WorldWideScience

Sample records for adaptive intrusion data systems

  1. Adaptive Intrusion Data System (AIDS)

    The adaptive intrusion data system (AIDS) was developed to collect data from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique data system which uses computer controlled data systems, video cameras and recorders, analog-to-digital conversion, environmental sensors, and digital recorders to collect sensor data. The data can be viewed either manually or with a special computerized data-reduction system which adds new data to a data base stored on a magnetic disc recorder. This report provides a synoptic account of the AIDS as it presently exists. Modifications to the purchased subsystems are described, and references are made to publications which describe the Sandia-designed subsystems

  2. Adaptive intrusion data system (AIDS) software routines

    An Adaptive Intrusion Data System (AIDS) was developed to collect information from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique digital data-compression, storage, and formatting system; it also incorporates a capability for video selection and recording for assessment of the sensors monitored by the system. The system is software reprogrammable to numerous configurations that may be used for the collection of environmental, bilevel, analog, and video data. This report describes the software routines that control the different AIDS data-collection modes, the diagnostic programs to test the operating hardware, and the data format. Sample data printouts are also included

  3. Mass memory formatter subsystem of the adaptive intrusion data system

    The Mass Memory Formatter was developed as part of the Adaptive Intrusion Data System (AIDS) to control a 2.4-megabit mass memory. The data from a Memory Controlled Processor is formatted before it is stored in the memory and reformatted during the readout mode. The data is then transmitted to a NOVA 2 minicomputer-controlled magnetic tape recorder for storage. Techniques and circuits are described

  4. Memory controlled data processor. [Data collector and formatter for adaptive Intrusion Data System

    Johnson, C.S.

    1977-12-01

    The Memory Controlled Data Processor (MCDP) was designed to provide a high-speed multichannel processor and data formater for the Adaptive Intrusion Data System. It can address up to 48 analog data channels, 48 bilevel alarm data channels, and numerous miscellaneous data channels such as weather and time. A digital comparator in the MCDP can make comparisons between the data being processed and threshold limits programed for any channel. The MCDP is software oriented and has its instructions stored in a 4K core memory. 8 figures, 7 tables.

  5. An Adaptive Database Intrusion Detection System

    Barrios, Rita M.

    2011-01-01

    Intrusion detection is difficult to accomplish when attempting to employ current methodologies when considering the database and the authorized entity. It is a common understanding that current methodologies focus on the network architecture rather than the database, which is not an adequate solution when considering the insider threat. Recent…

  6. Data Mining and Intrusion Detection Systems

    Zibusiso Dewa; Leandros A. Maglaras

    2016-01-01

    The rapid evolution of technology and the increased connectivity among its components, imposes new cyber-security challenges. To tackle this growing trend in computer attacks and respond threats, industry professionals and academics are joining forces in order to build Intrusion Detection Systems (IDS) that combine high accuracy with low complexity and time efficiency. The present article gives an overview of existing Intrusion Detection Systems (IDS) along with their main principles. Also th...

  7. Adaptive critic design for computer intrusion detection system

    Novokhodko, Alexander; Wunsch, Donald C., II; Dagli, Cihan H.

    2001-03-01

    This paper summarizes ongoing research. A neural network is used to detect a computer system intrusion basing on data from the system audit trail generated by Solaris Basic Security Module. The data have been provided by Lincoln Labs, MIT. The system alerts the human operator, when it encounters suspicious activity logged in the audit trail. To reduce the false alarm rate and accommodate the temporal indefiniteness of moment of attack a reinforcement learning approach is chosen to train the network.

  8. An Adaptive Hybrid Multi-level Intelligent Intrusion Detection System for Network Security

    P. Ananthi

    2014-04-01

    Full Text Available Intrusion Detection System (IDS plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional statistical and data mining approaches. Data mining techniques in IDS observed to provide significant results. Data mining approaches for misuse and anomaly-based intrusion detection generally include supervised, unsupervised and outlier approaches. It is important that the efficiency and potential of IDS be updated based on the criteria of new attacks. This study proposes a novel Adaptive Hybrid Multi-level Intelligent IDS (AHMIIDS system which is the combined version of anomaly and misuse detection techniques. The anomaly detection is based on Bayesian Networks and then the misuse detection is performed using Adaptive Neuro Fuzzy Inference System (ANFIS. The outputs of both anomaly detection and misuse detection modules are applied to Decision Table Majority (DTM to perform the final decision making. A rule-base approach is used in this system. It is observed from the results that the proposed AHMIIDS performs better than other conventional hybrid IDS.

  9. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks

    Wang, Wei

    2014-06-22

    In this work, we propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection over unlabeled HTTP traffic streams in computer networks. The framework holds potential for self-managing: self-labeling, self-updating and self-adapting. Our framework employs the Affinity Propagation (AP) algorithm to learn a subject’s behaviors through dynamical clustering of the streaming data. It automatically labels the data and adapts to normal behavior changes while identifies anomalies. Two large real HTTP traffic streams collected in our institute as well as a set of benchmark KDD’99 data are used to validate the framework and the method. The test results show that the autonomic model achieves better results in terms of effectiveness and efficiency compared to adaptive Sequential Karhunen–Loeve method and static AP as well as three other static anomaly detection methods, namely, k-NN, PCA and SVM.

  10. Intrusion Prevention in Depth System Research Based on Data Mining

    Wang Jie; Zheng Xiao; Liu Yabin; Shi Chenghui

    2009-01-01

    This article proposes a data mining based intrusion prevention in depth system model to manage the huge amounts of unreliable and uncontrollable security events, which are generated by the extensive utilization of heterogeneous security devices in computer networks. A method of combining online detection and offline data mining is made use of as the core of the model. On the other hand, the work process of the system can be compartmentalized into two phases: online examination through pattern...

  11. The Design and Implementation of Intrusion Detection System based on Data Mining Technology

    Qinglei Zhou; Yilin Zhao

    2013-01-01

    Intrusion detection technology is a research hotspot in the field of information security. This study introduces the types of traditional intrusion detection and data mining technology; Aiming at the defects and limitations of current intrusion detection system, the study has fused the data mining technology into intrusion detection model, and has designed and implemented the intrusion detection system based on data mining technology with the preliminary research and exploration.

  12. Using Adaptive Neuro-Fuzzy Inference System in Alert Management of Intrusion Detection Systems

    Zahra Atashbar Orang

    2012-10-01

    Full Text Available By ever increase in using computer network and internet, using Intrusion Detection Systems (IDS has been more important. Main problems of IDS are the number of generated alerts, alert failure as well as identifying the attack type of alerts. In this paper a system is proposed that uses Adaptive Neuro-Fuzzy Inference System to classify IDS alerts reducing false positive alerts and also identifying attack types of true positive ones. By the experimental results on DARPA KDD cup 98, the system can classify alerts, leading a reduction of false positive alerts considerably and identifying attack types of alerts in low slice of time.

  13. Adapting safety requirements analysis to intrusion detection

    Lutz, R.

    2001-01-01

    Several requirements analysis techniques widely used in safety-critical systems are being adapted to support the analysis of secure systems. Perhaps the most relevant system safety techique for Intrusion Detection Systems is hazard analysis.

  14. Interior intrusion detection systems

    Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

    1991-10-01

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

  15. Interior intrusion detection systems

    The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

  16. Comparative study of adaptive-noise-cancellation algorithms for intrusion detection systems

    Some intrusion detection systems are susceptible to nonstationary noise resulting in frequent nuisance alarms and poor detection when the noise is present. Adaptive inverse filtering for single channel systems and adaptive noise cancellation for two channel systems have both demonstrated good potential in removing correlated noise components prior detection. For such noise susceptible systems the suitability of a noise reduction algorithm must be established in a trade-off study weighing algorithm complexity against performance. The performance characteristics of several distinct classes of algorithms are established through comparative computer studies using real signals. The relative merits of the different algorithms are discussed in the light of the nature of intruder and noise signals

  17. MA- IDS: A Distributed Intrusion Detection System Based on Data Mining

    SUN Jian-hua; JIN Hai; CHEN Hao; HAN Zong-fen

    2005-01-01

    Aiming at the shortcomings in intrusion detection systems (IDSs) used in commercial and research fields,we propose the MA-IDS system, a distributed intrusion detection system based on data mining. In this model, misuse intrusion detection system (MIDS) and anomaly intrusion detection system (AIDS) are combined. Data mining is applied to raise detection performance, and distributed mechanism is employed to increase the scalability and efficiency. Host- and network-based mining algorithms employ an improved Bayesian decision theorem that suits for real security environment to minimize the risks incurred by false decisions. We describe the overall architecture of the MA-IDS system, and discuss specific design and implementation issue.

  18. A Survey and Comparative Analysis of Data Mining Techniques for Network Intrusion Detection Systems

    Reema Patel; Amit Thakkar; Amit Ganatra

    2012-01-01

    Despite of growing information technology widely, security has remained one challenging area for computers and networks. In information security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Currently many researchers have focused on intrusion detection system based on data mining techniques as an efficient artifice. Data mining is one of the technologies applied to intrusion detection to invent a ...

  19. Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

    Farid, Dewan Md; Rahman, Mohammad Zahidur; 10.5121/ijnsa.2010.2202

    2010-01-01

    In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learn...

  20. Intrusion Detection Systems

    Pietro, Roberto Di

    2008-01-01

    In our world of ever-increasing Internet connectivity, there is an on-going threat of intrusion, denial of service attacks, or countless other abuses of computer and network resources. In particular, these threats continue to persist due to the flaws of current commercial intrusion detection systems (IDSs). Intrusion Detection Systems is an edited volume by world class leaders in this field. This edited volume sheds new light on defense alert systems against computer and network intrusions. It also covers integrating intrusion alerts within security policy framework for intrusion response, rel

  1. Adaptive Genetic Algorithm Model for Intrusion Detection

    K. S. Anil Kumar

    2012-09-01

    Full Text Available Intrusion detection systems are intelligent systems designed to identify and prevent the misuse of computer networks and systems. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Thus the emerging network security systems need be part of the life system and this ispossible only by embedding knowledge into the network. The Adaptive Genetic Algorithm Model - IDS comprising of K-Means clustering Algorithm, Genetic Algorithm and Neural Network techniques. Thetechnique is tested using multitude of background knowledge sets in DARPA network traffic datasets.

  2. Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

    Dewan Md. Farid

    2010-04-01

    Full Text Available In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposedalgorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS. We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR andsignificant reduce false positives (FP for different types of network intrusions using limited computational resources

  3. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    VANCEA, F.

    2014-01-01

    The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discre...

  4. Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS)

    Jared Verba; Michael Milvich

    2008-05-01

    Current Intrusion Detection System (IDS) technology is not suited to be widely deployed inside a Supervisory, Control and Data Acquisition (SCADA) environment. Anomaly- and signature-based IDS technologies have developed methods to cover information technology-based networks activity and protocols effectively. However, these IDS technologies do not include the fine protocol granularity required to ensure network security inside an environment with weak protocols lacking authentication and encryption. By implementing a more specific and more intelligent packet inspection mechanism, tailored traffic flow analysis, and unique packet tampering detection, IDS technology developed specifically for SCADA environments can be deployed with confidence in detecting malicious activity.

  5. WLAN Intrusion Detection System

    Ms. Sushama Shirke

    2011-08-01

    Full Text Available This is an implementation of the Wireless LAN Intrusion Detection System (WIDS using clock-skews as a fingerprinting property as suggested by Jana-Kasera [1]. Our objective is to detect the presence of a fake access point (AP in a Wireless LAN (WLAN. Use of clock -skew enables us to effectively detect Medium Access Control (MAC Address spoofing. The principle used in this project is that clock s k e w s remain consistent over time for the same AP but vary significantly across AP’s. We have also tried to exploreprobable points of failure and implemented algorithms to overcome these problems. Advantage of this implementation is that fake AP can be detected very quickly as WLAN Intrusion Detection System needs only 100 -200 packets in most cases.

  6. Wireless Intrusion Prevention Systems

    Jack TIMOFTE

    2008-01-01

    The wireless networks have changed the way organizations work and offered a new range of possibilities, but at the same time they introduced new security threats. While an attacker needs physical access to a wired network in order to launch an attack, a wireless network allows anyone within its range to passively monitor the traffic or even start an attack. One of the countermeasures can be the use of Wireless Intrusion Prevention Systems.

  7. A Comprehensive Study in Data Mining Frameworks for Intrusion Detection

    R.Venkatesan, R. Ganesan, A. Arul Lawrence Selvakumar

    2012-01-01

    Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. Network security is to be considered as a major issue in recent years, since the computer network keeps on expanding every day. An Intrusion Detection System (IDS) is a system for detecting intrusions and reporting to the authority or to the network administration. Data mining techniques have been successfully applied in many fields like Network Management,...

  8. Experiments on Adaptive Techniques for Host-Based Intrusion Detection

    This research explores four experiments of adaptive host-based intrusion detection (ID) techniques in an attempt to develop systems that can detect novel exploits. The technique considered to have the most potential is adaptive critic designs (ACDs) because of their utilization of reinforcement learning, which allows learning exploits that are difficult to pinpoint in sensor data. Preliminary results of ID using an ACD, an Elman recurrent neural network, and a statistical anomaly detection technique demonstrate an ability to learn to distinguish between clean and exploit data. We used the Solaris Basic Security Module (BSM) as a data source and performed considerable preprocessing on the raw data. A detection approach called generalized signature-based ID is recommended as a middle ground between signature-based ID, which has an inability to detect novel exploits, and anomaly detection, which detects too many events including events that are not exploits. The primary results of the ID experiments demonstrate the use of custom data for generalized signature-based intrusion detection and the ability of neural network-based systems to learn in this application environment

  9. Adaptable data management for systems biology investigations

    Burdick David

    2009-03-01

    Full Text Available Abstract Background Within research each experiment is different, the focus changes and the data is generated from a continually evolving barrage of technologies. There is a continual introduction of new techniques whose usage ranges from in-house protocols through to high-throughput instrumentation. To support these requirements data management systems are needed that can be rapidly built and readily adapted for new usage. Results The adaptable data management system discussed is designed to support the seamless mining and analysis of biological experiment data that is commonly used in systems biology (e.g. ChIP-chip, gene expression, proteomics, imaging, flow cytometry. We use different content graphs to represent different views upon the data. These views are designed for different roles: equipment specific views are used to gather instrumentation information; data processing oriented views are provided to enable the rapid development of analysis applications; and research project specific views are used to organize information for individual research experiments. This management system allows for both the rapid introduction of new types of information and the evolution of the knowledge it represents. Conclusion Data management is an important aspect of any research enterprise. It is the foundation on which most applications are built, and must be easily extended to serve new functionality for new scientific areas. We have found that adopting a three-tier architecture for data management, built around distributed standardized content repositories, allows us to rapidly develop new applications to support a diverse user community.

  10. WLAN Intrusion Detection System

    Ms. Sushama Shirke; Mr. S.B.Vanjale

    2011-01-01

    This is an implementation of the Wireless LAN Intrusion Detection System (WIDS ) using clock-skews as a fingerprinting property as suggested by Jana-Kasera [1]. Our objective is to detect the presence of a fake access point (AP) in a Wireless LAN (WLAN). Use of clock -skew enables us to effectively detect Medium Access Control (MAC) Address spoofing. The principle used in this project is that clock s k e w s remain consistent over time for the same AP but vary significantly across AP’s. We ha...

  11. Intrusion Detection in NEAR System by Anti-denoising Traffic Data Series using Discrete Wavelet Transform

    VANCEA, F.

    2014-11-01

    Full Text Available The paper presents two methods for detecting anomalies in data series derived from network traffic. Intrusion detection systems based on network traffic analysis are able to respond to incidents never seen before by detecting anomalies in data series extracted from the traffic. Some anomalies manifest themselves as pulses of various sizes and shapes, superimposed on series corresponding to normal traffic. In order to detect those impulses we propose two methods based on discrete wavelet transformation. Their effectiveness expressed in relative thresholds on pulse amplitude for no false negatives and no false positives is then evaluated against pulse duration and Hurst characteristic of original series. Different base functions are also evaluated for efficiency in the context of the proposed methods.

  12. Rapid deployment intrusion detection system

    A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

  13. Data Visualization Technique Framework for Intrusion detection

    Alaa El - Din Riad; Ibrahim Elhenawy; Ahmed Hassan; Nancy Awadallah

    2011-01-01

    Network attacks have become the fundamental threat to today's largely interconnected computer system. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. While a number of information visualization software frameworks exist, creating new visualizations, especially those that involve novel visualization metaphors, interaction techniques, data analysis strategies, and specialized rendering algorithms, is still often a difficult proce...

  14. Introduction to Wireless Intrusion Detection Systems

    Milliken, Jonny

    2014-01-01

    The IDS (Intrusion Detection System) is a common means of protecting networked systems from attack or malicious misuse. The development and rollout of an IDS can take many different forms in terms of equipment, protocols, connectivity, cost and automation. This is particularly true of WIDS (Wireless Intrusion Detection Systems) which have many more opportunities and challenges associated with data transmission through an open, shared medium. The operation of a WIDS is a multistep process from...

  15. A Comprehensive Study in Data Mining Frameworks for Intrusion Detection

    R.Venkatesan, R. Ganesan, A. Arul Lawrence Selvakumar

    2012-12-01

    Full Text Available Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. Network security is to be considered as a major issue in recent years, since the computer network keeps on expanding every day. An Intrusion Detection System (IDS is a system for detecting intrusions and reporting to the authority or to the network administration. Data mining techniques have been successfully applied in many fields like Network Management, Education, Science, Business, Manufacturing, Process control, and Fraud Detection. Data Mining for IDS is the technique which can be used mainly to identify unknown attacks and to raise alarms when security violations are detected. The purpose of this survey paper is to describe the methods/ techniques which are being used for Intrusion Detection based on Data mining concepts and the designed frame works for the same. We are also going to review the related works for intrusion detection.

  16. Intrusion Detection By Data Mining Algorithms: A Review

    Rafsanjani, Marjan Kuchaki; Varzaneha, Zahra Asghari

    2013-01-01

    – With the increasing use of network-based services and sensitive information on networks, maintaining information security is essential. Intrusion Detection System is a security tool used to detect unauthorized activities of a computer system or network. Data mining is one of the technologies applied to intrusion detection. This article introduces various data mining techniques used to implement an intrusion detection system. Then reviews some of the related studies focusing on data mining a...

  17. Network Intrusion Forensic Analysis Using Intrusion Detection System

    Manish Kumar

    2011-05-01

    Full Text Available The need for computer intrusion forensics arises from the alarming increase in the number of computer crimes that are committed annually. After a computer system has been breached and an intrusion has been detected, there is a need for a computer forensics investigation to follow. Computer forensics is used to bring to justice, those responsible for conducting attacks on computer systems throughout the world. Because of this the law must be follow precisely when conducting a forensics investigation. It is not enough to simple know an attacker is responsible for the crime, the forensics investigation must be carried out in a precise manner that will produce evidence that is amicable in a court room. For computer intrusion forensics many methodologies have been designed to be used when conducting an investigation. With the birth of the Internet and networks, the computer intrusion has never been as significant as it is now. There are different preventive measures available, such as access control and authentication, to attempt to prevent intruders. Intrusion detection systems (IDS are developed to detect an intrusion as it occurs, and to execute countermeasures when detected. Intrusion detection (ID takes over where preventive security fails. In order to choose the best IDS for a given system, one should be aware of the advantages and disadvantages of the each IDS. This paper views a forensic application within the framework of Intrusion Detection and details the advantages and disadvantages of IDS.

  18. Building Intrusion Tolerant Software System

    PENG Wen-ling; WANG Li-na; ZHANG Huan-guo; CHEN Wei

    2005-01-01

    In this paper, we describe and analyze the hypothesis about intrusion tolerance software system, so that it can provide an intended server capability and deal with the impacts caused by the intruder exploiting the inherent security vulnerabilities. We present some intrusion tolerance technology by exploiting N-version module threshold method in constructing multilevel secure software architecture, by detecting with hash value, by placing an "antigen" word next to the return address on the stack that is similar to human immune system, and by adding "Honey code" nonfunctional code to disturb intruder, so that the security and the availability of the software system are ensured.

  19. Enhanced Intrusion Detection System for Malicious Node Detection in Mobile Ad hoc Networks using Data Transmission Quality of Nodes

    S. Mamatha

    2014-09-01

    Full Text Available Mobile Ad hoc NETworks (MANETs are the new generation of networks that offer unrestricted mobility without any underlying infrastructure. It relies on the cooperation of all the participating nodes. Due to their open nature and lack of infrastructure, security for MANETS has become an intricate problem than the security in other networks. The conventional security mechanisms of protecting a wired network are not sufficient for these networks. Hence a second level of defense to detect and respond to the security problem called an Intrusion detection system is required. Generally the malicious nodes demonstrate a different behavioral pattern of all the other normal nodes. So an Intrusion Detection System based on anomaly based intrusion detection that works by checking the behavior of the nodes was proposed. Here, in this paper to determine the behavior of the nodes as malicious or legitimate a Data Transmission Quality (DTQ function is used. The DTQ function is defined in such a way that it will be close to a constant or keep changing smoothly for genuine nodes and will keep on diminishing for malicious nodes.. The final decision of confirming nodes as malicious is determined by a group consensus method. The evaluation results show that the proposed method increases the detection rate as well as decreases the false positive rate.

  20. A Microcontroller Based Intrusion Detection System

    Ewunonu Toochi

    2014-11-01

    Full Text Available A Microcontroller based Intrusion Detection System is designed and implemented. Rampant, Okintrusion to restricted zones have highlighted the need for embedded systems that can effectively monitor, instantly alert personnel of any breach in security and retrieve graphic evidence of any such activity in the secured area. At the heart of the intrusion detection system is the PIC 168F77A Microcontroller that transmits pulses at 38 KHz. It is suitably interfaced to a GSM modem that can send SMS on sight of infringement and a webcam that can take snapshots. The report also presents the system software which has been developed in two parts: one in C++ Language using MPLAB KIT and the other written in AT COMMAND resident in the GSM modem. The system is very cost-effective, uses easily available components and is adaptable to control systems.

  1. Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

    Tran, Tich Phuoc; Tran, Dat; Nguyen, Cuong Duc

    2009-01-01

    This article applies Machine Learning techniques to solve Intrusion Detection problems within computer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspace Probabilistic Neural Network (BSPNN), which integrates an adaptive boosting technique and a semi parametric neural network to obtain good tradeoff between accuracy and generality. As the result, learning bias and generalization variance can be significantly minimized. Substantial experiments on KDD 99 intrusion benchmark indicate that our model outperforms other state of the art learning algorithms, with significantly improved detection accuracy, minimal false alarms and relatively small computational complexity.

  2. Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

    Tich Phuoc Tran

    2009-10-01

    Full Text Available This article applies Machine Learning techniques to solve Intrusion Detection problems withincomputer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspace Probabilistic Neural Network (BSPNN, which integrates an adaptive boosting technique and a semi-parametric neural network to obtain good trade-off between accuracy and generality. As the result, learning bias and generalization variance can be significantly minimized. Substantial experiments on KDD-99 intrusion benchmark indicate that our model outperforms other state-of-the-art learning algorithms, with significantly improved detection accuracy, minimal false alarms and relatively small computational complexity.

