Visible to the public Biblio

Found 116 results

Filters: Keyword is intrusion detection system  [Clear All Filters]
2021-05-05
Ajayi, Oluwaseyi, Saadawi, Tarek.  2020.  Blockchain-Based Architecture for Secured Cyber-Attack Features Exchange. 2020 7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2020 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :100—107.
Despite the increased accuracy of intrusion detection systems (IDS) in identifying cyberattacks in computer networks and devices connected to the internet, distributed or coordinated attacks can still go undetected or not detected on time. The single vantage point limits the ability of these IDSs to detect such attacks. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Researchers proposed a cooperative intrusion detection system to share these attack characteristics effectively. This approach was useful; however, the security of the shared data cannot be guaranteed. More specifically, maintaining the integrity and consistency of shared data becomes a significant concern. In this paper, we propose a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. The proposed architecture achieves this by detecting and preventing fake features injection and compromised IDS nodes. It also facilitates scalable attack features exchange among IDS nodes, ensures heterogeneous IDS nodes participation, and it is robust to public IDS nodes joining and leaving the network. We evaluate the security analysis and latency. The result shows that the proposed approach detects and prevents compromised IDS nodes, malicious features injection, manipulation, or deletion, and it is also scalable with low latency.
2021-04-09
Mishra, A., Yadav, P..  2020.  Anomaly-based IDS to Detect Attack Using Various Artificial Intelligence Machine Learning Algorithms: A Review. 2nd International Conference on Data, Engineering and Applications (IDEA). :1—7.
Cyber-attacks are becoming more complex & increasing tasks in accurate intrusion detection (ID). Failure to avoid intrusion can reduce the reliability of security services, for example, integrity, Privacy & availability of data. The rapid proliferation of computer networks (CNs) has reformed the perception of network security. Easily accessible circumstances affect computer networks from many threats by hackers. Threats to a network are many & hypothetically devastating. Researchers have recognized an Intrusion Detection System (IDS) up to identifying attacks into a wide variety of environments. Several approaches to intrusion detection, usually identified as Signature-based Intrusion Detection Systems (SIDS) & Anomaly-based Intrusion Detection Systems (AIDS), were proposed in the literature to address computer safety hazards. This survey paper grants a review of current IDS, complete analysis of prominent new works & generally utilized dataset to evaluation determinations. It also introduces avoidance techniques utilized by attackers to avoid detection. This paper delivers a description of AIDS for attack detection. IDS is an applied research area in artificial intelligence (AI) that uses multiple machine learning algorithms.
Noiprasong, P., Khurat, A..  2020.  An IDS Rule Redundancy Verification. 2020 17th International Joint Conference on Computer Science and Software Engineering (JCSSE). :110—115.
Intrusion Detection System (IDS) is a network security software and hardware widely used to detect anomaly network traffics by comparing the traffics against rules specified beforehand. Snort is one of the most famous open-source IDS system. To write a rule, Snort specifies structure and values in Snort manual. This specification is expressive enough to write in different way with the same meaning. If there are rule redundancy, it could distract performance. We, thus, propose a proof of semantical issues for Snort rule and found four pairs of Snort rule combinations that can cause redundancy. In addition, we create a tool to verify such redundancy between two rules on the public rulesets from Snort community and Emerging threat. As a result of our test, we found several redundancy issues in public rulesets if the user enables commented rules.
Fadhilah, D., Marzuki, M. I..  2020.  Performance Analysis of IDS Snort and IDS Suricata with Many-Core Processor in Virtual Machines Against Dos/DDoS Attacks. 2020 2nd International Conference on Broadband Communications, Wireless Sensors and Powering (BCWSP). :157—162.
The rapid development of technology makes it possible for a physical machine to be converted into a virtual machine, which can operate multiple operating systems that are running simultaneously and connected to the internet. DoS/DDoS attacks are cyber-attacks that can threaten the telecommunications sector because these attacks cause services to be disrupted and be difficult to access. There are several software tools for monitoring abnormal activities on the network, such as IDS Snort and IDS Suricata. From previous studies, IDS Suricata is superior to IDS Snort version 2 because IDS Suricata already supports multi-threading, while IDS Snort version 2 still only supports single-threading. This paper aims to conduct tests on IDS Snort version 3.0 which already supports multi-threading and IDS Suricata. This research was carried out on a virtual machine with 1 core, 2 core, and 4 core processor settings for CPU, memory, and capture packet attacks on IDS Snort version 3.0 and IDS Suricata. The attack scenario is divided into 2 parts: DoS attack scenario using 1 physical computer, and DDoS attack scenario using 5 physical computers. Based on overall testing, the results are: In general, IDS Snort version 3.0 is better than IDS Suricata. This is based on the results when using a maximum of 4 core processor, in which IDS Snort version 3.0 CPU usage is stable at 55% - 58%, a maximum memory of 3,000 MB, can detect DoS attacks with 27,034,751 packets, and DDoS attacks with 36,919,395 packets. Meanwhile, different results were obtained by IDS Suricata, in which CPU usage is better compared to IDS Snort version 3.0 with only 10% - 40% usage, and a maximum memory of 1,800 MB. However, the capabilities of detecting DoS attacks are smaller with 3,671,305 packets, and DDoS attacks with a total of 7,619,317 packets on a TCP Flood attack test.
2021-03-30
Kuchar, K., Fujdiak, R., Blazek, P., Martinasek, Z., Holasova, E..  2020.  Simplified Method for Fast and Efficient Incident Detection in Industrial Networks. 2020 4th Cyber Security in Networking Conference (CSNet). :1—3.

