Misconfiguration in Firewalls and Network Access Controls: Literature Review

Alicea, Michael; Alsmadi, Izzat

doi:10.3390/fi13110283

Cited by 7 publications

(2 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A scenario where it is assumed that the intruder bypassed the firewall defensive mechanism and gained access to the network by utilizing multiple methods could be because: Misconfigurations found in the firewall protocols create loopholes that grant the intruder access inside the network via overly permissive rules or incorrect settings, which are exploited by the attacker [ 65 ]. Vulnerabilities in firewall rules are exploited by employing sophisticated attacks that target the applications or services via zero-day [ 66 ] attacks, as the firewall is not regularly maintained and updated and is incapable of blocking unknown threats and vulnerabilities.…”

Section: Ids Architecturementioning

confidence: 99%

See 1 more Smart Citation

Security Analysis for Smart Healthcare Systems

Ibrahim,

Al-Wadi,

Elhafiz

2024

Sensors

View full text Add to dashboard Cite

The healthcare industry went through reformation by integrating the Internet of Medical Things (IoMT) to enable data harnessing by transmission mediums from different devices, about patients to healthcare staff devices, for further analysis through cloud-based servers for proper diagnosis of patients, yielding efficient and accurate results. However, IoMT technology is accompanied by a set of drawbacks in terms of security risks and vulnerabilities, such as violating and exposing patients’ sensitive and confidential data. Further, the network traffic data is prone to interception attacks caused by a wireless type of communication and alteration of data, which could cause unwanted outcomes. The advocated scheme provides insight into a robust Intrusion Detection System (IDS) for IoMT networks. It leverages a honeypot to divert attackers away from critical systems, reducing the attack surface. Additionally, the IDS employs an ensemble method combining Logistic Regression and K-Nearest Neighbor algorithms. This approach harnesses the strengths of both algorithms to improve attack detection accuracy and robustness. This work analyzes the impact, performance, accuracy, and precision outcomes of the used model on two IoMT-related datasets which contain multiple attack types such as Man-In-The-Middle (MITM), Data Injection, and Distributed Denial of Services (DDOS). The yielded results showed that the proposed ensemble method was effective in detecting intrusion attempts and classifying them as attacks or normal network traffic, with a high accuracy of 92.5% for the first dataset and 99.54% for the second dataset and a precision of 96.74% for the first dataset and 99.228% for the second dataset.

show abstract

Section: Ids Architecturementioning

confidence: 99%

“…Misconfigurations found in the firewall protocols create loopholes that grant the intruder access inside the network via overly permissive rules or incorrect settings, which are exploited by the attacker [ 65 ].…”

Section: Ids Architecturementioning

confidence: 99%

Security Analysis for Smart Healthcare Systems

Ibrahim,

Al-Wadi,

Elhafiz

2024

Sensors

View full text Add to dashboard Cite

show abstract

Artificial Intelligence Working to Secure Small Enterprises

Rasmus

2024

Artificial Intelligence for Security

View full text Add to dashboard Cite

Meta learning-based few-shot intrusion detection for 5G-enabled industrial internet

Yan,

Yang,

Shen

et al. 2024

Complex Intell. Syst.

View full text Add to dashboard Cite

With the formation and popularization of the 5G-enabled industrial internet, cybersecurity risks are increasing, and the limited number of attack samples, such as zero-day, leaves a short response time for security protectors, making it substantially more difficult to protect industrial control systems from new types of malicious attacks. Traditional supervised intrusion detection models rely on a large number of samples for training and their performance needs to be improved. Therefore, there is an urgent need for few-shot intrusion detection. Aiming at the above problems, this paper proposes a detection model based on a meta-learning framework, which aims to effectively improve the accuracy and real-time performance of intrusion detection, and designs a meta-learning intrusion detection model containing a sample generation module, a feature mapping module and a feature metric module. Among them, the sample generation module introduces the residual block into the Natural GAN and proposes a new method to generate high-quality antagonistic samples—Res-Natural GAN, which is used to enhance the antagonism of the generated samples and the feature mining degree, to improve the accuracy of malicious traffic detection; the feature mapping module proposes a new attention mechanism, the multi-head fast attention mechanism, which is applied to the encoder structure of the transformer and combined with a parameter optimization algorithm based on particle swarm mutation to shorten the mapping time and improve the real-time performance of the model while mapping the features effectively; the feature metric module proposes a prototype structure based on a prototype storage update algorithm and combines it with a prototype network to achieve correct classification by measuring the Euclidean distance between the detected samples and the class of prototypes, and to shorten the inference time while ensuring the detection accuracy; finally, the three modules are combined to form a real-time meta-learning intrusion detection model. To evaluate the proposed model, five different types of experiments are conducted on multiple public datasets. The experimental results show that the model has higher detection accuracy than the traditional model for both few-shot and zero-shot malicious attacks, and is not only applicable to 5G-enabled industrial internet, but also generalized to different network environments and attack types.

show abstract

Misconfiguration in Firewalls and Network Access Controls: Literature Review

Cited by 7 publications

References 36 publications

Security Analysis for Smart Healthcare Systems

Security Analysis for Smart Healthcare Systems

Artificial Intelligence Working to Secure Small Enterprises

Meta learning-based few-shot intrusion detection for 5G-enabled industrial internet

Contact Info

Product

Resources

About