Visible to the public Artificial Neural Networks and Security 2015Conflict Detection Enabled

SoS Newsletter- Advanced Book Block


SoS Logo

Artificial Neural Networks and Security


Artificial neural networks have been used to solve a wide variety of tasks that are hard to solve using ordinary rule-based programming. What has attracted much interest in neural networks is the possibility of adaptive learning. Tasks such as function approximation, classification pattern and sequence recognition, anomaly detection, filtering, clustering, blind source separation and compression, and controls all have security implications. Cyber physical systems, resiliency, policy-based governance, and metrics are the Science of Security interests. The works cited here were presented in 2015.

Turčanik, M., “Packet Filtering by Artificial Neural Network,” in Military Technologies (ICMT), 2015 International Conference on, vol., no., pp. 1–4, 19–21 May 2015. doi:10.1109/MILTECHS.2015.7153739
Abstract: Efficient monitoring of the network is very important for an achievement of a security of today networks. The still growing speed of the links and the complexness of monitoring applications’ requests have showed some borders of mostly used methods for monitoring. The process of packet classification should be speeding up as much as possible. As a possible approach, an artificial neural network (ANN) could be used for packet filtering. The performance of the artificial neural network was validated by software implementation of ANN for given network configuration. The principles of artificial neural networks and the possibility of using artificial neural network in a computer network are presented in the article. Created training sets represent the information for firewall to enable or disable packets. The number of neurons in the artificial neural network and the number of the hidden layers are optimized based on the results in the simulation.
Keywords: computer networks; filters; neural nets; artificial neural network; computer network; network security; packet filtering; Artificial neural networks; Biological neural networks; Firewalls (computing); Information filtering; Neurons; Ports (Computers); firewall; packet filter (ID#: 15-7774)


Zhukov, A.; Tomin, N.; Sidorov, D.; Panasetsky, D.; Spirayev, V., “A Hybrid Artificial Neural Network for Voltage Security Evaluation in a Power System,” in Energy (IYCE), 2015 5th International Youth Conference on, vol., no., pp. 1–8, 27–30 May 2015. doi:10.1109/IYCE.2015.7180828
Abstract: A majority of recent large-scale blackouts have been the consequence of instabilities characterized by sudden voltage collapse phenomena. This paper presents a method for voltage instability monitoring in a power system with a hybrid artificial neural network which consist of a multilayer perceptron and the Kohonen neural network. The proposed method has a couple of the following functions: the Kohonen network is used to classify the system operating state; the Kohonen output patterns are used as inputs to train of a multilayer perceptron for identification of alarm states that are dangerous for the system security. The approach is targeting a blackout prevention scheme; given that the blackout signal is captured before it can collapse the power system. The proposed method is realized in R and demonstrated the modified IEEE One Area RTS-96 power system.
Keywords: multilayer perceptrons; power engineering computing; power system dynamic stability; power system measurement; power system reliability; power system security; self-organising feature maps; Kohonen neural network; blackout prevention scheme; hybrid artificial neural network; multilayer perceptron; power system; voltage collapse; voltage instability monitoring; voltage security evaluation; Mathematical model; Neural networks; Power system stability; Reactive power; Security; Stability criteria; artificial neural network; emergency; power security; voltage instability (ID#: 15-7775)


Fatima, H.; Al-Turki, S.M.; Pradhan, S.K.; Dash, G.N., “Information Security: Artificial Immune Detectors in Neural Networks,” in Web Applications and Networking (WSWAN), 2015 2nd World Symposium on, vol., no., pp. 1–6, 21–23 March 2015. doi:10.1109/WSWAN.2015.7210300
Abstract: In today’s competitive world, computer security is at enormous demand due to tremendous amount of network attacks. These types of threats are significantly affecting the architectures of the network by gaining unauthorized access to the computer networks. The Information Security is therefore necessitates the decrease of such attacks. In this paper, a proposal has been laid down for establishing and analyzing an artificial immune neural network for securing the network architecture.
Keywords: artificial immune systems; authorisation; neural net architecture; artificial immune detectors; computer security; information security; network attacks; neural network architectures; unauthorized computer network access; Computer architecture; Computer science; Detectors; Immune system; Intrusion detection; Neural networks; Artificial Immune Networks; Information Security; Neural Networks (ID#: 15-7776)


Onotu, P.; Day, D.; Rodrigues, M.A., “Accurate Shellcode Recognition from Network Traffic Data Using Artificial Neural Nets,” in Electrical and Computer Engineering (CCECE), 2015 IEEE 28th Canadian Conference on, vol., no., pp. 355–360, 3–6 May 2015. doi:10.1109/CCECE.2015.7129302
Abstract: This paper presents an approach to shellcode recognition directly from network traffic data using a multi-layer perceptron with back-propagation learning algorithm. Using raw network data composed of a mixture of shellcode, image files, and DLL-Dynamic Link Library files, our proposed design was able to classify the three types of data with high accuracy and high precision with neither false positives nor false negatives. The proposed method comprises simple and fast pre-processing of raw data of a fixed length for each network data package and yields perfect results with 100% accuracy for the three data types considered. The research is significant in the context of network security and intrusion detection systems. Work is under way for real time recognition and fine-tuning the differentiation between various shellcodes.
Keywords: backpropagation; multilayer perceptrons; real-time systems; security of data; ANN; DLL-dynamic link library files; artificial neural nets; backpropagation learning algorithm; fine-tuning; image files; intrusion detection systems; multilayer perceptron; network data package; network security; network traffic data; raw network data; real time recognition; shellcode recognition; Algorithm design and analysis; Computers; Intrusion detection; Neural networks; Training; Transfer functions; Neural net; false positive; intrusion detection system; pattern recognition; shellcode (ID#: 15-7777)


