Fathy Eassa ◽  
Khalid Almarhabi ◽  
Abdullah Algarni ◽  
Abdulaziz Attaallah
Keyword(s):  
Attack Detection ◽  
Detection Methods ◽  
Software Systems ◽  
Distributed Software ◽  
Detection Techniques ◽  
Detection Systems ◽  
Novel Approach ◽  
Validation Experiment ◽  
Critical Issues ◽  
Concrete Solution

With the rapid increase of cyberattacks that presently affect distributed software systems, cyberattacks and their consequences have become critical issues and have attracted the interest of research communities and companies to address them. Therefore, developing and improving attack detection techniques are prominent methods to defend against cyberattacks. One of the promising attack detection methods is behaviour-based attack detection methods. Practically, attack detection techniques are widely applied in distributed software systems that utilise network environments. However, there are some other challenges facing attack detection techniques, such as the immutability and reliability of the detection systems. These challenges can be overcome with promising technologies such as blockchain. Blockchain offers a concrete solution for ensuring data integrity against unauthorised modification. Hence, it improves the immutability for detection systems’ data and thus the reliability for the target systems. In this paper, we propose a design for standalone behaviour-based attack detection techniques that utilise blockchain’s functionalities to overcome the above-mentioned challenges. Additionally, we provide a validation experiment to prove our proposal in term of achieving its objectives. We argue that our proposal introduces a novel approach to develop and improve behaviour-based attack detection techniques to become more reliable for distributed software systems.

scholarly journals Integrating Traffics with Network Device Logs for Anomaly Detection

2019 ◽  
Vol 2019 ◽  
pp. 1-10
Author(s):  
Jiazhong Lu ◽  
Fengmao Lv ◽  
Zhongliu Zhuo ◽  
Xiaosong Zhang ◽  
Xiaolei Liu ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
False Positive Rate ◽  
Detection Methods ◽  
Detection Techniques ◽  
Detection Systems ◽  
Traffic Characteristics ◽  
Positive Rate ◽  
Analysis System ◽  
Network Status ◽  
Network Device

Advanced cyberattacks are often featured by multiple types, layers, and stages, with the goal of cheating the monitors. Existing anomaly detection systems usually search logs or traffics alone for evidence of attacks but ignore further analysis about attack processes. For instance, the traffic detection methods can only detect the attack flows roughly but fail to reconstruct the attack event process and reveal the current network node status. As a result, they cannot fully model the complex multistage attack. To address these problems, we present Traffic-Log Combined Detection (TLCD), which is a multistage intrusion analysis system. Inspired by multiplatform intrusion detection techniques, we integrate traffics with network device logs through association rules. TLCD correlates log data with traffic characteristics to reflect the attack process and construct a federated detection platform. Specifically, TLCD can discover the process steps of a cyberattack attack, reflect the current network status, and reveal the behaviors of normal users. Our experimental results over different cyberattacks demonstrate that TLCD works well with high accuracy and low false positive rate.

scholarly journals Implementation of Machine Learning Algorithms on CICIDS-2017 Dataset for Intrusion Detection Using WEKA

2019 ◽  
Vol 8 (3) ◽  
pp. 2195-2207 ◽  
Keyword(s):  
Intrusion Detection ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Classification Algorithms ◽  
Brute Force ◽  
Detection Techniques ◽  
Detection Systems ◽  
Brute Force Attack ◽  
Feature Selection Techniques

For protecting and securing the network, with Intrusion Detection Systems through hidden intrusion has become a popular and important issue in the network security domain. Detection of attacks is the first step to secure any system. In this paper, the main focus is on seven different attacks, including Brute Force attack, Heartbleed/Denial-of-service (DoS), Web Attack, Infiltration, Botnet, Port Scan and Distributed Denial of Service (DDoS). We rely on features derived from CICIDS-2017 Dataset for these attacks. By using various subset based feature selection techniques performance of attack has been identified for many features. Using these techniques, it has been determined the appropriate group of attributes for finding every attack with related classification algorithms. Simulations of these techniques present that unwanted feature can be removed from attack detection techniques and find the most valuable set of attributes for a definite classification algorithm with discretization and without discretization, which improve the performance of IDS.