This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today's requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.

2021-03-29
Johanyák, Z. C..  2020.  Fuzzy Logic based Network Intrusion Detection Systems. 2020 IEEE 18th World Symposium on Applied Machine Intelligence and Informatics (SAMI). :15—16.

Plenary Talk Our everyday life is more and more dependent on electronic communication and network connectivity. However, the threats of attacks and different types of misuse increase exponentially with the expansion of computer networks. In order to alleviate the problem and to identify malicious activities as early as possible Network Intrusion Detection Systems (NIDSs) have been developed and intensively investigated. Several approaches have been proposed and applied so far for these systems. It is a common challenge in this field that often there are no crisp boundaries between normal and abnormal network traffic, there are noisy or inaccurate data and therefore the investigated traffic could represent both attack and normal communication. Fuzzy logic based solutions could be advantageous owing to their capability to define membership levels in different classes and to do different operations with results ensuring reduced false positive and false negative classification compared to other approaches. In this presentation, after a short introduction of NIDSs a survey will be done on typical fuzzy logic based solutions followed by a detailed description of a fuzzy rule interpolation based IDS. The whole development process, i.e. data preprocessing, feature extraction, rule base generation steps are covered as well.

Malek, Z. S., Trivedi, B., Shah, A..  2020.  User behavior Pattern -Signature based Intrusion Detection. 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). :549—552.

Technology advancement also increases the risk of a computer's security. As we can have various mechanisms to ensure safety but still there have flaws. The main concerned area is user authentication. For authentication, various biometric applications are used but once authentication is done in the begging there was no guarantee that the computer system is used by the authentic user or not. The intrusion detection system (IDS) is a particular procedure that is used to identify intruders by analyzing user behavior in the system after the user logged in. Host-based IDS monitors user behavior in the computer and identify user suspicious behavior as an intrusion or normal behavior. This paper discusses how an expert system detects intrusions using a set of rules as a pattern recognized engine. We propose a PIDE (Pattern Based Intrusion Detection) model, which is verified previously implemented SBID (Statistical Based Intrusion Detection) model. Experiment results indicate that integration of SBID and PBID approach provides an extensive system to detect intrusion.

2021-03-18
Kirkbride, P., Dewan, M. A. Akber, Lin, F..  2020.  Game-Like Captchas for Intrusion Detection. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :312—315.

In this paper, we consider a novel method of mining biometric data for user authentication by replacing traditional captchas with game-like captchas. The game-like captchas present the user with a short game in which they attempt to get a high score. The data produced from a user's game play will be used to produce a behavior biometric based on user interactions, such as mouse movement, click patterns and game choices. The baseline expectation of interactive behavior will be used as a single factor in an intrusion detection system providing continuous authentication, considering the factors such as IP address, location, time of use, website interactions, and behavior anomalies. In addition to acting as a source of data, game-like captchas are expected to deter bots and automated systems from accessing web-based services and improving the user experience for the end-users who have become accustomed to monotonous alternatives, such as Google's re-captcha.

