Robust Defense System Research Articles

Apollon: A robust defense system against Adversarial Machine Learning attacks in Intrusion Detection Systems

The rise of Adversarial Machine Learning (AML) attacks is presenting a significant challenge to Intrusion Detection Systems (IDS) and their ability to detect threats. To address this issue, we introduce Apollon, a novel defense system that can protect IDS against AML attacks. Apollon utilizes a diverse set of classifiers to identify intrusions and employs Multi-Armed Bandits (MAB) with Thompson sampling to dynamically select the optimal classifier or ensemble of classifiers for each input. This approach enables Apollon to prevent attackers from learning the IDS behavior and generating adversarial examples that can evade the IDS detection. We evaluate Apollon on several of the most popular and recent datasets, and show that it can successfully detect attacks without compromising its performance on traditional network traffic. Our results suggest that Apollon is a robust defense system against AML attacks in IDS.

Attacks on Resource-Constrained IoT Devices and Security Solutions

An IoT is a complex system of interconnected electronic devices that exchange data over the network. Due to the sensitive nature of the data involved in this new technological paradigm, security measures must be taken with great care. Researchers can better understand the threats and weaknesses of the IoT if attacks are categorized to facilitate the development of a more robust defense system. This study discusses various attacks and statistical data related to IoT. These attacks are divided into two categories: physical and cyber-attacks. Based on the literature review, the authors found that social engineering and DoS are the most common attacks in the physical and cyber categories. This study demonstrates the security solutions inherent to securing the IoT environment. Cryptography, blockchain, software-defined networks, and machine learning techniques were reviewed. They also discussed steps that should be taken to make a safe IoT environment.

RRPOT: A Record and Replay Based Honeypot System

The honeypot system is a critical defense facility in cybersecurity. It captures and analyzes the attack behavior for constructing a more robust defense system. However, considering the overhead caused by analysis, the system cannot support fine-grained analysis. This paper proposes RRPOT, a novel honeypot system based on the record and replay (RnR) framework of virtual machine (VM). By combining the native honeypot system with an RnR framework, the system supports to postpone the time-consuming analysis to the replay stage, thereby enables fine-grained analysis. Moreover, we propose an on-demand record mechanism to reduce performance and storage costs during the record stage and employ an on-demand replay mechanism to improve replay efficiency. Leveraging these approaches, we develop a flexible and efficient honeypot system, and it was proven useful in the practical scenario.