Abstract
The Internet is an inseparable part of our contemporary lives. This means that protection against threats and attacks is crucial for major companies and for individual users. There is a demand for the ongoing development of methods for ensuring security in cyberspace. A crucial cybersecurity solution is intrusion detection systems, which detect attacks in network environments and responds appropriately. This article presents a new multivariable heuristic intrusion detection algorithm based on different types of flags and values of entropy. The data is shared by organisations to help increase the effectiveness of intrusion detection. The authors also propose default values for parameters of a heuristic algorithm and values regarding detection thresholds. This solution has been implemented in a well-known, open-source system and verified with a series of tests. Additionally, the authors investigated how updating the variables affects the intrusion detection process. The results confirmed the effectiveness of the proposed approach and heuristic algorithm.
Highlights
The ongoing evolution of science and technology continues to bring new challenges
Aside from packet scoring, the authors of this paper focus on a federated approach to intrusion detection
This paper proposes a multivariable heuristic algorithm as a new method of intrusion detection
Summary
The ongoing evolution of science and technology continues to bring new challenges. With the Internet becoming one of the most important inventions of the last century and an integral part of today’s world, new threats are emerging [1]. Vulnerabilities could mean losses for individual users, but they could extend to millions or even billions of dollars [5,6] This drives the development of effective security tools. Awareness of the importance of cybersecurity encourages organisations to engage in joint defence activities, those operating in the same sector, such as energy, healthcare, etc By working together, they are able to collect and process data regarding sector-specific attacks and malicious software [8,9]. The authors introduce a new multivariable heuristic intrusion detection algorithm based on shared data. Such a joint approach to attack and malware detection allows the federated companies to share knowledge and make the best decisions regarding suspicious traffic.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.