A survey of intrusion detection in Internet of Things

https://romisatriawahono.net/lecture/rm/survey/network%20security/Patel%20-%20Intrution%20Detection%20System%20in%20Cloud%20-%202013.pdf

Review: An intrusion detection and prevention system in cloud computing: A systematic review

This paper presents a novel feature learning model for cyber security tasks. We propose to use Auto-encoders (AEs), as a generative model, to learn latent representation of different feature sets. We show how well the AE is capable of automatically learning a reasonable notion of semantic similarity among input features. Specifically, the AE accepts a feature vector, obtained from cyber security phenomena, and extracts a code vector that captures the semantic similarity between the feature vectors. This similarity is embedded in an abstract latent representation. Because the AE is trained in an unsupervised fashion, the main part of this success comes from appropriate original feature set that is used in this paper. It can also provide more discriminative features in contrast to other feature engineering approaches. Furthermore, the scheme can reduce the dimensionality of the features thereby signicantly minimising the memory requirements. We selected two different cyber security tasks: networkbased anomaly intrusion detection and Malware classication. We have analysed the proposed scheme with various classifiers using publicly available datasets for network anomaly intrusion detection and malware classifications. Several appropriate evaluation metrics show improvement compared to prior results.

Autoencoder-based feature learning for cyber security applications

This paper completely introduces an exhaustive and a comprehensive review of the so-called salp swarm algorithm (SSA) and discussions its main characteristics. SSA is one of the efficient recent meta-heuristic optimization algorithms, where it has been successfully utilized in a wide range of optimization problems in different fields, such as machine learning, engineering design, wireless networking, image processing, and power energy. This review shows the available literature on SSA, including its variants, like binary, modifications and multi-objective. Followed by its applications, assessment and evaluation, and finally the conclusions, which focus on the current works on SSA, suggest possible future research directions.

Salp swarm algorithm: a comprehensive survey

Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms

Purpose – The problem of protecting information and data flows has existed from the very first day of information exchange. Various approaches have been devised to protect and transfer such information securely. However, as technology and communications advance and information management systems become more and more powerful and distributed, the problem has taken on new and more complex dimensions and has become a major challenge. The widespread use of wired and wireless communication networks, internet, web applications and computing has increased the gravity of the problem. Organizations are totally dependent on reliable, secure and fault‐tolerant systems, communications, applications and information bases. Unfortunately, serious security and privacy breaches still occur every day, creating an absolute necessity to provide secure and safe information security systems through the use of firewalls, intrusion detection and prevention systems (ID/PSs), encryption, authentication and other hardware and softw...

A survey of intrusion detection and prevention systems

Due to the rapid development of the fifth-generation (5G) applications, and increased demand for even faster communication networks, we expected to witness the birth of a new 6G technology within the next ten years. Many references suggested that the 6G wireless network standard may arrive around 2030. Therefore, this paper presents a critical analysis of 5G wireless networks’, significant technological limitations and reviews the anticipated challenges of the 6G communication networks. In this work, we have considered the applications of three of the highly demanding domains, namely: energy, Internet-of-Things (IoT) and machine learning. To this end, we present our vision on how the 6G communication networks should look like to support the applications of these domains. This work presents a thorough review of 370 papers on the application of energy, IoT and machine learning in 5G and 6G from three major libraries: Web of Science, ACM Digital Library, and IEEE Explore. The main contribution of this work is to provide a more comprehensive perspective, challenges, requirements, and context for potential work in the 6G communication standard.

From 5G to 6G Technology: Meets Energy, Internet-of-Things and Machine Learning: A Survey

Objectives: SCADA systems are turning into the central nerve system of the electric power system critical infrastructure. With the increasing availability and use of computer networks and the Internet as well as the convenience of cloud computing, SCADA systems have increasingly adopted Internet-of-Things technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. However, SCADA systems are obvious targets for cyber attacks that would seek to disrupt the critical infrastructure systems thus are governed by a SCADA system. Methods/Statistical Analysis: Cyber attacks exploit SCADA security vulnerabilities in order to take control or disrupt the normal operation of the system. Analyzing security vulnerability and loopholes are critical in developing security solutions for such systems. It is also equally important to test security solutions developed to protect SCADA systems. Findings: Experimenting on live systems is generally not advisable and impractical as this may render the system unstable. Such situation calls for the need of an experimental setup equivalent or quite close to the real scenario for developing and testing security solutions. Application/Improvements: This paper reviews common SCADA implementation approaches utilized in previous related works.

A Survey of SCADA Testbed Implementation Approaches

Over the last fifteen years the world has experienced a wide variety of computer threats and general computer security problems. As communication advances and information management systems become more and more powerful and distributed, organizations are becoming increasingly vulnerable to potential security threats such as intrusions at all levels of Information Communication Technology (ICT). There is an urgency to provide secure and safe information security system through the use of firewalls, Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), encryption, authentication, and other hardware and software solutions. Many intrusion detection and prevention systems have been designed, but still there are significant drawbacks. Some of these drawbacks are low detection efficiency, inaccurate prevention schemes and high false alarm rates. Since IDSs and IPSs have become necessary security tools for detecting and preventing attacks on ICT resources, it is essential to upgrade the previous designs, techniques and methods to overcome flaws. Anomaly detection is an essential component of the detection mechanism against unknown attacks but this requires advanced techniques to be better and more effective. In this paper we put forward a new agent-based self-managed approach of anomaly intrusion prevention system based on risk assessment and managed by the principles of the Autonomic Computing (AC) concept, which has all the flavors of self-management. Applying AC will open up new frontiers, and enhance and improve the intrusion detection mechanism by not only protecting the system’s information and assets but also to stop and prevent the breach before it happens. It can also assist in digital forensics and investigations.

Autonomic Agent-Based Self-Managed Intrusion Detection and Prevention System.

The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure.,This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems.,The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements.,This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks.

Qais Saif Qassim

Papers

A survey of intrusion detection and prevention systems

From 5G to 6G Technology: Meets Energy, Internet-of-Things and Machine Learning: A Survey

A Survey of SCADA Testbed Implementation Approaches

Autonomic Agent-Based Self-Managed Intrusion Detection and Prevention System.

A review of security assessment methodologies in industrial control systems