D’Lima, N.; Mittal, J., “Password Authentication Using Keystroke Biometrics,” in Communication, Information & Computing Technology (ICCICT), 2015 International Conference on, vol., no., pp. 1–6, 15–17 Jan. 2015. doi:10.1109/ICCICT.2015.7045681
Abstract: The majority of applications use a prompt for a username and password. Passwords are recommended to be unique, long, complex, alphanumeric and non-repetitive. These reasons that make passwords secure may prove to be a point of weakness. The complexity of the password provides a challenge for a user and they may choose to record it. This compromises the security of the password and takes away its advantage. An alternate method of security is Keystroke Biometrics. This approach uses the natural typing pattern of a user for authentication. This paper proposes a new method for reducing error rates and creating a robust technique. The new method makes use of multiple sensors to obtain information about a user. An artificial neural network is used to model a user’s behavior as well as for retraining the system. An alternate user verification mechanism is used in case a user is unable to match their typing pattern.
Keywords: authorisation; biometrics (access control); neural nets; pattern matching; artificial neural network; error rates; keystroke biometrics; password authentication; password security; robust security technique; typing pattern matching; user behavior; user natural typing pattern; user verification mechanism; Classification algorithms; Error analysis; Europe; Hardware; Monitoring; Support vector machines; Text recognition; Artificial Neural Networks; Authentication; Keystroke Biometrics; Password; Security (ID#: 15-7778)


Saabni, Raid, “Facial Expression Recognition Using Multi Radial Bases Function Networks and 2-D Gabor Filters,” in Digital Information Processing and Communications (ICDIPC), 2015 Fifth International Conference on, vol., no., pp. 225–230, 7–9 Oct. 2015. doi:10.1109/ICDIPC.2015.7323033
Abstract: Facial expression analysis and recognition have been researched since the 17’th century. The foundational studies on facial expressions, which have formed the basis of today’s research, can be traced back to few centuries ago. Precisely, a detailed note on the various expressions and movements of head muscles was given in 1649 by John Bulwer(1). Another important milestone in the study of facial expressions and human emotions, is the work done by the psychologist Paul Ekman(2) and his colleagues. This important work has been done in the 1970s and has a significant importance and large influence on the development of modern day automatic facial expression recognizers. This work lead to adapting and developing the comprehensive Facial Action Coding System(FACS), which has since then become the de-facto standard for facial expression recognition. Over the last decades, automatic facial expressions analysis has become an active research area that finds potential applications in fields such as Human-Computer Interfaces (HCI), Image Retrieval, Security and Human Emotion Analysis. Facial expressions are extremely important in any human interaction, and additional to emotions, it also reflects on other mental activities, social interaction and physiological signals. In this paper, we proposes an Artificial Neural Network (ANN) of two hidden layers, based on multiple Radial Bases Functions Networks (RBFN’s) to recognize facial expressions. The ANN, is trained on features extracted from images by applying a multi-scale and multi-orientation Gabor filters. We have considered the cases of subject independent/dependent facial expression recognition using The JAFFE and the CK+ benchmarks to evaluate the proposed model.
Keywords: Clustering algorithms; Face; Face detection; Face recognition; Feature extraction; Radial basis function networks; Training; Artificial Neural Networks; Facial Expression; Gabor Filter; RBFN; Subject Independent/Dependent Emotion Recognition (ID#: 15-7779)


Neelam, Sahil; Sood, Sandeep; Mehmi, Sandeep; Dogra, Shikha., “Artificial Intelligence for Designing User Profiling System for Cloud Computing Security: Experiment,” in Computer Engineering and Applications (ICACEA), 2015 International Conference on Advances in, pp. 51–58, 19–20 March 2015. doi:10.1109/ICACEA.2015.7164645
Abstract: In Cloud Computing security, the existing mechanisms: Anti-virus programs, Authentications, Firewalls are not able to withstand the dynamic nature of threats. So, User Profiling System, which registers user's activities to analyze user's behavior, augments the security system to work in proactive and reactive manner and provides an enhanced security. This paper focuses on designing a User Profiling System for Cloud environment using Artificial Intelligence techniques and studies behavior (of User Profiling System) and proposes a new hybrid approach, which will deliver a comprehensive User Profiling System for Cloud Computing security.
Keywords: artificial intelligence; authorisation; cloud computing; firewalls; antivirus programs; artificial intelligence techniques; authentications; cloud computing security; cloud environment; firewalls; proactive manner; reactive manner; user activities; user behavior; user profiling system; Artificial intelligence; Cloud computing; Computational modeling; Fuzzy logic; Fuzzy systems; Genetic algorithms; Security; Artificial Intelligence; Artificial Neural Networks; Cloud Computing; Datacenters; Expert Systems; Genetics; Machine Learning; Multi-tenancy; Networking Systems; Pay-as-you-go Model (ID#: 15-7780)


Bellin Ribeiro, P.; Alexandre da Silva, L.; Pontara da Costa, K.A., “Spam Intrusion Detection in Computer Networks Using Intelligent Techniques,” in Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on, vol., no.,
pp. 1357–1360, 11–15 May 2015. doi:10.1109/INM.2015.7140495
Abstract: Anomalies in computer networks has increased in the last decades and raised concern to create techniques to identify these unusual traffic patterns. This research aims to use data mining techniques in order to correctly identify these anomalies, particularly in spam detection, for it was applied an collection of machine learning algorithms for data mining tasks and an dataset called SPAMBASE to identify the best techniques for this type of anomaly.
Keywords: computer network security; data mining; learning (artificial intelligence); telecommunication traffic; unsolicited e-mail; SPAMBASE dataset; computer network anomaly; data mining technique; intelligent technique; machine learning algorithm; spam intrusion detection; traffic pattern identification; Bagging; Classification algorithms; Conferences; Data mining; Decision trees; Unsolicited electronic mail; Anomalies; Artificial Neural Networks; Computer networks; Data Mining; SPAMBASE; Weka Tool
(ID#: 15-7781)


