Towards a Secure Internet of Things: A Comprehensive Study of Second Line Defense Mechanisms

Kamaldeep,; Dutta, Maitreyee; Granjal, Jorge

doi:10.1109/access.2020.3005643

Cited by 25 publications

(4 citation statements)

References 147 publications

(550 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In zero-day attack scenarios, even when firewalls or intrusion-detection systems are present, they are not effective in detecting malicious botnet activities due to the absence of signatures for attacks that are unknown [8]. Kamaldeep, et al [9], Zarpelo et al [10], and Wazzan et al [11] made similar observations that a signature-based approach is not effective against zero-day attacks.…”

Section: Introductionmentioning

confidence: 95%

Edge security for SIP-enabled IoT devices with P4

et al. 2022

View full text Add to dashboard Cite

Section: Introductionmentioning

confidence: 95%

Edge security for SIP-enabled IoT devices with P4

et al. 2022

View full text Add to dashboard Cite

“…A hybrid technique has been proposed to improve the capabilities of current intrusion detection and prevention systems by merging these two methods of misuse and anomaly. The fundamental notion is that while anomaly identifies unknown attacks, misuse detects known assaults [5,20,24,26,33] . The goal of anomaly detection is to identify unusual patterns of behavior.…”

Section: Related Research Workmentioning

confidence: 99%

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

D. Rajagopal

2023

IJRITCC

View full text Add to dashboard Cite

Objectives: The objective of the paper is to discuss the proposed dynamic software model to detect and prevent intrusion in the cloud network. Methods: The Behavior Profiling Algorithm (BPA) has been used to detect the intrusion in cloud network. For finding the intruder in the network the Event Log Entries and the network Unique Identification Address (UIA) has been fetched from the server and then the collected attribute values have been transferred to prevention module. In the prevention module the dynamic statistical approach model has been used to prevent the network systems and data which are available in the Cloud Network. Findings: For testing the proposed model the 100 cloud network systems were taken and based on the loss of packets (in MB) ranges the samples were classified as 0-100, 101-200, 201-300, 301-400, 401-500, 501-600, 601-700 respectively. The range of data loss is assumed to be an interval of 100 Mbps. It is assumed that the higher the data loss ranges, the more data is lost. The mean, variance, and standard deviation were calculated to verify the data loss ranges. The mean (average) of the data loss in the ranges 0-100 is 060.77 and the mean in the ranges 101-200 is 144.714 data losses, which gradually increases in proportion to the data loss ranges, and in the ranges 601-700 it is 665.769 data losses. From the statistical approach model, the differences between mean and variance indicated that the intruder attacked the files during the data transformation in the network. Therefore, the administrator has to monitor the warning message from the proposed IPS model and get data packet losses in the transformation. If the frequency of data loss is low, the administrator can assume that the data flow is low due to network problems. On the other hand, if the frequency of data loss in the network system is high, he can block the transformation and protect the data file. This paper concludes that the behavioral profiling algorithm combined with a statistical model achieves an efficiency of over 96% in wired networks, over 97.6% in wireless networks, and over 98.7% in cloud networks. Novelty: In the previous paper discussed the approach which has been implemented with 40 nodes and the result of the proposed algorithm produced above 90%, 96% and 98% in the wired, wireless and cloud network respectively. Now, the model has been implemented with 100 nodes the result has been increased. This study concluded that, the efficient algorithm to detect the intrusion is behaviour profiling algorithm, while join with the statistical approach model, it produces efficient result.

show abstract

“…The authors also discussed the availability of IDS datasets and the challenges faced by IoT-based IDSs. In addition to IDSs, Dutta et al [18] have also discussed Intrusion Prevention Systems (IPS) and Intrusion Response Systems (IRS). The authors included works that depend on security in the IoT standardized protocol stack by considering nine different dimensions and characteristics.…”

Section: Related Workmentioning

confidence: 99%

Machine Learning-Based Intrusion Detection for Rare-Class Network Attacks

Yang,

Gu,

Yan

2023

Electronics

View full text Add to dashboard Cite

Due to the severe imbalance in the quantities of normal samples and attack samples, as well as among different types of attack samples, intrusion detection systems suffer from low detection rates for rare-class attack data. In this paper, we propose a geometric synthetic minority oversampling technique based on the optimized kernel density estimation algorithm. This method can generate diverse rare-class attack data by learning the distribution of rare-class attack data while maintaining similarity with the original sample features. Meanwhile, the balanced data is input to a feature extraction module built upon multiple denoising autoencoders, reducing information redundancy in high-dimensional data and improving the detection performance for unknown attacks. Subsequently, a soft-voting ensemble learning technique is utilized for multi-class anomaly detection on the balanced and dimensionally reduced data. Finally, an intrusion detection system is constructed based on data preprocessing, imbalance handling, feature extraction, and anomaly detection modules. The performance of the system was evaluated using two datasets, NSL-KDD and N-BaIoT, achieving 86.39% and 99.94% multiclassification accuracy, respectively. Through ablation experiments and comparison with the baseline model, it is found that the inherent limitations of a single machine-learning model directly affect the accuracy of the intrusion detection system, while the superiority of the proposed multi-module model in detecting unknown attacks and rare classes of attack traffic is demonstrated.

show abstract

Towards a Secure Internet of Things: A Comprehensive Study of Second Line Defense Mechanisms

Cited by 25 publications

References 147 publications

Edge security for SIP-enabled IoT devices with P4

Edge security for SIP-enabled IoT devices with P4

Proficient Approach for Intrusion Detection using Behaviour Profiling Algorithm and Prevention Using Statistical Model in Cloud Networks

Machine Learning-Based Intrusion Detection for Rare-Class Network Attacks

Contact Info

Product

Resources

About