The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
As the mix of industrial automation control system and the Internet, the industrial control system is becoming more and more vulnerable. The key of information security is how to detect and resist attacks on industrial control systems. This paper proposes a data preprocessing method, this method can convert ModbusTCP traffic into another data that the support vector machine model can identify. This...
As a number of attacks such as Stuxnet and BlackEnergy targeting the control system of critical infrastructure have happened, the importance of security enhancement for the facilities such as industrial CPS (Cyber Physical System) has emerged. In this paper, by reflecting the characteristics of industrial CPS, we propose a packet diversity-based anomaly detection model which we can learn and conduct...
DFAs (Deterministic Finite Automata) and DTMCs (Discrete Time Markov Chain) have been proposed for modeling Modbus/TCP for intrusion detection in SCADA (Supervisory Control and Data Acquisition) systems. While these models can be used to learn the behavior of the system, they require the designer to know the appropriate amount of training data for building the model, to retrain models when configuration...
Data Aggregation (DA) is a technique of data gathering in Wireless Sensor Networks (WSNs). It provide advantages such as reporting consolidated data, reducing data redundancy, improving network lifetime etc. However, deploying WSNs in hostile and remote environments presents security vulnerabilities that can lead to various security attacks such as energy based attacks, attacks on data aggregation...
Power distribution communication network is an important part of smart grid. Through the study of the communication network security isolation key theory and technology. This paper analyses the anomaly detection method for the network service and presents a kind of network security isolation model based on the anomaly detection. The paper describes the overall concept, network structure, operation...
Many manufacturers and researchers have established various Intrusion Detection System (IDS) evaluation standards, most of which involve tests of IDS functions but neglect evaluation of IDS security. On the basis of IDS security evaluation, this paper describes segmented and multi-level mixed evaluation methods, classifies intrusions by type of TCP/IP, and illustrates the evaluation process by means...
In order to figure out the problems which the existing intrusion detection system models have, such as more significant network transmission load, lower detection efficiency, limited data process ability. The paper has discussed an intrusion detection model based on mobile agent technology, and expatiated the method which analyzing data agent has adopted utilizing Markov model principle, and carried...
SIP malformed messages detection and prevention has become an important indicator of high availability for SIP servers or IMS system. This paper describes the SIP malformed messages attacks, analyses sip protocol features and builds an abstract data model according to RFC 3261 protocol specification. The author presents an efficient intrusion detection and prevention system against SIP malformed messages...
Mutual interactions of different network equipment, topology configurations, transmission protocols and cooperation and competition among the network users inevitably cause the network traffic flow which is controlled by several driving factors to appear non-stationary and complicated behavior. Because of its non-stationary property it can not easily use traditional way to analyze the complicated...
Through the study of the existing intrusion detection system, this paper presents the idea of applying the machine learning methods in the intrusion detection system, establishes a learning-based intrusion detection system model, gives the framework of the system and the main process steps, and designs and tests the machine learning module in it to achieve the learning-based intrusion detection system.
A hybrid intrusion detection approach combing both misuse detection and anomaly detection can detect newly discovered attacks while maintaining a relatively high detection rate. This paper presents a novel hybrid intrusion detection system based on protocol analysis and decision tree algorithms. Performance evaluation of the proposed system is conducted using Generalized Stochastic Petri Nets (GSPN)...
Because the network connection information contains nominal and linear attributes, and linear attributes are divided into continuous and discrete attributes, the network connection information is the heterogeneous data. The heterogeneous distance functions are used to cluster data in this paper. The cooperative network intrusion detection based on semi-supervised clustering algorithm is proposed....
A protocol anomaly detection model based on hidden Markov model (HMM) is given in this work which can verify normal and abnormal traffic. Then we demonstrate the model's correctness and effectiveness by using MIT Lincoln Laboratory 1999 DARPA Intrusion Detection Evaluation Data Set.
The 3 most important issues for anomaly detection based intrusion detection systems by using data mining methods are: feature selection, data value normalization, and the choice of data mining algorithms. In this paper, we study primarily the feature selection of network traffic and its impact on the detection rates. We use KDD CUP 1999 dataset as the sample for the study. We group the features of...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.