Abbinaya, S.; Kumar, M. Senthil, “Software Effort and Risk Assessment Using Decision Table Trained by Neural Networks,” in Communications and Signal Processing (ICCSP), 2015 International Conference on, vol., no., pp. 1389–1394, 2–4 April 2015. doi:10.1109/ICCSP.2015.7322738
Abstract: Software effort estimations are based on prediction properties of system with attention to develop methodologies. Many organizations follow the risk management but the risk identification techniques will differ. In this paper, we focus on two effort estimation techniques such as use case point and function point are used to estimate the effort in the software development. The decision table is used to compare these two methods to analyze which method will produce the accurate result. The neural network is used to train the decision table with the use of back propagation training algorithm and compare these two effort estimation methods (use case point and function point) with the actual effort. By using the past project data, the estimation methods are compared. Similarly risk will be evaluated by using the summary of questionnaire received from the various software developers. Based on the report, we can also mitigate the risk in the future process.
Keywords: Algorithm design and analysis; Lead; Security; artificial neural network; back propagation; decision table; feed forward neural networks; function point; regression; risk evaluation; software effort estimation; use case point (ID#: 15-7782)


Alheeti, K.M.A.; Gruebler, A.; McDonald-Maier, K.D., “An Intrusion Detection System Against Malicious Attacks on the Communication Network of Driverless Cars,” in Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE, vol., no., pp. 916–921, 9–12 Jan. 2015. doi:10.1109/CCNC.2015.7158098
Abstract: Vehicular ad hoc networking (VANET) have become a significant technology in the current years because of the emerging generation of self-driving cars such as Google driverless cars. VANET have more vulnerabilities compared to other networks such as wired networks, because these networks are an autonomous collection of mobile vehicles and there is no fixed security infrastructure, no high dynamic topology and the open wireless medium makes them more vulnerable to attacks. It is important to design new approaches and mechanisms to rise the security these networks and protect them from attacks. In this paper, we design an intrusion detection mechanism for the VANETs using Artificial Neural Networks (ANNs) to detect Denial of Service (DoS) attacks. The main role of IDS is to detect the attack using a data generated from the network behavior such as a trace file. The IDSs use the features extracted from the trace file as auditable data. In this paper, we propose anomaly and misuse detection to detect the malicious attack.
Keywords: computer network security; feature extraction; neural nets; vehicular ad hoc networks; Denial of Service attack detection; DoS attack detection; IDS; VANET; artificial neural network; driverless car communication network; feature extraction; intrusion detection system; malicious attack; misuse detection; mobile vehicle autonomous collection; open wireless medium; self-driving car; vehicular ad hoc networking; Accuracy; Ad hoc networks; Artificial neural networks; Feature extraction; Security; Training; Vehicles; driverless car; security; vehicular ad hoc networks (ID#: 15-7783)


Kotenko, I.; Saenko, I.; Skorik, F.; Bushuev, S., “Neural Network Approach to Forecast the State of the Internet of Things Elements,” in Soft Computing and Measurements (SCM), 2015 XVIII International Conference on, vol., no., pp. 133–135,
19–21 May 2015. doi:10.1109/SCM.2015.7190434
Abstract: The paper presents the method to forecast the states of elements of the Internet of Things based on using an artificial neural network. The offered architecture of the neural network is a combination of a multilayered perceptron and a probabilistic neural network. For this reason, it provides high efficiency of decision-making. Results of an experimental assessment of the offered neural network on the accuracy of forecasting the states of elements of the Internet of Things are discussed.
Keywords: Internet of Things; decision making; multilayer perceptrons; neural net architecture; probability; artificial neural network; multilayered perceptron; probabilistic neural network; Artificial neural networks; Computer architecture; Forecasting; Internet of things; Probabilistic logic; Security; internet of things; neural network; state monitoring (ID#: 15-7784)


Adenusi, D.; Alese, B.K.;  Kuboye, B.M.; Thompson, A.F.-B., “Development of Cyber Situation Awareness Model,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1–11, 8–9 June 2015. doi:10.1109/CyberSA.2015.7166135
Abstract: This study designed and simulated cyber situation awareness model for gaining experience of cyberspace condition. This was with a view to timely detecting anomalous activities and taking proactive decision safeguard the cyberspace. The situation awareness model was modelled using Artificial Intelligence (AI) technique. The cyber situation perception sub-model of the situation awareness model was modelled using Artificial Neural Networks (ANN). The comprehension and projection submodels of the situation awareness model were modelled using Rule-Based Reasoning (RBR) techniques. The cyber situation perception sub-model was simulated in MATLAB 7.0 using standard intrusion dataset of KDD’99. The cyber situation perception sub-model was evaluated for threats detection accuracy using precision, recall and overall accuracy metrics. The simulation result obtained for the performance metrics showed that the cyber-situation sub-model of the cybersituation model better with increase in number of training data records. The cyber situation model designed was able to meet its overall goal of assisting network administrators to gain experience of cyberspace condition. The model was capable of sensing the cyberspace condition, perform analysis based on the sensed condition and predicting the near future condition of the cyberspace.
Keywords: artificial intelligence; inference mechanisms; knowledge based systems; mathematics computing; neural nets; security of data; AI technique; ANN; Matlab 7.0; RBR techniques; anomalous activities detection; artificial neural networks; cyber situation awareness model; cyberspace condition; proactive decision safeguard; rule-based reasoning; training data records; Artificial neural networks; Computational modeling; Computer security; Cyberspace; Data models; Intrusion detection; Mathematical model; Artificial Intelligence; Awareness; cyber-situation; cybersecurity; cyberspace (ID#: 15-7785)


