VARNet-6G with FIERO model for anomaly detection and enhancing network stability in future-ready communication systems

Intrusion detection system is one of the essential security tools of modern information systems. Continuous development of new types of attacks re quires the development of intelligent approaches for intrusion detection capable to detect newest attacks. We present recirculation neural network based approach which lets to detect previously unseen attack types in real-time mode and to further correct recognition of this types. In this paper we use recirculation neural networks as an anomaly detector as well as a misuse detector, ensemble of anomaly and misuse detectors, fusion of several detectors for correct detection and recognition of attack types. The experiments held on both KDD’99 data and real network traffic data show promising results.

Purpose– Anomaly detection of network attacks has become a high priority because of the need to guarantee security, privacy and reliability. This work aims to describe both intelligent immunological approaches and traditional monitoring systems for anomaly detection.Design/methodology/approach– Author investigated different artificial immune system (AIS) theories and proposes how to combine different ideas to solve problems of network security domain. An anomaly detection system that applies those ideas was built and tested in a real time environment, to test the pros and cons of AIS and clarify its applicability. Rather than building a detailed signature based model of intrusion detection system, the scope of this study tries to explore the principle in an immune network focusing on its self-organization, adaptive learning capability, and immune feedback.Findings– The natural immune system has its own intelligent mechanisms to detect the foreign bodies and fight them and without it, an individual cannot live, even just for several days. Network attackers evolved new types of attacks. Attacks became more complex, severe and hard to detect. This results in increasing needs for network defense systems, especially those with ability to extraordinary approaches or to face the dynamic nature of continuously changing network threats. KDD CUP'99 dataset are used as a training data to evaluate the proposed hybrid artificial immune principles anomaly detection. The average cost of the proposed model was 0.1195 where that the wining of KDD99 dataset computation had 0.233.Originality/value– It is original to introduce investigation on the vaccination biological process. A special module was built to perform this process and check its usage and how it could be formulated in artificial life.

In this paper we study the influence of key-scheduling algorithms on the strength of blockciphers. We show that the key-scheduling algorithms of many blockciphers inherit obvious relationships between keys, and use these key relations to attack the blockciphers. Two new types of attacks are described: New chosen plaintext reductions of the complexity of exhaustive search attacks (and the faster variants based on complementation properties), and new low-complexity chosen key attacks. These attacks are independent of the number of rounds of the cryptosystems and of the details of the F-function and may have very small complexities. These attacks show that the key-scheduling algorithm should be carefully designed and that its structure should not be too simple. These attacks are applicable to both variants of LOKI and to Lucifer. DES is not vulnerable to the related keys attacks since the shift pattern in the key-scheduling algorithm is not the same in all the rounds.

Wireless body area(WBANs) network is a new technological development that is capable to monitor and process human health remotely. In this process,the wearable wireless sensor plays a vital role in the collection of information. As the information collected by wearable wireless sensors are very critical security is necessary which can able to take care of security and reliability at the same time. Reliability is necessary to build trust between endusers. Nowadays instead of physical attack new type of cyber attack will take place on the digital information. Due to the new type of attack in the cyber world special type of secure model needed to fulfil the current need. The proposes a secure and efficient authentication and privacy mechanism (SEAPM), which shows a better result in comparison to the existing algorithm in their previous works. This work includes a mechanism which needs less resource comparatively. Only authentic entities can able to interact with the authentic server which essential requisite for both sides.

In this paper we study the influence of key scheduling algorithms on the strength of blockciphers. We show that the key scheduling algorithms of many blockciphers inherit obvious relationships between keys, and use these key relations to attack the blockciphers. Two new types of attacks are described: New chosen plaintext reductions of the complexity of exhaustive search attacks (and the faster variants based on complementation properties), and new low-complexity chosen key attacks. These attacks are independent of the number of rounds of the cryptosystems and of the details of the F-function and may have very small complexities. These attacks show that the key scheduling algorithm should be carefully designed and that its structure should not be too simple. These attacks are applicable to both variants of LOKI and to Lucifer. DES is not vulnerable to the related keys attacks since the shift pattern in the key scheduling algorithm is not the same in all the rounds.

