• Title/Summary/Keyword: Intrusion Awareness System

Search Result 12, Processing Time 0.02 seconds

Definition of Context-Awareness Model for Detection of Intrusion in Urban Transit (도시철도 침입 탐지 상황인식 모델 정의)

  • An, Tae-Ki;Shin, Jeong-Ryeol;Kim, Gyu-Jin;Chung, Jong-Duk
    • Proceedings of the KSR Conference
    • /
    • 2011.05a
    • /
    • pp.1729-1734
    • /
    • 2011
  • Urban transit administers need to introduce the intelligent system to know the situations in the urban transit service area automatically. It is one of the important elements to detect of intrusion in operation room or electric rooms, etc. In this paper, we describe the definition for detection of intrusion in urban transit area, and propose the context-awareness model detect of intrusion. We expect that the definition is helpful to extract the elements that are need to construct the intrusion detecting system. The proposed model that is based on an image analysis model and a rule-based model is also helpful to design intelligent surveillance model.

  • PDF

Intrusion Situation Classification Model for Intelligent Intrusion Awareness (지능적인 침입 인지를 위한 침입 상황 분류 모델)

  • Hwang, Yoon-Cheol;Mun, Hyung-Jin
    • Journal of Convergence for Information Technology
    • /
    • v.9 no.3
    • /
    • pp.134-139
    • /
    • 2019
  • As the development of modern society progresses rapidly, the technologies of society as a whole are progressing and becoming more advanced. Especially in the field of security, more sophisticated and intelligent attacks are being created. Meanwhile, damaging situations are becoming several times larger than before Therefore, it is necessary to re-classify and enhance the existing classification system. It is required to minimize the intrusion damage by actively responding to intelligent intrusions by applying this classification scheme to currently operating intrusion detection systems. In this paper, we analyze the intrusion type caused by intelligent attack We propose a new classification scheme for intrusion situations to guarantee the service safety, reliability, and availability of the target system, We use this classification model to lay the foundations for the design and implementation of a smart intrusion cognitive system capable of early detection of intrusion, the damages caused by intrusion, and more collections active response.

CRF Based Intrusion Detection System using Genetic Search Feature Selection for NSSA

  • Azhagiri M;Rajesh A;Rajesh P;Gowtham Sethupathi M
    • International Journal of Computer Science & Network Security
    • /
    • v.23 no.7
    • /
    • pp.131-140
    • /
    • 2023
  • Network security situational awareness systems helps in better managing the security concerns of a network, by monitoring for any anomalies in the network connections and recommending remedial actions upon detecting an attack. An Intrusion Detection System helps in identifying the security concerns of a network, by monitoring for any anomalies in the network connections. We have proposed a CRF based IDS system using genetic search feature selection algorithm for network security situational awareness to detect any anomalies in the network. The conditional random fields being discriminative models are capable of directly modeling the conditional probabilities rather than joint probabilities there by achieving better classification accuracy. The genetic search feature selection algorithm is capable of identifying the optimal subset among the features based on the best population of features associated with the target class. The proposed system, when trained and tested on the bench mark NSL-KDD dataset exhibited higher accuracy in identifying an attack and also classifying the attack category.

Intelligent Intrusion Detection and Prevention System using Smart Multi-instance Multi-label Learning Protocol for Tactical Mobile Adhoc Networks