  3. An Intrusion Detection System Framework for Ad Hoc Networks

    Arjun Singh; Surbhi Chauhan; Kamal Kant; Reshma Doknaia

    2012-01-01

    Secure and efficient communication among a set of mobile nodes is one of the most important aspects in ad-hoc wireless networks. Wireless networks are particularly vulnerable to intrusion, as they operate in open medium, and use cooperative strategies for network communications. By efficiently merging audit data from multiple network sensors, we analyze the entire ad hoc wireless network for intrusions and try to inhibit intrusion attempts. This paper presents an intrusion detection system fo...

  4. WiFi Miner: An Online Apriori-Infrequent Based Wireless Intrusion System

    Rahman, Ahmedur; Ezeife, C. I.; Aggarwal, A. K.

    Intrusion detection in wireless networks has become a vital part in wireless network security systems with wide spread use of Wireless Local Area Networks (WLAN). Currently, almost all devices are Wi-Fi (Wireless Fidelity) capable and can access WLAN. This paper proposes an Intrusion Detection System, WiFi Miner, which applies an infrequent pattern association rule mining Apriori technique to wireless network packets captured through hardware sensors for purposes of real time detection of intrusive or anomalous packets. Contributions of the proposed system includes effectively adapting an efficient data mining association rule technique to important problem of intrusion detection in a wireless network environment using hardware sensors, providing a solution that eliminates the need for hard-to-obtain training data in this environment, providing increased intrusion detection rate and reduction of false alarms.

  5. Research on IPv6 intrusion detection system Snort-based

    Shen, Zihao; Wang, Hui

    2010-07-01

    This paper introduces the common intrusion detection technologies, discusses the work flow of Snort intrusion detection system, and analyzes IPv6 data packet encapsulation and protocol decoding technology. We propose the expanding Snort architecture to support IPv6 intrusion detection in accordance with CIDF standard combined with protocol analysis technology and pattern matching technology, and present its composition. The research indicates that the expanding Snort system can effectively detect various intrusion attacks; it is high in detection efficiency and detection accuracy and reduces false alarm and omission report, which effectively solves the problem of IPv6 intrusion detection.

  6. Multi-Vector Portable Intrusion Detection System

    Moyers, Benjamin

    2009-01-01

    This research describes an intrusion detection system designed to fulfill the need for increased mobile device security. The Battery-Sensing Intrusion Protection System (B-SIPS) [1] initially took a non-conventional approach to intrusion detection by recognizing attacks based on anomalous Instantaneous Current (IC) drainage. An extension of B-SIPS, the Multi-Vector Portable Intrusion Detection System (MVP-IDS) validates the idea of recognizing attacks based on anomalous IC drain by correlat...

  7. Coupling of hydrogeological models with hydrogeophysical data to characterize seawater intrusion and shallow geothermal systems

    Beaujean, J.; Kemna, A.; Engesgaard, P. K.; Hermans, T.; Vandenbohede, A.; Nguyen, F.

    2013-12-01

    While coastal aquifers are being stressed due to climate changes and excessive groundwater withdrawals require characterizing efficiently seawater intrusion (SWI) dynamics, production of geothermal energy is increasingly being used to hinder global warming. To study these issues, we need both robust measuring technologies and reliable predictions based on numerical models. SWI models are currently calibrated using borehole observations. Similarly, geothermal models depend mainly on the temperature field at few locations. Electrical resistivity tomography (ERT) can be used to improve these models given its high sensitivity to TDS and temperature and its relatively high lateral resolution. Inherent geophysical limitations, such as the resolution loss, can affect the overall quality of the ERT images and also prevent the correct recovery of the desired hydrochemical property. We present an uncoupled and coupled hydrogeophysical inversion to calibrate SWI and thermohydrogeologic models using ERT. In the SWI models, we demonstrate with two synthetic benchmarks (homogeneous and heterogeneous coastal aquifers) the ability of cumulative sensitivity-filtered ERT images using surface-only data to recover the hydraulic conductivity. Filtering of ERT-derived data at depth, where resolution is poorer, and the model errors make the dispersivity more difficult to estimate. In the coupled approach, we showed that parameter estimation is significantly improved because regularization bias is replaced by forward modeling only. Our efforts are currently focusing on applying the uncoupled/coupled approaches on a real life case study using field data from the site of Almeria, SE Spain. In the thermohydrogeologic models, the most sensitive hydrologic parameters responsible for heat transport are estimated from surface ERT-derived temperatures and ERT resistance data. A real life geothermal experiment that took place on the Campus De Sterre of Ghent University, Belgium and a synthetic

  8. Evaluation of Intrusion Detection Systems

    Ulvila, Jacob W.; Gaffney, John E.

    2003-01-01

    This paper presents a comprehensive method for evaluating intrusion detection systems (IDSs). It integrates and extends ROC (receiver operating characteristic) and cost analysis methods to provide an expected cost metric. Results are given for determining the optimal operation of an IDS based on this expected cost metric. Results are given for the operation of a single IDS and for a combination of two IDSs. The method is illustrated for: 1) determining the best operating point for a single an...

  9. Intrusion Detection System: Security Monitoring System

    ShabnamNoorani,; Sharmila Gaikwad Rathod

    2015-01-01

    An intrusion detection system (IDS) is an ad hoc security solution to protect flawed computer systems. It works like a burglar alarm that goes off if someone tampers with or manages to get past other security mechanisms such as authentication mechanisms and firewalls. An Intrusion Detection System (IDS) is a device or a software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.Intrusio...

  10. Network Intrusion Detection System Based On Machine Learning Algorithms

    Vipin Das; Vijaya Pathak; Sattvik Sharma; Sreevathsan; MVVNS.Srikanth; Gireesh Kumar T

    2010-01-01

    Network and system security is of paramount importance in the present data communication environment. Hackers and intruders can create many successful attempts to cause the crash of the networks and web services by unauthorized intrusion. New threats and associated solutions to prevent these threats are emerging together with the secured system evolution. Intrusion Detection Systems (IDS) are one of these solutions. The main function of Intrusion Detection System is to protect the resources f...

  11. Averaging analysis for discrete time and sampled data adaptive systems

    Fu, Li-Chen; Bai, Er-Wei; Sastry, Shankar S.

    1986-01-01

    Earlier continuous time averaging theorems are extended to the nonlinear discrete time case. Theorems for the study of the convergence analysis of discrete time adaptive identification and control systems are used. Instability theorems are also derived and used for the study of robust stability and instability of adaptive control schemes applied to sampled data systems. As a by product, the effects of sampling on unmodeled dynamics in continuous time systems are also studied.

  12. Smart sensor systems for outdoor intrusion detection

    A major improvement in outdoor perimeter security system probability of detection (PD) and reduction in false alarm rate (FAR) and nuisance alarm rate (NAR) may be obtained by analyzing the indications immediately preceding an event which might be interpreted as an intrusion. Existing systems go into alarm after crossing a threshold. Very slow changes, which accumulate until the threshold is reached, may be assessed falsely as an intrusion. A hierarchial program has begun at Stellar to develop a modular, expandable Smart Sensor system which may be interfaced to most types of sensor and alarm reporting systems. A major upgrade to the SSI Test Site is in progress so that intrusions may be simulated in a controlled and repeatable manner. A test platform is being constructed which will operate in conduction with a mobile instrumentation center with CCTVB, lighting control, weather and data monitoring and remote control of the test platform and intrusion simulators. Additional testing was contracted with an independent test facility to assess the effects of severe winter weather conditions

  13. An Implementation of Intrusion Detection System Using Genetic Algorithm

    Mohammad Sazzadul Hoque; Md. Abdul Mukit; Md. Abu Naser Bikas

    2012-01-01

    Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not co...

  14. An Implementation of Intrusion Detection System Using Genetic Algorithm

    Hoque, Mohammad Sazzadul; Mukit, Md. Abdul; Bikas, Md. Abu Naser

    2012-01-01

    Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not com...

  15. A Survey on Intrusion Detection using Data Mining Techniques

    Venkatesan, R

    2012-01-01

    Intrusions are the activities that violate the security policy of system. Intrusion Detection is the process used to identify intrusions. Network security is to be considered as a major issue in recent years, since the computer network keeps on extending dramatically. Information Systems and Networks are subject to electronic attacks and the possibilities of intrusion are very high.  An Intrusion Detection System (IDS) is a system for detecting intrusions and reporting to the authority or to ...

  16. Classification and Importance of Intrusion Detection System

    Rajasekaran K

    2012-08-01

    Full Text Available An intrusion detection system (IDS is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. Due to a growing number of intrusion events and also because the Internet and local networks have become so ubiquitous, organizations are increasingly implementing various systems that monitor IT security breaches. This includes an overview of the classification of intrusion detection systems and introduces the reader to some fundamental concepts of IDS methodology: audit trail analysis and on-the-fly processing as well as anomaly detection and signature detection approaches. This research paper discusses the primary intrusion detection techniques and the classification of intrusion Detection system.

  17. Intrusion Detection System: Security Monitoring System

    ShabnamNoorani,

    2015-10-01

    Full Text Available An intrusion detection system (IDS is an ad hoc security solution to protect flawed computer systems. It works like a burglar alarm that goes off if someone tampers with or manages to get past other security mechanisms such as authentication mechanisms and firewalls. An Intrusion Detection System (IDS is a device or a software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.Intrusion Detection System (IDS has been used as a vital instrument in defending the network from this malicious or abnormal activity..In this paper we are comparing host based and network based IDS and various types of attacks possible on IDS.

  18. Implementation of an Intrusion Detection System

    Saidi Ben Boubaker Ourida

    2012-01-01

    Securing networks and data is among interesting issues of computer science research and practice. Many approaches and techniques have been developed to secure computer architectures, they addressed several layers, e.g, physical security, applications and encryption algorithms, etc. In this paper, we address the problem of securing large networks with complex architectures, based on intrusion detection systems. Based on the experimentations performed, we demonstrated the efficiency of our solu...

  19. Performance Enhancement of Intrusion Detection using Neuro - Fuzzy Intelligent System

    Dr. K. S. Anil Kumar

    2014-10-01

    Full Text Available This research work aims at developing hybrid algorithms using data mining techniques for the effective enhancement of anomaly intrusion detection performance. Many proposed algorithms have not addressed their reliability with varying amount of malicious activity or their adaptability for real time use. The study incorporates a theoretical basis for improvement in performance of IDS using K-medoids Algorithm, Fuzzy Set Algorithm, Fuzzy Rule System and Neural Network techniques. Also statistical significance of estimates has been looked into for finalizing the best one using DARPA network traffic datasets.

  20. Testing Of Network Intrusion Detection System

    Jagadeep Vegunta

    2011-11-01

    Full Text Available Network based intrusion detection system use the models of attacks to identify intrusive behavior ability of systems to detect attacks by quality of models which are called signatures. Some attacks exploits in different ways. For this reason we use testing tools that able to detect goodness of signatures. This technique describes test and evaluate misuse detection models in the case of network-based intrusion detection systems. we use Mutant Exploits are working against vulnerability applications. This mutant exploit is based on mechanism to generate large no. of exploit by applying mutant operators. The results of the systems in detecting these variations pro-vide a quantitative basis for the evaluation of the quality of the corresponding detection model. but here we are going to find defects of this testing and is this test will provide 100% security for this system (or not. and also which technique gives much security among these techniques fuzzy logic, neural networks, hybrid fuzzy and neural networks, naïve bayes, genetic algorithms and data mining.

  1. An Implementation of Intrusion Detection System Using Genetic Algorithm

    Mohammad Sazzadul Hoque

    2012-03-01

    Full Text Available Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion Detection System (IDS, by applying genetic algorithm (GA to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99 benchmark dataset and obtained reasonable detection rate.

  2. Abstracting audit data for lightweight intrusion detection

    Wang, Wei

    2010-01-01

    High speed of processing massive audit data is crucial for an anomaly Intrusion Detection System (IDS) to achieve real-time performance during the detection. Abstracting audit data is a potential solution to improve the efficiency of data processing. In this work, we propose two strategies of data abstraction in order to build a lightweight detection model. The first strategy is exemplar extraction and the second is attribute abstraction. Two clustering algorithms, Affinity Propagation (AP) as well as traditional k-means, are employed to extract the exemplars, and Principal Component Analysis (PCA) is employed to abstract important attributes (a.k.a. features) from the audit data. Real HTTP traffic data collected in our institute as well as KDD 1999 data are used to validate the two strategies of data abstraction. The extensive test results show that the process of exemplar extraction significantly improves the detection efficiency and has a better detection performance than PCA in data abstraction. © 2010 Springer-Verlag.

  3. Intrusion-Tolerant Based Survivable Model of Database System

    ZHUJianming; WANGChao; MAJianfeng

    2005-01-01

    Survivability has become increasingly important with society's increased dependence of critical infrastructures on computers. Intrusiontolerant systems extend traditional secure systems to be able to survive or operate through attacks, thus it is an approach for achieving survivability. This paper proposes survivable model of database system based on intrusion-tolerant mechanisms. The model is built on three layers security architecture, to defense intrusion at the outer layer, to detect intrusion at the middle layer, and to tolerate intrusion at the inner layer. We utilize the techniques of both redundancy and diversity and threshold secret sharing schemes to implement the survivability of database and to protect confidential data from compromised servers in the presence of intrusions. Comparing with the existing schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple security measures.

  4. A Survey of Intrusion Detection System in Big Data%大数据环境下入侵检测系统概述

    葛钊成; 彭凯

    2016-01-01

    入侵检测系统(Intrusion Detection System, IDS)为网络空间安全做出重大贡献。然而随着大数据时代的到来,IDS 暴露出效率低下、理念落后等系统性不足。本文结合大数据特征及传统 IDS 技术的不足,针对性地概述了分布式入侵检测系统(Districted Intrusion Detection System, DIDS),并在基本概念、系统分类和性能特点等方面对其做出重点解释。最后从深度学习、广度融合等角度展望了入侵检测技术的未来发展。%Intrusion detection system has made a great contribution for cyberspace security. However, with the approach of the age of big data, IDS has exposed certain structural defects, such as inefficiency and conservative ideas. Combining with the characteristic of big data and traditional IDS techniques, this paper provides a survey of distributed intrusion detection system (DIDS) and makes detailed explanations on concepts, classifications and performance. The paper also prospects the development of IDS from the perspective of deep learning, extensive integration, etc.

  5. DESIGN AND IMPLEMENTATION OF A REAL TIME INTRUSION DETECTION SYSTEM

    ARICI, Nursal; YILDIZ, Elmas

    2010-01-01

    Intrusion detection systems also takes place among the enhanced security policies by coming into prominence of knowledge day by day. Intrusion Detection Systems are security systems that detect attacks on computer systems and network sources, identify from whom attacks comes, recognize abnormal situtations by monitoring system and aim to take precautions against them. Detection of abnormal situations takes place in issue of data mining. DoS attacks are used to block access to a resource an...

  6. Simulating spatial adaption of groundwater pumping on seawater intrusion in coastal regions

    Grundmann, Jens; Ladwig, Robert; Schütze, Niels; Walther, Marc

    2016-04-01

    Coastal aquifer systems are used intensively to meet the growing demands for water in those regions. They are especially at risk for the intrusion of seawater due to aquifer overpumping, limited groundwater replenishment and unsustainable groundwater management which in turn also impacts the social and economical development of coastal regions. One example is the Al-Batinah coastal plain in northern Oman where irrigated agriculture is practiced by lots of small scaled farms in different distances from the sea, each of them pumping their water from coastal aquifer. Due to continuous overpumping and progressing saltwater intrusion farms near the coast had to close since water for irrigation got too saline. For investigating appropriate management options numerical density dependent groundwater modelling is required which should also portray the adaption of groundwater abstraction schemes on the water quality. For addressing this challenge a moving inner boundary condition is implemented in the numerical density dependent groundwater model which adjusts the locations for groundwater abstraction according to the position of the seawater intrusion front controlled by thresholds of relative chloride concentration. The adaption process is repeated for each management cycle within transient model simulations and allows for considering feedbacks with the consumers e.g. the agriculture by moving agricultural farms more inland or towards the sea if more fertile soils at the coast could be recovered. For finding optimal water management strategies efficiently, the behaviour of the numerical groundwater model for different extraction and replenishment scenarios is approximated by an artificial neural network using a novel approach for state space surrogate model development. Afterwards the derived surrogate is coupled with an agriculture module within a simulation based water management optimisation framework to achieve optimal cropping pattern and water abstraction schemes

  7. Intrusion Detection Systems in Wireless Sensor Networks: A Review

    Nabil Ali Alrajeh; Khan, S.; Bilal Shams

    2013-01-01

    Wireless Sensor Networks (WSNs) consist of sensor nodes deployed in a manner to collect information about surrounding environment. Their distributed nature, multihop data forwarding, and open wireless medium are the factors that make WSNs highly vulnerable to security attacks at various levels. Intrusion Detection Systems (IDSs) can play an important role in detecting and preventing security attacks. This paper presents current Intrusion Detection Systems and some open research problems relat...

  8. NETWORK INTRUSION DETECTION SYSTEM USING FUZZY LOGIC

    R. Shanmugavadivu

    2011-02-01

    Full Text Available IDS which are increasingly a key part of system defense are used to identify abnormal activities in a computer system. In general, the traditional intrusion detection relies on the extensive knowledge of security experts, in particular, on their familiarity with the computer system to be protected. To reduce this dependence, variousdata-mining and machine learning techniques have been used in the literature. In the proposed system, we have designed fuzzy logic-based system for effectively identifying the intrusion activities within a network. The proposed fuzzy logic-based system can be able to detect an intrusion behavior of the networks since the rule base contains a better set of rules. Here, we have used automated strategy for generation of fuzzy rules, which are obtained from the definite rules using frequent items. The experiments and evaluations of the proposed intrusion detection system are performed with the KDD Cup 99 intrusion detection dataset. The experimentalresults clearly show that the proposed system achieved higher precision in identifying whether the records are normal or attack one.

  9. Fast and Adaptive Lossless Onboard Hyperspectral Data Compression System

    Aranki, Nazeeh I.; Keymeulen, Didier; Kimesh, Matthew A.

    2012-01-01

    Modern hyperspectral imaging systems are able to acquire far more data than can be downlinked from a spacecraft. Onboard data compression helps to alleviate this problem, but requires a system capable of power efficiency and high throughput. Software solutions have limited throughput performance and are power-hungry. Dedicated hardware solutions can provide both high throughput and power efficiency, while taking the load off of the main processor. Thus a hardware compression system was developed. The implementation uses a field-programmable gate array (FPGA). The implementation is based on the fast lossless (FL) compression algorithm reported in Fast Lossless Compression of Multispectral-Image Data (NPO-42517), NASA Tech Briefs, Vol. 30, No. 8 (August 2006), page 26, which achieves excellent compression performance and has low complexity. This algorithm performs predictive compression using an adaptive filtering method, and uses adaptive Golomb coding. The implementation also packetizes the coded data. The FL algorithm is well suited for implementation in hardware. In the FPGA implementation, one sample is compressed every clock cycle, which makes for a fast and practical realtime solution for space applications. Benefits of this implementation are: 1) The underlying algorithm achieves a combination of low complexity and compression effectiveness that exceeds that of techniques currently in use. 2) The algorithm requires no training data or other specific information about the nature of the spectral bands for a fixed instrument dynamic range. 3) Hardware acceleration provides a throughput improvement of 10 to 100 times vs. the software implementation. A prototype of the compressor is available in software, but it runs at a speed that does not meet spacecraft requirements. The hardware implementation targets the Xilinx Virtex IV FPGAs, and makes the use of this compressor practical for Earth satellites as well as beyond-Earth missions with hyperspectral instruments.

  10. Effectiveness of Intrusion Prevention Systems (IPS) in Fast Networks

    Shafi, Muhammad Imran; Hayat, Sikandar; Sohail, Imran

    2010-01-01

    Computer systems are facing biggest threat in the form of malicious data which causing denial of service, information theft, financial and credibility loss etc. No defense technique has been proved successful in handling these threats. Intrusion Detection and Prevention Systems (IDPSs) being best of available solutions. These techniques are getting more and more attention. Although Intrusion Prevention Systems (IPSs) show a good level of success in detecting and preventing intrusion attempts to networks, they show a visible deficiency in their performance when they are employed on fast networks. In this paper we have presented a design including quantitative and qualitative methods to identify improvement areas in IPSs. Focus group is used for qualitative analysis and experiment is used for quantitative analysis. This paper also describes how to reduce the responding time for IPS when an intrusion occurs on network, and how can IPS be made to perform its tasks successfully without effecting network speed nega...

  11. Intrusion Detection Approach Using Connectionist Expert System

    MA Rui; LIU Yu-shu; DU Yan-hui

    2005-01-01

    In order to improve the detection efficiency of rule-based expert systems, an intrusion detection approach using connectionist expert system is proposed. The approach converts the AND/OR nodes into the corresponding neurons, adopts the three-layered feed forward network with full interconnection between layers,translates the feature values into the continuous values belong to the interval [0, 1 ], shows the confidence degree about intrusion detection rules using the weight values of the neural networks and makes uncertain inference with sigmoid function. Compared with the rule-based expert system, the neural network expert system improves the inference efficiency.

  12. Integrating Innate and Adaptive Immunity for Intrusion Detection

    Tedesco, Gianni; Aickelin, Uwe

    2010-01-01

    Network Intrusion Detection Systems (NDIS) monitor a network with the aim of discerning malicious from benign activity on that network. While a wide range of approaches have met varying levels of success, most IDS's rely on having access to a database of known attack signatures which are written by security experts. Nowadays, in order to solve problems with false positive alters, correlation algorithms are used to add additional structure to sequences of IDS alerts. However, such techniques are of no help in discovering novel attacks or variations of known attacks, something the human immune system (HIS) is capable of doing in its own specialised domain. This paper presents a novel immune algorithm for application to an intrusion detection problem. The goal is to discover packets containing novel variations of attacks covered by an existing signature base.

  13. An Isolation Intrusion Detection System for Hierarchical Wireless Sensor Networks

    Rung-Ching Chen

    2010-03-01

    Full Text Available Normal 0 0 2 false false false MicrosoftInternetExplorer4 A wireless sensor network (WSN is a wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor environmental conditions, such as battlefield data and personal health information, and some environment limited resources. To avoid malicious damage is important while information is transmitted in wireless network. Thus, Wireless Intrusion Detection Systems are crucial to safe operation in wireless sensor networks. Wireless networks are subject to very different types of attacks compare to wired networks. In this paper, we propose an isolation table to detect intrusion by hierarchical wireless sensor networks and to estimate the effect of intrusion detection. The primary experiment proves that isolation table intrusion detection can prevent attacks effectively.

  14. Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

    Tich Phuoc Tran; Longbing Cao; Dat Tran; Cuong Duc Nguyen

    2009-01-01

    This article applies Machine Learning techniques to solve Intrusion Detection problems withincomputer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspac...