2021-03-04
Gorbenko, A., Popov, V..  2020.  Abnormal Behavioral Pattern Detection in Closed-Loop Robotic Systems for Zero-Day Deceptive Threats. 2020 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). :1—6.

In recent years, attacks against cyber-physical systems have become increasingly frequent and widespread. The inventiveness of such attacks increases significantly. In particular, zero-day attacks are widely used. The rapid development of the industrial Internet of things, the expansion of the application areas of service robots, the advent of the Internet of vehicles and the Internet of military things have led to a significant increase of attention to deceptive attacks. Especially great threat is posed by deceptive attacks that do not use hiding malicious components. Such attacks can naturally be used against robotic systems. In this paper, we consider an approach to the development of an intrusion detection system for closed-loop robotic systems. The system is based on an abnormal behavioral pattern detection technique. The system can be used for detection of zero-day deceptive attacks. We provide an experimental comparison of our approach and other behavior-based intrusion detection systems.

Widulinski, P., Wawryn, K..  2020.  A Human Immunity Inspired Intrusion Detection System to Search for Infections in an Operating System. 2020 27th International Conference on Mixed Design of Integrated Circuits and System (MIXDES). :187—191.

In the paper, an intrusion detection system to safeguard computer software is proposed. The detection is based on negative selection algorithm, inspired by the human immunity mechanism. It is composed of two stages, generation of receptors and anomaly detection. Experimental results of the proposed system are presented, analyzed, and concluded.

2021-02-23
Ratti, R., Singh, S. R., Nandi, S..  2020.  Towards implementing fast and scalable Network Intrusion Detection System using Entropy based Discretization Technique. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.

With the advent of networking technologies and increasing network attacks, Intrusion Detection systems are apparently needed to stop attacks and malicious activities. Various frameworks and techniques have been developed to solve the problem of intrusion detection, still there is need for new frameworks as per the challenging scenario of enormous scale in data size and nature of attacks. Current IDS systems pose challenges on the throughput to work with high speed networks. In this paper we address the issue of high computational overhead of anomaly based IDS and propose the solution using discretization as a data preprocessing step which can drastically reduce the computation overhead. We propose method to provide near real time detection of attacks using only basic flow level features that can easily be extracted from network packets.

Liu, J., Xiao, K., Luo, L., Li, Y., Chen, L..  2020.  An intrusion detection system integrating network-level intrusion detection and host-level intrusion detection. 2020 IEEE 20th International Conference on Software Quality, Reliability and Security (QRS). :122—129.
With the rapid development of Internet, the issue of cyber security has increasingly gained more attention. An intrusion Detection System (IDS) is an effective technique to defend cyber-attacks and reduce security losses. However, the challenge of IDS lies in the diversity of cyber-attackers and the frequently-changing data requiring a flexible and efficient solution. To address this problem, machine learning approaches are being applied in the IDS field. In this paper, we propose an efficient scalable neural-network-based hybrid IDS framework with the combination of Host-level IDS (HIDS) and Network-level IDS (NIDS). We applied the autoencoders (AE) to NIDS and designed HIDS using word embedding and convolutional neural network. To evaluate the IDS, many experiments are performed on the public datasets NSL-KDD and ADFA. It can detect many attacks and reduce the security risk with high efficiency and excellent scalability.
2021-02-03
Gao, L., Sun, J., Li, J..  2020.  Security of Networked Control Systems with Incomplete Information Based on Game Theory. 2020 39th Chinese Control Conference (CCC). :6701—6706.

The security problem of networked control systems (NCSs) suffering denial of service(DoS) attacks with incomplete information is investigated in this paper. Data transmission among different components in NCSs may be blocked due to DoS attacks. We use the concept of security level to describe the degree of security of different components in an NCS. Intrusion detection system (IDS) is used to monitor the invalid data generated by DoS attacks. At each time slot, the defender considers which component to monitor while the attacker considers which place for invasion. A one-shot game between attacker and defender is built and both the complete information case and the incomplete information case are considered. Furthermore, a repeated game model with updating beliefs is also established based on the Bayes' rule. Finally, a numerical example is provided to illustrate the effectiveness of the proposed method.

