More Subjects
Case Study
[Author Name(s), First M. Last, Omit Titles and Degrees]
[Institutional Affiliation(s)]
Abstract
The study represents the methods that are commonly used for keeping the data or the information of the systems of companies safe from being hacked. The threats have been increased in recent years so the policy changes have been made and the emphasis on cybersecurity has been increased and developed more. In this study, the focus is more on the IDS that is the Intrusion Detection System. It is one of the systems that are used against any possible breach into the data.
One of the most vital subjects on the plans of firm leaders and panel of managers is cybersecurity. Nearly every single week, there are some new cases of information hackings affecting loads of consumer information, credit card data, and leakage of the secrets of occupation. The cyber threats sources have increased in intricacy and infamous intention. The cybersecurity experts from the company not only need to secure the data against any possible hackers but also they have to find a way to make it secure from the foreign intrusion in the data by the governments and the professional hacking organizations. These are mostly the societies with unrelenting purpose and the competence to originate real harm to the organization.
The fact is that in the past few years the cyber-attacks were occurring so frequently that the concept of the organization for the security shifted from what they will do if they are attached to what they will do when they are attacked. The best-prepared organizations and businesses are changing their cybersecurity policies from concentrating on entire preclusion to applying methods to rapidly perceive gaps and bound the loss once a gap has been established. The businesses and the organizations that are still growing and are small, are more vulnerable to these cyber-attacks as they do not have the required budget for the security of the data and the information. One of the most common and vital steps towards efficient data protection is to know what data is kept and where it is kept. Large corporates use data discovery tools to scan company networks for the confidential and secretive information while finding the data on the devices that are not authorized to fetch it they instantly delete or encrypt it. Intrusion detection is another process used for monitoring the events that occur in your network and to analyze them. It is a process of performing intrusion detection and then discontinuing the identified occurring.
A usual business setup has more than a few entrance points to other setups, both communal and private. The challenge is upholding the safekeeping of these setups while keeping them accessible to their clients. At this time, outbreaks are so refined that they can impede the paramount safety structures, particularly those that yet work under the supposition that systems may be protected by encryption or firewalls. Unluckily, those machinery singly are not enough to counter the attacks these days.
Intrusion detection systems (IDS) and intrusion prevention systems (IPS) continuously guard your system, recognizing likely happenings and sorting data regarding them, discontinuing the events, and broadcasting them to safekeeping managers ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"N9x3kV7f","properties":{"formattedCitation":"(Lin, Ke, & Tsai, 2015)","plainCitation":"(Lin, Ke, & Tsai, 2015)","noteIndex":0},"citationItems":[{"id":185,"uris":["http://zotero.org/users/local/CyMh1xNF/items/YLFY3BV4"],"uri":["http://zotero.org/users/local/CyMh1xNF/items/YLFY3BV4"],"itemData":{"id":185,"type":"article-journal","title":"CANN: An intrusion detection system based on combining cluster centers and nearest neighbors","container-title":"Knowledge-Based Systems","page":"13-21","volume":"78","source":"ScienceDirect","abstract":"The aim of an intrusion detection systems (IDS) is to detect various types of malicious network traffic and computer usage, which cannot be detected by a conventional firewall. Many IDS have been developed based on machine learning techniques. Specifically, advanced detection approaches created by combining or integrating multiple learning techniques have shown better detection performance than general single learning techniques. The feature representation method is an important pattern classifier that facilitates correct classifications, however, there have been very few related studies focusing how to extract more representative features for normal connections and effective detection of attacks. This paper proposes a novel feature representation approach, namely the cluster center and nearest neighbor (CANN) approach. In this approach, two distances are measured and summed, the first one based on the distance between each data sample and its cluster center, and the second distance is between the data and its nearest neighbor in the same cluster. Then, this new and one-dimensional distance based feature is used to represent each data sample for intrusion detection by a k-Nearest Neighbor (k-NN) classifier. The experimental results based on the KDD-Cup 99 dataset show that the CANN classifier not only performs better than or similar to k-NN and support vector machines trained and tested by the original feature representation in terms of classification accuracy, detection rates, and false alarms. I also provides high computational efficiency for the time of classifier training and testing (i.e., detection).","URL":"http://www.sciencedirect.com/science/article/pii/S0950705115000167","DOI":"10.1016/j.knosys.2015.01.009","ISSN":"0950-7051","shortTitle":"CANN","journalAbbreviation":"Knowledge-Based Systems","author":[{"family":"Lin","given":"Wei-Chao"},{"family":"Ke","given":"Shih-Wen"},{"family":"Tsai","given":"Chih-Fong"}],"issued":{"date-parts":[["2015",4,1]]},"accessed":{"date-parts":[["2019",6,13]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Lin, Ke, & Tsai, 2015).