  15. An overview to Software Architecture in Intrusion Detection System

    Bahrami, Mehdi

    2012-01-01

    Network intrusion detection systems provide proactive defense against security threats by detecting and blocking attack-related traffic. This task can be highly complex, and therefore, software based network intrusion detection systems have difficulty in handling high speed links. This paper reviews of many type of software architecture in intrusion detection systems and describes the design and implementation of a high-performance network intrusion detection system that combines the use of software-based network intrusion detection sensors and a network processor board. The network processor acts as a customized load balancing splitter that cooperates with a set of modified content-based network intrusion detection sensors in processing network traffic.

  16. Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method

    DR.K.KUPPUSAMY

    2010-12-01

    Full Text Available This paper is deliberate to provide a model for “Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method ” , It describes the state’s overall requirements regarding the acquisition and implementation of intrusion prevention and detection systems with intelligence (IIPS/IIDS. This is designed to provide a deeper understanding of intrusion prevention and detection principles with intelligence may be responsible for acquiring, implementing or monitoring such systems in understanding the technology and strategies available.With the need for evolution, if not revolution, of current network architectures and the Internet, autonomous and spontaneous management will be a key feature of future networks and information systems. In this context, security is an essential property. It must be thought at the early stage of conception of these systems and designed to be also autonomous and spontaneous.Future networks and systems must be able to automatically configure themselves with respect to their security policies. The security policy specification must be dynamic and adapt itself to the changing environment. Those networks and systems should interoperate securely when their respective security policies are heterogeneous and possibly conflicting. They must be able to autonomously evaluate the impact of an intrusion in order to spontaneously select the appropriate and relevant response when a given intrusion is detected.Autonomous and spontaneous security is a major requirement of future networks and systems. Of course, it is crucial to address this issue in different wireless and mobile technologies available today such as RFID,Wifi, Wimax, 3G, etc. Other technologies such as ad hoc and sensor networks, which introduce new type of services, also share similar requirements for an autonomous and spontaneous management of security.Intelligence Intrusion Prevention Systems (IIPS are designed to aid in preventing the

  17. Mining Association Rules to Evade Network Intrusion in Network Audit Data

    Kamini Nalavade; B. B. Meshram

    2014-01-01

    With the growth of hacking and exploiting tools and invention of new ways of intrusion, intrusion detection and prevention is becoming the major challenge in the world of network security. The increasing network traffic and data on Internet is making this task more demanding. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. The false positive rates make it extremely hard to analyse and react to attacks...

  18. A Review of Intrusion Detection Technique by Soft Computing and Data Mining Approach

    Aditya Shrivastava

    2013-09-01

    Full Text Available The growth of internet technology spread a large amount of data communication. The communication of data compromised network threats and security issues. The network threats and security issues raised a problem of data integrity and loss of data. For the purpose of data integrity and loss of data before 20 year Anderson developed a model of intrusion detection system. Initially intrusion detection system work on process of satirical frequency of audit system logs. Latter on this system improved by various researchers and apply some other approach such as data mining technique, neural network and expert system. Now in current research trend of intrusion detection system used soft computing approach such as fuzzy logic, genetic algorithm and machine learning. In this paper discuss some method of data mining and soft computing for the purpose of intrusion detection. Here used KDDCUP99 dataset used for performance evaluation for this technique.

  19. Neural Network Based Intrusion Detection System for Critical Infrastructures

    Todd Vollmer; Ondrej Linda; Milos Manic

    2009-07-01

    Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

  20. Perimeter intrusion detection and assessment system

    To obtain an effective perimeter intrusion detection system requires careful sensor selection, procurement, and installation. The selection process involves a thorough understanding of the unique site features and how these features affect the performance of each type of sensor. It is necessary to develop procurement specifications to establish acceptable sensor performance limits. Careful explanation and inspection of critical installation dimensions is required during on-site construction. The implementation of these activities at a particular site is discussed

  1. A network-based realtime intrusion detection system

    The author first reviews the background of Intrusion Detection (ID), then discusses the models and classifications of Intrusion Detection System (IDS). After detail the basic concepts to realize network-based realtime IDS, the analysis of authors' work are presented

  2. An adaptive neural swarm approach for intrusion defense in ad hoc networks

    Cannady, James

    2011-06-01

    Wireless sensor networks (WSN) and mobile ad hoc networks (MANET) are being increasingly deployed in critical applications due to the flexibility and extensibility of the technology. While these networks possess numerous advantages over traditional wireless systems in dynamic environments they are still vulnerable to many of the same types of host-based and distributed attacks common to those systems. Unfortunately, the limited power and bandwidth available in WSNs and MANETs, combined with the dynamic connectivity that is a defining characteristic of the technology, makes it extremely difficult to utilize traditional intrusion detection techniques. This paper describes an approach to accurately and efficiently detect potentially damaging activity in WSNs and MANETs. It enables the network as a whole to recognize attacks, anomalies, and potential vulnerabilities in a distributive manner that reflects the autonomic processes of biological systems. Each component of the network recognizes activity in its local environment and then contributes to the overall situational awareness of the entire system. The approach utilizes agent-based swarm intelligence to adaptively identify potential data sources on each node and on adjacent nodes throughout the network. The swarm agents then self-organize into modular neural networks that utilize a reinforcement learning algorithm to identify relevant behavior patterns in the data without supervision. Once the modular neural networks have established interconnectivity both locally and with neighboring nodes the analysis of events within the network can be conducted collectively in real-time. The approach has been shown to be extremely effective in identifying distributed network attacks.

  3. Mining Association Rules to Evade Network Intrusion in Network Audit Data

    Kamini Nalavade

    2014-06-01

    Full Text Available With the growth of hacking and exploiting tools and invention of new ways of intrusion, intrusion detection and prevention is becoming the major challenge in the world of network security. The increasing network traffic and data on Internet is making this task more demanding. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. The false positive rates make it extremely hard to analyse and react to attacks. Intrusion detection systems using data mining approaches make it possible to search patterns and rules in large amount of audit data. In this paper, we represent a model to integrate association rules to intrusion detection to design and implement a network intrusion detection system. Our technique is used to generate attack rules that will detect the attacks in network audit data using anomaly detection. This shows that the modified association rules algorithm is capable of detecting network intrusions. The KDD dataset which is freely available online is used for our experimentation and results are compared. Our intrusion detection system using association rule mining is able to generate attack rules that will detect the attacks in network audit data using anomaly detection, while maintaining a low false positive rate.

  4. Network Intrusion Detection System Based On Machine Learning Algorithms

    Vipin Das

    2010-12-01

    Full Text Available Network and system security is of paramount importance in the present data communication environment. Hackers and intruders can create many successful attempts to cause the crash of the networks and web services by unauthorized intrusion. New threats and associated solutions to prevent these threats are emerging together with the secured system evolution. Intrusion Detection Systems (IDS are one of these solutions. The main function of Intrusion Detection System is to protect the resources from threats. It analyzes and predicts the behaviours of users, and then these behaviours will be considered an attack or a normal behaviour. We use Rough Set Theory (RST and Support Vector Machine (SVM to detect network intrusions. First, packets are captured from the network, RST is used to pre-process the data and reduce the dimensions. The features selected by RST will be sent to SVM model to learn and test respectively. The method is effective to decrease the space density of data. The experiments compare the results with Principal Component Analysis (PCA and show RST and SVM schema could reduce the false positive rate and increase the accuracy.

  5. Intrusion Detection Systems in Wireless Sensor Networks

    Vijay Kumar Mallarapu

    2012-01-01

    Full Text Available Wireless Sensor Networks (WSNs are a new technology foreseen to be used increasingly in the near future due to their data acquisition and data processing abilities. Security for WSNs is an area that needs to be considered in order to protect the functionality of these networks, the data they convey and the location of their members. The security models & protocols used in wired and other networks are not suited to WSNs because of their severe resource constrictions. In this paper, we describe various threats to WSN and then examine existing approaches to identify these threats. Finally, we propose an intrusion detection mechanism based on these existing approaches to identifying threats.

  6. Data Mining in Intrusion Detection: A Comparative Study of Methods, Types and Data Sets

    Chandrashekhar Azad

    2013-07-01

    Full Text Available In the era of information and communication technology, Security is an important issue. A lot of effort and finance are being invested in this sector. Intrusion detection is one of the most prominent fields in this area. Data mining in network intrusion detection can automate the network intrusion detection field with a greater efficiency. This paper presents a literature survey on intrusion detection system. The research papers taken in this literature survey are published from 2000 to 2012. We can see that almost 67 % of the research papers are focused on anomaly detection, 23 % on both anomaly and misuse detection and 10 % on misuse detection. In this literature survey statistics shows that 42 % KDD cup dataset, 20 % DARPA dataset and 38 % other datasets are used by the different researchers for testing the effectiveness of their proposed method for misuse detection, anomaly detection or both.

  7. Non-intrusive Quality Analysis of Monitoring Data

    Brightwell, M; Suwalska, Anna

    2010-01-01

    Any large-scale operational system running over a variety of devices requires a monitoring mechanism to assess the health of the overall system. The Technical Infrastructure Monitoring System (TIM) at CERN is one such system, and monitors a wide variety of devices and their properties, such as electricity supplies, device temperatures, liquid flows etc. Without adequate quality assurance, the data collected from such devices leads to false-positives and false-negatives, reducing the effectiveness of the monitoring system. The quality must, however, be measured in a non-intrusive way, so that the critical path of the data flow is not affected by the quality computation. The quality computation should also scale to large volumes of incoming data. To address these challenges, we develop a new statistical module, which monitors the data collected by TIM and reports its quality to the operators. The statistical module uses Oracle RDBMS as the underlying store, and builds hierarchical summaries on the basic events ...

  8. Less is More: Data Processing with SVM for Intrusion Detection

    XIAO Hai-jun; HONG Fan; WANG Ling

    2009-01-01

    To improve the detection rate and lower down the false positive rate in intrusion detection system,dimensionality reduction is widely used in the intrusion detection system.For this purpose,a data processing (DP) with support vector machine (SVM) was built.Different from traditionally identifying the redundant data before purging the audit data by expert knowledge or utilizing different kinds of subsets of the available 41-connection attributes to build a classifier,the proposed strategy first removes the attributes whose correlation with another attribute exceeds a threshold,and then classifies two sequence samples as one class while removing either of the two samples whose similarity exceeds a threshold.The results of performance experiments showed that the strategy of DP and SVM is superior to the other existing data reduction strategies (e.g.,audit reduction,rule extraction,and feature selection),and that the detection model based on DP and SVM outperforms those based on data mining,soft computing,and hierarchical principal component analysis neural networks.

  9. An adaptive semantic based mediation system for data interoperability among Health Information Systems.

    Khan, Wajahat Ali; Khattak, Asad Masood; Hussain, Maqbool; Amin, Muhammad Bilal; Afzal, Muhammad; Nugent, Christopher; Lee, Sungyoung

    2014-08-01

    Heterogeneity in the management of the complex medical data, obstructs the attainment of data level interoperability among Health Information Systems (HIS). This diversity is dependent on the compliance of HISs with different healthcare standards. Its solution demands a mediation system for the accurate interpretation of data in different heterogeneous formats for achieving data interoperability. We propose an adaptive AdapteR Interoperability ENgine mediation system called ARIEN, that arbitrates between HISs compliant to different healthcare standards for accurate and seamless information exchange to achieve data interoperability. ARIEN stores the semantic mapping information between different standards in the Mediation Bridge Ontology (MBO) using ontology matching techniques. These mappings are provided by our System for Parallel Heterogeneity (SPHeRe) matching system and Personalized-Detailed Clinical Model (P-DCM) approach to guarantee accuracy of mappings. The realization of the effectiveness of the mappings stored in the MBO is evaluation of the accuracy in transformation process among different standard formats. We evaluated our proposed system with the transformation process of medical records between Clinical Document Architecture (CDA) and Virtual Medical Record (vMR) standards. The transformation process achieved over 90 % of accuracy level in conversion process between CDA and vMR standards using pattern oriented approach from the MBO. The proposed mediation system improves the overall communication process between HISs. It provides an accurate and seamless medical information exchange to ensure data interoperability and timely healthcare services to patients. PMID:24964780

  10. Detection and Protection Against Intrusions on Smart Grid Systems

    Ata Arvani

    2015-05-01

    Full Text Available The wide area monitoring of power systems is implemented at a central control center to coordinate the actions of local controllers. Phasor measurement units (PMUs are used for the collection of data in real time for the smart grid energy systems. Intrusion detection and cyber security of network are important requirements for maintaining the integrity of wide area monitoring systems. The intrusion detection methods analyze the measurement data to detect any possible cyber attacks on the operation of smart grid systems. In this paper, the model-based and signal-based intrusion detection methods are investigated to detect the presence of malicious data. The chi-square test and discrete wavelet transform (DWT have been used for anomaly-based detection. The false data injection attack (FDIA can be detected using measurement residual. If the measurement residual is larger than expected detection threshold, then an alarm is triggered and bad data can be identified. Avoiding such alarms in the residual test is referred to as stealth attack. There are two protection strategies for stealth attack: (1 Select a subset of meters to be protected from the attacker (2 Place secure phasor measurement units in the power grid. An IEEE 14-bus system is simulated using real time digital simulator (RTDS hardware platform for implementing attack and detection schemes.

  11. Method and system for spatial data input, manipulation and distribution via an adaptive wireless transceiver

    Wang, Ray (Inventor)

    2009-01-01

    A method and system for spatial data manipulation input and distribution via an adaptive wireless transceiver. The method and system include a wireless transceiver for automatically and adaptively controlling wireless transmissions using a Waveform-DNA method. The wireless transceiver can operate simultaneously over both the short and long distances. The wireless transceiver is automatically adaptive and wireless devices can send and receive wireless digital and analog data from various sources rapidly in real-time via available networks and network services.

  12. Data Reduction in Intrusion Alert Correlation

    Gianni, Tedesco

    2008-01-01

    Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the task of automating some of this analysis by grouping related alerts together. Attack graphs provide an intuitive model for such analysis. Unfortunately alert flooding attacks can still cause a loss of service on sensors, and when performing attack graph correlation, there can be a large number of extraneous alerts included in the output graph. This obscures the fine structure of genuine attacks and makes them more difficult for human operators to discern. This paper explores modified correlation algorithms which attempt to minimize the impact of this attack.

  13. A Bayesian Networks in Intrusion Detection Systems

    M. Mehdi

    2007-01-01

    Full Text Available Intrusion detection systems (IDSs have been widely used to overcome security threats in computer networks. Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behaviour which may result in a large number of false alarms caused by incorrect classification of events in current systems. We propose a new approach of an anomaly Intrusion detection system (IDS. It consists of building a reference behaviour model and the use of a Bayesian classification procedure associated to unsupervised learning algorithm to evaluate the deviation between current and reference behaviour. Continuous re-estimation of model parameters allows for real time operation. The use of recursive Log-likelihood and entropy estimation as a measure for monitoring model degradation related with behavior changes and the associated model update show that the accuracy of the event classification process is significantly improved using our proposed approach for reducing the missing-alarm.

  14. Intrusion Detection System in Wireless Sensor Networks: A Review

    Anush Ananthakumar; Tanmay Ganediwal; Dr. Ashwini Kunte

    2015-01-01

    The security of wireless sensor networks is a topic that has been studied extensively in the literature. The intrusion detection system is used to detect various attacks occurring on sensor nodes of Wireless Sensor Networks that are placed in various hostile environments. As many innovative and efficient models have emerged in the last decade in this area, we mainly focus our work on Intrusion detection Systems. This paper reviews various intrusion detection systems which can be broadly class...

  15. Groundwater intrusion into leaky sewer systems.

    Wittenberg, H; Aksoy, H

    2010-01-01

    Vast volumes of groundwater are drained by urban sewer systems. This unwanted flow component intrudes into sewer systems through leaky joints or connected house drains. However, unlike urban storm drainage, it has a high seasonal variation corresponding to groundwater storage and long slow recessions similar to baseflow in rivers also fed by shallow groundwater exfiltrating into the surface waters. By applying the nonlinear reservoir algorithm as used for baseflow separation from total flow in a river, groundwater flow is separated from daily measured influents to treatment plants in Lower Saxony and Baden-Württemberg, Germany and in the Terkos Lake watershed near Istanbul, Turkey. While waste water flows vary only moderately within a year, separated intruded groundwater flows show recessions and seasonal variations correlated to baseflow in neighbouring rivers. It is possible to conclude that recession characteristics of treatment plant influents allow quantification and prediction of groundwater intrusion into sewer systems. PMID:20595758

  16. Signature Analysis of UDP Streams for Intrusion Detection using Data Mining Algorithms

    R.Sridevi; Dr.K.Lakshmi

    2010-01-01

    with the increased use of internet for a wide range of activity from simple data search to online commercial transactions, securing the network is extremely important for any organization. Intrusion detection becomes extremely important to secure the network. Conventional techniques for intrusion detection have been successfully deployed, but predictive action can help in protecting the system in the long run. Data mining techniques are being ncreasingly used to study the data streams and go...

  17. RePIDS: a multi tier real-time payload-based intrusion detection system

    Jamdagni, Aruna; Tan, Zhiyuan; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren Ping

    2013-01-01

    Intrusion Detection System (IDS) deals with huge amount of network traffic and uses large feature set to discriminate normal pattern and intrusive pattern. However, most of existing systems lack the ability to process data for real-time anomaly detection. In this paper, we propose a 3-Tier Iterative

  18. A Simulated Multiagent-Based Architecture for Intrusion Detection System

    Onashoga S. Adebukola

    2013-04-01

    Full Text Available In this work, a Multiagent-based architecture for Intrusion Detection System (MIDS is proposed to overcome the shortcoming of current Mobile Agent-based Intrusion Detection System. MIDS is divided into three major phases namely: Data gathering, Detection and the Response phases. The data gathering stage involves data collection based on the features in the distributed system and profiling. The data collection components are distributed on both host and network. Closed Pattern Mining (CPM algorithm is introduced for profiling users’ activities in network database. The CPM algorithm is built on the concept of Frequent Pattern-growth algorithm by mining a prefix-tree called CPM-tree, which contains only the closed itemsets and its associated support count. According to the administrator’s specified thresholds, CPM-tree maintains only closed patterns online and incrementally outputs the current closed frequent pattern of users’ activities in real time. MIDS makes use of mobile and static agents to carry out the functions of intrusion detection. Each of these agents is built with rule-based reasoning to autonomously detect intrusions. Java 1.1.8 is chosen as the implementation language and IBM’s Java based mobile agent framework, Aglet 1.0.3 as the platform for running the mobile and static agents. In order to test the robustness of the system, a real-time simulation is carried out on University of Agriculture, Abeokuta (UNAAB network dataset and the results showed an accuracy of 99.94%, False Positive Rate (FPR of 0.13% and False Negative Rate (FNR of 0.04%. This shows an improved performance of MIDS when compared with other known MA-IDSs.

  19. Intrusion Detection in Computer Networks using a Fuzzy-Heuristic Data Mining Technique

    Hamid Saadi

    2015-12-01

    Full Text Available In this article the use of Simulated Annealing (SA algorithm for creating a consistent intrusion detection system is presented. The ability of fuzzy systems to solve different types of problems has been demonstrated in several previous studies. Simulated Annealing based Fuzzy Intrusion Detection System (SAF-IDS crosses the estimated cognitive method of fuzzy systems with the learning capability of SA. The objective of this paper is to prove the ability of SAF-IDS to deal with intrusion detection classification problem as a new real-world application area which is not previously undertook with SA-based fuzzy system. Here, the use of SA is an effort to efficiently explore and exploit the large examines space usually related with the intrusion detection problem, and finds the optimum set of fuzzy if-then rules. The proposed SAF-IDS would be capable of extracting precise fuzzy classification rules from network traffic data and relates them to detect normal and invasive actions in computer networks. Tests were performed with KDD-Cup99 intrusion detection benchmark which is widely used to calculate intrusion detection algorithms. Results indicate that SAF-IDS provides more accurate intrusion detection system than several well-known and new classification algorithms.

  20. Information adaptive system of NEEDS. [of NASA End to End Data System

    Howle, W. M., Jr.; Kelly, W. L.

    1979-01-01

    The NASA End-to-End Data System (NEEDS) program was initiated by NASA to improve significantly the state of the art in acquisition, processing, and distribution of space-acquired data for the mid-1980s and beyond. The information adaptive system (IAS) is a program element under NEEDS Phase II which addresses sensor specific processing on board the spacecraft. The IAS program is a logical first step toward smart sensors, and IAS developments - particularly the system components and key technology improvements - are applicable to future smart efforts. The paper describes the design goals and functional elements of the IAS. In addition, the schedule for IAS development and demonstration is discussed.

  1. Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method

    DR.K.KUPPUSAMY; S. Murugan

    2010-01-01

    This paper is deliberate to provide a model for “Intelligence Intrusion Detection Prevention Systems using Object Oriented Analysis method ” , It describes the state’s overall requirements regarding the acquisition and implementation of intrusion prevention and detection systems with intelligence (IIPS/IIDS). This is designed to provide a deeper understanding of intrusion prevention and detection principles with intelligence may be responsible for acquiring, implementing or monitoring such sy...

  2. Adaptation of a Data Acquisition System for Monitoring Air Quality and Radioactivity

    the main aim from this work is adapting the data acquisition system for monitoring air quality and radioactivity to save cost, time and effort. the adaptation processes are not only based on rectifying drawbacks but also modifying new features for both systems.these drawbacks are hardware problems and software problems for both systems which cause more operation cost, more operation time and more human effort these new features are modified to achieve the grown user requirements, better performance, more flexibility for customization and better user acceptance the adaptation method is implemented by determining: how exactly two systems work, components for each system and relationships between them, which components need adaptation, and finally suitable adaptation procedure for each component with maintaining the relationships between them the proposed systems overcome the above-mentioned drawbacks associated with the old systems and have new facilities to verify their main goals

  3. A survey on RBF Neural Network for Intrusion Detection System

    Henali Sheth

    2014-12-01

    Full Text Available Network security is a hot burning issue nowadays. With the help of technology advancement intruders or hackers are adopting new methods to create different attacks in order to harm network security. Intrusion detection system (IDS is a kind of security software which inspects all incoming and outgoing network traffic and it will generate alerts if any attack or unusual behavior is found in a network. Various approaches are used for IDS such as data mining, neural network, genetic and statistical approach. Among this Neural Network is more suitable approach for IDS. This paper describes RBF neural network approach for Intrusion detection system. RBF is a feed forward and supervise technique of neural network.RBF approach has good classification ability but its performance depends on its parameters. Based on survey we find that RBF approach has some short comings. In order to overcome this we need to do proper optimization of RBF parameters.

  4. Anomaly-based intrusion detection for SCADA systems

    Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)

  5. Fuzzy Approach for Intrusion Detection System: A Survey

    Partha Sarathi Bhattacharjee; Dr. Shahin Ara Begum

    2013-01-01

    Secured data communication over internet and any other network is always under threat of intrusions and misuses. Intrusions pose a serious security threat for the stability and the security of information in a network environment. An intrusion is defined as any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource. It includes attempting to destabilize the network, gaining unauthorized accessto files with privileges, or mishandling and misusing...

