Informatics Publishing Limited

C. Seelammal ¹, T. Subbulakshmi ¹

Affiliations
1 Department of Information Technology, Sethu Institute of Technology, Tamilnadu, IN

Abstract

Intrusion Detection System (IDS) has been used as a vital instrument in defending the network from this malicious or abnormal activity. it is still desirable to know what intrusions have happened or are happening, so that we can understand the security threats and risks and thus be better prepared for future attacks With the ability to analyze network traffic and recognize incoming and ongoing network attack, majority of network administrator has turn to IDS to help them in detecting anomalies in network traffic In this paper, we focus on different types of attacks on IDS this paper gives a description of different attack on different protocol such as TCP ,UDP,ARP and ICMP. Results show that the detection accuracy of the Genetic based classification accuracy is high at low false-positive-rate on KDD.

Keywords

Attack, DoS, Intrusion Detection, NIDS, Protocols.

Full Text

     

B. S. Kiruthika Devi ¹, T. Subbulakshmi ¹

Affiliations
1 School of Computing Science and Engineering, VIT University Chennai - 600127, Tamil Nadu, IN

Abstract

Cloud security is of the major concern in the deployment and protection of cloud deployment models. In this paper, detailed investigations on the recent DDoS attacks and comparative analysis of the various DDoS security solutions in the cloud computing environment are carried out. The comprehensive study of the cloud DDoS solutions clearly exemplifies the techniques, deployment layer, benchmark datasets, tools and performance metrics. The Cloud DDoS Detection and defense model using learning algorithms is designed to protect the cloud infrastructure considering the pitfalls in the existing procedures for real world problems. The model is based on anomaly detection and thus it is capable of protecting the public/private cloud from zero-day attacks. The availability of the cloud applications is improved significantly by defending cloud DDoS attacks and offers high quality of services to the legitimate users.

Keywords

Cloud Computing, DDoS, Detection, Defense, Security.

Full Text

   

T. Subbulakshmi ¹, R. Regin Raja ¹

Affiliations
1 School of Computing Science and Engineering, VIT University Chennai Campus, IN

Abstract

Sentiment denotes a person's opinion or feeling towards a subject that they are discussing about in that conversation. This has been one of the most researched and industrially promising fields in natural language processing. There are several methods employed for performing sentiment analytics. Since this classification problem involves natural language processing, every solution has its own advantages and disadvantages. Hence mostly, a combination of these methods provides better results. Various such ensemble approaches exist. The objective of this work is to design a better ensemble approach that uses a complex voting method, where classifiers are given rights not only to vote in favour of classes but also against them. This in turn will give chances to the algorithms that are weaker in classifying a sentence toward a particular class but better at rejecting it. The performance of the ensemble is compared to the individual classifiers used in the ensemble and also the other simple voting ensemble methods to verify whether the performance is better compared to them. The designed ensemble is currently implemented for sentiment analytics. This can also be used for other classification problems, where generalization is required for better results.

Keywords

Sentiment Analytics, Ensemble Method, Sensitivity, Specificity.

Full Text

     

T. Subbulakshmi ¹, P. Parameswaran ², C. Parthiban ², M. Mariselvi ³, J. Adlene Anusha ³, G. Mahalakshmi ³

Affiliations
1 Department of Information Technology, Sethu Institute of Technology, IN
2 Tata Consultancy Services, IN
3 Department of Computer Science and Engineering, Thiagarajar College of Engineering, IN