Additionally, certain networks use IDS/IPS for detecting glitches with safety strategies and daunting folks from breaching safety guidelines. IDS/IPS have turn out to be an obligatory addition to the safety structure of maximum officialdoms, accurately for the reason that they can halt invaders while they are collecting data about your system. These 3 IDS recognition procedures are characteristically used to identify events. Signature-Based Detection matches signs against perceived actions to detect likely events. This is the humblest discovery technique as it matches just the existing unit of movement by means of string comparison operations ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"zMAETY87","properties":{"formattedCitation":"(Javaid, Niyaz, Sun, & Alam, 2015)","plainCitation":"(Javaid, Niyaz, Sun, & Alam, 2015)","noteIndex":0},"citationItems":[{"id":187,"uris":["http://zotero.org/users/local/CyMh1xNF/items/BPNKQNBM"],"uri":["http://zotero.org/users/local/CyMh1xNF/items/BPNKQNBM"],"itemData":{"id":187,"type":"article-journal","title":"A Deep Learning Approach for Network Intrusion Detection System","container-title":"ICST Trans. Security Safety","page":"e2","volume":"3","source":"Semantic Scholar","abstract":"A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in their organization. However, many challenges arise while developing a flexible and effective NIDS for unforeseen and unpredictable attacks. In this work, we propose a deep learning based approach to implement such an effective and flexible NIDS. We use Self-taught Learning (STL), a deep learning based technique, on NSL-KDD a benchmark dataset for network intrusion. We present the performance of our approach and compare it with a few previous work. Compared metrics include the accuracy, precision, recall, and f-measure values.","DOI":"10.4108/eai.3-12-2015.2262516","author":[{"family":"Javaid","given":"Ahmad Y."},{"family":"Niyaz","given":"Quamar"},{"family":"Sun","given":"Weiqing"},{"family":"Alam","given":"Mansoor"}],"issued":{"date-parts":[["2015"]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (Javaid, Niyaz, Sun, & Alam, 2015). Anomaly-Based Detection matches explanations of what is measured regular action with detected occasions with the intention of identifying noteworthy aberrations. This discovery technique can be a lot operational at noticing earlier unidentified terrorizations. Stateful Protocol Analysis parallels prearranged outlines of normally acknowledged descriptions for benevolent procedure activity for each protocol state in contradiction of perceived proceedings in order to classify aberrations.
Imperva cloud WAF intrusion prevention solutions are completely customizable apparatuses that block zero-day and surviving network application safety terrorizations during decreasing incorrect positives. The Imperva cloud WAF is a cloud-based firewall installed on your network's edge. It strengthens your prevailing IPS through signature, reputational and behavioral heuristics that sieve wicked arriving requests and application assaults. Advanced features, just like entrance regulator, vibrant sketching and application-aware tools aid diminish incorrect positives ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"MF1bmzhr","properties":{"formattedCitation":"(United States Patent No. US10026283B1, 2018)","plainCitation":"(United States Patent No. US10026283B1, 2018)","noteIndex":0},"citationItems":[{"id":190,"uris":["http://zotero.org/users/local/CyMh1xNF/items/LM4U8234"],"uri":["http://zotero.org/users/local/CyMh1xNF/items/LM4U8234"],"itemData":{"id":190,"type":"patent","title":"Multi-sensor intrusion detection system","authority":"United States","URL":"https://patents.google.com/patent/US10026283B1/en","call-number":"US15/627,896","number":"US10026283B1","author":[{"family":"Liu","given":"Chih-Hsiung"},{"family":"Shi","given":"Shaw-Ben"},{"family":"Zhou","given":"Yu Chen"}],"issued":{"date-parts":[["2018",7,17]]},"accessed":{"date-parts":[["2019",6,13]]},"submitted":{"date-parts":[["2017",6,20]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (United States Patent No. US10026283B1, 2018). In the meantime, international crowdsourcing arranges for a repeatedly informed