A hybrid approach is proposed to detect anomalies in natural complicated data structures with high noise levels. The approach includes the application of an autoencoder neural network and singular spectrum analysis (SSA) with an adaptive anomaly detection algorithm (AADA) developed by the authors. The autoencoder is the quintessence of the representation learning algorithm, and it projects (selects) data features. Here, under-complete autoencoders are used. They are a product of the development of the principal component method and allow one to approximate complex nonlinear dependencies. Singular spectrum analysis decomposes data through the singular decomposition of matrix trajectories and makes it possible to detect the data structure in the noise. The AADA is based on the combination of wavelet transforms with threshold functions. Combinations of different constructions of wavelet transformation with threshold functions are widely applied to tasks relating to complex data processing. However, when the noise level is high and there is no complete knowledge of a useful signal, anomaly detection is not a trivial problem and requires a complex approach. This paper considers the use of adaptive threshold functions, the parameters of which are estimated on a probabilistic basis. Adaptive thresholds and a moving time window are introduced. The efficiency of the proposed method in detecting anomalies in neutron monitor data is illustrated. Neutron monitor data record cosmic ray intensities. We used neutron monitor data from ground stations. Anomalies in cosmic rays can create serious radiation hazards for people as well as for space and ground facilities. Thus, the diagnostics of anomalies in cosmic ray parameters is quite topical, and research is being carried out by teams from different countries. A comparison of the results for the autoencoder + AADA and SSA + AADA methods showed the higher efficiency of the autoencoder + AADA method. A more flexible NN apparatus provides better detection of short-period anomalies that have complicated structures. However, the combination of SSA and the AADA is efficient in the detection of long-term anomalies in cosmic rays that occur during strong magnetic storms. Thus, cosmic ray data analysis requires a more complex approach, including the use of the autoencoder and SSA with the AADA.

One of the main challenge in computer networks has become to keep up with patterns of threats that evolve and increase on a daily basis. There are many traditional mechanisms, such as firewalls, but they do not secure the detection of new types of attacks. Intrusion detection systems are tools to detect attacks, but they suffer from an inability to detect unknown attacks. Therefore, the method was devoted to methods of machine learning and data mining to increase the capability to predict new types of attacks. This study reviewed and analysed the research background for Intrusion Detection Systems (IDSs) based on Deep Learning (DL) or Machine Learning (ML) methods into a logical taxonomy and pinpoints the challenges and future opportunities in this vital study area. There are several techniques to aid IDS to identify and identified the changing behaviour of the system. However, some papers have lately proposed the idea of hybrid detection. This study analyses machine-learning techniques in IDS. Many related studies focused on machine learning techniques had been reviews in the period below 2000 to 2020. Associated studies include machine learning, deep learning, and Hybrid approaches.

Modern intrusion detection systems must be able to discover new types of attacks in real-time. To this aim, automatic or semi-automatic techniques can be used; outlier detection algorithms are particularly apt to this task, as they can work in an unsupervised way. However, due to the different nature and behavior of the attacks, the performance of different outlier detection algorithms varies largely. In this ongoing work, we describe an approach aimed at understanding whether an ensemble of outlier algorithms can be used to detect effectively new types of attacks in intrusion detection systems. In particular, Genetic Programming (GP) is adopted to build the combining function of an ensemble of local and global outlier detection algorithms, which are used to detect different types of attack. Preliminary experiments, conducted on the well-known NSL-KDD dataset, are encouraging and confirm that, depending on the type of attacks, it would be better to use only local or only global detection algorithms and that the GP-based ensemble improves the performance in comparison with commonly used combining functions.

Advances in deep learning, combined with availability of large datasets, have led to impressive improvements in face presentation attack detection research. However, state-of-the-art face antispoofing systems are still vulnerable to novel types of attacks that are never seen during training. Moreover, even if such attacks are correctly detected, these systems lack the ability to adapt to newly encountered attacks. The post-training ability of continually detecting new types of attacks and self-adaptation to identify these attack types, after the initial detection phase, is highly appealing. In this paper, we enable a deep neural network to detect anomalies in the observed input data points as potential new types of attacks by suppressing the confidence-level of the network outside the training samples’ distribution. We then use experience replay to update the model to incorporate knowledge about new types of attacks without forgetting the past learned attack types. Experimental results are provided to demonstrate the effectiveness of the proposed method on two benchmark datasets as well as a newly introduced dataset which exhibits a large variety of attack types. <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">1</sup>

An anomaly pattern detection for bridge structural response considering time-varying temperature coefficients

One of the most challenging issue nowadays is providing security on MANET architecture. The key issue in MANET is the design of intrusion detection system, that is able to detect attacks in a rapid manner .Traditional methods like genetic algorithms, fuzzy logic, game theory techniques are helpful in designing of IDs. However, these techniques have a limitation on the effects of prevention techniques in general and they are designed for a set of known attacks. These techniques are also tends to increase the false positive ratio, detection rate is low and values of ROC characteristics due to training of feature set of attack patterns . The techniques also failed to detect any new type of attacks by any existing methods. This paper focuses on designing of intrusion detection system based on hybrid approach that effectively able to detect any type of attacks using Evolutionary algorithm techniques.