Abstract

Distributed Denial of Service (DDoS) attacks were considered to be a tremendous threat to the current information security infrastructure. During DDoS attack, multiple malicious hosts that are recruited by the attackers launch a coordinated attack against one host or a network victim, which cause denial of service to legitimate users. The existing techniques suffer from more number of false alarms and more human intervention for attack detection. The objective of this paper is to monitor the network online which automatically initiates detection mechanism if there is any suspicious activity and also defense the hosts from being arrived at the network. Both spoofed and non spoofed IP's are detected in this approach. Non spoofed IP's are detected using Enhanced Support Vector Machines (ESVM) and spoofed IP's are detected using Hop Count Filtering (HCF) mechanism. The detected IP's are maintained separately to initiate the defense process. The attack strength is calculated using Lanchester Law which initiates the defense mechanism. Based on the calculated attack strength any of the defense schemes such as Rate based limiting or History based IP filtering is automatically initiated to drop the packets from the suspected IP. The integrated online monitoring approach for detection and defense of DDoS attacks is deployed in an experimental testbed. The online approach is found to be obvious in the field of integrated DDoS detection and defense.

Keywords

DDoS Attacks, Lanchester Linear Law, Enhanced Support Vector Machines, Rate Based Limiting, History Based IP Filtering.

Full Text

     

T. Subbulakshmi ¹, S. Mercy Shalinie ¹, A. Ramamoorthi ¹

Affiliations
1 Department of Computer Science and Engineering, Thiagarajar College of Engineering, Tamil Nadu, IN

Abstract

Masqueraders are a category of intruders who impersonate other people on a computer system and use this entry point to use the information stored in the systems or throw other attacks into the network. This paper focuses on Ensemble Design of a Masquerader Detection System using Decision trees and Support Vector Machines for classification with two kernel functions linear and linear BSpline. The key idea is to find out specific patterns of command sequence that tells about user behaviour on a system, and use them to build classifiers that can perfectly recognize anomalous and normal behaviour. Real time truncated command line data set collected from a debian Linux server is used for performance comparison of the developed classifiers with the standard truncated command line data set of Schonlau[4]. The results show that Ensemble Design of Masquerader Detection Systems is much faster than individual Decision trees or Support Vector Machines.

Keywords

Masquerader Detection, Support Vector Machines, Decision Trees, Truncated Command Sequences.

Full Text

     

T. Subbulakshmi ¹, A. Ramamoorthi ², S. Mercy Shalinie ¹

Affiliations
1 Department of Computer Science and Engineering, Thiagarajar College of Engineering, Madurai, IN
2 Computer Science Department, Sethu Institute of Technology, Madurai, IN

Abstract

Intrusion Detection problem is one of the most promising research issues of Information Security. The problem provides excellent opportunities in terms of providing host and network security. Intrusion detection is divided into two categories with respect to the type of detection. Misuse detection and Anomaly detection. Intrusion detection is done using rule based, Statistical, and Soft computing techniques. The rule based measures provides better results but the extensibility of the approach is still a question. The statistical measures are lagging in identifying the new types of attacks. Soft Computing Techniques offers good results since learning is done using the training, and during testing the new pattern of attacks was also recognized appreciably. This paper aims at detecting Intruders using both Misuse and Anomaly detection by applying Ensemble of soft Computing Techniques. Neural networks, Support Vector Machines and Naïve Bayes Classifiers are trained and tested individually and the classification rates for different classes are observed. Then threshold values are set for all the classes. Based on this threshold value the ensemble approach produces result for various classes. The standard kddcup'99 dataset is used in this research for Misuse detection. Shonlau dataset of truncated UNIX commands is used for Anomaly detection. The detection rate and false alarm rates are notified. Multilayer Perceptrons, Naïve Bayes classifiers and Support vector machines with three kernel functions are used for detecting intruders. The Precision, Recall and F- Measure for all the techniques are calculated. The cost of the techniques is estimated using the cost measures. The Receiver Operating Characteristic (ROC) curves are drawn for all the techniques. The results show that Support Vector Machines and Ensemble approach provides better detection rate of 99% than the other algorithms.

Keywords

Intrusion Detection Systems, Anomaly Detection Systems, Misuse Detection Systems, Support Vector Machines, Naive Bayes Classifiers, Multilayer Perceptrons, Ensemble Approach.

Full Text