  6. Cluster Based Cost Efficient Intrusion Detection System For Manet

    Kumarasamy, Saravanan; B, Hemalatha; P, Hashini

    2013-01-01

    Mobile ad-hoc networks are temporary wireless networks. Network resources are abnormally consumed by intruders. Anomaly and signature based techniques are used for intrusion detection. Classification techniques are used in anomaly based techniques. Intrusion detection techniques are used for the network attack detection process. Two types of intrusion detection systems are available. They are anomaly detection and signature based detection model. The anomaly detection model uses the historica...

  7. Fuzzy Based Anomaly Intrusion Detection System for Clustered WSN

    Sumathy Murugan; Sundara Rajan, M.

    2015-01-01

    In Wireless Sensor Networks (WSN), the intrusion detection technique may result in increased computational cost, packet loss, performance degradation and so on. In order to overcome these issues, in this study, we propose a fuzzy based anomaly intrusion detection system for clustered WSN. Initially the cluster heads are selected based on the parameters such as link quality, residual energy and coverage. Then the anomaly intrusion is detected using fuzzy logic technique. This technique conside...

  8. Intrusion Awareness Based on Data Fusion and SVM Classification

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network intrusion awareness is important factor for risk analysis of network security. In the current decade various method and framework are available for intrusion detection and security awareness. Some method based on knowledge discovery process and some framework based on neural network. These entire model take rule based decision for the generation of security alerts. In this paper we proposed a novel method for intrusion awareness using data fusion and SVM classification. Data fusion work on the biases of features gathering of event. Support vector machine is super classifier of data. Here we used SVM for the detection of closed item of ruled based technique. Our proposed method simulate on KDD1999 DARPA data set and get better empirical evaluation result in comparison of rule based technique and neural network model.

  9. An Adaptive Fuzzy Framework based on Optimized Fuzzy Contexts for Detecting Network Intrusions

    Habib Ullah Baig

    2010-10-01

    Full Text Available Anomaly based Intrusion Detection System (AIDS is one of the key component of a reliable security infrastructure. Working at second line of defense, detection accuracy is the key objective that largely depends upon the precision of its normal profile. Due to existence of vague boundaries between normal and anomalous classes and dynamic network behavior, building accurate and generalize normal profile is very difficult. Based on the assumption that intruder?s behavior can be grouped into different phases active at different times, this article proposes to evolve and use ?short-term fuzzy profiles/contexts? for each such individual intrusion phase resulting in enhanced detection accuracy for low-level attacks. The result is a context-driven, adaptable implementation framework based on a double layer hierarchy of fuzzy sensors. The framework adapts to network conditions by switching between different contexts, according to network traffic patterns, anomaly conditions and organization?s security policies. These contexts are evolved in incremental fashion with genetic algorithm using real-time network traces. The framework is tested using DARPA 98/99 dataset showing accurate detection of low-level DoS attack.

  10. Design Network Intrusion Detection System using hybrid Fuzzy-Neural Network

    muna mhammad taher jawhar & Monica Mehrotra

    2010-08-01

    Full Text Available As networks grow both in importance and size, there is an increasing need for effective security monitors such as Network Intrusion Detection System to prevent such illicit accesses. Intrusion Detection Systems technology is an effective approach in dealing with the problems of network security. In this paper, we present an intrusion detection model based on hybrid fuzzy logic and neural network. The key idea is to take advantage of different classification abilities of fuzzy logic and neural network for intrusion detection system. The new model has ability to recognize an attack, to differentiate one attack from another i.e. classifying attack, and the most important, to detect new attacks with high detection rate and low false negative. Training and testing data were obtained from the Defense Advanced Research Projects Agency (DARPA intrusion detection evaluation data set.

  11. HYBRID FEATURE SELECTION ALGORITHM FOR INTRUSION DETECTION SYSTEM

    Seyed Reza Hasani

    2014-01-01

    Full Text Available Network security is a serious global concern. Usefulness Intrusion Detection Systems (IDS are increasing incredibly in Information Security research using Soft computing techniques. In the previous researches having irrelevant and redundant features are recognized causes of increasing the processing speed of evaluating the known intrusive patterns. In addition, an efficient feature selection method eliminates dimension of data and reduce redundancy and ambiguity caused by none important attributes. Therefore, feature selection methods are well-known methods to overcome this problem. There are various approaches being utilized in intrusion detections, they are able to perform their method and relatively they are achieved with some improvements. This work is based on the enhancement of the highest Detection Rate (DR algorithm which is Linear Genetic Programming (LGP reducing the False Alarm Rate (FAR incorporates with Bees Algorithm. Finally, Support Vector Machine (SVM is one of the best candidate solutions to settle IDSs problems. In this study four sample dataset containing 4000 random records are excluded randomly from this dataset for training and testing purposes. Experimental results show that the LGP_BA method improves the accuracy and efficiency compared with the previous related research and the feature subcategory offered by LGP_BA gives a superior representation of data.

  12. Intrusion Awareness Based on Data Fusion and SVM Classification

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network intrusion awareness is important factor forrisk analysis of network security. In the currentdecade various method and framework are availablefor intrusion detection and security awareness.Some method based on knowledge discovery processand some framework based on neural network.These entire model take rule based decision for thegeneration of security alerts. In this paper weproposed a novel method for intrusion awarenessusing data fusion and SVM classification. Datafusion work on the biases of features gathering ofevent. Support vector machine is super classifier ofdata. Here we used SVM for the detection of closeditem of ruled based technique. Our proposedmethod simulate on KDD1999 DARPA data set andget better empirical evaluation result in comparisonof rule based technique and neural network model.

  13. Reconfigurable Hardware Architecture for Network Intrusion Detection System

    A. Kaleel Rahuman

    2012-01-01

    Full Text Available Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention. The use of reconfigurable hardware for network security applications has great strides as Field Programmable Gate Array (FPGA devices have provided larger and faster resources. This proposes architecture called “BV-TCAM” is presented, which is implemented for an FPGA-based Network Intrusion Detection Systems (NIDS. The BV-TCAM architecture combines the Ternary Content Addressable Memory (TCAM and Bit Vector (BV algorithm to effectively compress the data representation and throughput. A tree bitmap implementation of the BV algorithm is used for source and destination port lookup while a TCAM performs lookup for other header fields, which can be represented as a prefix or exact value. With the aid of small embedded TCAM, packet classification can be implemented in relatively small part of the available logic of an FPGA. The BV-TCAM architecture has been modelled by VHDL. Simulations were performed by MODELSIM. This architecture have to be synthesized and implement our design using Xilinx FPGA device."

  14. Fuzzy logic based Adaptive Modulation Using Non Data Aided SNR Estimation for OFDM system

    K.SESHADRI SASTRY

    2010-06-01

    Full Text Available As demand for high quality transmission increases increase of spectrum efficiency and an improvement of error performance in wireless communication systems are important . One of the promising approaches to 4G is adaptive OFDM (AOFDM . Fixed modulation systems uses only one type of modulation scheme (or order, so that either performance or capacity should be compromised Adaptive modulated systems are superior to fixed modulated systems, since they change modulation order depending on present SNR. In an adaptive modulation system SNR estimation is important since performance of adaptive modulated system depends of estimated SNR. Non-data-Aided (NDA SNR estimation systems are gaining importance in recent days since they estimate SNR range and requires less data as input .In this paper we propose an adaptive modulated OFDM system which uses NDA(Non-data Aided SNR estimation using fuzzy logic interface.The proposed system is simulated in Matlab 7.4 and The results of computer simulation show the improvement in system capacity .

  15. Efficient Hybrid Network (Wired and Wireless Intrusion Detection using Statistical Data Streams and Detection of Clustered Alerts

    M. Thangavel

    2011-01-01

    Full Text Available Problem statement: Wireless LAN IEEE 802.11 protocols are growing rapidly and security has always been a concern with the security of wired network. Wireless networks encountered threats from unauthorized access to network resources, installation of access points and illegal sniffing (refer as classical intrusion threats. In its current hybrid wired and wireless network attacks on the generally distinguish from normal cable intrusion attacks, selective forwarding attacks, MAC spoofing attacks. This means that the simple traditional misuse detection and anomaly detection model alone not sufficient to identify these mixed attacks on the hybrid network (wired and wireless. Approach: Our proposed work presents a hybrid cluster-based intrusion detection statistical anomaly, for detecting selective forwarding in wireless networks and intrusion into traditional wired networks. The detection was identified by changes in the statistical characteristics of data traffic on the wireless network. The clustering of data traffic based on the characteristics of alert classes and normal classes improve the performance of our hybrid intrusion detection in both wired and wireless network efficiently. The simulation was performed to evaluate the performance of wired intrusion detection systems to the proposed wireless intrusion detection on the data traffic in the area of wired and wireless hybrid network environment. Results: The proposed wireless intrusion detection system sharply detect the statistical change point detection of intrusion behavior in terms of attack rate and throughput of data traffic. The probability of intrusion attack and detection delay were measured in the simulation scenario, the result is 17% better than the current part of the exiting wired intrusion detection. Conclusion: The proposed anomaly intrusion traffic detection scheme performs better in heterogametic hybrid network (i.e., wired and wireless compared to that of conventional

  16. A Retroactive-Burst Framework for Automated Intrusion Response System

    Alireza Shameli-Sendi

    2013-01-01

    Full Text Available The aim of this paper is to present an adaptive and cost-sensitive model to prevent security intrusions. In most automated intrusion response systems, response selection is performed locally based on current threat without using the knowledge of attacks history. Another challenge is that a group of responses are applied without any feedback mechanism to measure the response effect. We address these problems through retroactive-burst execution of responses and a Response Coordinator (RC mechanism, the main contributions of this work. The retroactive-burst execution consists of several burst executions of responses with, at the end of each burst, a mechanism for measuring the effectiveness of the applied responses by the risk assessment component. The appropriate combination of responses must be considered for each burst execution to mitigate the progress of the attack without necessarily running the next round of responses, because of the impact on legitimate users. In the proposed model, there is a multilevel response mechanism. To indicate which level is appropriate to apply based on the retroactive-burst execution, we get help from a Response Coordinator mechanism. The applied responses can improve the health of Applications, Kernel, Local Services, Network Services, and Physical Status. Based on these indexes, the RC gives a general overview of an attacker’s goal in a distributed environment.

  17. Cross Layer Intrusion Detection System for Wireless Sensor Network

    Djallel Eddine Boubiche; Azeddine Bilami

    2012-01-01

    The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer...

  18. Intrusive versus domiciliated triatomines and the challenge of adapting vector control practices against Chagas disease

    Waleckx, Etienne; Gourbière, Sébastien; Dumonteil, Eric

    2015-01-01

    Chagas disease prevention remains mostly based on triatomine vector control to reduce or eliminate house infestation with these bugs. The level of adaptation of triatomines to human housing is a key part of vector competence and needs to be precisely evaluated to allow for the design of effective vector control strategies. In this review, we examine how the domiciliation/intrusion level of different triatomine species/populations has been defined and measured and discuss how these concepts may be improved for a better understanding of their ecology and evolution, as well as for the design of more effective control strategies against a large variety of triatomine species. We suggest that a major limitation of current criteria for classifying triatomines into sylvatic, intrusive, domiciliary and domestic species is that these are essentially qualitative and do not rely on quantitative variables measuring population sustainability and fitness in their different habitats. However, such assessments may be derived from further analysis and modelling of field data. Such approaches can shed new light on the domiciliation process of triatomines and may represent a key tool for decision-making and the design of vector control interventions. PMID:25993504

  19. Intrusive versus domiciliated triatomines and the challenge of adapting vector control practices against Chagas disease

    Etienne Waleckx

    2015-05-01

    Full Text Available Chagas disease prevention remains mostly based on triatomine vector control to reduce or eliminate house infestation with these bugs. The level of adaptation of triatomines to human housing is a key part of vector competence and needs to be precisely evaluated to allow for the design of effective vector control strategies. In this review, we examine how the domiciliation/intrusion level of different triatomine species/populations has been defined and measured and discuss how these concepts may be improved for a better understanding of their ecology and evolution, as well as for the design of more effective control strategies against a large variety of triatomine species. We suggest that a major limitation of current criteria for classifying triatomines into sylvatic, intrusive, domiciliary and domestic species is that these are essentially qualitative and do not rely on quantitative variables measuring population sustainability and fitness in their different habitats. However, such assessments may be derived from further analysis and modelling of field data. Such approaches can shed new light on the domiciliation process of triatomines and may represent a key tool for decision-making and the design of vector control interventions.

  20. Distributed reinforcement learning for adaptive and robust network intrusion response

    Malialis, Kleanthis; Devlin, Sam; Kudenko, Daniel

    2015-07-01

    Distributed denial of service (DDoS) attacks constitute a rapidly evolving threat in the current Internet. Multiagent Router Throttling is a novel approach to defend against DDoS attacks where multiple reinforcement learning agents are installed on a set of routers and learn to rate-limit or throttle traffic towards a victim server. The focus of this paper is on online learning and scalability. We propose an approach that incorporates task decomposition, team rewards and a form of reward shaping called difference rewards. One of the novel characteristics of the proposed system is that it provides a decentralised coordinated response to the DDoS problem, thus being resilient to DDoS attacks themselves. The proposed system learns remarkably fast, thus being suitable for online learning. Furthermore, its scalability is successfully demonstrated in experiments involving 1000 learning agents. We compare our approach against a baseline and a popular state-of-the-art throttling technique from the network security literature and show that the proposed approach is more effective, adaptive to sophisticated attack rate dynamics and robust to agent failures.

  1. Intrusion Detection System using Support Vector Machine (SVM and Particle Swarm Optimization (PSO

    Vitthal Manekar

    2014-09-01

    Full Text Available Security and privacy of a system is vulnerable, when an intrusion happens. Intrusion Detection System (IDS takes an important role in network security as it detects various types of attacks in the network. In this paper, the propose Intrusion Detection System using data mining technique: SVM (Support Vector Machine and PSO (Particle Swarm Optimization. Here, first PSO performed parameter optimization using SVM to get the optimized value of C (cost and g (gamma parameter. Then PSO performed feature optimization to get optimized feature. Then these parameters and features are given to SVM to get higher accuracy. The experiment is performed by using NSL-KDD dataset.

  2. Survey on Host and Network Based Intrusion Detection System

    Niva Das

    2014-09-01

    Full Text Available With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.

  3. Novel Non-Intrusive Vibration Monitoring System for Turbopumps Project

    National Aeronautics and Space Administration — ASRI proposes to develop an advanced and commercially viable Non-Intrusive Vibration Monitoring System (NI-VMS) which can provide effective on-line/off-line engine...

  4. Novel Non-Intrusive Vibration Monitoring System for Turbopumps Project

    National Aeronautics and Space Administration — AI Signal Research, Inc. proposes to develop a Non-Intrusive Vibration Measurement System (NI-VMS) for turbopumps which will provide effective on-board/off-board...

  5. AdiosStMan: Parallelizing Casacore Table Data System using Adaptive IO System

    Wang, R.; Harris, C.; Wicenec, A.

    2016-07-01

    In this paper, we investigate the Casacore Table Data System (CTDS) used in the casacore and CASA libraries, and methods to parallelize it. CTDS provides a storage manager plugin mechanism for third-party developers to design and implement their own CTDS storage managers. Having this in mind, we looked into various storage backend techniques that can possibly enable parallel I/O for CTDS by implementing new storage managers. After carrying on benchmarks showing the excellent parallel I/O throughput of the Adaptive IO System (ADIOS), we implemented an ADIOS based parallel CTDS storage manager. We then applied the CASA MSTransform frequency split task to verify the ADIOS Storage Manager. We also ran a series of performance tests to examine the I/O throughput in a massively parallel scenario.

  6. Novel hybrid intrusion detection system for clustered wireless sensor network

    Sedjelmaci, Hichem

    2011-01-01

    Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.

  7. Adaptive top-down suppression of hippocampal activity and the purging of intrusive memories from consciousness.

    Benoit, Roland G; Hulbert, Justin C; Huddleston, Ean; Anderson, Michael C

    2015-01-01

    When reminded of unwanted memories, people often attempt to suppress these experiences from awareness. Prior work indicates that control processes mediated by the dorsolateral prefrontal cortex (DLPFC) modulate hippocampal activity during such retrieval suppression. It remains unknown whether this modulation plays a role in purging an intrusive memory from consciousness. Here, we combined fMRI and effective connectivity analyses with phenomenological reports to scrutinize a role for adaptive top-down suppression of hippocampal retrieval processes in terminating mnemonic awareness of intrusive memories. Participants either suppressed or recalled memories of pictures depicting faces or places. After each trial, they reported their success at regulating awareness of the memory. DLPFC activation was greatest when unwanted memories intruded into consciousness and needed to be purged, and this increased engagement predicted superior control of intrusive memories over time. However, hippocampal activity was decreased during the suppression of place memories only. Importantly, the inhibitory influence of the DLPFC on the hippocampus was linked to the ensuing reduction in intrusions of the suppressed memories. Individuals who exhibited negative top-down coupling during early suppression attempts experienced fewer involuntary memory intrusions later on. Over repeated suppressions, the DLPFC-hippocampus connectivity grew less negative with the degree that they no longer had to purge unwanted memories from awareness. These findings support a role of DLPFC in countermanding the unfolding recollection of an unwanted memory via the suppression of hippocampal processing, a mechanism that may contribute to adaptation in the aftermath of traumatic experiences. PMID:25100219

  8. Adaptive-array Electron Cyclotron Emission diagnostics using data streaming in a Software Defined Radio system

    Measurement of the Electron Cyclotron Emission (ECE) spectrum is one of the most popular electron temperature diagnostics in nuclear fusion plasma research. A 2-dimensional ECE imaging system was developed with an adaptive-array approach. A radio-frequency (RF) heterodyne detection system with Software Defined Radio (SDR) devices and a phased-array receiver antenna was used to measure the phase and amplitude of the ECE wave. The SDR heterodyne system could continuously measure the phase and amplitude with sufficient accuracy and time resolution while the previous digitizer system could only acquire data at specific times. Robust streaming phase measurements for adaptive-arrayed continuous ECE diagnostics were demonstrated using Fast Fourier Transform (FFT) analysis with the SDR system. The emission field pattern was reconstructed using adaptive-array analysis. The reconstructed profiles were discussed using profiles calculated from coherent single-frequency radiation from the phase array antenna

  9. A real time OCSVM Intrusion Detection module with low overhead for SCADA systems

    Leandros A. Maglaras

    2014-10-01

    Full Text Available In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine is an intrusion detection mechanism that does not need any labeled data for training or any information about the kind of anomaly is expecting for the detection process. This feature makes it ideal for processing SCADA environment data and automate SCADA performance monitoring. The OCSVM module developed is trained by network traces off line and detect anomalies in the system real time. In order to decrease the overhead induced by communicated alarms we propose a new detection mechanism that is based on the combination of OCSVM with a recursive k-means clustering procedure. The proposed intrusion detection module K??OCSVMis capable to distinguish severe alarms from possible attacks regardless of the values of parameters and , making it ideal for real-time intrusion detection mechanisms for SCADA systems. The most severe alarms are then communicated with the use of IDMEF files to an IDSIDS (Intrusion Detection System system that is developed under CockpitCI project. Alarm messages carry information about the source of the incident, the time of the intrusion and a classification of the alarm.

  10. A Multi-Dimensional approach towards Intrusion Detection System

    Thakur, Manoj Rameshchandra

    2012-01-01

    In this paper, we suggest a multi-dimensional approach towards intrusion detection. Network and system usage parameters like source and destination IP addresses; source and destination ports; incoming and outgoing network traffic data rate and number of CPU cycles per request are divided into multiple dimensions. Rather than analyzing raw bytes of data corresponding to the values of the network parameters, a mature function is inferred during the training phase for each dimension. This mature function takes a dimension value as an input and returns a value that represents the level of abnormality in the system usage with respect to that dimension. This mature function is referred to as Individual Anomaly Indicator. Individual Anomaly Indicators recorded for each of the dimensions are then used to generate a Global Anomaly Indicator, a function with n variables (n is the number of dimensions) that provides the Global Anomaly Factor, an indicator of anomaly in the system usage based on all the dimensions consid...

  11. Novel hybrid intrusion detection system for clustered wireless sensor network

    Hichem Sedjelmaci; Mohamed Feham

    2011-01-01

    Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. ...

  12. The design about the intrusion defense system for IHEP

    With the development of network technologies, limitations on traditional methods of network security protection are becoming more and more obvious. An individual network security product or the simple combination of several products can hardly complete the goal of keeping from hackers' intrusion. Therefore, on the basis of the analyses about the security problems of IHEPNET which is an open and scientific research network, the author designs an intrusion defense system especially for IHEPNET

  13. An adaptive structure data acquisition system using a graphical-based programming language

    Baroth, Edmund C.; Clark, Douglas J.; Losey, Robert W.

    1992-01-01

    An example of the implementation of data fusion using a PC and a graphical programming language is discussed. A schematic of the data acquisition system and user interface panel for an adaptive structure test are presented. The computer programs (a series of icons 'wired' together) are also discussed. The way in which using graphical-based programming software to control a data acquisition system can simplify analysis of data, promote multidisciplinary interaction, and provide users a more visual key to understanding their data are shown.

  14. Intrusion Prevention/Intrusion Detection System (IPS/IDS) for Wifi Networks

    Michal Korcak; Jaroslav Lamer; Frantisek Jakab

    2014-01-01

    The nature of wireless networks itself created new vulnerabilities that in the classical wired network s do not exist. This results in an evolutional requireme nt to implement new sophisticated security mechanis m in form of Intrusion Detection and Prevention Systems. This paper deals with security issues of small off ice and home office wireless networks. The goal of our work is to design and evaluate wireless IDPS with u se of packet injection method. Dec...

  15. Mining Techniques in Network Security to Enhance Intrusion Detection Systems

    Maher Salem

    2012-12-01

    Full Text Available In intrusion detection systems, classifiers still suffer from several drawbacks such as data dimensionalityand dominance, different network feature types, and data impact on the classification. In this paper twosignificant enhancements are presented to solve these drawbacks. The first enhancement is an improvedfeature selection using sequential backward search and information gain. This, in turn, extracts valuablefeatures that enhance positively the detection rate and reduce the false positive rate. The secondenhancement is transferring nominal network features to numeric ones by exploiting the discrete randomvariable and the probability mass function to solve the problem of different feature types, the problem ofdata dominance, and data impact on the classification. The latter is combined to known normalizationmethods to achieve a significant hybrid normalization approach. Finally, an intensive and comparativestudy approves the efficiency of these enhancements and shows better performance comparing to otherproposed methods.

  16. Data reduction in the ITMS system through a data acquisition model with self-adaptive sampling rate

    Ruiz, M. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain)], E-mail: mariano.ruiz@upm.es; Lopez, JM.; Arcas, G. de [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Barrera, E. [Departamento de Sistemas Electronicos y de Control, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Melendez, R. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada, Universidad Politecnica de Madrid (UPM), Crta. Valencia Km-7, Madrid 28031 (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)

    2008-04-15

    Long pulse or steady state operation of fusion experiments require data acquisition and processing systems that reduce the volume of data involved. The availability of self-adaptive sampling rate systems and the use of real-time lossless data compression techniques can help solve these problems. The former is important for continuous adaptation of sampling frequency for experimental requirements. The latter allows the maintenance of continuous digitization under limited memory conditions. This can be achieved by permanent transmission of compressed data to other systems. The compacted transfer ensures the use of minimum bandwidth. This paper presents an implementation based on intelligent test and measurement system (ITMS), a data acquisition system architecture with multiprocessing capabilities that permits it to adapt the system's sampling frequency throughout the experiment. The sampling rate can be controlled depending on the experiment's specific requirements by using an external dc voltage signal or by defining user events through software. The system takes advantage of the high processing capabilities of the ITMS platform to implement a data reduction mechanism based in lossless data compression algorithms which are themselves based in periodic deltas.

