Data Mining Practical Machine Learning Tools and Techniques

This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.

A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection

Review: Intrusion detection system: A comprehensive review

Wireless Sensor Networking is one of the most promising technologies that have applications ranging from health care to tactical military. Although Wireless Sensor Networks (WSNs) have appealing features (e.g., low installation cost, unattended network operation), due to the lack of a physical line of defense (i.e., there are no gateways or switches to monitor the information flow), the security of such networks is a big concern, especially for the applications where confidentiality has prime importance. Therefore, in order to operate WSNs in a secure way, any kind of intrusions should be detected before attackers can harm the network (i.e., sensor nodes) and/or information destination (i.e., data sink or base station). In this article, a survey of the state-of-the-art in Intrusion Detection Systems (IDSs) that are proposed for WSNs is presented. Firstly, detailed information about IDSs is provided. Secondly, a brief survey of IDSs proposed for Mobile Ad-Hoc Networks (MANETs) is presented and applicability of those systems to WSNs are discussed. Thirdly, IDSs proposed for WSNs are presented. This is followed by the analysis and comparison of each scheme along with their advantages and disadvantages. Finally, guidelines on IDSs that are potentially applicable to WSNs are provided. Our survey is concluded by highlighting open research issues in the field.

A Survey of Intrusion Detection Systems in Wireless Sensor Networks

More particularly, calculations are developed and examined to reduce the entire quantity of Wireless access points as well as their locations in almost any given atmosphere while with the throughput needs and the necessity to ensure every place in the area can achieve a minimum of k APs. This paper concentrates on using Wireless for interacting with and localizing the robot. We've carried out thorough studies of Wireless signal propagation qualities both in indoor and outside conditions, which forms the foundation for Wireless AP deployment and communication to be able to augment how human operators communicate with this atmosphere, a mobile automatic platform is developed. Gas and oil refineries could be a harmful atmosphere for various reasons, including heat, toxic gasses, and unpredicted catastrophic failures. When multiple Wireless APs are close together, there's a possible for interference. A graph-coloring heuristic can be used to find out AP funnel allocation. Additionally, Wireless fingerprinting based localization is developed. All of the calculations implemented are examined in real life situations using the robot developed and answers are promising. For example, within the gas and oil industry, during inspection, maintenance, or repair of facilities inside a refinery, people might be uncovered to seriously high temps to have a long time, to toxic gasses including methane and H2S, and also to unpredicted catastrophic failures.

/pdf/internet-of-vehicles-from-intelligent-grid-to-autonomous-pma0tn3ofd.pdf

Internet of Vehicles: From Intelligent Grid to Autonomous Cars and Vehicular Clouds

A wide range of malicious activities rely on the domain name service (DNS) to manage their large, distributed networks of infected machines. As a consequence, the monitoring and analysis of DNS queries has recently been proposed as one of the most promising techniques to detect and blacklist domains involved in malicious activities (e.g., phishing, spam, botnets command-and-control, etc.). EXPOSURE is a system we designed to detect such domains in real time, by applying 15 unique features grouped in four categories.We conducted a controlled experiment with a large, real-world dataset consisting of billions of DNS requests. The extremely positive results obtained in the tests convinced us to implement our techniques and deploy it as a free, online service. In this article, we present the Exposure system and describe the results and lessons learned from 17 months of its operation. Over this amount of time, the service detected over 100K malicious domains. The statistics about the time of usage, number of queries, and target IP addresses of each domain are also published on a daily basis on the service Web page.

/pdf/exposure-a-passive-dns-analysis-service-to-detect-and-report-1kfpn5rcfq.pdf

Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains

Vehicular ad hoc networks (VANETs) have become one of the most promising and fastest growing subsets of mobile ad hoc networks (MANETs). They are comprised of smart vehicles and roadside units (RSU) which communicate through unreliable wireless media. By their very nature, they are very susceptible to attacks which may result in life-endangering situations. Due to the potential for serious consequences, it is vital to develop security mechanisms in order to detect such attacks against VANETs. This paper aims to survey such possible attacks and the corresponding detection mechanisms that are proposed in the literature. The attacks are classified and explained along with their effects, and the solutions are presented together with their advantages and disadvantages. An evaluation and summary table which provides a holistic view of the solutions surveyed is also presented.

A survey of attacks and detection mechanisms on intelligent transportation systems

In recent years, mobile ad hoc networks (MANETs) have become a very popular research topic. By providing communications in the absence of a fixed infrastructure, MANETs are an attractive technology for many applications such as rescue operations, tactical operations, environmental monitoring, conferences, and the like. However, this flexibility introduces new security risks. Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor system activities and detect intrusions, are generally used to complement other security mechanisms.

/pdf/intrusion-detection-in-mobile-ad-hoc-networks-5dqlo5iuni.pdf

Intrusion Detection in Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) are one of the fastest growing areas of research. They are an attractive technology for many applications, such as rescue and tactical operations, due to the flexibility provided by their dynamic infrastructure. However, this flexibility comes at a price and introduces new security threats. Furthermore, many conventional security solutions used for wired networks are ineffective and inefficient for the highly dynamic and resource-constrained environments where MANET use might be expected. To develop suitable security solutions for such new environments, we must first understand how MANETs can be attacked. This chapter provides a comprehensive survey of attacks against a specific type of target, namely the routing protocols used by MANETs. We introduce the security issues specific to MANETs and present a detailed classification of the attacks/attackers against these complex distributed systems. Then we discuss various proactive and reactive solutions proposed for MANETs. We outline secure routing solutions to avoid some attacks against the routing protocols based on cooperation between nodes. We also give an overview of intrusion detection in MANETs and indicate the nature of IDSs that have been proposed for MANETs in the past decade.

/pdf/security-threats-in-mobile-ad-hoc-networks-4nrk0k340c.pdf

Security Threats in Mobile Ad Hoc Networks

https://web.cs.hacettepe.edu.tr/~ssen/files/papers/CompNet.pdf

Sevil Sen

Papers

Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains

A survey of attacks and detection mechanisms on intelligent transportation systems

Intrusion Detection in Mobile Ad Hoc Networks

Security Threats in Mobile Ad Hoc Networks

Evolutionary computation techniques for intrusion detection in mobile ad hoc networks