Abstract: This research focus on the intrusion detection system (IDS) development which using artificial immune system (AIS) with population based incremental learning (PBIL). AIS have powerful distinguished capability to extirpate antigen when the antigen intrude into human body. The PBIL is based on past learning experience to adjust new learning. Therefore we propose an intrusion detection system call PBIL-AIS which combine two approaches of PBIL and AIS to evolution computing. In AIS part we design three mechanisms such as clonal selection, negative selection and antibody level to intensify AIS performance. In experimental result, our PBIL-AIS IDS can capture high accuracy when an intrusion connection attacks.
Abstract: The seismic rehabilitation designs of two reinforced
concrete school buildings, representative of a wide stock of similar
edifices designed under earlier editions of the Italian Technical
Standards, are presented in this paper. The mutual retrofit solution
elaborated for the two buildings consists in the incorporation of a
dissipative bracing system including pressurized fluid viscous springdampers
as passive protective devices. The mechanical parameters,
layouts and locations selected for the constituting elements of the
system; the architectural renovation projects developed to properly
incorporate the structural interventions and improve the appearance
of the buildings; highlights of the installation works already
completed in one of the two structures; and a synthesis of the
performance assessment analyses carried out in original and
rehabilitated conditions, are illustrated. The results of the analyses
show a remarkable enhancement of the seismic response capacities of
both structures. This allows reaching the high performance objectives
postulated in the retrofit designs with much lower costs and
architectural intrusion as compared to traditional rehabilitation
interventions designed for the same objectives.
Abstract: This research intends to introduce a new usage of Artificial Intelligent (AI) approaches in Stepping Stone Detection (SSD) fields of research. By using Self-Organizing Map (SOM) approaches as the engine, through the experiment, it is shown that SOM has the capability to detect the number of connection chains that involved in a stepping stones. Realizing that by counting the number of connection chain is one of the important steps of stepping stone detection and it become the research focus currently, this research has chosen SOM as the AI techniques because of its capabilities. Through the experiment, it is shown that SOM can detect the number of involved connection chains in Network-based Stepping Stone Detection (NSSD).
Abstract: This paper analyzes different techniques of the fine grained security of relational databases for the two variables-data accessibility and inference. Data accessibility measures the amount of data available to the users after applying a security technique on a table. Inference is the proportion of information leakage after suppressing a cell containing secret data. A row containing a secret cell which is suppressed can become a security threat if an intruder generates useful information from the related visible information of the same row. This paper measures data accessibility and inference associated with row, cell, and column level security techniques. Cell level security offers greatest data accessibility as it suppresses secret data only. But on the other hand, there is a high probability of inference in cell level security. Row and column level security techniques have least data accessibility and inference. This paper introduces cell plus innocent security technique that utilizes the cell level security method but suppresses some innocent data to dodge an intruder that a suppressed cell may not necessarily contain secret data. Four variations of the technique namely cell plus innocent 1/4, cell plus innocent 2/4, cell plus innocent 3/4, and cell plus innocent 4/4 respectively have been introduced to suppress innocent data equal to 1/4, 2/4, 3/4, and 4/4 percent of the true secret data inside the database. Results show that the new technique offers better control over data accessibility and inference as compared to the state-of-theart security techniques. This paper further discusses the combination of techniques together to be used. The paper shows that cell plus innocent 1/4, 2/4, and 3/4 techniques can be used as a replacement for the cell level security.
Abstract: This paper investigated the organizational
innovativeness of public listed housing developers in Malaysia. We
conceptualized organizational innovativeness as a multi-dimensional
construct consisting of 5 dimensions: market innovativeness, product
innovativeness, process innovativeness, behavior innovativeness and
strategic innovativeness. We carried out questionnaire survey with all
accessible public listed developers in Malaysia and received a 56
percent response. We found that the innovativeness of public listed
housing developers is low. The study extends the knowledge on
innovativeness theory by using a multi-dimensional contructs to
conceptualize the innovativeness of public listed housing developers
in Malaysia where all this while most studies focused on single
dimensional construct of innovativeness. The paper ends by
providing some explanations for the results.