  17. Intrusion problematic during water supply systems' operation

    Mora-Rodriguez, Jesus; Lopez-Jimenez, P. Amparo [Departamento de Ingenieria Hidraulica y Medio Ambiente, Universidad Politecnica de Valencia, Camino de Vera, s/n, 46022, Valencia (Spain); Ramos, Helena M. [Civil Engineering Department and CEHIDRO, Instituto Superior Tecnico, Technical University of Lisbon, Av. Rovisco Pais, 1049-001, Lisbon (Portugal)

    2011-07-01

    Intrusion through leaks occurrence is a phenomenon when external fluid comes into water pipe systems. This phenomenon can cause contamination problems in drinking pipe systems. Hence, this paper focuses on the entry of external fluids across small leaks during normal operation conditions. This situation is especially important in elevated points of the pipe profile. Pressure variations can origin water volume losses and intrusion of contaminants into the drinking water pipes. This work focuses in obtaining up the physical representation on a specific case intrusion in a pipe water system. The combination of two factors is required to generate this kind of intrusion in a water supply system: on one hand the existence of at least a leak in the system; on the other hand, a pressure variation could occur during the operation of the system due to consumption variation, pump start-up or shutdown. The potential of intrusion during a dynamic or transient event is here analyzed. To obtain this objective an experimental case study of pressure transient scenario is analyzed with a small leak located nearby the transient source.

  18. System and method for adaptively deskewing parallel data signals relative to a clock

    Jenkins, Philip Nord; Cornett, Frank N.

    2011-10-04

    A system and method of reducing skew between a plurality of signals transmitted with a transmit clock is described. Skew is detected between the received transmit clock and each of received data signals. Delay is added to the clock or to one or more of the plurality of data signals to compensate for the detected skew. The delay added to each of the plurality of delayed signals is updated to adapt to changes in detected skew.

  19. Cross Layer Intrusion Detection System for Wireless Sensor Network

    Djallel Eddine Boubiche

    2012-03-01

    Full Text Available The wireless sensor networks (WSN are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate itseffectiveness in detecting different types of attacks at multiple layers of the OSI model.

  20. NASA End-to-End Data System /NEEDS/ information adaptive system - Performing image processing onboard the spacecraft

    Kelly, W. L.; Howle, W. M.; Meredith, B. D.

    1980-01-01

    The Information Adaptive System (IAS) is an element of the NASA End-to-End Data System (NEEDS) Phase II and is focused toward onbaord image processing. Since the IAS is a data preprocessing system which is closely coupled to the sensor system, it serves as a first step in providing a 'Smart' imaging sensor. Some of the functions planned for the IAS include sensor response nonuniformity correction, geometric correction, data set selection, data formatting, packetization, and adaptive system control. The inclusion of these sensor data preprocessing functions onboard the spacecraft will significantly improve the extraction of information from the sensor data in a timely and cost effective manner and provide the opportunity to design sensor systems which can be reconfigured in near real time for optimum performance. The purpose of this paper is to present the preliminary design of the IAS and the plans for its development.

  1. Semantic intrusion detection with multisensor data fusion using complex event processing

    R Bhargavi; V Vaidehi

    2013-04-01

    Complex Event Processing (CEP) is an emerging technology for processing and identifying patterns of interest from multiple streams of events in real/near real time. Sensor network-based security and surveillance is a topic of recent research where events generated from distributed sensors at an unpredictable rate need to be analysed for possible threats and respond in a timely manner. Traditional software architectures like client/server architecture where the interactions are pull-based (DBMS) do not target the efficient processing of streams of events in real time. CEP which is a push-based system can process streaming data to identify the intrusion patterns in near real time and respond to the threats. An Intrusion Detection System (IDS) based on single sensor may fail to give accurate identification of intrusion. Hence there is a need for multisensor based IDS. A multisensor-based IDS enables identification of the intrusion patterns semantically by correlating the events and context information provided by multiple sensors. JDL multisource data fusion model is a well-known research model first established by the Joint Directorate Laboratories. This paper proposes JDL fusion framework-based CEP for semantic intrusion detection. The events generated from heterogeneous sensors are collected, aggregated using logical and spatiotemporal relations to form complex events which model the intrusion patterns. The proposed system is implemented and the results show that the proposed system out performs the pull-based solutions in terms of detection accuracy and detection time.

  2. The System Design of a Node of P2P Networks for Intrusion Detection

    Lei Ding

    2013-08-01

    Full Text Available To improve the measuring accuracy of intrusion detection, a system design of a node for intrusion detection is proposed in this paper. First, the technology that applies the traditional intrusion detection method, such as anomaly detection and misuse detection, into P2P networks is presented. Next, to build the trust relationship among the nodes, and realize the cooperation mechanism of data detection, collection and response among the nodes of P2P networks, the corresponding solving plans, such as topological structure, trust model, information share and information fusion, are proposed in this paper. Then the concept of network telescope is presented to broaden the field of vision of malicious attacks and abnormal network packets in the propagation path. Finally, a system design of a node for intrusion detection using the honeypot technology is proposed in this paper.

  3. AGENT BASED INTRUSION DETECTION SYSTEM IN MANET

    J. K. Mandal

    2013-02-01

    Full Text Available In this paper a technique for intrusion detection in MANET has been proposed where agents are fired from a node which traverses each node randomly and detect the malicious node. Detection is based on triangular encryption technique (TE where AODV is taken as routing protocol. For simulation we have taken NS2 (2.33 where two type of parameters are considered out of which number of nodes and percentage of node mobility are the attributes. For analysis purpose 20, 30, 30, 40, 50 and 60 nodes are taken with a variable percentage of malicious node as 0 %( no malicious, 10%, 20%, 30% and 40%. Analysis have been done taking generated packets, forwarded packets, delay, and average delay as parameters

  4. Intrusion Prevention/Intrusion Detection System (IPS/IDS for Wifi Networks

    Michal Korcak

    2014-07-01

    Full Text Available The nature of wireless networks itself created new vulnerabilities that in the classical wired network s do not exist. This results in an evolutional requireme nt to implement new sophisticated security mechanis m in form of Intrusion Detection and Prevention Systems. This paper deals with security issues of small off ice and home office wireless networks. The goal of our work is to design and evaluate wireless IDPS with u se of packet injection method. Decrease of attacker’s traffic by 95% was observed when compared to attacker’s traffic without deployment of proposed I DPS system.

  5. Protecting coastal abstraction boreholes from seawater intrusion using self-potential data

    Graham, Malcolm; Butler, Adrian; MacAllister, Donald John; Vinogradov, Jan; Ijioma, Amadi; Jackson, Matthew

    2016-04-01

    We investigate whether the presence and transport of seawater can influence self-potentials (SPs) measured within coastal groundwater boreholes, with a view to using SP monitoring as part of an early warning system for saline intrusion. SP data were collected over a period of 18 months from a coastal groundwater borehole in the fractured Chalk of England. Spectral analysis of the results shows semi-diurnal fluctuations that are several orders of magnitude higher than those observed from monitoring of the Chalk more than 60 km inland, indicating a strong influence from oceanic tides. Hydrodynamic and geoelectric modelling of the coastal aquifer suggests that observed pressure changes (giving rise to the streaming potential) are not sufficient to explain the magnitude of the observed SP fluctuations. Simulation of the exclusion-diffusion potential, produced by changes in concentration across the saline front, is required to match the SP data from the borehole, despite the front being located some distance away. In late summer of 2013 and 2014, seawater intrusion occurred in the coastal monitoring borehole. When referenced to the shallowest borehole electrode, there was a characteristic increase in SP within the array, several days before any measurable increase in salinity. The size of this precursor increased steadily with depth, typically reaching values close to 0.3 mV in the deepest electrode. Numerical modelling suggests that the exclusion-diffusion potential can explain the magnitude of the precursor, but that the polarity of the change in SP cannot be replicated assuming a homogeneous aquifer. Small-scale models of idealised Chalk blocks were used to simulate the effects of discrete fractures on the distribution of SP. Initial results suggest that comparatively large reductions in voltage can develop in the matrix ahead of the front, in conjunction with a reduced or absent precursor in the vicinity of a fracture. Geophysical logging indicates the presence of a

  6. LKM: A LDA-Based K-Means Clustering Algorithm for Data Analysis of Intrusion Detection in Mobile Sensor Networks

    Yuhua Zhang; Kun Wang; Min Gao; Zhiyou Ouyang; Siguang Chen

    2015-01-01

    Mobile sensor networks (MSNs), consisting of mobile nodes, are sensitive to network attacks. Intrusion detection system (IDS) is a kind of active network security technology to protect network from attacks. In the data gathering phase of IDS, due to the high-dimension data collected in multidimension space, great pressure has been put on the subsequent data analysis and response phase. Therefore, traditional methods for intrusion detection can no longer be applicable in MSNs. To improve the p...

  7. Network Intrusion Detection Evading System using Frequent Pattern Matching

    N. B. Dhurpate#1 , L.M.R.J. Lobo

    2013-08-01

    Full Text Available Signature based NIDS are efficient at detecting attacks for what they are prepared for. This makes an intruderto focus on the new evasion technique to remain undetected. Emergence of new evasion technique may cause NIDS to fail. Unfortunately, most of these techniques are based on network protocols ambiguities, so NIDS designers must take them into account when updating their tools. This paper presents a framework for evading network intrusion detection system and detection over NIDS using frequent element pattern matching. The core of the framework is to model the NIDS using Adaboost algorithm that allows the understanding of how the NIDS classifies network data. We look for some way of evading the NIDS detection by changing some of the fields of the packets. We use publicly available dataset (KDD-99 for showing the proof of our concept. For real time evasion detection NIDS is build with Apriori algorithm to analyze NIDS robustness with high detection rate accuracy

  8. NEEDS - Information Adaptive System

    Kelly, W. L.; Benz, H. F.; Meredith, B. D.

    1980-01-01

    The Information Adaptive System (IAS) is an element of the NASA End-to-End Data System (NEEDS) Phase II and is focused toward onboard image processing. The IAS is a data preprocessing system which is closely coupled to the sensor system. Some of the functions planned for the IAS include sensor response nonuniformity correction, geometric correction, data set selection, data formatting, packetization, and adaptive system control. The inclusion of these sensor data preprocessing functions onboard the spacecraft will significantly improve the extraction of information from the sensor data in a timely and cost effective manner, and provide the opportunity to design sensor systems which can be reconfigured in near real-time for optimum performance. The purpose of this paper is to present the preliminary design of the IAS and the plans for its development.

  9. Intrusion Detection Systems Based On Packet Sniffing

    Ushus Maria Joseph

    2013-01-01

    Full Text Available In the present era of networks, security of network systems is becoming increasingly important, as more and more sensitive information is being stored and manipulated online. The paper entitled ’Packet Sniffing’ is a IDS where it monitors packets on the network wire and attempts to the discovery of hacker/cracker who is attempting to break into system. Packet Sniffing also finds the contents and tracks the data packet in the network system. This sniffing is being performed by comparing the captured packet with the intruder details stored in the database .If the packet is found to be an intruder it is then forwarded to the firewall with the respective message for blocking. The Emotional Ants module contains the sender and receiver .The sender will inform all the other Ants running in other machines about the detection of intruder through his pheromone (Messages. The receiver in Ants will listen for the messages from other Ants

  10. A new data normalization method for unsupervised anomaly intrusion detection

    Long-zheng CAI; Jian CHEN; Yun KE; Tao CHEN; Zhi-gang LI

    2010-01-01

    Unsupervised anomaly detection can detect attacks without the need for clean or labeled training data.This paper studies the application of clustering to unsupervised anomaly detection(ACUAD).Data records are mapped to a feature space.Anomalies are detected by determining which points lie in the sparse regions of the feature space.A critical element for this method to be effective is the definition of the distance function between data records.We propose a unified normalization distance framework for records with numeric and nominal features mixed data.A heuristic method that computes the distance for nominal features is proposed,taking advantage of an important characteristic of nominal features-their probability distribution.Then,robust methods are proposed for mapping numeric features and computing their distance,these being able to tolerate the impact of the value difference in scale and diversification among features,and outliers introduced by intrusions.Empirical experiments with the KDD 1999 dataset showed that ACUAD can detect intrusions with relatively low false alarm rates compared with other approaches.

  11. Predicting Packet Transmission Data over IP Networks Using Adaptive Neuro-Fuzzy Inference Systems

    Samira Chabaa

    2009-01-01

    Full Text Available Problem statement: The statistical modeling for predicting network traffic has now become a major tool used for network and is of significant interest in many domains: Adaptive application, congestion and admission control, wireless, network management and network anomalies. To comprehend the properties of IP-network traffic and system conditions, many kinds of reports based on measured network traffic data have been reported by several researchers. The goal of the present contribution was to complement these previous researches by predicting network traffic data. Approach: The Adaptive Neuro-Fuzzy Inference System (ANFIS was realized by an appropriate combination of fuzzy systems and neural networks. It was applied in different applications which have been increased in recent years and have multidisciplinary in several domains with a high accuracy. For this reason, we used a set of input and output data of packet transmission over Internet Protocol (IP networks as input and output of ANFIS to develop a model for predicting data. Results: ANFIS was compared with some existing model based on Volterra system with Laguerre functions. The obtained results demonstrate that the sequences of generated values have the same statistical characteristics as those really observed. Furthermore, the relative error using ANFIS model was better than this obtained by Volterra system model. Conclusion: The developed model fits well real data and can be used for predicting purpose with a high accuracy.

  12. Identification Method of Attack Path Based on Immune Intrusion Detection

    Wenhua Huang

    2014-04-01

    Full Text Available This thesis takes researches on the immune intrusion detection and IP trace back technology. To find out the network data features of the real-time analyses, the distributed immune intrusion detection system and the packet marking theory are used; to guide the dynamically processing of path signs technology, the immune intrusion detection system is used; what’s more, to dynamically adaptive different methods of characteristics of network data, the path signs technology is adopted. After that, the attack paths can be quickly identified to provide path information for feature detector on attack path in the immune intrusion detection system. Experiment results show that this scheme can quickly reconstruct the attack path information, and the performance on the aspects of the convergence is with efficiency rate and false positive rate, which is superior to the current probabilistic packet marking algorithm and can provide characteristic path information for immune intrusion detection system

  13. HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NETWORK

    Seyedeh Yasaman Rashida

    2013-06-01

    Full Text Available In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.

  14. A methodical and adaptive framework for Data Warehouse of Salary Management System

    Manzoor Ahmad

    2014-06-01

    Full Text Available Years of experience as an employee of University of Kashmir has always desired us to have a typical solution where most of the activities related to salary are fully automated without checking across the files whenever there is a need e.g. individual month‟s salary report , web based information submission, filing of returns , increment information etc. After thorough analysis , taking employee satisfaction , sensitivity and security of data , a long term solution was to develop a centralized University salary management system and its data warehouse . In this paper the design and implementation of an adaptive data warehouse is presented which supports large volume of data and saves the cost effectively. It also enable decision makers pose queries and question to the system. However decision support systems only support a set of queries and operations that are to be performed.

  15. A methodical and adaptive framework for Data Warehouse of Salary Management System

    Manzoor Ahmad

    2015-11-01

    Full Text Available Years of experience as an employee of University of Kashmir has always desired us to have a typical solution where most of the activities related to salary are fully automated without checking across the files whenever there is a need e.g. individual month‟s salary report , web based information submission, filing of returns , increment information etc. After thorough analysis , taking employee satisfaction , sensitivity and security of data , a long term solution was to develop a centralized University salary management system and its data warehouse . In this paper the design and implementation of an adaptive data warehouse is presented which supports large volume of data and saves the cost effectively. It also enable decision makers pose queries and question to the system. However decision support systems only support a set of queries and operations that are to be performed.

  16. Nuclear data needs for non-intrusive inspection

    Various nuclear-based techniques are being explored for use in non-intrusive inspection. Their development is motivated by the need to prevent the proliferation of nuclear weapons, to thwart trafficking in illicit narcotics, to stop the transport of explosives by terrorist organizations, to characterize nuclear waste, and to deal with various other societal concerns. Non-intrusive methods are sought in order to optimize inspection speed, to minimize damage to packages and containers, to satisfy environmental, health and safety requirements, to adhere to legal requirements, and to avoid inconveniencing the innocent. These inspection techniques can be grouped into two major categories: active and passive. They almost always require the use of highly penetrating radiation and therefore are generally limited to neutrons and gamma rays. Although x-rays are widely employed for these purposes, their use does not constitute 'nuclear technology' and therefore is not discussed here. This paper examines briefly the basic concepts associated with nuclear inspection and investigates the related nuclear data needs. These needs are illustrated by considering four of the methods currently being developed and tested. (author)

  17. Nuclear data needs for non-intrusive inspection.

    Smith, D. L.; Michlich, B. J.

    2000-11-29

    Various nuclear-based techniques are being explored for use in non-intrusive inspection. Their development is motivated by the need to prevent the proliferation of nuclear weapons, to thwart trafficking in illicit narcotics, to stop the transport of explosives by terrorist organizations, to characterize nuclear waste, and to deal with various other societal concerns. Non-intrusive methods are sought in order to optimize inspection speed, to minimize damage to packages and containers, to satisfy environmental, health and safety requirements, to adhere to legal requirements, and to avoid inconveniencing the innocent. These inspection techniques can be grouped into two major categories: active and passive. They almost always require the use of highly penetrating radiation and therefore are generally limited to neutrons and gamma rays. Although x-rays are widely employed for these purposes, their use does not constitute nuclear technology and therefore is not discussed here. This paper examines briefly the basic concepts associated with nuclear inspection and investigates the related nuclear data needs. These needs are illustrated by considering four of the methods currently being developed and tested.

  18. Nuclear data needs for non-intrusive inspection

    Various nuclear-based techniques are being explored for use in non-intrusive inspection. Their development is motivated by the need to prevent the proliferation of nuclear weapons, to thwart trafficking in illicit narcotics, to stop the transport of explosives by terrorist organizations, to characterize nuclear waste, and to deal with various other societal concerns. Non-intrusive methods are sought in order to optimize inspection speed, to minimize damage to packages and containers, to satisfy environmental, health and safety requirements, to adhere to legal requirements, and to avoid inconveniencing the innocent. These inspection techniques can be grouped into two major categories: active and passive. They almost always require the use of highly penetrating radiation and therefore are generally limited to neutrons and gamma rays. Although x-rays are widely employed for these purposes, their use does not constitute nuclear technology and therefore is not discussed here. This paper examines briefly the basic concepts associated with nuclear inspection and investigates the related nuclear data needs. These needs are illustrated by considering four of the methods currently being developed and tested

  19. Clustering of tethered satellite system simulation data by an adaptive neuro-fuzzy algorithm

    Mitra, Sunanda; Pemmaraju, Surya

    1992-01-01

    Recent developments in neuro-fuzzy systems indicate that the concepts of adaptive pattern recognition, when used to identify appropriate control actions corresponding to clusters of patterns representing system states in dynamic nonlinear control systems, may result in innovative designs. A modular, unsupervised neural network architecture, in which fuzzy learning rules have been embedded is used for on-line identification of similar states. The architecture and control rules involved in Adaptive Fuzzy Leader Clustering (AFLC) allow this system to be incorporated in control systems for identification of system states corresponding to specific control actions. We have used this algorithm to cluster the simulation data of Tethered Satellite System (TSS) to estimate the range of delta voltages necessary to maintain the desired length rate of the tether. The AFLC algorithm is capable of on-line estimation of the appropriate control voltages from the corresponding length error and length rate error without a priori knowledge of their membership functions and familarity with the behavior of the Tethered Satellite System.

  20. A modeling study of saltwater intrusion in the Andarax delta area using multiple data sources

    Antonsson, Arni Valur; Engesgaard, Peter Knudegaard; Jorreto, Sara;

    In groundwater model development, construction of the conceptual model is one of the (initial and) critical aspects that determines the model reliability and applicability in terms of e.g. system (hydrogeological) understanding, groundwater quality predictions, and general use in water resources...... context. The validity of a conceptual model is determined by different factors, where both data quantity and quality is of crucial importance. Often, when dealing with saltwater intrusion, data is limited. Therefore, using different sources (and types) of data can be beneficial and increase the...... understanding of the investigated system. A density dependent saltwater intrusion model has been established for the coastal zone of the Andarax aquifer, SE Spain, with the aim of obtaining a coherent (conceptual) understanding of the area. Recently drilled deep boreholes in  the Andarax delta revealed a far...

  1. Adaptive Lockable Units to Improve Data Availability in a Distributed Database System

    Khaled Maabreh

    2016-01-01

    Full Text Available Distributed database systems have become a phenomenon and have been considered a crucial source of information for numerous users. Users with different jobs are using such systems locally or via the Internet to meet their professional requirements. Distributed database systems consist of a number of sites connected over a computer network. Each site deals with its own database and interacts with other sites as needed. Data replication in these systems is considered a key factor in improving data availability. However, it may affect system performance when most of the transactions that access the data contain write or a mix of read and write operations because of exclusive locks and update propagation. This research proposes a new adaptive approach for increasing the availability of data contained in a distributed database system. The proposed approach suggests a new lockable unit by increasing the database hierarchy tree by one level to include attributes as lockable units instead of the entire row. This technique may allow several transactions to access the database row simultaneously by utilizing some attributes and keeping others available for other transactions. Data in a distributed database system can be accessed locally or remotely by a distributed transaction, with each distributed transaction decomposed into several sub-transactions called participants or agents. These agents access the data at multiple sites and must guarantee that any changes to the data must be committed in order to complete the main transaction. The experimental results show that using attribute-level locking will increase data availability, reliability, and throughput, as well as enhance overall system performance. Moreover, it will increase the overhead of managing such a large number of locks, which will be managed according to the qualification of the query.

  2. A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

    Eung Jun Cho

    2013-11-01

    Full Text Available The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of energy or memory. A partially distributed intrusion detection system with low memory and power demands is proposed here. It employs a Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined to reduce the signature code for each Bloom filter array. The mechanism could then cope with potential denial of service attacks, unlike many previous detection systems with Bloom filters. The mechanism was evaluated and validated through analysis and simulation.

  3. Intrusion Detection Systems in Wireless Sensor Networks

    Vijay Kumar Mallarapu; K.V.D.Sagar

    2012-01-01

    Wireless Sensor Networks (WSNs) are a new technology foreseen to be used increasingly in the near future due to their data acquisition and data processing abilities. Security for WSNs is an area that needs to be considered in order to protect the functionality of these networks, the data they convey and the location of their members. The security models & protocols used in wired and other networks are not suited to WSNs because of their severe resource constrictions. In this paper, we describ...