Defensive Mechanism Against DDoS Attack to Preserve Resource Availability for IoT Applications

2017 ◽  
Vol 8 (4) ◽  
pp. 40-51
Author(s):  
Manimaran Aridoss
Keyword(s):  
Virtual Machines ◽  
Denial Of Service ◽  
Attack Detection ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
Iot Applications ◽  
Cloud Server ◽  
The Status ◽  
Defensive Mechanism

The major challenge of Internet of Things (IoT) generated data is its hypervisor level vulnerabilities. Malicious VM deployment and termination are so simple due to its multitenant shared nature and distributed elastic cloud features. These features enable the attackers to launch Distributed Denial of Service attacks to degrade cloud server performance. Attack detection techniques are applied to the VMs that are used by malicious tenants to hold the cloud resources by launching DDoS attacks at data center subnets. Traditional dataflow-based attack detection methods rely on the similarities of incoming requests which consist of IP and TCP header information flows. The proposed approach classifies the status patterns of malicious VMs and ideal VMs to identify the attackers. In this article, information theory is used to calculate the entropy value of the malicious virtual machines for detecting attack behaviors. Experimental results prove that the proposed system works well against DDoS attacks in IoT applications.

Defensive Mechanism Against DDoS Attack to Preserve Resource Availability for IoT Applications

2020 ◽  
pp. 1429-1442
Author(s):  
Manimaran Aridoss
Keyword(s):  
Virtual Machines ◽  
Denial Of Service ◽  
Attack Detection ◽  
Detection Methods ◽  
Ddos Attacks ◽  
Detection Techniques ◽  
Iot Applications ◽  
Cloud Server ◽  
The Status ◽  
Defensive Mechanism

The major challenge of Internet of Things (IoT) generated data is its hypervisor level vulnerabilities. Malicious VM deployment and termination are so simple due to its multitenant shared nature and distributed elastic cloud features. These features enable the attackers to launch Distributed Denial of Service attacks to degrade cloud server performance. Attack detection techniques are applied to the VMs that are used by malicious tenants to hold the cloud resources by launching DDoS attacks at data center subnets. Traditional dataflow-based attack detection methods rely on the similarities of incoming requests which consist of IP and TCP header information flows. The proposed approach classifies the status patterns of malicious VMs and ideal VMs to identify the attackers. In this article, information theory is used to calculate the entropy value of the malicious virtual machines for detecting attack behaviors. Experimental results prove that the proposed system works well against DDoS attacks in IoT applications.

scholarly journals Bit-and-Piece DDoS attack Detection based on the Statistical Metrics

2019 ◽  
Vol 9 (1S4) ◽  
pp. 48-55
Keyword(s):  
Service Providers ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Communication Service ◽  
Detection Techniques ◽  
Ddos Attack ◽  
Novel Approach ◽  
Data Flows ◽  
Ddos Attack Detection ◽  
Statistical Metrics

on each successive day, the DDoS attacks are increasing, improving and becoming more critical than ever before. In 2018, CISCO predicted that DDoS attack traffics may reach to 3.1 billion during 2021. Bit and Piece DDoS attack is an emerging attacking technique was found and reported by Nexusguard. This attack mainly targets the communication service providers and it injects unwanted junk information in to the legitimate traffic and thus bypasses the detection techniques. This work is aimed to propose a novel approach for detecting bit and piece attack using statistical metrics. Here, the packet flow is monitored at every second and the variations in the data flows easily identified as an attack.

scholarly journals TweepFake: About detecting deepfake tweets

PLoS ONE ◽  
2021 ◽  
Vol 16 (5) ◽  
pp. e0251415
Author(s):  
Tiziano Fagni ◽  
Fabrizio Falchi ◽  
Margherita Gambini ◽  
Antonio Martella ◽  
Maurizio Tesconi
Keyword(s):  
Social Media ◽  
State Of The Art ◽  
Language Model ◽  
Generative Models ◽  
Language Modeling ◽  
Detection Methods ◽  
Neural Models ◽  
Detection Techniques ◽  
Detection Systems ◽  
Media Messages