Abstract: During the last couple of years, the degree of dependence on IT systems has reached a dimension nobody imagined to be possible 10 years ago. The increased usage of mobile devices (e.g., smart phones), wireless sensor networks and embedded devices (Internet of Things) are only some examples of the dependency of modern societies on cyber space. At the same time, the complexity of IT applications, e.g., because of the increasing use of cloud computing, is rising continuously. Along with this, the threats to IT security have increased both quantitatively and qualitatively, as recent examples like STUXNET or the supposed cyber attack on Illinois water system are proofing impressively. Once isolated control systems are nowadays often publicly available - a fact that has never been intended by the developers. Threats to IT systems don’t care about areas of responsibility. Especially with regard to Cyber Warfare, IT threats are no longer limited to company or industry boundaries, administrative jurisdictions or state boundaries. One of the important countermeasures is increased cooperation among the participants especially in the field of Cyber Defence. Besides political and legal challenges, there are technical ones as well. A better, at least partially automated exchange of information is essential to (i) enable sophisticated situational awareness and to (ii) counter the attacker in a coordinated way. Therefore, this publication performs an evaluation of state of the art Intrusion Detection Message Exchange protocols in order to guarantee a secure information exchange between different entities.
Abstract: For the past couple of decades Weak signal detection
is of crucial importance in various engineering and scientific
applications. It finds its application in areas like Wireless
communication, Radars, Aerospace engineering, Control systems and
many of those. Usually weak signal detection requires phase sensitive
detector and demodulation module to detect and analyze the signal.
This article gives you a preamble to intrusion detection system which
can effectively detect a weak signal from a multiplexed signal. By
carefully inspecting and analyzing the respective signal, this
system can successfully indicate any peripheral intrusion. Intrusion
detection system (IDS) is a comprehensive and easy approach
towards detecting and analyzing any signal that is weakened and
garbled due to low signal to noise ratio (SNR). This approach
finds significant importance in applications like peripheral security
systems.
Abstract: We propose a novel graphical technique (SVision) for
intrusion detection, which pictures the network as a community of
hosts independently roaming in a 3D space defined by the set of
services that they use. The aim of SVision is to graphically cluster
the hosts into normal and abnormal ones, highlighting only the ones
that are considered as a threat to the network. Our experimental
results using DARPA 1999 and 2000 intrusion detection and
evaluation datasets show the proposed technique as a good candidate
for the detection of various threats of the network such as vertical
and horizontal scanning, Denial of Service (DoS), and Distributed
DoS (DDoS) attacks.
Abstract: Recently, wireless sensor networks have been paid
more interest, are widely used in a lot of commercial and military
applications, and may be deployed in critical scenarios (e.g. when a
malfunctioning network results in danger to human life or great
financial loss). Such networks must be protected against human
intrusion by using the secret keys to encrypt the exchange messages
between communicating nodes. Both the symmetric and asymmetric
methods have their own drawbacks for use in key management. Thus,
we avoid the weakness of these two cryptosystems and make use of
their advantages to establish a secure environment by developing the
new method for encryption depending on the idea of code
conversion. The code conversion-s equations are used as the key for
designing the proposed system based on the basics of logic gate-s
principals. Using our security architecture, we show how to reduce
significant attacks on wireless sensor networks.
Abstract: IEEE has recently incorporated CCMP protocol to provide robust security to IEEE 802.11 wireless LANs. It is found that CCMP has been designed with a weak nonce construction and transmission mechanism, which leads to the exposure of initial counter value. This weak construction of nonce renders the protocol vulnerable to attacks by intruders. This paper presents how the initial counter can be pre-computed by the intruder. This vulnerability of counter block value leads to pre-computation attack on the counter mode encryption of CCMP. The failure of the counter mode will result in the collapse of the whole security mechanism of 802.11 WLAN.
Abstract: Grid computing provides an effective infrastructure for massive computation among flexible and dynamic collection of individual system for resource discovery. The major challenge for grid computing is to prevent breaches and secure the data from trespassers. To overcome such conflicts a semantic approach can be designed which will filter the access requests of peers by checking the resource description specifying the data and the metadata as factual statements. Between every node in the grid a semantic firewall as a middleware will be present The intruder will be required to present an application specifying there needs to the firewall and hence accordingly the system will grant or deny the application request.
Abstract: To illustrate diversity of methods used to extract relevant (where the concept of relevance can be differently defined for different applications) visual data, the paper discusses three groups of such methods. They have been selected from a range of alternatives to highlight how hardware and software tools can be complementarily used in order to achieve various functionalities in case of different specifications of “relevant data". First, principles of gated imaging are presented (where relevance is determined by the range). The second methodology is intended for intelligent intrusion detection, while the last one is used for content-based image matching and retrieval. All methods have been developed within projects supervised by the author.