  4. Distributed Intrusion Detection System for Ad hoc Mobile Networks

    Muhammad Nawaz Khan

    2012-01-01

    Full Text Available In mobile ad hoc network resource restrictions on bandwidth, processing capabilities, battery life and memory of mobile devices lead tradeoff between security and resources consumption. Due to some unique properties of MANETs, proactive security mechanism like authentication, confidentiality, access control and non-repudiation are hard to put into practice. While some additional security requirements are also needed, like cooperation fairness, location confidentiality, data freshness and absence of traffic diversion. Traditional security mechanism i.e. authentication and encryption, provide a security beach to MANETs. But some reactive security mechanism is required who analyze the routing packets and also check the overall network behavior of MANETs. Here we propose a local-distributed intrusion detection system for ad hoc mobile networks. In the proposed distributed-ID, each mobile node works as a smart agent. Data collect by node locally and it analyze that data for malicious activity. If any abnormal activity discover, it informs the surrounding nodes as well as the base station. It works like a Client-Server model, each node works in collaboration with server, updating its database each time by server using Markov process. The proposed local distributed- IDS shows a balance between false positive and false negative rate. Re-active security mechanism is very useful in finding abnormal activities although proactive security mechanism present there. Distributed local-IDS useful for deep level inspection and is suited with the varying nature of the MANETs.

  5. Distributed Intrusion Detection for Computer Systems Using Communicating Agents

    Ingram, Dennis J.; Kremer, H. Steven; Neil C. Rowe

    2000-01-01

    This paper appeared in the Proceedings of the 2000 Command and Control Research and Technology Symposium (CCRTS), Monterey, CA, June 11-13, 2000, and won the award for “Best Paper”. Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has a number of vulnerabilities. The work presented here demonstrates that independent detection agents under Windows NT can be run in a distributed fashion, each operating mostly independent ...

  6. Usefulness of DARPA dataset for intrusion detection system evaluation

    Thomas, Ciza; Sharma, Vishwas; Balakrishnan, N.

    2008-01-01

    The MIT Lincoln Laboratory IDS evaluation methodology is a practical solution in terms of evaluating the performance of Intrusion Detection Systems, which has contributed tremendously to the research progress in that field. The DARPA IDS evaluation dataset has been criticized and considered by many as a very outdated dataset, unable to accommodate the latest trend in attacks. Then naturally the question arises as to whether the detection systems have improved beyond detecting these old level ...

  7. Optimizations of Battery-Based Intrusion Protection Systems

    Nelson, Theresa Michelle

    2008-01-01

    As time progresses, small mobile devices become more prevalent for both personal and industrial use, providing malicious network users with new and exciting venues for security exploits. Standard security applications, such as Norton Antivirus and MacAfee, require computing power, memory space, and operating system complexity that are not present in small mobile devices. Recently, the Battery-Sensing Intrusion Protection System (B-SIPS) was devised as a means to correct the inability of small...

  8. A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

    Eung Jun Cho; Choong Seon Hong; Sungwon Lee; Seokhee Jeon

    2013-01-01

    The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of ene...

  9. Intrusion Detection of NSM Based DoS Attacks Using Data Mining in Smart Grid

    JungChan Na; Kijoon Chae; Mihui Kim; Shi Li; Xinyi Chen; Kyung Choi

    2012-01-01

    In this paper, we analyze the Network and System Management (NSM) requirements and NSM data objects for the intrusion detection of power systems; NSM is an IEC 62351-7 standard. We analyze a SYN flood attack and a buffer overflow attack to cause the Denial of Service (DoS) attack described in NSM. After mounting the attack in our attack testbed, we collect a data set, which is based on attributes for the attack. We then run several data mining methods with the data set using the Waikato Envir...

  10. Detecting network intrusions by data mining and variable-length sequence pattern matching

    Tian Xinguang; Duan Miyi; Sun Chunlai; Liu Xin

    2009-01-01

    Anomaly detection has been an active research topic in the field of network intrusion detection for many years. A novel method is presented for anomaly detection based on system calls into the kernels of Unix or Linux systems. The method uses the data mining technique to model the normal behavior of a privileged program and uses a variable-length pattern matching algorithm to perform the comparison of the current behavior and historic normal behavior, which is more suitable for this problem than the fixed-length pattern matching algorithm proposed by Forrest et al. At the detection stage, the particularity of the audit data is taken into account, and two alternative schemes could be used to distinguish between normalities and intrusions. The method gives attention to both computational efficiency and detection accuracy and is especially applicable for on-line detection. The performance of the method is evaluated using the typical testing data set, and the results show that it is significantly better than the anomaly detection method based on hidden Markov models proposed by Yan et al. and the method based on fixed-length patterns proposed by Forrest and Hofmeyr. The novel method has been applied to practical hosted-based intrusion detection systems and achieved high detection performance.

  11. Hybrid Adaptive Intrusion Prevention%自适应混合入侵防御

    乔佩利; 韩伟

    2011-01-01

    This paper proposed a model of Intrusion Prevent System, which has the adaptive ability and apply a hybrid approach to host security that prevents binary code injection attacks. It incorporates three major components: an anomaly-based classifier, a signature-based filtering scheme, and a supervision framework that employs Instruction Set Randomization ( ISR ). ISR can precisely identify the injected code, the classifier and the filter via a learning mechanism based on this feedback can be tuned. Capturing the injected code allows FLIPS to construct signatures for zero-day exploits. Experimental results show that the model can discard input that is anomalous matches or malicious input, protecting the application from attack effectively.%提出一个应用混合的方法来阻止破坏主机安全的二进制代码注入式攻击并具有自适应能力的入侵防御系统模型(Feedback Leaming IPS,FLIPS).它包括三个主要组成部分:基于异常的分类器,基于签名的过滤系统,和采用指令集随机化(Instruction Set Randomization,ISR)的监管框架.ISR可以准确识别注入的代码,以这种反馈为基础对分类器和过滤器进行调整,并允许FLIPS对捕捉到的注入代码构建零日攻击签名.经试验表明,该模型能够丢弃那些匹配异常或已知的恶意输入,从而有效地保护应用程序免受攻击.

  12. System and method for the adaptive mapping of matrix data to sets of polygons

    Burdon, David (Inventor)

    2003-01-01

    A system and method for converting bitmapped data, for example, weather data or thermal imaging data, to polygons is disclosed. The conversion of the data into polygons creates smaller data files. The invention is adaptive in that it allows for a variable degree of fidelity of the polygons. Matrix data is obtained. A color value is obtained. The color value is a variable used in the creation of the polygons. A list of cells to check is determined based on the color value. The list of cells to check is examined in order to determine a boundary list. The boundary list is then examined to determine vertices. The determination of the vertices is based on a prescribed maximum distance. When drawn, the ordered list of vertices create polygons which depict the cell data. The data files which include the vertices for the polygons are much smaller than the corresponding cell data files. The fidelity of the polygon representation can be adjusted by repeating the logic with varying fidelity values to achieve a given maximum file size or a maximum number of vertices per polygon.

  13. Evaluating the Strengths and Weaknesses of Mining Audit Data for Automated Models for Intrusion Detection in Tcpdump and Basic Security Module Data

    A. Arul Lawrence Selvakumar

    2012-01-01

    Full Text Available Problem statement: Intrusion Detection System (IDS have become an important component of infrastructure protection mechanism to secure the current and emerging networks, its services and applications by detecting, alerting and taking necessary actions against the malicious activities. The network size, technology diversities and security policies make networks more challenging and hence there is a requirement for IDS which should be very accurate, adaptive, extensible and more reliable. Although there exists the novel framework for this requirement namely Mining Audit Data for Automated Models for Intrusion Detection (MADAM ID, it is having some performance shortfalls in processing the audit data. Approach: Few experiments were conducted on tcpdump data of DARPA and BCM audit files by applying the algorithms and tools of MADAM ID in the processing of audit data, mine patterns, construct features and build RIPPER classifiers. By putting it all together, four main categories of attacks namely DOS, R2L, U2R and PROBING attacks were simulated. Results: This study outlines the experimentation results of MADAM ID in testing the DARPA and BSM data on a simulated network environment. Conclusion: The strengths and weakness of MADAM ID has been identified thru the experiments conducted on tcpdump data and also on Pascal based audit files of Basic Security Module (BSM. This study also gives some additional directions about the future applications of MADAM ID.

  14. A Novel Local Network Intrusion Detection System Based on Support Vector Machine

    Muamer N. Mohammad; Norrozila Sulaiman; Emad T Khalaf

    2011-01-01

    Problem statement: Past few years have witnessed a growing recognition of intelligent techniques for the construction of efficient and reliable Intrusion Detection Systems (IDS). Many methods and techniques were used for modeling the IDS, but some of them contribute little or not to resolve it. Approach: Intrusion detection system for local area network by using Support Vector Machines (SVM) was proposed. First, the intrusion ways and intrusion connecting of Local Area Network were defined fo...

  15. An Implementation Approach for Intrusion Detection System in Wireless sensor Network

    Ruchi Bhatnagar; Dr. A.K. Srivastava; Anupriya Sharma

    2010-01-01

    The Intrusion Detection System (IDS) has become a critical component of wireless sensor networks security strategy. In this paper we have made an effort to document related issues and challenges of intrusion detection system for wireless sensor network and proposed a novel secure strategy for their implementation that can detect possible intrusion in the network, alerting user after intrusion had been detected and reconfigure the network if possible.

  16. An Implementation Approach for Intrusion Detection System in Wireless sensor Network

    Ruchi Bhatnagar

    2010-10-01

    Full Text Available The Intrusion Detection System (IDS has become a critical component of wireless sensor networks security strategy. In this paper we have made an effort to document related issues and challenges of intrusion detection system for wireless sensor network and proposed a novel secure strategy for their implementation that can detect possible intrusion in the network, alerting user after intrusion had been detected and reconfigure the network if possible.

  17. A ROLE OF INTRUSION DETECTION SYSTEM FOR WIRELESS LAN USING VARIOUS SCHEMES AND RELATED ISSUES

    Kamalanaban Ethala; Seshadri, R; N. G. Renganathan; M. S. Saravanan

    2013-01-01

    The advancement in network based technology and augmented dependability of our everyday life on this technology. During recent years, number of attacks on networks has intensely increased. Hence interest in network intrusion detection has increased among the researchers. This study assesses different kinds of IDS and inclines preemptive procedures. An Intrusion Detection System (IDS) is used to automate the intrusion detection process. An Intrusion Deterrence System (IPS) is software which ha...

  18. Thermal Error Modelling of the Spindle Using Data Transformation and Adaptive Neurofuzzy Inference System

    Yanlei Li

    2015-01-01

    Full Text Available This paper proposes a new method for predicting spindle deformation based on temperature data. The method introduces the adaptive neurofuzzy inference system (ANFIS, which is a neurofuzzy modeling approach that integrates the kernel and geometrical transformations. By utilizing data transformation, the number of ANFIS rules can be effectively reduced and the predictive model structure can be simplified. To build the predictive model, we first map the original temperature data to a feature space with Gaussian kernels. We then process the mapped data with the geometrical transformation and make the data gather in the square region. Finally, the transformed data are used as input to train the ANFIS. A verification experiment is conducted to evaluate the performance of the proposed method. Six Pt100 thermal resistances are used to monitor the spindle temperature, and a laser displacement sensor is used to detect the spindle deformation. Experimental results show that the proposed method can precisely predict the spindle deformation and greatly improve the thermal performance of the spindle. Compared with back propagation (BP networks, the proposed method is more suitable for complex working conditions in practical applications.

  19. Network Threat Characterization in Multiple Intrusion Perspectives using Data Mining Technique

    Oluwafemi Oriola

    2012-12-01

    Full Text Available For effective security incidence response on the network, a reputable approach must be in place at bothprotected and unprotected region of the network. This is because compromise in the demilitarized zonecould be precursor to threat inside the network. The improved complexity of attacks in present times andvulnerability of system are motivations for this work. Past and present approaches to intrusion detectionand prevention have neglected victim and attacker properties despite the fact that for intrusion to occur,an overt act by an attacker and a manifestation, observable by the intended victim, which results fromthat act are required. Therefore, this paper presents a threat characterization model for attacks from thevictim and the attacker perspective of intrusion using data mining technique. The data mining techniquecombines Frequent Temporal Sequence Association Mining and Fuzzy Logic. Apriori Association Miningalgorithm was used to mine temporal rule patterns from alert sequences while Fuzzy Control System wasused to rate exploits. The results of the experiment show that accurate threat characterization in multipleintrusion perspectives could be actualized using Fuzzy Association Mining. Also, the results proved thatsequence of exploits could be used to rate threat and are motivated by victim properties and attackerobjectives.

  20. A ROLE OF INTRUSION DETECTION SYSTEM FOR WIRELESS LAN USING VARIOUS SCHEMES AND RELATED ISSUES

    Kamalanaban Ethala

    2013-01-01

    Full Text Available The advancement in network based technology and augmented dependability of our everyday life on this technology. During recent years, number of attacks on networks has intensely increased. Hence interest in network intrusion detection has increased among the researchers. This study assesses different kinds of IDS and inclines preemptive procedures. An Intrusion Detection System (IDS is used to automate the intrusion detection process. An Intrusion Deterrence System (IPS is software which has complete competencies of an intrusion detection system and it can endeavor to stop probable events.

  1. Clustering of noisy image data using an adaptive neuro-fuzzy system

    Pemmaraju, Surya; Mitra, Sunanda

    1992-01-01

    Identification of outliers or noise in a real data set is often quite difficult. A recently developed adaptive fuzzy leader clustering (AFLC) algorithm has been modified to separate the outliers from real data sets while finding the clusters within the data sets. The capability of this modified AFLC algorithm to identify the outliers in a number of real data sets indicates the potential strength of this algorithm in correct classification of noisy real data.

  2. A Frame of Intrusion Detection Learning System Utilizing Radial Basis Function

    S.Selvakani Kandeeban

    2012-02-01

    Full Text Available The process of monitoring the events that occur in a computer system or network and analyzing them for signs of intrusion is known as Intrusion Detection System (IDS. Detection ability of most of the IDS are limited to known attack patterns; hence new signatures for novel attacks can be troublesome, time consuming and has high false alarm rate. To achieve this, system was trained and tested with known and unknown patterns with the help of Radial Basis Functions (RBF. KDD 99 IDE (Knowledge Discovery in Databases Intrusion Detection Evaluation data set was used for training and testing. The IDS is supposed to distinguish normal traffic from intrusions and to classify them into four classes: DoS, probe, R2L and U2R. The dataset is quite unbalanced, with 79% of the traffic belonging to the DoS category, 19% is normal traffic and less than 2% constitute the other three categories. The usefulness of the data set used for experimental evaluation has been demonstrated. The different metrics available for the evaluation of IDS were also introduced. Experimental evaluations were shown that the proposed methods were having the capacity of detecting a significant percentage ofrate and new attacks.

  3. The Mobile Intrusion Detection and Assessment System (MIDAS)

    Arlowe, H.D.; Coleman, D.E.

    1990-01-01

    This paper describes MIDAS, the Mobile Intrusion Detection and Assessment System. MIDAS is a security system that can be quickly deployed to provide wide area coverage for a mobile asset. MIDAS uses two passive infrared imaging sensors, one for intruder detection and one for assessment. Detected targets are tracked while assessment cameras are directed to view the intruder location for operator observation and assessment. The dual sensor design allows simultaneous detection, assessment, and tracking. Control and status information is provided to an operator using a color graphics terminal, touch panel driven menus, and a joystick for control of the assessment sensor pan and tilt. 1 ref., 5 figs.

  4. A Comprehensive Study on Classification of Passive Intrusion and Extrusion Detection System

    A.Kalaivani

    2013-05-01

    Full Text Available Cyber criminals compromise Integrity, Availability and Confidentiality of network resources in cyber space and cause remote class intrusions such as U2R, R2L, DoS and probe/scan system attacks .To handle these intrusions, Cyber Security uses three audit and monitoring systems namely Intrusion Prevention Systems (IPS, Intrusion Detection Systems (IDS. Intrusion Detection System (IDS monitors only inbound traffic which is insufficient to prevent botnet systems. A system to monitor outbound traffic is named as Extrusion Detection System (EDS. Therefore a hybrid system should be designed to handle both inbound and outbound traffic. Due to the increased false alarms preventive systems do not suite to an organizational network. The goal of this paper is to devise a taxonomy for cyber security and study the existing methods of Intrusion and Extrusion Detection systems based on three primary characteristics. The metrics used to evaluate IDS and EDS are also presented.

  5. MIDAS, the Mobile Intrusion Detection and Assessment System

    Arlowe, H.D.; Coleman, D.E.; Williams, J.D.

    1990-01-01

    MIDAS is a semiautomated passive detection and assessment security system that can be quickly deployed to provide wide-area coverage for a mobile military asset. Designed to be mounted on top of an unguyed telescoping mast, its specially packaged set of 32 infrared sensors spin 360 degrees every two seconds. The unit produces a low resolution infrared image by sampling each sensor more than 16,000 times in a single 360-degree rotation. Drawing from image processing techniques, MIDAS detects vehicular and pedestrian intruders and produces an alarm when an intrusion is detected. Multiple intruders are tracked. MIDAS automatically directs either an assessment camera or a FLIR to one of the tracks. The alerted operator assesses the intruder and initiates a response. Once the operator assesses an intruder, the system continues to track it without generating new alarms. Because the system will track multiple targets and because the assessment system is a separate pan and tilt unit, the detection and tracking system cannot be blind-sided while the operator is assessing a diversionary intrusion. 4 figs.

  6. Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

    Hortos, William S.

    2007-09-01

    and trust neighborhood, collecting parametric information and executing assigned decision tasks. The communications overhead due to security mechanisms and the latency in network response are thus minimized by reducing the need to move large amounts of audit data through resource-limited nodes and by locating detection/identification programs closer to audit data. If network partitioning occurs due to uncoordinated node exhaustion, data compromise or other effects of the attacks, the mobile agents can continue to operate, thereby increasing fault tolerance in the network response to intrusions. Since the mobile agents behave like an ant colony in securing the WSN, published ant colony optimization (ACO) routines and other evolutionary algorithms are adapted to protect network security, using data at and through nodes to create audit records to detect and respond to denial-of-service attacks. Performance evaluations of algorithms are performed by simulation of a few intrusion attacks, such as black hole, flooding, Sybil and others, to validate the ability of the cross-layer algorithms to enable WSNs to survive the attacks. Results are compared for the different algorithms.

  7. Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection.

    Al-Jarrah, Omar Y; Alhussein, Omar; Yoo, Paul D; Muhaidat, Sami; Taha, Kamal; Kim, Kwangjo

    2016-08-01

    Botnets, which consist of remotely controlled compromised machines called bots, provide a distributed platform for several threats against cyber world entities and enterprises. Intrusion detection system (IDS) provides an efficient countermeasure against botnets. It continually monitors and analyzes network traffic for potential vulnerabilities and possible existence of active attacks. A payload-inspection-based IDS (PI-IDS) identifies active intrusion attempts by inspecting transmission control protocol and user datagram protocol packet's payload and comparing it with previously seen attacks signatures. However, the PI-IDS abilities to detect intrusions might be incapacitated by packet encryption. Traffic-based IDS (T-IDS) alleviates the shortcomings of PI-IDS, as it does not inspect packet payload; however, it analyzes packet header to identify intrusions. As the network's traffic grows rapidly, not only the detection-rate is critical, but also the efficiency and the scalability of IDS become more significant. In this paper, we propose a state-of-the-art T-IDS built on a novel randomized data partitioned learning model (RDPLM), relying on a compact network feature set and feature selection techniques, simplified subspacing and a multiple randomized meta-learning technique. The proposed model has achieved 99.984% accuracy and 21.38 s training time on a well-known benchmark botnet dataset. Experiment results demonstrate that the proposed methodology outperforms other well-known machine-learning models used in the same detection task, namely, sequential minimal optimization, deep neural network, C4.5, reduced error pruning tree, and randomTree. PMID:26540724

  8. Nuclear-power-plant perimeter-intrusion alarm systems

    Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981

  9. Nuclear-power-plant perimeter-intrusion alarm systems

    Halsey, D.J.

    1982-04-01

    Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981.

  10. Immune System Approaches to Intrusion Detection - A Review

    Kim, Jungwon; Aickelin, Uwe; Greensmith, Julie; Tedesco, Gianni; Twycross, Jamie

    2008-01-01

    The use of artificial immune systems in intrusion detection is an appealing concept for two reasons. Firstly, the human immune system provides the human body with a high level of protection from invading pathogens, in a robust, self-organised and distributed manner. Secondly, current techniques used in computer security are not able to cope with the dynamic and increasingly complex nature of computer systems and their security. It is hoped that biologically inspired approaches in this area, including the use of immune-based systems will be able to meet this challenge. Here we review the algorithms used, the development of the systems and the outcome of their implementation. We provide an introduction and analysis of the key developments within this field, in addition to making suggestions for future research.

  11. Intrusion Detection System with Hierarchical Different Parallel Classification

    Behrouz Safaiezadeh

    2015-12-01

    Full Text Available Todays, lives integrated to networks and internet. The needed information is transmitted through networks. So, someone may attempt to abuse the information and attack and make changes by weakness of networks. Intrusion Detection System is a system capable to detect some attacks. The system detects attacks through classifier construction and considering IP in network. The recent researches showed that a fundamental classification cannot be effective lonely and due to its errors, but mixing some classifications provide better efficiency. So, the current study attempt to design three classes of support vector machine, the neural network of multilayer perceptron and parallel fuzzy system in which there are trained dataset and capability to detect two classes. Finally, decisions made by an intermediate network due to type of attack. In the present research, suggested system tested through dataset of KDD99 and results indicated appropriate efficiency 99.71% in average.

  12. Hydrodynamic modeling of the intrusion phenomenon in water distribution systems; Modelacion hidrodinamica del fenomeno de intrusion en tuberia de abastecimiento

    Lopez-Jimenez, Petra Amparo; Mora-Rodriguez, Jose de Jesus; Perez-Garcia, Rafael; Martinez-Solano, F. Javier [Universidad Politecnica de Valencia (Spain)

    2008-10-15

    This paper describes a strategy for the hydrodynamic modeling of the pathogen intrusion phenomenon in water distribution systems by the combination of a breakage with a depression situation. This scenario will be modeled computationally and experimentally. The phenomenon to be represented by both simulations is the same: the entrance of an external volume into the circulation of a main volume, known as a pathogen intrusion, as long as the main volume is potable water. To this end, a prototype and a computational model based on Computational Fluid Dynamics (CFD) are used, which allow visualizing the fields of speeds and pressures in a simulated form. With the comparison of the results of both models, conclusions will be drawn on the detail of the studied pathogen intrusion phenomenon. [Spanish] En el presente documento se describe una estrategia de modelacion del fenomeno hidrodinamico de la intrusion patogena en redes de distribucion de agua por combinacion de una rotura con una situacion de depresion. Este escenario sera modelado computacional y experimentalmente. El fenomeno que se desea representar con ambas simulaciones es el mismo: la entrada de un caudal externo a una conduccion para la que circula un caudal principal, denominado intrusion patogena, siempre y cuando el caudal principal sea agua potable. Para ello se dispone de un prototipo y un modelo computacional basado en la Dinamica de Fluidos Computacional (DFC de aqui en adelante), que permite visualizar los campos de velocidades y presiones de forma simulada. Con la comparacion de los resultados de ambos modelos se extraeran conclusiones sobre el detalle del fenomeno de la intrusion patogena estudiado.

