Automated Technique for Debugging Network Intrusion Detection Systems

Nehinbe, Joshua Ojo

doi:10.1109/isms.2010.72

Cited by 6 publications

(22 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cucurull et al [13] summarized the comparison of multiple intrusion detection techniques on SWITCH/AS559 dataset. Nehinbe et al [14] proposed Expert-track model to automatically adjust the rule space. Caberera et al [15] constructed a detection method based on Poisson distribution to detect DoS attacks.…”

Section: Related Workmentioning

confidence: 99%

Network Intrusion Detection Model With Clustering Ensemble Method

Chen¹

2015

IJSIA

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Network Intrusion Detection Model With Clustering Ensemble Method

Chen¹

2015

IJSIA

View full text Add to dashboard Cite

show abstract

“…The complexity and reoccurrence of threats and cyber attacks on the entire components of Cyber Physical Systems (CPSs) have made many organizations to develop the habit of deploying several categories of Intrusion Detection Systems (IDSs) within the peripherals and gateways of their connections to the entire Cyber Physical systems (CPSs) so that these devices can collect and analyze activities that signify evidence of intrusions against their corporate networks in real-time [8,9]. Subsequently, analysts can quickly review the reports and respond to the attacks before the attacks achieve the objectives of intruders that launch them [10].…”

Section: Introductionmentioning

confidence: 99%

“…In other words, Figure 1 demonstrates one of the two approaches organizations can adopt to position Network Intrusion Detection System (NIDS) in relation to firewall within the peripherals and gateways that connect them to the entire Cyber Physical Systems (CPSs) [7,8]. Nevertheless, numerous studies often attest that Intrusion Detection Systems (IDSs) must always be upgraded to strongly help operators control the new dimensions and rising waves of intrusions against cyber physical resources across the globe.…”

Section: Introductionmentioning

confidence: 99%

“…Otherwise, they may not be very useful for post-intrusion reviews. Similarly, lack of audit of logs of smart IDSs may render them ineffective for in-house training of newly recruited auditors and researchers exploring issues on identification, analysis, corroboration and mitigations of threats and security lapses in Cyber Physical Systems (CPSs) [5,8].…”

Section: Introductionmentioning

confidence: 99%

“…Hence, data mining is often recommended as an underlying concept to automate tools that can reduce workload due to alerts from smart IDSs [14]. Another central issue here is that some companies use the reports obtained from the logs of smart IDSs to augment their networks security policies [8,15,16]. The necessity to audit smart IDSs alongside with log analyzers is not mandatory in the existing models for auditing Information Technology (IT).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Model for Auditing Smart Intrusion Detection Systems (IDSs) and Log Analyzers in Cyber-Physical Systems (CPSs)

Nehinbe¹

2021

Security in Cyber-Physical Systems

Self Cite

View full text Add to dashboard Cite

Suitable models that auditors can adopt to concurrently audit smart Intrusion Detection Systems (IDSs) and log analyzers in Cyber Physical Systems (CPSs) that are also founded on sound empirical claims are scarce. Recently, post-intrusion studies on the resilience of the above mechanisms and prevalence of intrusions in the above domains have shown that certain intrusions that can reduce the performance of smart IDSs can equally overwhelm log analyzers such that both mechanisms can gradually dwindle and suddenly stop working. Studies have also shown that several components of Cyber Physical Systems have unusual vulnerabilities. These key issues often increase cyber threats on data security and privacy of resources that many users can receive over Internet of a Thing (IoT). Dreadful intrusions on physical and computational components of Cyber Physical Systems can cause systemic reduction in global economy, quality of digital services and continue usage of smart toolkits that should support risk assessments and identification of strategies of intruders. Unfortunately, pragmatic studies on how to reduce the above problems are grossly inadequate. This chapter uses alerts from Snort and C++ programming language to practically explore the above issues and further proposes a feasible model for operators and researchers to lessen the above problems. Evaluation with real and synthetic datasets demonstrates that the capabilities and resilience of smart Intrusion Detection Systems (IDSs) to safeguard Cyber Physical Systems (CPSs) can be improved given a framework to facilitate audit of smart IDSs and log analyzers in Cyberspaces and knowledge of the variability in the lengths and components of alerts warned by Smart Intrusion Detection Systems (IDSs).

show abstract