The main objective of this research is to utilize the technologies of cloud computing in the applications of the IoT. The IoT network is divided into three layers: the cloud computing layer, the edge layer, and the fog layer. More than twenty-five million devices are connected to the fog layer leading to an increase in data traffic in the network in general. As a result, there will be an increase in the number of attacks. Therefore, protecting the data of the IoT and detecting attacks are indispensable. Since new types of attacks frequently emerge, intrusion detecting systems (IDSs) have to be developed to counteract the new types of attacks. However, built upon the principles of deep learning and machine learning, most of the current IDSs are based on predicting the probability of an attack. The most commonly used IDSs are the KNN and the SVN. Such IDSs suffer from low accuracy rates in attacks detection, time consumption, and a large number of false alarms. Thus, this paper suggests a new model of deep learning that is built upon combining two algorithms: the convolution neural network (CNN) and the gated recurrent unit network (GRU). Additionally, two types of datasets are utilized: the NSL-KDD and UNSW-NB15. These datasets are categorized in accordance with multiclass classification. The suggested model provides a better detection rate in comparison with the other models. It achieves a detection rate that is 1.5 more accurate than the other IDSs. Also, it exhibits fewer false alarms, and it provides less time for detection rate. The achieved results of the suggested model are due to utilizing the technologies of deep learning and machine learning.

The intrusion detection has become core part of any network of computers due to increasing amount of digital content available. In parallel, the data breaches and malware attacks have also grown in large numbers which makes the role of intrusion detection more essential. Even though many existing techniques are successfully used for detecting intruders but new variants of malware and attacks are being released every day. To counterfeit these new types of attacks, intrusion detection must be designed with state of art techniques such as Deep learning. At present the Deep learning techniques have a strong role in Natural Language Processing, Computer Vision and Speech Processing. This paper is focused on reviewing the role of deep learning techniques for intrusion detection and proposing an efficient deep Auto Encoder (AE) based intrusion detection technique. The intrusion detection is implemented in two stages with a binary classifier and multiclass classification algorithm (dense neural network). The performance of the proposed approach is presented and compared with parallel methods used for intrusion detection. The reconstruction error of the AE model is compared with the PCA and the performance of both anomaly detection and the multiclass classification is analyzed using metrics such as accuracy and false alarm rate. The compressed representation of the AE model helps to lessen the false alarm rate of both anomaly detection and attack classification using SVM and dense NN model respectively.

Mobile ad hoc networks (MANETs) are multi-hop wireless networks of autonomous mobile nodes without any fixed infrastructure. In MANETs, it is difficult to detect malicious nodes because the network topology constantly changes due to node mobility. Intrusion detection is the means to identify the intrusive behaviors and provide useful information to intruded systems to respond fast and to avoid or reduce damages. The anomaly detection algorithms have the advantage because they can detect new types of attacks (zero-day attacks).In this paper, the Intrusion Detection System clustering-based (ID-Cluster) that fits the requirement of MANET is presented. This work addresses both routing layer misbehaviors issues, with main focuses on thwarting routing disruption attack Dynamic Source Routing (DSR). To validate the research, a case study is presented using the simulation with GloMoSim at different mobility levels. Simulation results show that proposed system can achieve desirable performance and meet the security requirement of MANET.

There is a considerable interest in developing techniques to detect zero-day (unknown) cyber-attacks, and considering context is a promising approach. This paper describes a contextual misuse approach combined with an anomaly detection technique to detect zero-day cyber attacks. The contextual misuse detection utilizes similarity with attack context profiles, and the anomaly detection technique identifies new types of attacks using the One Class Nearest Neighbor (1-NN) algorithm. Experimental results on the NSL-KDD intrusion detection dataset have shown that the proposed approach is quite effective in detecting zero-day attacks.