  13. Evolution of optically nondestructive and data-non-intrusive credit card verifiers

    Sumriddetchkajorn, Sarun; Intaravanne, Yuttana

    2010-04-01

    Since the deployment of the credit card, the number of credit card fraud cases has grown rapidly with a huge amount of loss in millions of US dollars. Instead of asking more information from the credit card's holder or taking risk through payment approval, a nondestructive and data-non-intrusive credit card verifier is highly desirable before transaction begins. In this paper, we review optical techniques that have been proposed and invented in order to make the genuine credit card more distinguishable than the counterfeit credit card. Several optical approaches for the implementation of credit card verifiers are also included. In particular, we highlight our invention on a hyperspectral-imaging based portable credit card verifier structure that offers a very low false error rate of 0.79%. Other key features include low cost, simplicity in design and implementation, no moving part, no need of an additional decoding key, and adaptive learning.

  14. Fracture density estimation from petrophysical log data using the adaptive neuro-fuzzy inference system

    Fractures as the most common and important geological features have a significant share in reservoir fluid flow. Therefore, fracture detection is one of the important steps in fractured reservoir characterization. Different tools and methods are introduced for fracture detection from which formation image logs are considered as the common and effective tools. Due to the economical considerations, image logs are available for a limited number of wells in a hydrocarbon field. In this paper, we suggest a model to estimate fracture density from the conventional well logs using an adaptive neuro-fuzzy inference system. Image logs from two wells of the Asmari formation in one of the SW Iranian oil fields are used to verify the results of the model. Statistical data analysis indicates good correlation between fracture density and well log data including sonic, deep resistivity, neutron porosity and bulk density. The results of this study show that there is good agreement (correlation coefficient of 98%) between the measured and neuro-fuzzy estimated fracture density

  15. An Intrusion Detection System for Kaminsky DNS Cache poisoning

    Dhrubajyoti Pathak, Kaushik Baruah

    2013-09-01

    Full Text Available Domain Name System (DNS is the largest and most actively distributed, hierarchical and scalable database system which plays an incredibly inevitable role behind the functioning of the Internet as we know it today. A DNS translates human readable and meaningful domain names such as www.iitg.ernet.in into an Internet Protocol (IP address such as 202.141.80.6. It is used for locating a resource on the World Wide Web. Without a DNS, the Internet services as we know it, would come to a halt. In our thesis, we proposed an Intrusion Detection System(IDS for Kaminsky cache poisoning attacks. Our system relies on the existing properties of the DNS protocol.

  16. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

    Chen, Yan [Northwesten University

    2013-12-05

    Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

  17. RESEARCH ON SECURITY PROTOCOL FOR COLLABORATING MOBILE AGENTS IN NETWORK INTRUSION DETECTION SYSTEMS

    Olumide Simeon Ogunnusi

    2013-01-01

    Full Text Available Despite the popularity of mobile agents in academic and commercial arena, the security issues associated with them have hindered their adoption on large scale distributed applications. However, researchers are making relentless effort to overcome the security impediments so that the interesting properties inherent in mobile agent application, especially in the field of intrusion detection, can be harnessed. Such properties include: adaptability, autonomous nature, low bandwidth utilization, latency eradication, mobility and intelligence. A number of protocols have been developed by researchers for different key distribution techniques to enhance their performance and to protect communicating entities against malicious attacks that can hinder their activities. However, they do not take into account the availability and fault tolerance of the protocols in case of any possible attack despite the authentication methods offered by encryption. This study therefore, proposes a fault-tolerant key distribution protocol for distributed mobile agents (communicating entities in network intrusion detection system to facilitate hitch-free collaboration geared towards intrusive packets detection in Wireless Local Area Network (WLAN.

  18. PERFORMANCE COMPARISON FOR INTRUSION DETECTION SYSTEM USING NEURAL NETWORK WITH KDD DATASET

    S. Devaraju; Ramakrishnan, S.

    2014-01-01

    Intrusion Detection Systems are challenging task for finding the user as normal user or attack user in any organizational information systems or IT Industry. The Intrusion Detection System is an effective method to deal with the kinds of problem in networks. Different classifiers are used to detect the different kinds of attacks in networks. In this paper, the performance of intrusion detection is compared with various neural network classifiers. In the proposed research the four types of cla...

  19. Intrusion detection system and technology of layered wireless sensor network based on Agent

    Genjian Yu; Kunpeng Weng

    2013-01-01

    The intrusion detection system and technology of classified layered-wireless sensor network was able to meet the high safety requirements of wireless sensor network, it is urgent for us to improve the identification and generalization of detection system about characters of intrusion. In this paper, we design an intelligent intrusion detection system which realize intelligence, the effective and direct way was to add the methods,  and it was used for identification and generalization of intru...

  20. A Scalable Intrusion Detection System for IPv6

    LIU Bin; LI Zhitang; LI Zhanchun

    2006-01-01

    The next generation protocol IPv6 brings the new challenges to the information security. This paper presents the design and implementation of a network-based intrusion detection system that support both IPv6 protocol and IPv4 protocol. This system's architecture is focused on performance, simplicity, and scalability. There are four primary subsystems that make it up: the packet capture, the packet decoder, the detection engine, and the logging and alerting subsystem. This paper further describes a new approach to packet capture whose goal is to improve the performance of the capture process at high speeds. The evaluation shows that the system has a good performance to detect IPv6 attacks and IPv4 attacks, and achieves 61% correct detection rate with 20% false detection rate at the speed of 100 Mb·s-1.

  1. Analysis of Fuzzy Logic Based Intrusion Detection Systems in Mobile Ad Hoc Networks

    A. Chaudhary

    2014-01-01

    Full Text Available Due to the advancement in wireless technologies, many of new paradigms have opened for communications. Among these technologies, mobile ad hoc networks play a prominent role for providing communication in many areas because of its independent nature of predefined infrastructure. But in terms of security, these networks are more vulnerable than the conventional networks because firewall and gateway based security mechanisms cannot be applied on it. That’s why intrusion detection systems are used as keystone in these networks. Many number of intrusion detection systems have been discovered to handle the uncertain activity in mobile ad hoc networks. This paper emphasized on proposed fuzzy based intrusion detection systems in mobile ad hoc networks and presented their effectiveness to identify the intrusions. This paper also examines the drawbacks of fuzzy based intrusion detection systems and discussed the future directions in the field of intrusion detection for mobile ad hoc networks.

  2. A Study of Various Intrusion Detection Model Based on Data Fusion, Neural Network and D-S Theory

    Ramnaresh Sharma

    2012-06-01

    Full Text Available Network security and awareness of network attack are hot pots in current research area. Now in days various model and method are available for intrusion detection and awareness of cyber-attack. Such as Application of the integrated Network Security Situation Awareness system (Net-SSA shows that the proposed framework supports for the accurate modeling and effective generation of network security situation. In this paper we have discuss various approach for intrusion detection technique such as data fusion, neural network and D-S Theory and fuzzy logic.

  3. Energy Efficient Cluster-Based Intrusion Detection System for Wireless Sensor Networks

    Manal Abdullah

    2014-09-01

    Full Text Available Wireless sensor networks (WSNs are network type where sensors are used to collect physical measurements. It has many application areas such as healthcare, weather monitoring and even military applications. Security in this kind of networks is a big concern especially in the applications that required confidentiality and privacy. Therefore, providing a WSN with an intrusion detection system is essential to protect its security from different types of intrusions, cyber-attacks and random faults. Clustering has proven its efficiency in prolong the node as well as the whole WSN lifetime. In this paper we have designed an Intrusion Detection (ID system based on Stable Election Protocol (SEP for clustered heterogeneous WSNs. The benefit of using SEP is that it is a heterogeneous-aware protocol to prolong the time interval before the death of the first node. KDD Cup’99 data set is used as the training data and test data. After normalizing our dataset, we trained the system to detect four types of attacks which are Probe, Dos, U2R and R2L, using 18 features out of the 42 features available in KDD Cup'99 dataset. The research used the K-nearest neighbour (KNN classifier for anomaly detection. The experiments determine K = 5 for best classification and this reveals recognition rate of attacks as 75%. Results are compared with KNN classifier for anomaly detection without using a clustering algorithm.

  4. System using data compression and hashing adapted for use for multimedia encryption

    Coffland, Douglas R.

    2011-07-12

    A system and method is disclosed for multimedia encryption. Within the system of the present invention, a data compression module receives and compresses a media signal into a compressed data stream. A data acquisition module receives and selects a set of data from the compressed data stream. And, a hashing module receives and hashes the set of data into a keyword. The method of the present invention includes the steps of compressing a media signal into a compressed data stream; selecting a set of data from the compressed data stream; and hashing the set of data into a keyword.

  5. Intrusion detection system and technology of layered wireless sensor network based on Agent

    Genjian Yu

    2013-08-01

    Full Text Available The intrusion detection system and technology of classified layered-wireless sensor network was able to meet the high safety requirements of wireless sensor network, it is urgent for us to improve the identification and generalization of detection system about characters of intrusion. In this paper, we design an intelligent intrusion detection system which realize intelligence, the effective and direct way was to add the methods,  and it was used for identification and generalization of intrusion characters to the Agent function of intrusion detection. It could obtain credible judgment by updating and examining the database for the actions which the general misuse detection or anomaly detection were not sure if the intrusion was formed.

  6. Adaptive shared control system

    Sanders, David

    2009-01-01

    A control system to aid mobility is presented that is intended to assist living independently and that provides physical guidance. The system has two levels: a human machine interface and an adaptive shared controller.

  7. HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK

    Mohammad Saiful Islam Mamun

    2010-07-01

    Full Text Available In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs.However, security is one of the significant challenges for sensor network because of their deploymentin open and unprotected environment. As cryptographic mechanism is not enough to protect sensornetwork from external attacks, intrusion detection system needs to be introduced. Though intrusionprevention mechanism is one of the major and efficient methods against attacks, but there might besome attacks for which prevention method is not known. Besides preventing the system from someknown attacks, intrusion detection system gather necessary information related to attack technique andhelp in the development of intrusion prevention system. In addition to reviewing the present attacksavailable in wireless sensor network this paper examines the current efforts to intrusion detectionsystem against wireless sensor network. In this paper we propose a hierarchical architectural designbased intrusion detection system that fits the current demands and restrictions of wireless ad hocsensor network. In this proposed intrusion detection system architecture we followed clusteringmechanism to build a four level hierarchical network which enhances network scalability to largegeographical area and use both anomaly and misuse detection techniques for intrusion detection. Weintroduce policy based detection mechanism as well as intrusion response together with GSM cellconcept for intrusion detection architecture.

  8. A model for anomaly classification in intrusion detection systems

    Ferreira, V. O.; Galhardi, V. V.; Gonçalves, L. B. L.; Silva, R. C.; Cansian, A. M.

    2015-09-01

    Intrusion Detection Systems (IDS) are traditionally divided into two types according to the detection methods they employ, namely (i) misuse detection and (ii) anomaly detection. Anomaly detection has been widely used and its main advantage is the ability to detect new attacks. However, the analysis of anomalies generated can become expensive, since they often have no clear information about the malicious events they represent. In this context, this paper presents a model for automated classification of alerts generated by an anomaly based IDS. The main goal is either the classification of the detected anomalies in well-defined taxonomies of attacks or to identify whether it is a false positive misclassified by the IDS. Some common attacks to computer networks were considered and we achieved important results that can equip security analysts with best resources for their analyses.

  9. A Frequency-Based Approach to Intrusion Detection

    Mian Zhou

    2004-06-01

    Full Text Available Research on network security and intrusion detection strategies presents many challenging issues to both theoreticians and practitioners. Hackers apply an array of intrusion and exploit techniques to cause disruption of normal system operations, but on the defense, firewalls and intrusion detection systems (IDS are typically only effective in defending known intrusion types using their signatures, and are far less than mature when faced with novel attacks. In this paper, we adapt the frequency analysis techniques such as the Discrete Fourier Transform (DFT used in signal processing to the design of intrusion detection algorithms. We demonstrate the effectiveness of the frequency-based detection strategy by running synthetic network intrusion data in simulated networks using the OPNET software. The simulation results indicate that the proposed intrusion detection strategy is effective in detecting anomalous traffic data that exhibit patterns over time, which include several types of DOS and probe attacks. The significance of this new strategy is that it does not depend on the prior knowledge of attack signatures, thus it has the potential to be a useful supplement to existing signature-based IDS and firewalls.

  10. Evaluating the Strengths and Weaknesses of Mining Audit Data for Automated Models for Intrusion Detection in Tcpdump and Basic Security Module Data

    A. Arul Lawrence Selvakumar; G. Mohammed Nazer

    2012-01-01

    Problem statement: Intrusion Detection System (IDS) have become an important component of infrastructure protection mechanism to secure the current and emerging networks, its services and applications by detecting, alerting and taking necessary actions against the malicious activities. The network size, technology diversities and security policies make networks more challenging and hence there is a requirement for IDS which should be very accurate, adaptive, extensible and more reliable. Alth...

  11. A Neuro-genetic Based Short-term Forecasting Framework for Network Intrusion Prediction System

    Siva S. Sivatha Sindhu; S. Geetha; M. Marikannan; A. Kannan

    2009-01-01

    Information systems are one of the most rapidly changing and vulnerable systems, where security is a major issue. The number of security-breaking attempts originating inside organizations is increasing steadily. Attacks made in this way, usually done by "authorized" users of the system, cannot be immediately traced. Because the idea of filtering the traffic at the entrance door, by using firewalls and the like, is not completely successful, the use of intrusion detection systems should be considered to increase the defense capacity of an information system. An intrusion detection system (IDS) is usually working in a dynamically changing environment, which forces continuous tuning of the intrusion detection model, in order to maintain sufficient performance. The manual tuning process required by current IDS depends on the system operators in working out the tuning solution and in integrating it into the detection model. Furthermore, an extensive effort is required to tackle the newly evolving attacks and a deep study is necessary to categorize it into the respective classes. To reduce this dependence, an automatically evolving anomaly IDS using neuro-genetic algorithm is presented. The proposed system automatically tunes the detection model on the fly according to the feedback provided by the system operator when false predictions are encountered. The system has been evaluated using the Knowledge Discovery in Databases Conference (KDD 2009) intrusion detection dataset. Genetic paradigm is employed to choose the predominant features, which reveal the occurrence of intrusions. The neuro-genetic IDS (NGIDS) involves calculation of weightage value for each of the categorical attributes so that data of uniform representation can be processed by the neuro-genetic algorithm. In this system unauthorized invasion of a user are identified and newer types of attacks are sensed and classified respectively by the neuro-genetic algorithm. The experimental results obtained in this

  12. Design And Efficient Deployment Of Honeypot And Dynamic Rule Based Live Network Intrusion Collaborative System

    Renuka Prasad.B

    2011-03-01

    Full Text Available The continuously emerging, operationally and managerially independent, geographically distributedcomputer networks deployable in an evolutionarily manner have created greater challenges in securingthem. Several research works and experiments have convinced the security expert that Network IntrusionDetection Systems (NIDS or Network Intrusion Prevention Systems (NIPS alone are not capable ofsecuring the Computer Networks from internal and external threats completely. In this paper we presentthe design of Intrusion Collaborative System which is a combination of NIDS,NIPS, Honeypots, softwaretools like nmap, iptables etc. Our Design is tested against existing attacks based on Snort Rules andseveral customized DDOS , remote and guest attacks. Dynamic rules are generated during every unusualbehavior that helps Intrusion Collaborative System to continuously learn about new attacks. Also aformal approach to deploy Live Intrusion Collaboration Systems based on System of Systems Concept isProposed.

  13. Intrusion Detection Systems and Intrusion Prevention System with Snort provided by Security Onion.

    Bezborodov, Sergey

    2016-01-01

    In this thesis I wanted to get familiar with Snort IDS/IPS. I used the Security Onion distribution with a lot of security tools, but I concentrated on Snort. Also I needed to evaluate Security Onion environment and check what features it provides for processing with Snort. During the work I needed to figure out the pros and cons of using Security Onion with Snort as a security system for network. I compared it with alternatives and briefly describe it. As result I installed Security Onion,...

  14. Methods and algorithms of selection the informative attributes in systems of adaptive data processing for analysis and forecasting

    Olimjan Djumanov

    2012-01-01

    The principles, methods and algorithms of informative attributes selection were developed for optimization of description and representation for the objects in systems of adaptive data processing, where data are non-stationary by nature. The proposed algorithms of informative attributes selection for one-dimensional time series are based on the simplified ratings of correlation, mathematical expectation, dispersion of attributes. The algorithms have been developed using dynamic properties of ...

  15. An Agent-Based Intrusion Detection System for Local Area Networks

    Sen, Jaydip

    2010-01-01

    Since it is impossible to predict and identify all the vulnerabilities of a network beforehand, and penetration into a system by malicious intruders cannot always be prevented, intrusion detection systems (IDSs) are essential entities to ensure the security of a networked system. To be effective in carrying out their functions, the IDSs need to be accurate, adaptive, and extensible. Given these stringent requirements and the high level of vulnerabilities of the current days’ networks, the design of an IDS has become a very challenging task. Although, an extensive research has been done on intrusion detection in a distributed environment, distributed IDSs suffer from a number of drawbacks e.g., high rates of false positives, low detection efficiency etc. In this paper, the design of a distributed IDS is proposed that consists of a group of autonomous and cooperating agents. In addition to its ability to detect attacks, the system is capable of identifying and isolating compromised nodes in the network the...

  16. Novel Model for Intrusion Detection

    Li Jia-chun; Li Zhi-tang

    2003-01-01

    It's very difficult that the traditional intrusion detection methods based on accurate match adapt to the blur and uncertainty of user information and expert knowledge, it results in failing to report the variations of attack signature. In addition security itself includes fuzziness, the judgment standard of confidentiality, integrity and availability of system resource is uncertain. In this paper fuzzy intrusion detection based on partial match is presented to detect some types of attacks availably and alleviate some of the difficulties of above approaches, the architecture of fuzzy intrusion detection system(FIDS) is introduced and its performance is analyzed.

  17. Novel Model for Intrusion Detection

    Li; Jia-chun; Li; Zhi-tang

    2003-01-01

    It's very difficult that the traditional intrusion detection methods based on accurate match adapt to the blur and uncertainty of user information and expert knowledge, it results in failing to report the variation of attack signature.In addition security itself includes fuzziness, the judgment standard of confidentiality, integrity and availability of system resource is uncertain. In this paper fuzzy intrusion detection based on partial match is presented to detect some types of attacks availably and alleviate some of the difficulties of above approaches, the architecture of fuzzy intrusion detection system(FIDS) is introduced and its performance is analyzed.

  18. Fast and Adaptive Lossless On-Board Hyperspectral Data Compression System for Space Applications

    Aranki, Nazeeh; Bakhshi, Alireza; Keymeulen, Didier; Klimesh, Matthew

    2009-01-01

    Efficient on-board lossless hyperspectral data compression reduces the data volume necessary to meet NASA and DoD limited downlink capabilities. The techniques also improves signature extraction, object recognition and feature classification capabilities by providing exact reconstructed data on constrained downlink resources. At JPL a novel, adaptive and predictive technique for lossless compression of hyperspectral data was recently developed. This technique uses an adaptive filtering method and achieves a combination of low complexity and compression effectiveness that far exceeds state-of-the-art techniques currently in use. The JPL-developed 'Fast Lossless' algorithm requires no training data or other specific information about the nature of the spectral bands for a fixed instrument dynamic range. It is of low computational complexity and thus well-suited for implementation in hardware, which makes it practical for flight implementations of pushbroom instruments. A prototype of the compressor (and decompressor) of the algorithm is available in software, but this implementation may not meet speed and real-time requirements of some space applications. Hardware acceleration provides performance improvements of 10x-100x vs. the software implementation (about 1M samples/sec on a Pentium IV machine). This paper describes a hardware implementation of the JPL-developed 'Fast Lossless' compression algorithm on a Field Programmable Gate Array (FPGA). The FPGA implementation targets the current state of the art FPGAs (Xilinx Virtex IV and V families) and compresses one sample every clock cycle to provide a fast and practical real-time solution for Space applications.

  19. Nuisance alarm suppression techniques for fibre-optic intrusion detection systems

    Mahmoud, Seedahmed S.; Visagathilagar, Yuvaraja; Katsifolis, Jim

    2012-02-01

    The suppression of nuisance alarms without degrading sensitivity in fibre-optic intrusion detection systems is important for maintaining acceptable performance. Signal processing algorithms that maintain the POD and minimize nuisance alarms are crucial for achieving this. A level crossings algorithm is presented for suppressing torrential rain-induced nuisance alarms in a fibre-optic fence-based perimeter intrusion detection system. Results show that rain-induced nuisance alarms can be suppressed for rainfall rates in excess of 100 mm/hr, and intrusion events can be detected simultaneously during rain periods. The use of a level crossing based detection and novel classification algorithm is also presented demonstrating the suppression of nuisance events and discrimination of nuisance and intrusion events in a buried pipeline fibre-optic intrusion detection system. The sensor employed for both types of systems is a distributed bidirectional fibre-optic Mach Zehnder interferometer.

  20. An immunity-based model for dynamic distributed intrusion detection

    Qiao, Peili; Wang, Tong; Su, Jie

    2008-03-01

    The traditional intrusion detection systems mostly adopt the analysis engine of the concentrating type, so the misinformation rate is higher and lack of self-adaptability, which is already difficult to meet increasing extensive security demand of the distributed network environment. An immunity-based model combining immune theory, data mining and data fusion technique for dynamic distributed intrusion detection is proposed in this paper. This system presents the method of establishing and evolving the set of early gene, and defines the sets of Self, Nonself and Immunity cells. Moreover, a detailed description is given to the architecture and work mechanism of the model, and the characters of the model are analyzed.

  1. Intrusion Detection System using Self Organizing Map: A Survey

    Kruti Choksi

    2014-12-01

    Full Text Available Due to usage of computer every field, Network Security is the major concerned in today’s scenario. Every year the number of users and speed of network is increasing, along with it online fraud or security threats are also increasing. Every day a new attack is generated to harm the system or network. It is necessary to protect the system or networks from various threats by using Intrusion Detection System which can detect “known” as well as “unknown” attack and generate alerts if any unusual behavior in the traffic. There are various approaches for IDS, but in this paper, survey is focused on IDS using Self Organizing Map. SOM is unsupervised, fast conversion and automatic clustering algorithm which is able to handle novelty detection. The main objective of the survey is to find and address the current challenges of SOM. Our survey shows that the existing IDS based on SOM have poor detection rate for U2R and R2L attacks. To improve it, proper normalization technique should be used. During the survey we also found that HSOM and GHSOM are advance model of SOM which have their own unique feature for better performance of IDS. GHSOM is efficient due to its low computation time. This survey is beneficial to design and develop efficient SOM based IDS having less computation time and better detection rate.

  2. HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NETWORK

    Seyedeh Yasaman Rashida

    2013-01-01

    In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security po...

  3. Necessity to adapt land use and land cover classification systems to readily accept radar data

    Drake, B.