Kodym, O.; Benes, F.; Svub, J., “EPC Application Framework in the Context of Internet of Things,” in Carpathian Control Conference (ICCC), 2015 16th International, vol., no., pp. 214–219, 27–30 May 2015. doi:10.1109/CarpathianCC.2015.7145076
Abstract: Internet of Things philosophy implementation in conditions of the existing communication networks requires new types of services and interoperability. Once of the desired innovations is communication between existing IP world and the new generation network. Not just networks of smart devices that may not always have IP connectivity, but also other RFID-labeled objects and sensors. Fulfilling the need for high-quality applications for further more specific parameters of these objects internet of things, as may be location, serial number, distinctive and unique characters/connections, can add a proper extension of the existing network and system infrastructure with new information and naming service. Their purpose is not only to assign a unique identifier to the object, but also allow users to new services use other information associated with the selected object. The technology that enables the data processing, filtering and storage is defined in the Electronic Product Code Application Framework (EPCAF) as RFID middleware and EPCIS. One of the implementations of these standards is the Open Source solution Fosstrak. We experimented with Fosstrak system that was developed on Massachusetts Institute of Technology (MIT) by an academic initiative but nowadays we are going to prove its benefits in the context of business environment. The project is aimed also on connection and linking between systems of the EPCIS class made by the ONS systems.
Keywords: IP networks; Internet of Things; filtering theory; middleware; open systems; product codes; radiofrequency identification; storage management; EPC application framework; EPCAF; EPCIS class; Fosstrak system; IP connectivity; IP world; Internet of Things; MIT; Massachusetts Institute of Technology; ONS system; RFID middleware; RFID-labeled object; academic initiative; business environment; communication network; data processing; electronic product code application framework; filtering; high-quality application; information service; interoperability; naming service; new generation network; open source solution Fosstrak; smart device; storage; system infrastructure; Artificial neural networks;  Interoperability; Product codes; Standards; Technological innovation; Testing; Fosstrak; IPv6; IoT (Internet of Things); ONS (Object name services); RFID security (ID#: 15-7786)


Sagar, V.; Kumar, K., “A Symmetric Key Cryptography Using Genetic Algorithm and Error Back Propagation Neural Network,” in Computing for Sustainable Global Development (INDIACom), 2015 2nd International Conference on, vol., no.,
pp. 1386–1391, 11–13 March 2015. doi: (not provided)
Abstract: In conventional security mechanism, cryptography is a process of information and data hiding from unauthorized access. It offers the unique possibility of certifiably secure data transmission among users at different remote locations. Cryptography is used to achieve availability, privacy and integrity over different networks. Usually, there are two categories of cryptography i.e. symmetric and asymmetric. In this paper, we have proposed a new symmetric key algorithm based on genetic algorithm (GA) and error back propagation neural network (EBP-NN). Genetic algorithm has been used for encryption and neural network has been used for decryption process. Consequently, this paper proposes an easy cryptographic secure algorithm for communication over the public computer networks.
Keywords: backpropagation; computer network security; cryptography; genetic algorithms; neural nets; EBP-NN; GA; certifiably secure data transmission; cryptographic secure algorithm; data hiding; data integrity; data privacy; decryption process; error back propagation neural network; genetic algorithm; information hiding; public computer networks; remote locations; symmetric key cryptography; unauthorized access; Artificial neural networks; Encryption; Genetic algorithms; Neurons; Receivers; genetic algorithm; symmetric key (ID#: 15-7787)


Singare, Y.P.; Tembhurkar, M., “Design of an Efficient Initial Access Authentication over MANET,” in Industrial Instrumentation and Control (ICIC), 2015 International Conference on, vol., no., pp. 1614–1619, 28–30 May 2015. doi:10.1109/IIC.2015.7151008
Abstract: Nowadays, the importance of Mobile Ad hoc Networks (MANETs) is growing rapidly especially in military and business applications. It is crucial to have a more efficient initial link setup mechanism. In this work, we propose an efficient initial access authentication protocol, which realizes the authentications and key distribution through least roundtrip messages. We propose efficient initial access authentication mechanism over MANET that is more efficient than any message authentication method in the literature. The key idea behind the proposed method is to provide efficient initial authentication as well as to provide secure message passing between Mobile user and authentication server. Furthermore, a simple and practical method is presented to make compatible with MANET.
Keywords: cryptographic protocols; mobile ad hoc networks; MANET; authentication server; initial access authentication protocol; key distribution; least roundtrip message; Ad hoc networks; Artificial neural networks; Authentication; Dictionaries; Maintenance engineering; Mobile computing; Protocols; Security (ID#: 15-7788)


Salmeron, J.L., “A Fuzzy Grey Cognitive Maps-Based Intelligent Security System,” in Grey Systems and Intelligent Services (GSIS), 2015 IEEE International Conference on, vol., no., pp. 29–32, 18–20 Aug. 2015. doi:10.1109/GSIS.2015.7301813
Abstract: Fuzzy Grey Cognitive Map (FGCM) is an innovative soft computing technique mixing Fuzzy Cognitive Maps and Grey Systems Theory. FGCMs are supervised learning fuzzy-neural systems typically modeled with signed fuzzy grey weighted digraphs, generally involving feedbacks. It is hard to find an accurate mathematical model to describe this decision-making because it includes a high uncertainty and the factors involved interact each other. FGCMs are able to capture and imitate the nature of human being in describing, representing and developing models. They are good at processing fuzzy and grey information and have adaptive, intelligent features. This paper presents a FGCM-based decision support tool, which synthetically takes the related factors into account, offering objective parameters for selecting the fitter surveillance asset. The proposed method is robust, adaptive and simple.
Keywords: decision support systems; fuzzy neural nets; fuzzy set theory; graph theory; grey systems; learning (artificial intelligence); security of data; FGCM-based decision support tool; fitter surveillance asset selection; fuzzy grey cognitive maps-based intelligent security system; innovative soft computing technique; mathematical model; signed fuzzy grey weighted digraphs; supervised learning fuzzy-neural systems; Accuracy; Artificial neural networks; Computational modeling; Geology; Q measurement; Fuzzy Grey Cognitive Maps; Intelligent Security System; Security; simulation (ID#: 15-7789)