  • Roopa, M.;Raja, S. Selvakumar
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.6
    • /
    • pp.2895-2921
    • /
    • 2018
  • Security has become one of the major concerns in mobile adhoc networks (MANETs). Data and voice communication amongst roaming battlefield entities (such as platoon of soldiers, inter-battlefield tanks and military aircrafts) served by MANETs throw several challenges. It requires complex securing strategy to address threats such as unauthorized network access, man in the middle attacks, denial of service etc., to provide highly reliable communication amongst the nodes. Intrusion Detection and Prevention System (IDPS) undoubtedly is a crucial ingredient to address these threats. IDPS in MANET is managed by Command Control Communication and Intelligence (C3I) system. It consists of networked computers in the tactical battle area that facilitates comprehensive situation awareness by the commanders for timely and optimum decision-making. Key issue in such IDPS mechanism is lack of Smart Learning Engine. We propose a novel behavioral based "Smart Multi-Instance Multi-Label Intrusion Detection and Prevention System (MIML-IDPS)" that follows a distributed and centralized architecture to support a Robust C3I System. This protocol is deployed in a virtually clustered non-uniform network topology with dynamic election of several virtual head nodes acting as a client Intrusion Detection agent connected to a centralized server IDPS located at Command and Control Center. Distributed virtual client nodes serve as the intelligent decision processing unit and centralized IDPS server act as a Smart MIML decision making unit. Simulation and experimental analysis shows the proposed protocol exhibits computational intelligence with counter attacks, efficient memory utilization, classification accuracy and decision convergence in securing C3I System in a Tactical Battlefield environment.

Unethical Network Attack Detection and Prevention using Fuzzy based Decision System in Mobile Ad-hoc Networks

  • Thanuja, R.;Umamakeswari, A.
    • Journal of Electrical Engineering and Technology
    • /
    • v.13 no.5
    • /
    • pp.2086-2098
    • /
    • 2018
  • Security plays a vital role and is the key challenge in Mobile Ad-hoc Networks (MANET). Infrastructure-less nature of MANET makes it arduous to envisage the genre of topology. Due to its inexhaustible access, information disseminated by roaming nodes to other nodes is susceptible to many hazardous attacks. Intrusion Detection and Prevention System (IDPS) is undoubtedly a defense structure to address threats in MANET. Many IDPS methods have been developed to ascertain the exceptional behavior in these networks. Key issue in such IDPS is lack of fast self-organized learning engine that facilitates comprehensive situation awareness for optimum decision making. Proposed "Intelligent Behavioral Hybridized Intrusion Detection and Prevention System (IBH_IDPS)" is built with computational intelligence to detect complex multistage attacks making the system robust and reliable. The System comprises of an Intelligent Client Agent and a Smart Server empowered with fuzzy inference rule-based service engine to ensure confidentiality and integrity of network. Distributed Intelligent Client Agents incorporated with centralized Smart Server makes it capable of analyzing and categorizing unethical incidents appropriately through unsupervised learning mechanism. Experimental analysis proves the proposed model is highly attack resistant, reliable and secure on devices and shows promising gains with assured delivery ratio, low end-to-end delay compared to existing approach.

Intelligence Security and Surveillance System in Sensor Network Environment Using Integrated Heterogeneous Sensors (이 기종간 통합 센서를 이용한 센서네트워크 환경에서의 지능형 보안감시 시스템)

  • Oh, Suk-Jun;Moon, Seung-Jin;Choi, Sun-O
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38C no.7
    • /
    • pp.551-562
    • /
    • 2013
  • Current CCTV systems, which require continuous monitoring of the screens, have the limitation to detect and respond to the crime scenes in timely manner. Therefore, in recent years, the request for more intlligent surveillance system, with a ubiquitous sensor network, is increasing in order to behave more humanly fashions. Such systems require cllective data processing of the environments based on various sensors. In this article, we suggests a new paradigm based surveillance system which integrates PSD and dual PIR sensors. The proposed system evlves from a existing indoor intrusion detection system which can only identify the intrusion event to a better inteligent system with context awareness. We have conducted the various simulations in order to prove the effectiveness of the proposed system.

