GTM-CSec: Game theoretic model for cloud security based on IDS and honeypot

Gill, Komal Singh; Saxena, Sharad; Sharma, Anju

doi:10.1016/j.cose.2020.101732

Cited by 22 publications

(12 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…IoT platform has been a popular target for cybercriminals as it faces significant risks. According to a survey from Palo Alto Networks' Unit 42, 98 percent of intelligent system data is not encrypted, and 42 percent are having IoT sensor flaws (Gill, Saxena & Sharma, 2020;Einy, Oz & Navaei, 2021;Heal & Kunreuther, 2005). Adversaries may use the compromised computers to enter an IoT botnet and carry out effective and massive attacks.…”

Section: Research Areamentioning

confidence: 99%

IoT-based intrusion detection system using convolution neural networks

Aljumah

2021

PeerJ Computer Science

View full text Add to dashboard Cite

In the Information and Communication Technology age, connected objects generate massive amounts of data traffic, which enables data analysis to uncover previously hidden trends and detect unusual network-load. We identify five core design principles to consider when designing a deep learning-empowered intrusion detection system (IDS). We proposed the Temporal Convolution Neural Network (TCNN), an intelligent model for IoT-IDS that aggregates convolution neural network (CNN) and generic convolution, based on these concepts. To handle unbalanced datasets, TCNN is accumulated with synthetic minority oversampling technique with nominal continuity. It is also used in conjunction with effective feature engineering techniques like attribute transformation and reduction. The presented model is compared to two traditional machine learning algorithms, random forest (RF) and logistic regression (LR), as well as LSTM and CNN deep learning techniques, using the Bot-IoT data repository. The outcomes of the experiments depicts that TCNN maintains a strong balance of efficacy and performance. It is better as compared to other deep learning IDSs, with a multi-class traffic detection accuracy of 99.9986 percent and a training period that is very close to CNN.

show abstract

Section: Research Areamentioning

confidence: 99%

IoT-based intrusion detection system using convolution neural networks

Aljumah

2021

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…SMDP [22] proposes applying the Markov decision process method to attack trapping, transforms the continuous-time process into an equivalent discrete decision model, uses reinforcement learning to train the model, and finally gets the optimal strategy. Gill et al [23] and others designed an independent GTM-CSec model, which combines the static game of complete information with the design of trapping mechanism, and simplifies the game model through inferior strategies; this model can intelligently select appropriate defense modules but reduce system energy consumption and respond to attacks intelligently. Zhou et al [24] used the Markov to model the penetration testing process and proposed an improved DQN algorithm, which converges faster in larger networks and is more suitable for large-scale networks.…”

Section: Related Workmentioning

confidence: 99%

A Multiphase Dynamic Deployment Mechanism of Virtualized Honeypots Based on Intelligent Attack Path Prediction

Gao

Zhang

Xing

2021

Security and Communication Networks

View full text Add to dashboard Cite

As an important deception defense method, a honeypot can be used to enhance the network’s active defense capability effectively. However, the existing rigid deployment method makes it difficult to deal with the uncertain strategic attack behaviors of the attackers. To solve such a problem, we propose a multiphase dynamic deployment mechanism of virtualized honeypots (MD2VH) based on the intelligent attack path prediction method. MD2VH depicts the attack and defense characteristics of both attackers and defenders through the Bayesian state attack graph, establishes a multiphase dynamic deployment optimization model of the virtualized honeypots based on the extended Markov’s decision-making process, and generates the deployment strategies dynamically by combining the online and offline reinforcement learning methods. Besides, we also implement a prototype system based on software-defined network and virtualization container, so as to evaluate the effectiveness of MD2VH. Experiments results show that the capture rate of MD2VH is maintained at about 90% in the case of both simple topology and complex topology. Compared with the simple intelligent deployment strategy, such a metric is increased by 20% to 60%, and the result is more stable under different types of the attacker’s strategy.

show abstract

“…Where represented as label function for the assigned variable at each point in the cluster to a label . From that, optimized values of nodes are represented in equ (10).…”

Section: Cluster Head Election Based On Improved Flower Pollination Algorithm (Ifpa)mentioning

confidence: 99%

“…The IDS agents are deployed in WSN in three possible ways such as centralized, distributed, and hybrid. Those agents are effective within the deployed base station, the centralized approach does not impact small node performance [10]. Situation awareness (SA) is considered a basic element due to space and time for acting as the network.…”

Section: Introductionmentioning

confidence: 99%

Intrusion Detection System Attack Classification with Optimization Model for WSN Security

Adel¹,

Rana²

2021

IJEAT

View full text Add to dashboard Cite

Wireless Sensor Network (WSN) subjected various challenges during data transmission between nodes deployed in a network. To withstand those security challenges Intrusion Detection System (IDS) is designed. IDS is involved in attack detection and classification but is subjected to a lack of effective classification techniques for attack prevention. To overcome those challenges associated with security this research presented an effective clustering technique known as Centred-Order Node Clustering (CONC). Also, Cluster Head (CH) is elected based on the Improved Flower Pollination Algorithm (IFPA) with multi-objective characteristics. By this proposed method lifetime of the network is improved. Additionally, a supervised classification technique called AdaBoost Regression Classifier (ABRC) is developed with the Intrusion Detection System (IDS). The developed ABRC is constructed for malicious node detection with the prediction of several attacks using IDS. Through improved security mechanisms sensor nodes are involved in effective data transmission between sensor nodes. The simulation analysis stated that the proposed mechanism provides better results rather than the existing technique.

show abstract

GTM-CSec: Game theoretic model for cloud security based on IDS and honeypot

Cited by 22 publications

References 18 publications

IoT-based intrusion detection system using convolution neural networks

IoT-based intrusion detection system using convolution neural networks

A Multiphase Dynamic Deployment Mechanism of Virtualized Honeypots Based on Intelligent Attack Path Prediction

Intrusion Detection System Attack Classification with Optimization Model for WSN Security

Contact Info

Product

Resources

About