Nair, N.K.; Navin, K.S., “An Efficient Group Authentication Mechanism Supporting Key Confidentiality, Key Freshness and Key Authentication in Cloud Computing,” in Computation of Power, Energy Information and Communication (ICCPEIC), 2015 International Conference on, vol., no., pp. 0288–0292, 22–23 April 2015. doi:10.1109/ICCPEIC.2015.7259477
Abstract: A Group authentication emphasis on communication between the members of a group and then authenticates the members. The main purpose of group communication is to share and exchange ideas and messages with different members of the group. The messages are sent to each other in encrypted form to enhance security. The group manager has the responsibility of overall control over the group. A group key is there for each group which generates the session keys which are used by the group members to share the secret messages.
Keywords: cloud computing; cryptography; group authentication mechanism; group key; key authentication; key confidentiality; key freshness; session keys; Artificial neural networks; Cryptography; Reliability; Cloud computing; Encryption; Group Authentication; Key Confidentiality; Key Freshness (ID#: 15-7790)


Ishitaki, Taro; Elmazi, Donald; Yi Liu; Oda, Tetsuya; Barolli, Leonard; Uchida, Kazunori, “Application of Neural Networks for Intrusion Detection in Tor Networks,” in Advanced Information Networking and Applications Workshops (WAINA), 2015 IEEE 29th International Conference on, vol., no., pp. 67–72, 24–27 March 2015. doi:10.1109/WAINA.2015.136
Abstract: Due to the amount of anonymity afforded to users of the Tor infrastructure, Tor has become a useful tool for malicious users. With Tor, the users are able to compromise the non-repudiation principle of computer security. Also, the potentially hackers may launch attacks such as DDoS or identity theft behind Tor. For this reason, there are needed new systems and models to detect the intrusion in Tor networks. In this paper, we present the application of Neural Networks (NNs) for intrusion detection in Tor networks. We used the Back propagation NN and constructed a Tor server and a Deep Web browser (client). Then, the client sends the data browsing to the Tor server using the Tor network. We used Wireshark Network Analyzer to get the data and then use the Back propagation NN to make the approximation. The simulation results show that our simulation system has a good approximation and can be used for intrusion detection in Tor networks.
Keywords: backpropagation; computer network security; file servers; neural nets; online front-ends; telecommunication network routing; TOR network; The Onion Router; Tor server; Wireshark network analyzer; back propagation NN; computer security nonrepudiation principle; deep Web browser; intrusion detection; neural network; Approximation methods; Artificial neural networks; Intrusion detection; Neurons; Peer-to-peer computing; Servers; Deep Web; Intrusion Detection; Neural Networks; Tor Networks (ID#: 15-7791)


Narad, S.K.; Chavan, P.V., “Neural Network Based Group Authentication Using (n, n) Secret Sharing Scheme,” in Computer Engineering and Applications (ICACEA), 2015 International Conference on Advances in, vol., no., pp. 409–414, 19–20 March 2015. doi:10.1109/ICACEA.2015.7164739
Abstract: In recent days, usage of internet is increasing so; authentication becomes the most important security services for communication purpose. Keeping this into consideration, there is need of robust security services and schemes. This paper proposes Group Authentication authenticates all users at a time belonging to the same group. The (n, n) Group Authentication Scheme is very efficient since it authenticates all users if they are group members. If they are nonmembers, then it may be used as a preprocess and apply authentication before and it identifies the non-members. Also, if any of the users present in group authentication is absent then the group is not authenticated at all, as each share is distributed to each user. It results in best authenticated system as the Group Authentication is implemented with Neural Network. So it becomes complicated for hackers to hack each neuron in a neural network. The Neural Network based group authentication is specially designed for applications performing group activities using Shamir Secret Sharing Scheme.
Keywords: Internet; computer network security; neural nets; Shamir secret sharing scheme; authenticated system; group authentication; group authentication scheme; neural network; security services; Artificial neural networks; Authentication; Biological neural networks; Cryptography; Visualization; Backpropogation Neural Network; Group Authentication; Shamir Secret Sharing Scheme (ID#: 15-7792)


Gilmore, R.; Hanley, N.; O’Neill, M., “Neural Network Based Attack on a Masked Implementation of AES,” in Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on, pp. 106–111, 5–7 May 2015. doi:10.1109/HST.2015.7140247
Abstract: Masked implementations of cryptographic algorithms are often used in commercial embedded cryptographic devices to increase their resistance to side channel attacks. In this work we show how neural networks can be used to both identify the mask value, and to subsequently identify the secret key value with a single attack trace with high probability. We propose the use of a pre-processing step using principal component analysis (PCA) to significantly increase the success of the attack. We have developed a classifier that can correctly identify the mask for each trace, hence removing the security provided by that mask and reducing the attack to being equivalent to an attack against an unprotected implementation. The attack is performed on the freely available differential power analysis (DPA) contest data set to allow our work to be easily reproducible. We show that neural networks allow for a robust and efficient classification in the context of side-channel attacks.
Keywords: cryptography; neural nets; pattern classification; principal component analysis; AES; Advanced Encryption Standard; DPA; PCA; cryptographic algorithms; differential power analysis contest data set; embedded cryptographic devices; machine learning; mask value identification; masked implementation; neural network based attack; secret key value identification; side channel attacks; Artificial neural networks; Cryptography; Error analysis; Hardware; Power demand; Principal component analysis; Training; SCA; machine learning; masking; neural network (ID#: 15-7793)