A Study for Intrusion Detection System Using Context-Awareness (상황인식 기반의 침입 감지 시스템에 관한 연구)

  • Yoon, Yi-Sun;Jang, Gyu-Jin;Kim, Gyu-Jin;Kim, Moon-Hyun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2009.11a
    • /
    • pp.453-454
    • /
    • 2009
  • 오늘날 사회가 발달하면서 기술 뿐 아니라 인적/물적 피해를 야기하는 여러 사건과 사고 또한 증가하고 있다. 상황인식 기반의 침입 감지 시스템의 효율적 개발이 가능하고 사건 및 사고를 사전에 방지하고 피해를 최소화 하는 수단이 될 것이다. 기존의 감시 시스템은 감시 관리자가 모니터링 장비 앞에서 상주하며 감시 장비가 전해오는 정보를 관리자가 직접 받으면서 스스로 판단해야만 했다. 이러한 방식은 인적 자원의 낭비를 초래하고 매우 비효율적이다. 또한 인적 자원에 의한 과실이 발생하기 쉽다는 문제점이 존재한다. 본 논문에서는 센서 등의 장비들을 통하여 정보를 수집하고 정의된 규칙에 따라 침입 상황을 감지하여 적절한 후속 조치를 취하는 상황 인식 기반의 침입 감지 시스템을 제안한다.

An Efficient Method for Analyzing Network Security Situation Using Visualization (시각화 기반의 효율적인 네트워크 보안 상황 분석 방법)

  • Jeong, Chi-Yoon;Sohn, Seon-Gyoung;Chang, Beom-Hwan;Na, Jung-Chan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.3
    • /
    • pp.107-117
    • /
    • 2009
  • Network administrator recognizes the abnormal phenomenon in the managed network by using the alert messages generated in the security devices including the intrusion detection system, intrusion prevention system, firewall, and etc. And then the series of task, which searches for the traffic related to the alert message and analyzes the traffic data, are required to determine where the abnormal phenomenon is the real network security threat or not. There are many alert messages to have to inspect in order to determine the network security situation. Also the much times are needed so that the network administrator can analyze the security condition using existing methods. Therefore, in this paper, we proposed an efficient method for analyzing network security situation using visualization. The proposed method monitors anomalies occurred in the entire IP address's space and displays the detail information of a security event. In addition, it represents the physical locations of the attackers or victims by linking GIS information and IP address. Therefore, it is helpful for network administrator to rapidly analyze the security status of managed network.

A Study of Network Forensic for IDS (IDS 관제를 위한 네트워크 포렌식 연구)

  • Lee, Gi-Sung;No, Si-Young;Park, Sang-Joon;Lee, Jong-Chan;Lee, Seong-Yoon
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.12 no.1
    • /
    • pp.467-473
    • /
    • 2011
  • The Network-packet in this Paper to ensure the integrity of the legal evidence is effect that can have is to offer an Network-forensics system. The Paper proposed Network-forensics system in the company through legal disputes accident Networking and state agency (with investigative authority) for criminal investigations in networking for the effective and correct way to present a report of user-centric services through effective awareness can be improved.

A comparative study on the priorities between perceived importance and investment of the areas for Information Security Management System (정보보호관리체계(ISMS) 항목의 중요도 인식과 투자의 우선순위 비교 연구)

  • Lee, Choong-Cheang;Kim, Jin;Lee, Chung-Hun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.919-929
    • /
    • 2014
  • Recently, organizational efforts to adopt ISMS(Information Security Management System) have been increasingly mandated and demanded due to the rising threat and the heavier cost of security failure. However there is a serious gap between awareness and investment of information security in a company, hence it is very important for the company to control effectively a variety of information security threats within a tight budget. To phase the ISMS, this study suggests the priorities based on evaluating the Importance of 13 areas for the ISMS by the information security experts and then we attempt to see the difference between importance and investment through the assessment of the actual investment in each area. The research findings show that intrusion incident handling is most important and IT disaster recovery is the area that is invested the most. Then, information security areas with the considerable difference between priorities of importance and investment are cryptography control, information security policies, education and training on information security and personnel security. The study results are expected to be used in making a decision for the effective investment of information security when companies with a limited budget are considering to introduce ISMS or operating it.