Biblio

In the era of Internet of Things (IoT), the connection links are established from devices easily, which is vulnerable to insecure attacks from intruders, hence intrusion detection system in IoT is the need of an hour. One of the important thing for any organization is securing the confidential information and data from outside attacks as well as unauthorized access. There are many attempts made by the researchers to develop the strong intrusion detection system having high accuracy. These systems suffer from many disadvantages like unacceptable accuracy rates including high False Positive Rate (FPR) and high False Negative Rate (FNR), more execution time and failure rate. More of these system models are developed by using traditional machine learning techniques, which have performance limitations in terms of accuracy and timeliness both. These limitations can be overcome by using the deep learning techniques. Deep learning techniques have the capability to generate highly accurate results and are fault tolerant. Here, the intrusion detection model for IoT is designed by using the Taylor-Spider Monkey optimization (Taylor-SMO) which will be developed to train the Deep belief neural network (DBN) towards achieving an accurate intrusion detection model. The deep learning accuracy gets increased with increasing number of training data samples and testing data samples. The optimization based algorithm for training DBN helps to reduce the FPR and FNR in intrusion detection. The system will be implemented by using the NSL KDD dataset. Also, this model will be trained by using the samples from this dataset, before which feature extraction will be applied and only relevant set of attributes will be selected for model development. This approach can lead to better and satisfactory results in intrusion detection.

In this paper, a new intrusion detection mechanism is proposed based on Trust and Packet Loss Rate at Sensor Node in WSNs. To find the true malicious nodes, the proposed mechanism performs a deep analysis on the packet loss. Two independent metrics such as buffer capacity metric and residual energy metric are considered for packet loss rate evaluation. Further, the trust evaluation also considers the basic communication interactions between sensor nodes. Based on these three metrics, a new composite metric called Packet Forwarding Probability (PFP) is derived through which the malicious nodes are identified. Simulation experiments are conducted over the proposed mechanism and the performance is evaluated through False Positive Rate (FPR) and Malicious Detection Rate (MDR). The results declare that the proposed mechanism achieves a better performance compared to the conventional approaches.

Volume anomaly such as distributed denial-of-service (DDoS) has been around for ages but with advancement in technologies, they have become stronger, shorter and weapon of choice for attackers. Digital forensic analysis of intrusions using alerts generated by existing intrusion detection system (IDS) faces major challenges, especially for IDS deployed in large networks. In this paper, the concept of automatically sifting through a huge volume of alerts to distinguish the different stages of a DDoS attack is developed. The proposed novel framework is purpose-built to analyze multiple logs from the network for proactive forecast and timely detection of DDoS attacks, through a combined approach of Shannon-entropy concept and clustering algorithm of relevant feature variables. Experimental studies on a cyber-range simulation dataset from the project industrial partners show that the technique is able to distinguish precursor alerts for DDoS attacks, as well as the attack itself with a very low false positive rate (FPR) of 22.5%. Application of this technique greatly assists security experts in network analysis to combat DDoS attacks.