    1977-01-01

    A hierarchial, four level, standardized system for classifying land use/land cover primarily from remote-sensor data (USGS system) is described. The USGS system was developed for nonmicrowave imaging sensors such as camera systems and line scanners. The USGS system is not compatible with the land use/land cover classifications at different levels that can be made from radar imagery, and particularly from synthetic-aperture radar (SAR) imagery. The use of radar imagery for classifying land use/land cover at different levels is discussed, and a possible revision of the USGS system to more readily accept land use/land cover classifications from radar imagery is proposed.

  4. Securing Wireless Sensor Network (WSN Using Embedded Intrusion Detection Systems

    Qutaiba I. Ali

    2012-06-01

    Full Text Available This paper focuses on designing distributed wireless sensor network gateways armed with Intrusion Detection System (IDS. The main contribution of this work is the attempt to insert IDS functionality into the gateway node (UBICOM IP2022 network processor chip itself. This was achieved by building a light weight signature based IDS based on the famous open source SNORT IDS. Regarding gateway nodes, as they have limited processing and energy constrains, the addition of further tasks (the IDS program may affects seriously on its performance, so that, the current design takes these constrains into consideration as a priority and use a special protocol to achieve this goal. In order to optimize the performance of the gateway nodes, some of the preprocessing tasks were offloaded from the gateway nodes to a suggested classification and processing server and a new searching algorithm was suggested. Different measures were taken to validate the design procedure and a detailed simulation model was built to discover the behavior of the system in different environments.

  5. Adaptable Embedded Systems

    Lisbôa, Carlos; Carro, Luigi

    2013-01-01

    As embedded systems become more complex, designers face a number of challenges at different levels: they need to boost performance, while keeping energy consumption as low as possible, they need to reuse existent software code, and at the same time they need to take advantage of the extra logic available in the chip, represented by multiple processors working together.  This book describes several strategies to achieve such different and interrelated goals, by the use of adaptability. Coverage includes reconfigurable systems, dynamic optimization techniques such as binary translation and trace reuse, new memory architectures including homogeneous and heterogeneous multiprocessor systems, communication issues and NOCs, fault tolerance against fabrication defects and soft errors, and finally, how one can combine several of these techniques together to achieve higher levels of performance and adaptability.  The discussion also includes how to employ specialized software to improve this new adaptive system, and...

  6. Calibrating a Salt Water Intrusion Model with Time-Domain Electromagnetic Data

    Herckenrath, Daan; Odlum, Nick; Nenna, Vanessa;

    2013-01-01

    Salt water intrusion models are commonly used to support groundwater resource management in coastal aquifers. Concentration data used for model calibration are often sparse and limited in spatial extent. With airborne and ground-based electromagnetic surveys, electrical resistivity models can be...... obtained to provide high-resolution three-dimensional models of subsurface resistivity variations that can be related to geology and salt concentrations on a regional scale. Several previous studies have calibrated salt water intrusion models with geophysical data, but are typically limited to the use of...... errors, we perform a coupled hydrogeophysical inversion (CHI) in which we use a salt water intrusion model to interpret the geophysical data and guide the geophysical inversion. We refer to this methodology as a Coupled Hydrogeophysical Inversion-State (CHI-S), in which simulated salt concentrations are...

  7. A Behavior Based Intrusion Detection System Using Machine Learning Algorithms

    Murat OĞUZ

    2016-06-01

    Full Text Available Humans are consistently referred to as the weakest link in information security. Human factors such as individual differences, cognitive abilities and personality traits can impact on behavior and play a significant role in information security. The purpose of this study is to identify, describe and classify the human factors affecting Information Security and develop a model to reduce the risk of insider misuse and assess the use and performance of the best-suited artificial intelligence techniques in detection of misuse. More specifically, this study provides a comprehensive view of the human related information security risks and threats, classification study of the human related threats in information security, a methodology developed to reduce the risk of human related threats by detecting insider misuse by a behavior-based intrusion detection system using machine learning algorithms, and the comparison of the numerical experiments for analysis of this approach. Specifically, by using the machine learning algorithm with the best learning performance, the detection rates of the attack types defined in the organized five dimensional human threats taxonomy were determined. Lastly, the possible human factors affecting information security as linked to the detection rates were sorted upon the evaluation of the taxonomy.

  8. A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network

    Wenchao Li

    2014-01-01

    abnormal nodes from normal nodes by observing their abnormal behaviors, and we analyse parameter selection and error rate of the intrusion detection system. The paper elaborates on the design and implementation of the detection system. This system has achieved efficient, rapid intrusion detection by improving the wireless ad hoc on-demand distance vector routing protocol (Ad hoc On-Demand Distance the Vector Routing, AODV. Finally, the test results show that: the system has high detection accuracy and speed, in accordance with the requirement of wireless sensor network intrusion detection.

  9. Experimental Study of Nuclear Security System Components for Achieving the Intrusion Process via Sensor's Network System

    Cluster sensors are one of nuclear security system components which are used to detect any intrusion process of the nuclear sites. In this work, an experimental measuring test for sensor performance and procedures are presented. Sensor performance testing performed to determine whether a particular sensor will be acceptable in a proposed design. We have access to a sensors test field in which the sensor of interest is already properly installed and the parameters have been set to optimal levels by preliminary testing. The glass-breakage (G.B) and open door (O.D) sensors construction, operation and design for the investigated nuclear site are explained. Intrusion tests were carried out inside the field areas of the sensors to evaluate the sensor performance during the intrusion process. Experimental trials were performed for achieving the intrusion process via sensor network system. The performance and intrusion senses of cluster sensors inside the internal zones was recorded and evaluated. The obtained results explained that the tested and experimented G.B sensors have a probability of detection P (D) value 65% founded, and 80% P (D) of Open-door sensor

  10. Adaptive security systems -- Combining expert systems with adaptive technologies

    The Adaptive Multisensor Integrated Security System (AMISS) uses a variety of computational intelligence techniques to reason from raw sensor data through an array of processing layers to arrive at an assessment for alarm/alert conditions based on human behavior within a secure facility. In this paper, the authors give an overview of the system and briefly describe some of the major components of the system. This system is currently under development and testing in a realistic facility setting

  11. Design and implementation of self-protection agent for network-based intrusion detection system

    朱树人; 李伟琴

    2003-01-01

    Static secure techniques, such as firewall, hierarchy filtering, distributed disposing,layer management, autonomy agent, secure communication, were introduced in distributed intrusion detection. The self-protection agents were designed, which have the distributed architecture,cooperate with the agents in intrusion detection in a loose-coupled manner, protect the security of intrusion detection system, and respond to the intrusion actively. A prototype self-protection agent was implemented by using the packet filter in operation system kernel. The results show that all the hosts with the part of network-based intrusion detection system and the whole intrusion detection system are invisible from the outside and network scanning, and cannot apperceive the existence of network-based intrusion detection system. The communication between every part is secure. In the low layer, the packet streams are controlled to avoid the buffer leaks exist ing in some system service process and back-door programs, so as to prevent users from misusing and vicious attack like Trojan Horse effectively.

  12. Applying an Ontology to a Patrol Intrusion Detection System for Wireless Sensor Networks

    Chia-Fen Hsieh; Rung-Ching Chen; Yung-Fa Huang

    2014-01-01

    With the increasing application of wireless sensor networks (WSN), the security requirements for wireless sensor network communications have become critical. However, the detection mechanisms of such systems impact the effectiveness of the entire network. In this paper, we propose a lightweight ontology-based wireless intrusion detection system (OWIDS). The system applies an ontology to a patrol intrusion detection system (PIDS). A PIDS is used to detect anomalies via detection knowledge. The...

  13. 基于数字属性和符号属性混合数据的网络异常入侵检测方法%Network-based anomaly intrusion detection with numeric-and-nominal mixed data

    蔡龙征; 余胜生; 王晓峰; 周敬利

    2006-01-01

    Anomaly detection is a key element of intrusion detection systems and a necessary complement of widely used misuse intrusion detection systems. Data sources used by network intrusion detection, like network packets or connections, often contain both numeric and nominal features. Both of these features contain important information for intrusion detection. These two features, on the other hand, have different characteristics. This paper presents a new network based anomaly intrusion detection approach that works well by building profiles for numeric and nominal features in different ways. During training, for each numeric feature, a normal profile is build through statistical distribution inference and parameter estimation, while for each nominal feature, a normal profile is setup through statistical method. These profiles are used as detection models during testing to judge whether a data being tested is benign or malicious. Experiments with the data set of 1999 DARPA (defense advanced research project agency) intrusion detection evaluation show that this approach can detect attacks effectively.

  14. STUDYING COMPLEX ADAPTIVE SYSTEMS

    John H. Holland

    2006-01-01

    Complex adaptive systems (cas) - systems that involve many components that adapt or learn as they interact - are at the heart of important contemporary problems. The study of cas poses unique challenges: Some of our most powerful mathematical tools, particularly methods involving fixed points, attractors, and the like, are of limited help in understanding the development of cas. This paper suggests ways to modify research methods and tools, with an emphasis on the role of computer-based models, to increase our understanding of cas.

  15. Improving Bee Algorithm Based Feature Selection in Intrusion Detection System Using Membrane Computing

    Kazeem I. Rufai

    2014-03-01

    Full Text Available Despite the great benefits accruable from the debut of computer and the internet, efforts are constantly being put up by fraudulent and mischievous individuals to compromise the integrity, confidentiality or availability of electronic information systems. In Cyber-security parlance, this is termed ‘intrusion’. Hence, this has necessitated the introduction of Intrusion Detection Systems (IDS to help detect and curb different types of attack. However, based on the high volume of data traffic involved in a network system, effects of redundant and irrelevant data should be minimized if a qualitative intrusion detection mechanism is genuinely desirous. Several attempts, especially feature subset selection approach using Bee Algorithm (BA, Linear Genetic Programming (LGP, Support Vector Decision Function Ranking (SVDF, Rough, Rough-DPSO, and Mutivariate Regression Splines (MARS have been advanced in the past to measure the dependability and quality of a typical IDS. The observed problem among these approaches has to do with their general performance. This has therefore motivated this research work. We hereby propose a new but robust algorithm called membrane algorithm to improve the Bee Algorithm based feature subset selection technique. This Membrane computing paradigm is a class of parallel computing devices. Data used were taken from KDD-Cup 99 Dataset which is the acceptable standard benchmark for intrusion detection. When the final results were compared to those of the existing approaches, using the three standard IDS measurements-Attack Detection, False Alarm and Classification Accuracy Rates, it was discovered that Bee Algorithm-Membrane Computing (BA-MC approach is a better technique. This is because our approach produced very high attack detection rate of 89.11%, classification accuracy of 95.60% and also generated a reasonable decrease in false alarm rate of 0.004. Receiver Operating Characteristic (ROC curve was used for results

  16. Adaptive Inflow Control System

    Volkov, Vasily Y; Zhuravlev, Oleg N; Nukhaev, Marat T; Shchelushkin, Roman V

    2014-01-01

    This article presents the idea and realization for the unique Adaptive Inflow Control System being a part of well completion, able to adjust to the changing in time production conditions. This system allows to limit the flow rate from each interval at a certain level, which solves the problem of water and gas breakthroughs. We present the results of laboratory tests and numerical calculations obtaining the characteristics of the experimental setup with dual-in-position valves as parts of adaptive inflow control system, depending on the operating conditions. The flow distribution in the system was also studied with the help of three-dimensional computer model. The control ranges dependences are determined, an influence of the individual elements on the entire system is revealed.

  17. The adaptive approach for storage assignment by mining data of warehouse management system for distribution centres

    Ming-Huang Chiang, David; Lin, Chia-Ping; Chen, Mu-Chen

    2011-05-01

    Among distribution centre operations, order picking has been reported to be the most labour-intensive activity. Sophisticated storage assignment policies adopted to reduce the travel distance of order picking have been explored in the literature. Unfortunately, previous research has been devoted to locating entire products from scratch. Instead, this study intends to propose an adaptive approach, a Data Mining-based Storage Assignment approach (DMSA), to find the optimal storage assignment for newly delivered products that need to be put away when there is vacant shelf space in a distribution centre. In the DMSA, a new association index (AIX) is developed to evaluate the fitness between the put away products and the unassigned storage locations by applying association rule mining. With AIX, the storage location assignment problem (SLAP) can be formulated and solved as a binary integer programming. To evaluate the performance of DMSA, a real-world order database of a distribution centre is obtained and used to compare the results from DMSA with a random assignment approach. It turns out that DMSA outperforms random assignment as the number of put away products and the proportion of put away products with high turnover rates increase.

  18. Multi-Use Non-Intrusive Flow Characterization System (FCS) Project

    National Aeronautics and Space Administration — The innovation is a Multi-Use Non-Intrusive Flow Characterization System (FCS) for densified, normal boiling point, and two-phase cryogenic flows, capable of...

  19. Multi-Use Non-Intrusive Flow Characterization System (FCS) Project

    National Aeronautics and Space Administration — The product of the Phase II effort will be a Multi-Use Non-Intrusive Flow Characterization System (FCS) for densified, normal boiling point, and two-phase cryogenic...

  20. A Recent Survey on Bloom Filters in Network Intrusion Detection Systems

    K.Saravanan,

    2011-03-01

    Full Text Available Computer networks are prone to hacking, viruses and other malware; a Network Intrusion Detection System (NIDS is needed to protect the end-user machines from threats. An effective NIDS is therefore anetwork security system capable of protecting the end user machines well before a threat or intruder affects. NIDS requires a space efficient data base for detection of threats in high speed conditions. A bloom filter is a space efficient randomized data structure for representing a set in order to support membership queries. These Bloom filters allow false positive results (FPR but the space saving capability often outweigh this drawback provided the probability of FPR is controlled. Research is being done to reduce FPR by modifying the structure of bloom filters and enabling it to operate in the increasing network speeds, thus variant bloom filters are being introduced. The aim of this paper is to survey the ways in which Bloom filters have been used and modified to be used in high speed Network Intrusion Detection Systems with their merits and demerits.

  1. An Intrusion Detection System Based on Multi-Level Clustering for Hierarchical Wireless Sensor Networks.

    Butun, Ismail; Ra, In-Ho; Sankar, Ravi

    2015-01-01

    In this work, an intrusion detection system (IDS) framework based on multi-level clustering for hierarchical wireless sensor networks is proposed. The framework employs two types of intrusion detection approaches: (1) "downward-IDS (D-IDS)" to detect the abnormal behavior (intrusion) of the subordinate (member) nodes; and (2) "upward-IDS (U-IDS)" to detect the abnormal behavior of the cluster heads. By using analytical calculations, the optimum parameters for the D-IDS (number of maximum hops) and U-IDS (monitoring group size) of the framework are evaluated and presented. PMID:26593915

  2. An Intrusion Detection System Based on Multi-Level Clustering for Hierarchical Wireless Sensor Networks

    Ismail Butun; In-Ho Ra; Ravi Sankar

    2015-01-01

    In this work, an intrusion detection system (IDS) framework based on multi-level clustering for hierarchical wireless sensor networks is proposed. The framework employs two types of intrusion detection approaches: (1) “downward-IDS (D-IDS)” to detect the abnormal behavior (intrusion) of the subordinate (member) nodes; and (2) “upward-IDS (U-IDS)” to detect the abnormal behavior of the cluster heads. By using analytical calculations, the optimum parameters for the D-IDS (number of maximum hops...

  3. Bald Mountain gold mining district, Nevada: A Jurassic reduced intrusion-related gold system

    Nutt, C.J.; Hofstra, A.H.

    2007-01-01

    The Bald Mountain mining district has produced about 2 million ounces (Moz) of An. Geologic mapping, field relationships, geochemical data, petrographic observations, fluid inclusion characteristics, and Pb, S, O, and H isotope data indicate that An mineralization was associated with a reduced Jurassic intrusion. Gold deposits are localized within and surrounding a Jurassic (159 Ma) quartz monzonite porphyry pluton and dike complex that intrudes Cambrian to Mississippian carbonate and clastic rocks. The pluton, associated dikes, and An mineralization were controlled by a crustal-scale northwest-trending structure named the Bida trend. Gold deposits are localized by fracture networks in the pluton and the contact metamorphic aureole, dike margins, high-angle faults, and certain strata or shale-limestone contacts in sedimentary rocks. Gold mineralization was accompanied by silicification and phyllic alteration, ??argillic alteration at shallow levels. Although An is typically present throughout, the system exhibits a classic concentric geochemical zonation pattern with Mo, W, Bi, and Cu near the center, Ag, Pb, and Zn at intermediate distances, and As and Sb peripheral to the intrusion. Near the center of the system, micron-sized native An occurs with base metal sulfides and sulfosalts. In peripheral deposits and in later stages of mineralization, Au is typically submicron in size and resides in pyrite or arsenopyrite. Electron microprobe and laser ablation ICP-MS analyses show that arsenopyrite, pyrite, and Bi sulfide minerals contain 10s to 1,000s of ppm Au. Ore-forming fluids were aqueous and carbonic at deep levels and episodically hypersaline at shallow levels due to boiling. The isotopic compositions of H and O in quartz and sericite and S and Pb in sulfides are indicative of magmatic ore fluids with sedimentary sulfur. Together, the evidence suggests that Au was introduced by reduced S-bearing magmatic fluids derived from a reduced intrusion. The reduced

  4. Service-oriented architecture of adaptive, intelligent data acquisition and processing systems for long-pulse fusion experiments

    Gonzalez, J. [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Ruiz, M., E-mail: mariano.ruiz@upm.e [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Barrera, E.; Lopez, J.M.; Arcas, G. de [Grupo de Investigacion en Instrumentacion y Acustica Aplicada. Universidad Politecnica de Madrid, Crta. Valencia Km-7 Madrid 28031 (Spain); Vega, J. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)

    2010-07-15

    The data acquisition systems used in long-pulse fusion experiments need to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations, it is essential to employ software tools that allow for hot swap capabilities throughout the temporal evolution of the experiments. This is very important because processing needs are not equal during different phases of the experiment. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of a technology for implementing scalable data acquisition and processing systems based on PXI and CompactPCI hardware. In the ITMS platform, a set of software tools allows the user to define the processing algorithms associated with the different experimental phases using state machines driven by software events. These state machines are specified using the State Chart XML (SCXML) language. The software tools are developed using JAVA, JINI, an SCXML engine and several LabVIEW applications. Within this schema, it is possible to execute data acquisition and processing applications in an adaptive way. The power of SCXML semantics and the ability to work with XML user-defined data types allow for very easy programming of the ITMS platform. With this approach, the ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems based on a service-oriented model with the ability to easily implement remote participation applications.

  5. Service-oriented architecture of adaptive, intelligent data acquisition and processing systems for long-pulse fusion experiments

    The data acquisition systems used in long-pulse fusion experiments need to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations, it is essential to employ software tools that allow for hot swap capabilities throughout the temporal evolution of the experiments. This is very important because processing needs are not equal during different phases of the experiment. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of a technology for implementing scalable data acquisition and processing systems based on PXI and CompactPCI hardware. In the ITMS platform, a set of software tools allows the user to define the processing algorithms associated with the different experimental phases using state machines driven by software events. These state machines are specified using the State Chart XML (SCXML) language. The software tools are developed using JAVA, JINI, an SCXML engine and several LabVIEW applications. Within this schema, it is possible to execute data acquisition and processing applications in an adaptive way. The power of SCXML semantics and the ability to work with XML user-defined data types allow for very easy programming of the ITMS platform. With this approach, the ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems based on a service-oriented model with the ability to easily implement remote participation applications.

  6. Services oriented architecture for adaptive and intelligent data acquisition and processing systems in long pulse fusion experiments

    Data acquisition systems used in long pulse fusion experiments require to implement data reduction and pattern recognition algorithms in real time. In order to accomplish these operations is essential to dispose software tools that allow hot swap capabilities throughout the temporal evolution of the experiments. This is very important because the processing needs are not equal in the different experiment's phases. The intelligent test and measurement system (ITMS) developed by UPM and CIEMAT is an example of technology for implementing scalable data acquisition and processing systems based in PXI and compact PCI hardware. In the ITMS platform a set of software tools allows the user to define the processing associated with the different experiment's phases using state machines driven by software events. These state machines are specified using State Chart XML (SCXML) language. The software tools are developed using: JAVA, JINI, a SCXML engine and several LabVIEW applications. With this schema it is possible to execute data acquisition and processing applications in an adaptive way. The powerful of SCXML semantics and the possibility of to work with XML user defined data types allow a very easy programming of ITMS platform. With this approach ITMS platform is a suitable solution for implementing scalable data acquisition and processing systems, based in a services oriented model, with ease possibility for implement remote participation applications. (authors)

  7. Adaptive Noise Reduction System

    Ivana Ropuš

    2013-01-01

    Full Text Available Noise is an all-present environment pollutant, considered to be one of the greatest contemporary pollutants. World-wide, co-ordinated actions are conducted in order to develop systems which minimise the noise influence onto society.In this article we argue that novel approach to suppression of influence of noise is useful. Furthermore, we argue that the efficient approach is formulation of the efficient, broadly applicable, ubiquituous, adaptive noise-protection system. The approach combines the natural noise-protection form based on plants with the artificially formed coatings.Elements of the system are discussed, its formation and maintenance analysed and perspectives conjectured.

  8. A Novel Datamining Based Approach for Remote Intrusion Detection

    Renu Deepti.S, Loshma.G

    2012-06-01

    Full Text Available Today, as information systems are more open to the Internet,attacks and intrusions are also increasing rapidly so the importance of secure networks is also vital. New intelligent Intrusion Detection Systems which are based on sophisticated algorithms are in demand.Intrusion Detection System (IDS is an important detection used as a countermeasure to preserve data integrity and system availability from attacks. It is a combination of software and hardware that attempts to perform intrusion detection.In data mining based intrusion detection system, we should make use of particular domain knowledge in relation to intrusion detection in order to efficiently extract relative rules from large amounts of records.This paper proposes boosting method for intrusion detection and it is possible to detect the intrusions in all the Systems, without installing the Software in client System (like client-server via Web service (Apache tomcat by using the ip address of the client system.

  9. Unsupervised Training Methods for Non-intrusive Appliance Load Monitoring from Smart Meter Data

    Parson, Oliver

    2014-01-01

    Non-intrusive appliance load monitoring (NIALM) is the process of disaggregating a household’s total electricity consumption into its contributing appliances. Smart meters are currently being deployed on national scales, providing a platform to collect aggregate household electricity consumption data. Existing approaches to NIALM require a manual training phase in which either sub-metered appliance data is collected or appliance usage is manually labelled. This training data is used to build ...

  10. Dataport and NILMTK: a building data set designed for non-intrusive load monitoring

    Parson, Oliver; Fisher, Grant; Hersey, April; Batra, Nipun; Kelly, Jack; Singh, Amarjeet; Knottenbelt, William; Rogers, Alex

    2015-01-01

    Non-intrusive load monitoring (NILM), or energy disaggregation, is the process of using signal processing and machine learning to separate the energy consumption of a building into individual appliances. In recent years, a number of data sets have been released in order to evaluate such approaches, which contain both building-level and appliance-level energy data. However, these data sets typically cover less than 10 households due to the financial cost of such deployments, and are not releas...