Xiong Kai; Yin Mingyong; Li Wenkang; Jiang Hong, “A Rank Sequence Method for Detecting Black Hole Attack in Ad Hoc Network,” in Intelligent Computing and Internet of Things (ICIT), 2014 International Conference on, vol., no., pp. 155–159, 17–18 Jan. 2015. doi:10.1109/ICAIOT.2015.7111559
Abstract: This paper discusses one of the route security problems called the black hole attack. In the network, we can capture some AODV route tables to gain a rank sequences by using the FP-Growth, which is a data association rule mining. We choose the rank sequences for detecting the malicious node because the rank sequences are not sensitive to the noise interfered. A suspicious set consists of nodes which are selected by whether the rank of a node is changed in the sequence. Then, we use the DE-Cusum to distinguish the black hole route and normal one in the suspicious set. In this paper, the FP-Growth reflects an idea which is about reducing data dimensions. This algorithm excludes many normal nodes before the DE-Cusum detection because the normal node has a stable rank in a sequence. In the simulation, we use the NS2 to build a black hole attack scenario with 11 nodes. Simulation results show that the proposed algorithm can reduce much vain detection.
Keywords: ad hoc networks; computer crime; data mining; mobile computing; routing protocols; sensor fusion; telecommunication security; AODV route tables; DE-Cusum detection; FP-growth; ad hoc network; ad-hoc on-demand distance vector; black hole attack detection; black hole route; data association rule mining; data dimensions; malicious node detection; rank sequence method; route security problems; Artificial neural networks; Cryptography; Noise; AODV; Black hole attack; DE-Cusum; FP-Growth
(ID#: 15-7794)


Pantola, P.; Bala, A.; Rana, P.S., “Consensus Based Ensemble Model for Spam Detection,” in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, vol., no., pp.1724–1727, 10–13 Aug. 2015. doi:10.1109/ICACCI.2015.7275862
Abstract: In machine learning, ensemble model is combining two or more models for obtaining the better prediction, accuracy and robustness as compared to individual model separately. Before getting ensemble model first we have to assign our training dataset into different models, after that we have to select the best model suited for our data sets. In this work we explored six machine learning parameter for the data set i.e. Accuracy, Receiver operating characteristics (ROC) curve, Confusion matrix, Sensitivity, Specificity and Kappa value. After that we implemented k fold validation to our best five models.
Keywords: feature selection; learning (artificial intelligence); security of data; unsolicited e-mail; Kappa value; ROC curve; confusion matrix; consensus based ensemble model; k fold validation; machine learning parameter; receiver operating characteristics curve; spam detection; Accuracy; Adaptation models; Analytical models; Artificial neural networks; Computational modeling; Data models; Vegetation; Feature selection; machine learning models; spams data set (ID#: 15-7795)


Stampar, M.; Fertalj, K., “Artificial Intelligence in Network Intrusion Detection,” in Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on, vol., no., pp. 1318–1323, 25–29 May 2015. doi:10.1109/MIPRO.2015.7160479
Abstract: In past, detection of network attacks has been almost solely done by human operators. They anticipated network anomalies in front of consoles, where based on their expert knowledge applied necessary security measures. With the exponential growth of network bandwidth, this task slowly demanded substantial improvements in both speed and accuracy. One proposed way how to achieve this is the usage of artificial intelligence (AI), progressive and promising computer science branch, particularly one of its sub-fields - machine learning (ML) - where main idea is learning from data. In this paper authors will try to give a general overview of AI algorithms, with main focus on their usage for network intrusion detection.
Keywords: computer network security; learning (artificial intelligence); AI algorithm; ML; artificial intelligence; expert knowledge; machine learning; network attacks detection; network bandwidth; network intrusion detection; Artificial intelligence; Artificial neural networks; Classification algorithms; Intrusion detection; Market research; Niobium; Support vector machines (ID#: 15-7796)


Elsayed, S.; Sarker, R.; Slay, J., “Evaluating the Performance of a Differential Evolution Algorithm in Anomaly Detection,” in Evolutionary Computation (CEC), 2015 IEEE Congress on, vol., no., pp. 2490–2497, 25–28 May 2015. doi:10.1109/CEC.2015.7257194
Abstract: During the last few eras, evolutionary algorithms have been adopted to tackle cyber-terrorism. Among them, genetic algorithms and genetic programming were popular choices. Recently, it has been shown that differential evolution was more successful in solving a wide range of optimization problems. However, a very limited number of research studies have been conducted for intrusion detection using differential evolution. In this paper, we will adapt differential evolution algorithm for anomaly detection, along with proposing a new fitness function to measure the quality of each individual in the population. The proposed method is trained and tested on the 10%KDD99 cup data and compared against existing methodologies. The results show the effectiveness of using differential evolution in detecting anomalies by achieving an average true positive rate of 100%, while the average false positive rate is only 0.582%.
Keywords: computer network security; genetic algorithms; Cyber terrorism; anomaly detection; differential evolution algorithm; fitness function; genetic programming; intrusion detection; optimisation; Artificial neural networks; Feature extraction; Indexes; Intrusion detection; Sociology; Statistics; Testing; differential evolution; intrusion detection systems (ID#: 15-7797)


Schneider, M.; Ertel, W.; Palm, G., “Expected Similarity Estimation for Large Scale Anomaly Detection,” in Neural Networks (IJCNN), 2015 International Joint Conference on, vol., no., pp. 1–8, 12–17 July 2015. doi:10.1109/IJCNN.2015.7280331
Abstract: We propose a new algorithm named EXPected Similarity Estimation (EXPoSE) to approach the problem of anomaly detection (also known as one-class learning or outlier detection) which is based on the similarity between data points and the distribution of non-anomalous data. We formulate the problem as an inner product in a reproducing kernel Hilbert space to which we present approximations that allow its application to very large-scale datasets. More precisely, given a dataset with n instances, our proposed method requires O(n) training time and O(1) to make a prediction while spending only O(1) memory to store the learned model. Despite its abstract derivation our algorithm is simple and parameter free. We show on seven real datasets that our approach can compete with state of the art algorithms for anomaly detection.
Keywords: Hilbert spaces; learning (artificial intelligence); security of data; EXPoSE; data points; expected similarity estimation; kernel Hilbert space; large scale anomaly detection; one-class learning; outlier detection; Approximation methods; Artificial neural networks; Prediction algorithms; Spatial databases; Xenon (ID#: 15-7798)