2021-01-25
More, S., Jamadar, I., Kazi, F..  2020.  Security Visualization and Active Querying for OT Network. :1—6.

Traditionally Industrial Control System(ICS) used air-gap mechanism to protect Operational Technology (OT) networks from cyber-attacks. As internet is evolving and so are business models, customer supplier relationships and their needs are changing. Hence lot of ICS are now connected to internet by providing levels of defense strategies in between OT network and business network to overcome the traditional mechanism of air-gap. This upgrade made OT networks available and accessible through internet. OT networks involve number of physical objects and computer networks. Physical damages to system have become rare but the number of cyber-attacks occurring are evidently increasing. To tackle cyber-attacks, we have a number of measures in place like Firewalls, Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). To ensure no attack on or suspicious behavior within network takes place, we can use visual aids like creating dashboards which are able to flag any such activity and create visual alert about same. This paper describes creation of parser object to convert Common Event Format(CEF) to Comma Separated Values(CSV) format and dashboard to extract maximum amount of data and analyze network behavior. And working of active querying by leveraging packet level data from network to analyze network inclusion in real-time. The mentioned methodology is verified on data collected from Waste Water Treatment Plant and results are presented.,} booktitle = {2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT)

2021-01-20
Rashid, A., Siddique, M. J., Ahmed, S. M..  2020.  Machine and Deep Learning Based Comparative Analysis Using Hybrid Approaches for Intrusion Detection System. 2020 3rd International Conference on Advancements in Computational Sciences (ICACS). :1—9.

Intrusion detection is one of the most prominent and challenging problem faced by cybersecurity organizations. Intrusion Detection System (IDS) plays a vital role in identifying network security threats. It protects the network for vulnerable source code, viruses, worms and unauthorized intruders for many intranet/internet applications. Despite many open source APIs and tools for intrusion detection, there are still many network security problems exist. These problems are handled through the proper pre-processing, normalization, feature selection and ranking on benchmark dataset attributes prior to the enforcement of self-learning-based classification algorithms. In this paper, we have performed a comprehensive comparative analysis of the benchmark datasets NSL-KDD and CIDDS-001. For getting optimal results, we have used the hybrid feature selection and ranking methods before applying self-learning (Machine / Deep Learning) classification algorithmic approaches such as SVM, Naïve Bayes, k-NN, Neural Networks, DNN and DAE. We have analyzed the performance of IDS through some prominent performance indicator metrics such as Accuracy, Precision, Recall and F1-Score. The experimental results show that k-NN, SVM, NN and DNN classifiers perform approx. 100% accuracy regarding performance evaluation metrics on the NSL-KDD dataset whereas k-NN and Naïve Bayes classifiers perform approx. 99% accuracy on the CIDDS-001 dataset.

2020-12-28
Hussain, M. S., Khan, K. U. R..  2020.  Network-based Anomaly Intrusion Detection System in MANETS. 2020 Fourth International Conference on Inventive Systems and Control (ICISC). :881—886.

In the communication model of wired and wireless Adhoc networks, the most needed requirement is the integration of security. Mobile Adhoc networks are more aroused with the attacks compared to the wired environment. Subsequently, the characteristics of Mobile Adhoc networks are also influenced by the vulnerability. The pre-existing unfolding solutions are been obtained for infrastructure-less networks. However, these solutions are not always necessarily suitable for wireless networks. Further, the framework of wireless Adhoc networks has uncommon vulnerabilities and due to this behavior it is not protected by the same solutions, therefore the detection mechanism of intrusion is combinedly used to protect the Manets. Several intrusion detection techniques that have been developed for a fixed wired network cannot be applied in this new environment. Furthermore, The issue of intensity in terms of energy is of a major kind due to which the life of the working battery is very limited. The objective this research work is to detect the Anomalous behavior of nodes in Manet's and Experimental analysis is done by making use of Network Simulator-2 to do the comparative analysis for the existing algorithm, we enhanced the previous algorithm in order to improve the Energy efficiency and results shown the improvement of energy of battery life and Throughput is checked with respect to simulation of test case analysis. In this paper, the proposed algorithm is compared with the existing approach.