Abstract: The aim of this article is to explain how features of attacks could be extracted from the packets. It also explains how vectors could be built and then applied to the input of any analysis stage. For analyzing, the work deploys the Feedforward-Back propagation neural network to act as misuse intrusion detection system. It uses ten types if attacks as example for training and testing the neural network. It explains how the packets are analyzed to extract features. The work shows how selecting the right features, building correct vectors and how correct identification of the training methods with nodes- number in hidden layer of any neural network affecting the accuracy of system. In addition, the work shows how to get values of optimal weights and use them to initialize the Artificial Neural Network.
Abstract: This paper presents an intrusion detection system of hybrid neural network model based on RBF and Elman. It is used for anomaly detection and misuse detection. This model has the memory function .It can detect discrete and related aggressive behavior effectively. RBF network is a real-time pattern classifier, and Elman network achieves the memory ability for former event. Based on the hybrid model intrusion detection system uses DARPA data set to do test evaluation. It uses ROC curve to display the test result intuitively. After the experiment it proves this hybrid model intrusion detection system can effectively improve the detection rate, and reduce the rate of false alarm and fail.
Abstract: A Wireless sensor network (WSN) consists of a set of battery-powered nodes, which collaborate to perform sensing tasks in a given environment. Each node in WSN should be capable to act for long periods of time with scrimpy or no external management. One requirement for this independent is: in the presence of adverse positions, the sensor nodes must be capable to configure themselves. Hence, the nodes for determine the existence of unusual events in their surroundings should make use of position awareness mechanisms. This work approaches the problem by considering the possible unusual events as diseases, thus making it possible to diagnose them through their symptoms, namely, their side effects. Considering these awareness mechanisms as a foundation for highlevel monitoring services, this paper also shows how these mechanisms are included in the primal plan of an intrusion detection system.
Abstract: In this paper, a new learning approach for network
intrusion detection using naïve Bayesian classifier and ID3 algorithm
is presented, which identifies effective attributes from the training
dataset, calculates the conditional probabilities for the best attribute
values, and then correctly classifies all the examples of training and
testing dataset. Most of the current intrusion detection datasets are
dynamic, complex and contain large number of attributes. Some of
the attributes may be redundant or contribute little for detection
making. It has been successfully tested that significant attribute
selection is important to design a real world intrusion detection
systems (IDS). The purpose of this study is to identify effective
attributes from the training dataset to build a classifier for network
intrusion detection using data mining algorithms. The experimental
results on KDD99 benchmark intrusion detection dataset demonstrate
that this new approach achieves high classification rates and reduce
false positives using limited computational resources.
Abstract: As mobile ad hoc networks (MANET) have different
characteristics from wired networks and even from standard wireless
networks, there are new challenges related to security issues that
need to be addressed. Due to its unique features such as open nature,
lack of infrastructure and central management, node mobility and
change of dynamic topology, prevention methods from attacks on
them are not enough. Therefore intrusion detection is one of the
possible ways in recognizing a possible attack before the system
could be penetrated. All in all, techniques for intrusion detection in
old wireless networks are not suitable for MANET. In this paper, we
classify the architecture for Intrusion detection systems that have so
far been introduced for MANETs, and then existing intrusion
detection techniques in MANET presented and compared. We then
indicate important future research directions.
Abstract: Phishing scheme is a new emerged security issue of
E-Commerce Crime in globalization. In this paper, the legal scaffold
of Malaysia, United States and United Kingdom are analyzed and
followed by discussion on critical issues that rose due to phishing
activities. The result revealed that inadequacy of current legal
framework is the main challenge to govern this epidemic. However,
lack of awareness among consumers, crisis on merchant-s
responsibility and lack of intrusion reports and incentive arrangement
contributes to phishing proliferating. Prevention is always better than
curb. By the end of this paper, some best practices for consumers and
corporations are suggested.
Abstract: Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today's commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98% detection rate (DR) in comparison with
other existing methods.
Abstract: Intrusion Detection Systems are increasingly a key
part of systems defense. Various approaches to Intrusion Detection
are currently being used, but they are relatively ineffective. Artificial
Intelligence plays a driving role in security services. This paper
proposes a dynamic model Intelligent Intrusion Detection System,
based on specific AI approach for intrusion detection. The
techniques that are being investigated includes neural networks and
fuzzy logic with network profiling, that uses simple data mining
techniques to process the network data. The proposed system is a
hybrid system that combines anomaly, misuse and host based
detection. Simple Fuzzy rules allow us to construct if-then rules that
reflect common ways of describing security attacks. For host based
intrusion detection we use neural-networks along with self
organizing maps. Suspicious intrusions can be traced back to its
original source path and any traffic from that particular source will
be redirected back to them in future. Both network traffic and system
audit data are used as inputs for both.