Shaoning Pang; Yiming Peng; Ban, Tao; Inoue, Daisuke; Sarrafzadeh, Abdolhossein, “A Federated Network Online Network Traffics Analysis Engine for Cybersecurity,” in Neural Networks (IJCNN), 2015 International Joint Conference on, vol., no.,
pp. 1–8, 12–17 July 2015. doi:10.1109/IJCNN.2015.7280563
Abstract: Agent-oriented techniques are being increasingly used in a range of networking security applications. In this paper, we introduce FNTAE, a Federated Network Traffic Analysis Engine for real-time network intrusion detection. In FNTAE, each analysis engine is powered with an incremental learning agent, for capturing attack signatures in real-time, so that the abnormal traffics resulting from the new attacks are detected as soon as they occur. Owing to the effective knowledge sharing among multiple analysis engines, the integrated engine is theoretically guaranteed performing more effective than a centralized analysis system. We deployed and tested FNTAE in a real world network environment. The results demonstrate that FNTAE is a promising solution to improving system security through the identification of malicious network traffic.
Keywords: computer network security; learning (artificial intelligence); multi-agent systems; telecommunication traffic; FNTAE; abnormal traffics; agent-oriented techniques; attack signatures; centralized analysis system; cybersecurity; federated network online network traffics analysis engine; incremental learning agent; malicious network traffic; multiple analysis engines; networking security applications; real world network environment; system security; Artificial neural networks; Computer security; Engines; IP networks; Merging; Switches (ID#: 15-7799)


Hajdarevic, A.; Dzananovic, I.; Banjanovic-Mehmedovic, L.; Mehmedovic, F., “Anomaly Detection in Thermal Power Plant Using Probabilistic Neural Network,” in Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2015 38th International Convention on, vol., no., pp. 1118–1123, 25–29 May 2015. doi:10.1109/MIPRO.2015.7160443
Abstract: Anomalies are integral part of every system’s behavior and sometimes cannot be avoided. Therefore it is very important to timely detect such anomalies in real-world running power plant system. Artificial neural networks are one of anomaly detection techniques. This paper gives a type of neural network (probabilistic) to solve the problem of anomaly detection in selected sections of thermal power plant. Selected sections are steam superheaters and steam drum. Inputs for neural networks are some of the most important process variables of these sections. It is noteworthy that all of the inputs are observable in the real system installed in thermal power plant, some of which represent normal behavior and some anomalies. In addition to the implementation of this network for anomaly detection, the effect of key parameter change on anomaly detection results is also shown. Results confirm that probabilistic neural network is excellent solution for anomaly detection problem, especially in real-time industrial applications.
Keywords: neural nets; power engineering computing; probability; security of data; thermal power stations; ANN; anomaly detection techniques; artificial neural networks; normal behavior; probabilistic neural network; process variables; real-time industrial applications; steam drum; steam superheaters; thermal power plant; Biological neural networks; Boilers; Power generation; Probabilistic logic; Probability density function; Training (ID#: 15-7800)


Esmaily, Jamal; Moradinezhad, Reza; Ghasemi, Jamal, “Intrusion Detection System Based on Multi-Layer Perceptron Neural Networks and Decision Tree,” in Information and Knowledge Technology (IKT), 2015 7th Conference on, vol., no., pp. 1–5, 26–28 May 2015. doi:10.1109/IKT.2015.7288736
Abstract: The growth of internet attacks is a major problem for today’s computer networks. Hence, implementing security methods to prevent such attacks is crucial for any computer network. With the help of Machine Learning and Data Mining techniques, Intrusion Detection Systems (IDS) are able to diagnose attacks and system anomalies more effectively. Though, most of the studied methods in this field, including Rule-based expert systems, are not able to successfully identify the attacks which have different patterns from expected ones. By using Artificial Neural Networks (ANNs), it is possible to identify the attacks and classify the data, even when the dataset is nonlinear, limited, or incomplete. In this paper, a method based on the combination of Decision Tree (DT) algorithm and Multi-Layer Perceptron (MLP) ANN is proposed which is able to identify attacks with high accuracy and reliability.
Keywords: Internet; computer network security; data mining; decision trees; learning (artificial intelligence); multilayer perceptrons; ANNs; DT; IDS; Internet attacks; MLP ANN; artificial neural networks; computer networks; data mining techniques; decision tree; intrusion detection system; machine learning; multilayer perceptron neural networks; rule-based expert systems; security methods; Algorithm design and analysis; Classification algorithms; Clustering algorithms; Decision trees; Intrusion detection; Neural networks; Support vector machines; Decision Tree; Intrusion Detection Systems; Machine Learning; Neural Networks (ID#: 15-7801)


Anandapriya, M.; Lakshmanan, B., “Anomaly Based Host Intrusion Detection System Using Semantic Based System Call Patterns,” in Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, vol., no., pp. 1–4, 9–10 Jan. 2015. doi:10.1109/ISCO.2015.7282244
Abstract: The Host Based Intrusion Detection System (HIDS) is to prevent the host system from being compromised by intruders. To prevent the execution of malicious codes on the host, HIDS monitors the system audit and event logs. But the design of HIDS is very challenging due to the presence of high false alarm rate. This paper mainly focuses on reducing the problem of false alarm rate, using semantic based system call patterns. Here, we make use of the semantic approach to apply on the underlying kernel level system calls which can help understand the anomaly behavior. The semantic tool used is the data dictionary. The data dictionary containing every possible combinations of sequence of system call names of particular phrase length was constructed. The features satisfying the semantic hypothesis are extracted and then normalized. The normalized values are then given as input to the decision engine. The decision engine used is the Extreme Learning Machine - a new type of neural network. Performance was evaluated using the modern ADFA-LD dataset.
Keywords: database management systems; feature extraction; learning (artificial intelligence); neural nets; security of data; ADFA-LD dataset; HIDS; anomaly based host intrusion detection system; data dictionary; decision engine; extreme learning machine; kernel level system calls; neural network; semantic based system call patterns; Dictionaries; Engines; Feature extraction; Hidden Markov models; Intrusion detection; Semantics; Support vector machines; ADFA-LD; Anomaly; ELM; semantic phrases
(ID#: 15-7802)