2020-12-17
Lagraa, S., Cailac, M., Rivera, S., Beck, F., State, R..  2019.  Real-Time Attack Detection on Robot Cameras: A Self-Driving Car Application. 2019 Third IEEE International Conference on Robotic Computing (IRC). :102—109.

The Robot Operating System (ROS) are being deployed for multiple life critical activities such as self-driving cars, drones, and industries. However, the security has been persistently neglected, especially the image flows incoming from camera robots. In this paper, we perform a structured security assessment of robot cameras using ROS. We points out a relevant number of security flaws that can be used to take over the flows incoming from the robot cameras. Furthermore, we propose an intrusion detection system to detect abnormal flows. Our defense approach is based on images comparisons and unsupervised anomaly detection method. We experiment our approach on robot cameras embedded on a self-driving car.

2020-12-14
Chen, X., Cao, C., Mai, J..  2020.  Network Anomaly Detection Based on Deep Support Vector Data Description. 2020 5th IEEE International Conference on Big Data Analytics (ICBDA). :251–255.
Intrusion detection system based on representation learning is the main research direction in the field of anomaly detection. Malicious traffic detection system can distinguish normal and malicious traffic by learning representations between normal and malicious traffic. However, under the context of big data, there are many types of malicious traffic, and the features are also changing constantly. It is still a urgent problem to design a detection model that can effectively learn and summarize the feature of normal traffic and accurately identify the features of new kinds of malicious traffic.in this paper, a malicious traffic detection method based on Deep Support Vector Data Description is proposed, which is called Deep - SVDD. We combine convolutional neural network (CNN) with support vector data description, and train the model with normal traffic. The normal traffic features are mapped to high-dimensional space through neural networks, and a compact hypersphere is trained by unsupervised learning, which includes the normal features of the highdimensional space. Malicious traffic fall outside the hypersphere, thus distinguishing between normal and malicious traffic. Experiments show that the model has a high detection rate and a low false alarm rate, and it can effectively identify new malicious traffic.
2020-12-01
Usama, M., Asim, M., Latif, S., Qadir, J., Ala-Al-Fuqaha.  2019.  Generative Adversarial Networks For Launching and Thwarting Adversarial Attacks on Network Intrusion Detection Systems. 2019 15th International Wireless Communications Mobile Computing Conference (IWCMC). :78—83.

Intrusion detection systems (IDSs) are an essential cog of the network security suite that can defend the network from malicious intrusions and anomalous traffic. Many machine learning (ML)-based IDSs have been proposed in the literature for the detection of malicious network traffic. However, recent works have shown that ML models are vulnerable to adversarial perturbations through which an adversary can cause IDSs to malfunction by introducing a small impracticable perturbation in the network traffic. In this paper, we propose an adversarial ML attack using generative adversarial networks (GANs) that can successfully evade an ML-based IDS. We also show that GANs can be used to inoculate the IDS and make it more robust to adversarial perturbations.

Abdulhammed, R., Faezipour, M., Musafer, H., Abuzneid, A..  2019.  Efficient Network Intrusion Detection Using PCA-Based Dimensionality Reduction of Features. 2019 International Symposium on Networks, Computers and Communications (ISNCC). :1—6.

Designing a machine learning based network intrusion detection system (IDS) with high-dimensional features can lead to prolonged classification processes. This is while low-dimensional features can reduce these processes. Moreover, classification of network traffic with imbalanced class distributions has posed a significant drawback on the performance attainable by most well-known classifiers. With the presence of imbalanced data, the known metrics may fail to provide adequate information about the performance of the classifier. This study first uses Principal Component Analysis (PCA) as a feature dimensionality reduction approach. The resulting low-dimensional features are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. Furthermore, in this paper, we apply a Multi-Class Combined performance metric Combi ned Mc with respect to class distribution through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset. We were able to reduce the CICIDS2017 dataset's feature dimensions from 81 to 10 using PCA, while maintaining a high accuracy of 99.6% in multi-class and binary classification.

Karatas, G., Demir, O., Sahingoz, O. K..  2019.  A Deep Learning Based Intrusion Detection System on GPUs. 2019 11th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). :1—6.

