Goto

Collaborating Authors

Why I'm not sold on machine learning in autonomous security

#artificialintelligence

Tell me if you've heard this: there is a new, advanced network intrusion device that uses modern super-smart Machine Learning (ML) to root out known and unknown intrusions. The IDS device is so smart it learns what's normal on your network and not, immediately informing you when it sees an anomaly. Or, maybe it's an intrusion prevention system (IPS) that will then block all malicious traffic. This AI-enabled solution boasts 99% accuracy detecting attacks. Even more, it can detect previously unknown attacks.


Classification of artificial intelligence ids for smurf attack

arXiv.org Artificial Intelligence

Many methods have been developed to secure the network infrastructure and communication over the Internet. Intrusion detection is a relatively new addition to such techniques. Intrusion detection systems (IDS) are used to find out if someone has intrusion into or is trying to get it the network. One big problem is amount of Intrusion which is increasing day by day. We need to know about network attack information using IDS, then analysing the effect. Due to the nature of IDSs which are solely signature based, every new intrusion cannot be detected; so it is important to introduce artificial intelligence (AI) methods / techniques in IDS. Introduction of AI necessitates the importance of normalization in intrusions. This work is focused on classification of AI based IDS techniques which will help better design intrusion detection systems in the future. We have also proposed a support vector machine for IDS to detect Smurf attack with much reliable accuracy.


IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection

arXiv.org Artificial Intelligence

As an important tool in security, the intrusion detection system bears the responsibility of the defense to network attacks performed by malicious traffic. Nowadays, with the help of machine learning algorithms, the intrusion detection system develops rapidly. However, the robustness of this system is questionable when it faces the adversarial attacks. To improve the detection system, more potential attack approaches should be researched. In this paper, a framework of the generative adversarial networks, IDSGAN, is proposed to generate the adversarial attacks, which can deceive and evade the intrusion detection system. Considering that the internal structure of the detection system is unknown to attackers, adversarial attack examples perform the black-box attacks against the detection system. IDSGAN leverages a generator to transform original malicious traffic into adversarial malicious traffic. A discriminator classifies traffic examples and simulates the black-box detection system. More significantly, we only modify part of the attacks' nonfunctional features to guarantee the validity of the intrusion. Based on the dataset NSL-KDD, the feasibility of the model is demonstrated to attack many detection systems with different attacks and the excellent results are achieved. Moreover, the robustness of IDSGAN is verified by changing the amount of the unmodified features.


Detecting Danger: Applying a Novel Immunological Concept to Intrusion Detection Systems

arXiv.org Artificial Intelligence

In recent years computer systems have become increasingly complex and consequently the challenge of protecting these systems has become increasingly difficult. Various techniques have been implemented to counteract the misuse of computer systems in the form of firewalls, anti-virus software and intrusion detection systems. The complexity of networks and dynamic nature of computer systems leaves current methods with significant room for improvement. Computer scientists have recently drawn inspiration from mechanisms found in biological systems and, in the context of computer security, have focused on the human immune system (HIS). The human immune system provides a high level of protection from constant attacks. By examining the precise mechanisms of the human immune system, it is hoped the paradigm will improve the performance of real intrusion detection systems. This paper presents an introduction to recent developments in the field of immunology. It discusses the incorporation of a novel immunological paradigm, Danger Theory, and how this concept is inspiring artificial immune systems (AIS). Applications within the context of computer security are outlined drawing direct reference to the underlying principles of Danger Theory and finally, the current state of intrusion detection systems is discussed and improvements suggested.


Active Learning for Wireless IoT Intrusion Detection

arXiv.org Artificial Intelligence

Internet of Things (IoT) is becoming truly ubiquitous in our everyday life, but it also faces unique security challenges. Intrusion detection is critical for the security and safety of a wireless IoT network. This paper discusses the human-in-the-loop active learning approach for wireless intrusion detection. We first present the fundamental challenges against the design of a successful Intrusion Detection System (IDS) for wireless IoT network. We then briefly review the rudimentary concepts of active learning and propose its employment in the diverse applications of wireless intrusion detection. Experimental example is also presented to show the significant performance improvement of the active learning method over traditional supervised learning approach. While machine learning techniques have been widely employed for intrusion detection, the application of human-in-the-loop machine learning that leverages both machine and human intelligence to intrusion detection of IoT is still in its infancy. We hope this article can assist the readers in understanding the key concepts of active learning and spur further research in this area.