Chih-Hung Hsieh; Yu-Siang Shen; Chao-Wen Li; Jain-Shing Wu, “iF2: An Interpretable Fuzzy Rule Filter for Web Log Post-Compromised Malicious Activity Monitoring,” in Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, vol., no., pp. 130–137, 24–26 May 2015. doi:10.1109/AsiaJCIS.2015.19
Abstract: To alleviate the loads of tracking web log file by human effort, machine learning methods are now commonly used to analyze log data and to identify the pattern of malicious activities. Traditional kernel based techniques, like the neural network and the support vector machine (SVM), typically can deliver higher prediction accuracy. However, the user of a kernel based techniques normally cannot get an overall picture about the distribution of the data set. On the other hand, logic based techniques, such as the decision tree and the rule-based algorithm, feature the advantage of presenting a good summary about the distinctive characteristics of different classes of data such that they are more suitable to generate interpretable feedbacks to domain experts. In this study, a real web-access log dataset from a certain organization was collected. An efficient interpretable fuzzy rule filter (iF2) was proposed as a filter to analyze the data and to detect suspicious internet addresses from the normal ones. The historical information of each internet address recorded in web log file is summarized as multiple statistics. And the design process of iF2 is elaborately modeled as a parameter optimization problem which simultaneously considers 1) maximizing prediction accuracy, 2) minimizing number of used rules, and 3) minimizing number of selected statistics. Experimental results show that the fuzzy rule filter constructed with the proposed approach is capable of delivering superior prediction accuracy in comparison with the conventional logic based classifiers and the expectation maximization based kernel algorithm. On the other hand, though it cannot match the prediction accuracy delivered by the SVM, however, when facing real web log file where the ratio of positive and negative cases is extremely unbalanced, the proposed iF2 of having optimization flexibility results in a better recall rate and enjoys one major advantage due to providing the user with an overall picture of the underlying distributions.
Keywords: Internet; data mining; fuzzy set theory; learning (artificial intelligence); neural nets; pattern classification; statistical analysis; support vector machines; Internet address; SVM; Web log file tracking; Web log post-compromised malicious activity monitoring; Web-access log dataset; decision tree; expectation maximization based kernel algorithm; fuzzy rule filter; iF2; interpretable fuzzy rule filter; kernel based techniques; log data analysis; logic based classifiers; logic based techniques; machine learning methods; malicious activities; neural network; parameter optimization problem; recall rate; rule-based algorithm; support vector machine; Accuracy; Kernel; Monitoring; Optimization; Prediction algorithms; Support vector machines; Fuzzy Rule Based Filter; Machine Learning; Parameter Optimization; Pattern Recognition; Post-Compromised Threat Identification; Web Log Analysis (ID#: 15-7803)


Shin-Ying Huang; Fang Yu; Rua-Huan Tsaih; Yennun Huang, “Network-Traffic Anomaly Detection with Incremental Majority Learning,” in Neural Networks (IJCNN), 2015 International Joint Conference on, vol., no., pp. 1–8, 12–17 July 2015. doi:10.1109/IJCNN.2015.7280573
Abstract: Detecting anomaly behavior in large network traffic data has presented a great challenge in designing effective intrusion detection systems. We propose an adaptive model to learn majority patterns under a dynamic changing environment. We first propose unsupervised learning on data abstraction to extract essential features of samples. We then adopt incremental majority learning with iterative evolutions on fitting envelopes to characterize the majority of samples within moving windows. A network traffic sample is considered an anomaly if its abstract feature falls on the outside of the fitting envelope. We justify the effectiveness of the presented approach against 150000+ traffic samples from the NSL-KDD dataset in training and testing, demonstrating positive promise in detecting network attacks by identifying samples that have abnormal features.
Keywords: computer network security; data structures; iterative methods; learning (artificial intelligence); telecommunication traffic; NSL-KDD dataset; abnormal features; anomaly behavior; data abstraction; dynamic changing environment; fitting envelopes; incremental majority learning; intrusion detection systems; iterative evolutions; large network traffic data; network attacks; network-traffic anomaly detection; unsupervised learning; Adaptation models; Character recognition; Classification algorithms; Testing; incremental learning; intrusion detection system; neural networks; outlier detection (ID#: 15-7804)


Gaikwad, D.P.; Thool, R.C., “Intrusion Detection System Using Bagging Ensemble Method of Machine Learning,” in Computing Communication Control and Automation (ICCUBEA), 2015 International Conference on, vol., no., pp. 291–295, 26–27 Feb. 2015. doi:10.1109/ICCUBEA.2015.61
Abstract: Intrusion detection system is widely used to protect and reduce damage to information system. It protects virtual and physical computer networks against threats and vulnerabilities. Presently, machine learning techniques are widely extended to implement effective intrusion detection system. Neural network, statistical models, rule learning, and ensemble methods are some of the kinds of machine learning methods for intrusion detection. Among them, ensemble methods of machine learning are known for good performance in learning process. Investigation of appropriate ensemble method is essential for building effective intrusion detection system. In this paper, a novel intrusion detection technique based on ensemble method of machine learning is proposed. The Bagging method of ensemble with REPTree as base class is used to implement intrusion detection system. The relevant features from NSL_KDD dataset are selected to improve the classification accuracy and reduce the false positive rate. The performance of proposed ensemble method is evaluated in term of classification accuracy, model building time and False Positives. The experimental results show that the Bagging ensemble with REPTree base class exhibits highest classification accuracy. One advantage of using Bagging method is that it takes less time to build the model. The proposed ensemble method provides competitively low false positives compared with other machine learning techniques.
Keywords: data analysis; learning (artificial intelligence); neural nets; security of data; statistical analysis; trees (mathematics); NSL-KDD dataset; REPTree; classification accuracy; intrusion detection system; machine learning techniques; neural network; physical computer networks; statistical models; using bagging ensemble method; virtual computer networks; Accuracy; Bagging; Classification algorithms; Feature extraction; Hidden Markov models; Intrusion detection; Training; Ensemble; False positives; Machine learning; intrusion detection (ID#: 15-7805)

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.