The recent advances in language modeling significantly improved the generative capabilities of deep neural models: in 2019 OpenAI released GPT-2, a pre-trained language model that can autonomously generate coherent, non-trivial and human-like text samples. Since then, ever more powerful text generative models have been developed. Adversaries can exploit these tremendous generative capabilities to enhance social bots that will have the ability to write plausible deepfake messages, hoping to contaminate public debate. To prevent this, it is crucial to develop deepfake social media messages detection systems. However, to the best of our knowledge no one has ever addressed the detection of machine-generated texts on social networks like Twitter or Facebook. With the aim of helping the research in this detection field, we collected the first dataset of real deepfake tweets, TweepFake. It is real in the sense that each deepfake tweet was actually posted on Twitter. We collected tweets from a total of 23 bots, imitating 17 human accounts. The bots are based on various generation techniques, i.e., Markov Chains, RNN, RNN+Markov, LSTM, GPT-2. We also randomly selected tweets from the humans imitated by the bots to have an overall balanced dataset of 25,572 tweets (half human and half bots generated). The dataset is publicly available on Kaggle. Lastly, we evaluated 13 deepfake text detection methods (based on various state-of-the-art approaches) to both demonstrate the challenges that Tweepfake poses and create a solid baseline of detection techniques. We hope that TweepFake can offer the opportunity to tackle the deepfake detection on social media messages as well.

Brief Survey on Attack Detection Methods for Cyber-Physical Systems

2020 ◽  
Vol 14 (4) ◽  
pp. 5329-5339 ◽  
Author(s):  
Sen Tan ◽  
Josep M. Guerrero ◽  
Peilin Xie ◽  
Renke Han ◽  
Juan C. Vasquez
Keyword(s):  
Cyber Physical Systems ◽  
Attack Detection ◽  
Detection Methods ◽  
Physical Systems

scholarly journals Indirectly Supervised Anomaly Detection of Clinically Meaningful Health Events from Smart Home Data

2021 ◽  
Vol 12 (2) ◽  
pp. 1-18
Author(s):  
Jessamyn Dahmen ◽  
Diane J. Cook
Keyword(s):  
Anomaly Detection ◽  
Time Series Data ◽  
Bayesian Optimization ◽  
Detection Methods ◽  
Series Data ◽  
Detection Techniques ◽  
Health Events ◽  
Warm Start ◽  
Health Related ◽  
Unsupervised Algorithms

Anomaly detection techniques can extract a wealth of information about unusual events. Unfortunately, these methods yield an abundance of findings that are not of interest, obscuring relevant anomalies. In this work, we improve upon traditional anomaly detection methods by introducing Isudra, an Indirectly Supervised Detector of Relevant Anomalies from time series data. Isudra employs Bayesian optimization to select time scales, features, base detector algorithms, and algorithm hyperparameters that increase true positive and decrease false positive detection. This optimization is driven by a small amount of example anomalies, driving an indirectly supervised approach to anomaly detection. Additionally, we enhance the approach by introducing a warm-start method that reduces optimization time between similar problems. We validate the feasibility of Isudra to detect clinically relevant behavior anomalies from over 2M sensor readings collected in five smart homes, reflecting 26 health events. Results indicate that indirectly supervised anomaly detection outperforms both supervised and unsupervised algorithms at detecting instances of health-related anomalies such as falls, nocturia, depression, and weakness.

scholarly journals Evaluating effects of focal length and viewing angle in a comparison of recent face landmark and alignment methods

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Xiang Li ◽  
Jianzheng Liu ◽  
Jessica Baron ◽  
Khoa Luu ◽  
Eric Patterson
Keyword(s):  
Focal Length ◽  
Ground Truth ◽  
Detection Methods ◽  
Viewing Angle ◽  
Deep Convolutional Neural Networks ◽  
Landmark Detection ◽  
High Performing ◽  
Detection Techniques ◽  
And Performance ◽  
Lens Focal Length

AbstractRecent attention to facial alignment and landmark detection methods, particularly with application of deep convolutional neural networks, have yielded notable improvements. Neither these neural-network nor more traditional methods, though, have been tested directly regarding performance differences due to camera-lens focal length nor camera viewing angle of subjects systematically across the viewing hemisphere. This work uses photo-realistic, synthesized facial images with varying parameters and corresponding ground-truth landmarks to enable comparison of alignment and landmark detection techniques relative to general performance, performance across focal length, and performance across viewing angle. Recently published high-performing methods along with traditional techniques are compared in regards to these aspects.

Sign in / Sign up

Export Citation Format

Share Document