Developing Cross-Domain Host-Based Intrusion Detection

Ajayi, Oluwagbemiga; Gangopadhyay, Aryya; Erbacher, Robert F.; Bursat, Carl

doi:10.3390/electronics11213631

Cited by 3 publications

(2 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Research studies have indicated that SVM and DT are among the most promising methods for anomaly detection. SVM and DT algorithms have been widely used in HIDSs due to their effectiveness in detecting and classifying intrusions [29][30][31]. In the context of HIDSs, SVM can learn the patterns and characteristics of known attacks and identify similar patterns in real-time system behavior, enabling the detection of unknown or novel attacks [29].…”

Section: Methods Description Limitationsmentioning

confidence: 99%

See 1 more Smart Citation

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

Vyšniūnas,

Čeponis,

Goranin

et al. 2024

Electronics

View full text Add to dashboard Cite

Malware intrusion is a serious threat to cybersecurity; that is why new and innovative methods are constantly being developed to detect and prevent it. This research focuses on malware intrusion detection through the usage of system calls and machine learning. An effective and clearly described system-call grouping method could increase the various metrics of machine learning methods, thereby improving the malware detection rate in host-based intrusion-detection systems. In this article, a risk-based system-call sequence grouping method is proposed that assigns riskiness values from low to high based on function risk value. The application of the newly proposed grouping method improved classification accuracy by 23.4% and 7.6% with the SVM and DT methods, respectively, compared to previous results obtained on the same methods and data. The results suggest the use of lightweight machine learning methods for malware attack can ensure detection accuracy comparable to deep learning methods.

show abstract

Section: Methods Description Limitationsmentioning

confidence: 99%

“…For almost two decades, researchers working in the field of intrusion detection have been using a publicly available Linux-based KDD98 data set [34][35][36]. However, that database is from 1998 and has lost its completeness and quality.…”

Section: Analysis Of Applicable Datasets For Malware Intrusion Detectionmentioning

confidence: 99%

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

Vyšniūnas,

Čeponis,

Goranin

et al. 2024

Electronics

View full text Add to dashboard Cite

show abstract

A Comprehensive Study of Intrusion Detection within Internet of Things-based Smart Cities: Synthesis, Analysis and a Novel Approach

Houichi

Jaidi

Bouhoula

2023

2023 International Wireless Communications and Mobile Computing (IWCMC)

View full text Add to dashboard Cite

Attack Types in Network Environment: Attack Scenario Examples

Kilinc

Eyüpoğlu

2023

İstanbul Ticaret Üniversitesi Teknoloji Ve Uygulamalı Bilimler Dergisi

View full text Add to dashboard Cite

Çağımızda bilgi teknolojileri hızla gelişirken mobil ve Nesnelerin İnterneti (Internet of Things-IoT) cihazlarının yaygınlaşması ile birlikte siber saldırganlar da her geçen gün yeni saldırı yöntemleri geliştirmektedir. Bu nedenle siber saldırılar kullanıcılarda büyük endişe yaratmaktadır ve bu endişelerin de giderek artacağı öngörülmektedir. Bu süreçte Saldırı Tespit Sistemleri (Intrusion Detection System-IDS) ve Saldırı Önleme Sistemleri (Intrusion Prevention System-IPS) önemli bir rol almaktadır. Bu çalışmada ilk olarak ağ güvenlik duvarları, ağ saldırıları ve ağ ortamında gerçekleşen saldırı türlerine yer verilmiştir. Sonrasında ağ saldırı türleri için örnek senaryolar oluşturulmuştur ve bu senaryolar üzerinde saldırıların nasıl gerçekleştirildiği açıklanmıştır. Saldırı türleri, Kanada İletişim Güvenliği Kuruluşu (Canada Communications Security Establishment-CSE) ve Kanada Siber Güvenlik Enstitüsü (Canadian Institute for Cybersecurity-CIC) tarafından yaratılan saldırı tespit sistemi değerlendirme verisetlerinde (CIC-IDS2017 ve CES-CIC-IDS2018) yer alan ve saldırganlar tarafından yaygın olarak kullanılan Hizmet Reddi Saldırısı (Denial of Service Attack-DoS), Dağıtılmış Hizmet Reddi Saldırısı (Distrubuted Denial of Service-DDoS), botnet, kaba kuvvet, port tarama, web uygulama ve sızma saldırıları olarak belirlenmiştir.

show abstract

Developing Cross-Domain Host-Based Intrusion Detection

Cited by 3 publications

References 44 publications

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

Risk-Based System-Call Sequence Grouping Method for Malware Intrusion Detection

A Comprehensive Study of Intrusion Detection within Internet of Things-based Smart Cities: Synthesis, Analysis and a Novel Approach

Attack Types in Network Environment: Attack Scenario Examples

Contact Info

Product

Resources

About