catalog of new dangers, by this means safeguarding shield from zero-day dangers. Custom rules develop Imperva cloud WAF competences by allowing you to apply your private safekeeping and entree control plans. This great degree of customization assists lessens false positives even though rooting out unseen extortions particular to your association ADDIN ZOTERO_ITEM CSL_CITATION {"citationID":"7G7QUoB7","properties":{"formattedCitation":"(He et al., 2018)","plainCitation":"(He et al., 2018)","noteIndex":0},"citationItems":[{"id":192,"uris":["http://zotero.org/users/local/CyMh1xNF/items/W5NPR8BQ"],"uri":["http://zotero.org/users/local/CyMh1xNF/items/W5NPR8BQ"],"itemData":{"id":192,"type":"article-journal","title":"Customized Network Security for Cloud Service","container-title":"IEEE Transactions on Services Computing","page":"1-1","source":"IEEE Xplore","abstract":"Modern cloud computing platforms based on virtual machine monitors (VMMs) host a variety of complex businesses which present many network security vulnerabilities. In order to protect network security for these businesses in cloud computing, nowadays, a number of middleboxes are deployed at front-end of cloud computing or parts of middleboxes are deployed in cloud computing. However, the former is leading to high cost and management complexity, and also lacking of network security protection between virtual machines while the latter does not effectively prevent network attacks from external traffic. To address the above-mentioned challenges, we introduce a novel customized network security for cloud service (CNS), which not only prevents attacks from external and internal traffic to ensure network security of services in cloud computing, but also affords customized network security service for cloud users. CNS is implemented by modifying the Xen hypervisor and proved by various experiments which showing the proposed solution can be directly applied to the extensive practical promotion in cloud computing.","DOI":"10.1109/TSC.2017.2725828","ISSN":"1939-1374","author":[{"family":"He","given":"J."},{"family":"Ota","given":"K."},{"family":"Dong","given":"M."},{"family":"Yang","given":"L. T."},{"family":"Fan","given":"M."},{"family":"Wang","given":"G."},{"family":"Yau","given":"S. S."}],"issued":{"date-parts":[["2018"]]}}}],"schema":"https://github.com/citation-style-language/schema/raw/master/csl-citation.json"} (He et al., 2018).
Two-factor authentication 2FA is a safety method necessitating operators to offer 2 ways of authentication while logging into an account, just like a PIN and one-time passcode (OTP) sent to a mobile device. It strengthens invasion blockage by adding an additional layer of shield to the application’s secret or confidential data.
IDS conformations characteristically detect entrances founded on identified malware signs. At best, it’s a midway measure, since utmost culprits obscure the code and codenamed of their backdoor shells to evade altogether acknowledgment. Imperva cloud WAF Backdoor Protection resolves this issue by diverting linking requests to concealed backdoor shells, as opposed to merely skimming for code signs. As the nature of this kind of demands can’t be camouflaged, observing them allows swift documentation of backdoors in the interior of your system.
Rferences
ADDIN ZOTERO_BIBL {"uncited":[],"omitted":[],"custom":[]} CSL_BIBLIOGRAPHY He, J., Ota, K., Dong, M., Yang, L. T., Fan, M., Wang, G., & Yau, S. S. (2018). Customized Network Security for Cloud Service. IEEE Transactions on Services Computing, 1–1. https://doi.org/10.1109/TSC.2017.2725828
Javaid, A. Y., Niyaz, Q., Sun, W., & Alam, M. (2015). A Deep Learning Approach for Network Intrusion Detection System. ICST Trans. Security Safety, 3, e2. https://doi.org/10.4108/eai.3-12-2015.2262516
Lin, W.-C., Ke, S.-W., & Tsai, C.-F. (2015). CANN: An intrusion detection system based on combining cluster centers and nearest neighbors. Knowledge-Based Systems, 78, 13–21. https://doi.org/10.1016/j.knosys.2015.01.009
Liu, C.-H., Shi, S.-B., & Zhou, Y. C. (2018). United States Patent No. US10026283B1. Retrieved from https://patents.google.com/patent/US10026283B1/en
More Subjects
Join our mailing list
© All Rights Reserved 2023