In recent years, almost all the real-world operations are transferred to cyber world and these market computers connect with each other via Internet. As a result of this, there is an increasing number of security breaches of the networks, whose admins cannot protect their networks from the all types of attacks. Although most of these attacks can be prevented with the use of firewalls, encryption mechanisms, access controls and some password protections mechanisms; due to the emergence of new type of attacks, a dynamic intrusion detection mechanism is always needed in the information security market. To enable the dynamicity of the Intrusion Detection System (IDS), it should be updated by using a modern learning mechanism. Neural Network approach is one of the mostly preferred algorithms for training the system. However, with the increasing power of parallel computing and use of big data for training, as a new concept, deep learning has been used in many of the modern real-world problems. Therefore, in this paper, we have proposed an IDS system which uses GPU powered Deep Learning Algorithms. The experimental results are collected on mostly preferred dataset KDD99 and it showed that use of GPU speed up training time up to 6.48 times depending on the number of the hidden layers and nodes in them. Additionally, we compare the different optimizers to enlighten the researcher to select the best one for their ongoing or future research.

Kadhim, Y., Mishra, A..  2019.  Radial Basis Function (RBF) Based on Multistage Autoencoders for Intrusion Detection system (IDS). 2019 1st International Informatics and Software Engineering Conference (UBMYK). :1—4.

In this paper, RBF-based multistage auto-encoders are used to detect IDS attacks. RBF has numerous applications in various actual life settings. The planned technique involves a two-part multistage auto-encoder and RBF. The multistage auto-encoder is applied to select top and sensitive features from input data. The selected features from the multistage auto-encoder is wired as input to the RBF and the RBF is trained to categorize the input data into two labels: attack or no attack. The experiment was realized using MATLAB2018 on a dataset comprising 175,341 case, each of which involves 42 features and is authenticated using 82,332 case. The developed approach here has been applied for the first time, to the knowledge of the authors, to detect IDS attacks with 98.80% accuracy when validated using UNSW-NB15 dataset. The experimental results show the proposed method presents satisfactory results when compared with those obtained in this field.

Chen, S., Hu, W., Li, Z..  2019.  High Performance Data Encryption with AES Implementation on FPGA. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :149—153.

Nowadays big data has getting more and more attention in both the academic and the industrial research. With the development of big data, people pay more attention to data security. A significant feature of big data is the large size of the data. In order to improve the encryption speed of the large size of data, this paper uses the deep pipeline and full expansion technology to implement the AES encryption algorithm on FPGA. Achieved throughput of 31.30 Gbps with a minimum latency of 0.134 us. This design can quickly encrypt large amounts of data and provide technical support for the development of big data.

Di, A., Ruisheng, S., Lan, L., Yueming, L..  2019.  On the Large-Scale Traffic DDoS Threat of Space Backbone Network. 2019 IEEE 5th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :192—194.

Satellite networks play an important role in realizing the combination of the space networks and ground networks as well as the global coverage of the Internet. However, due to the limitation of bandwidth resource, compared with ground network, space backbone networks are more likely to become victims of DDoS attacks. Therefore, we hypothesize an attack scenario that DDoS attackers make reflection amplification attacks, colluding with terminal devices accessing space backbone network, and exhaust bandwidth resources, resulting in degradation of data transmission and service delivery. Finally, we propose some plain countermeasures to provide solutions for future researchers.

Quingueni, A. M., Kitsuwan, N..  2019.  Reduction of traffic between switches and IDS for prevention of DoS attack in SDN. 2019 19th International Symposium on Communications and Information Technologies (ISCIT). :277—281.

Denial of service (DoS) is a process of injecting malicious packets into the network. Intrusion detection system (IDS) is a system used to investigate malicious packets in the network. Software-defined network (SDN) physically separates control plane and data plane. The control plane is moved to a centralized controller, and it makes a decision in the network from a global view. The combination between IDS and SDN allows the prevention of malicious packets to be more efficient due to the advantage of the global view in SDN. IDS needs to communicate with switches to have an access to all end-to-end traffic in the network. The high traffic in the link between switches and IDS results in congestion. The congestion between switches and IDS delays the detection and prevention of malicious traffic. To address this problem, we propose a historical database (Hdb), a scheme to reduce the traffic between switches and IDS, based on the historical information of a sender. The simulation shows that in the average, 54.1% of traffic mirrored to IDS is reduced compared to the conventional schemes.