A survey of intrusion detection techniques

 
 
 
  • Abstract
  • Keywords
  • References
  • PDF
  • Abstract


    In today’s world, the number of companies is increasing day by day that help end users to express opinion i.e. social media management, to watch news, payment applications, retail, ecommerce etc. There are large amount of forms, which take personal information’s like username, password, social security number, credit card, debit card and account information. Thus the applications are vulnerable to security issues like phishing attacks, denial of service attacks, cross-site scripting attack and many more. This paper provides literature review of work done in these areas and their respective mitigations.

     


  • Keywords


    UDDI; Web Service; Clustering; Machine Learning; K-Nearest Neighbor.

  • References


      [1] C. Yue and H. Wang, “BogusBiter: A transparent protection against phishing attacks,” ACM Trans. Int. Technol., vol. 10, no. 2, pp. 1– 31, May 2010.

      [2] Tara Baniya ; Dipesh Gautam ; Yoohwan Kim,"Safeguarding Web Surfing with URL Blacklisting",Information Technology - New Generations (ITNG), 2015 12th International Conference,13-15 April 2015

      [3] Song Wang ; Karina Gomez Chavez ; Sithamparanathan Kandeepan,"SECO: SDN sEcure COntroller algorithm for detecting and defending denial of service attacks",Information and Communication Technology (ICoIC7), 2017 5th International Conference,17-19 May 2017

      [4] Tingting Cui ; Hao Yu ; Fei Hao,"Security control for linear systems subject to denial-of- service attacks",Control Conference (CCC), 2017 36th Chinese,26- 28 July 2017

      [5] Jialei Hu; Chong Liu; Yang Song,"Switching control for networked control system with denial-of-service attacks",Control Conference (CCC), 2017 36th Chinese,26-28 July 201.

      [6] Yinghong Zhao ; Xiao He ; Donghua Zhou,"Optimal joint control and triggering strategies against denial of service attacks: a zero-sum game",IET Control Theory & Applications ( Volume: 11, Issue: 14, 9 22 2017 ),Page(s): 2352 – 2360

      Yinghong Zhao; Xiao He; Donghua Zhou,"Optimal joint control and triggering strategies against denial of service attacks: a zero-sum game",IET Control Theory & Applications ( Volume: 11, Issue: 14, 9 22 2017 ),Page(s): 2352 – 2360

      [7] Kun Wang ; Miao Du ; Sabita Maharjan ; Yanfei Sun, "Strategic Honeypot Game Model for Distributed Denial of Service Attacks in the Smart Grid",IEEE Transactions on Smart Grid ( Volume: 8, Issue: 5, Sept. 2017 ),Page(s):

      2474 – 2482

      [8] Raphael Durner ; Claas Lorenz ; Michael Wiedemann ; Wolfgang Kellerer,"Detecting and mitigating denial of service attacks against the data plane in software defined networks",Network Softwarization (NetSoft), 2017 IEEE Conference, 3-7 July 2017

      [9] Massimo Ficco ; Francesco Palmieri,"Introducing Fraudulent Energy Consumption in Cloud Infrastructures: A New Generation of Denial-of-Service Attacks",IEEE Systems Journal ( Volume: 11, Issue: 2, June 2017 ),Page(s): 460 - 470

      [10] Munazza Shabbir ; Muazzam A. Khan ; Umair Shafiq Khan ; Nazar A. Saqib,"Detection and Prevention of Distributed Denial of Service Attacks in VANETs",Computational Science and Computational Intelligence (CSCI), 2016 International Conference,15-17 Dec. 2016

      [11] Huabiao LuBaokang ZhaoXiaofeng WangJinshu Su,"DiffSig: Resource Differentiation Based Malware Behavioral Concise Signature Generation", nformation and Communication Technology - EurAsia Conference ICT-EurAsia 2013: Information and Communication Technology pp 271-284

      [12] Somesh Jha ; Matthew Fredrikson ; Mihai Christodoresu ; Reiner Sailer ; Xifeng Yan, "Synthesizing near-optimal malware specifications from suspicious behaviors",Malicious and Unwanted Software: "The Americas" (MALWARE), 2013 8th International Conference,22-24

      Oct. 2013

      [13] Mihai Christodorescu,Somesh Jha,Christopher Kruegel,"Mining specifications of malicious behavior",ESEC- FSE '07 Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering Pages 5-14

      [14] Li, Z., Sanghi, M., Chen, Y., et al.: Hamsa: Fast Signature Generation for Zero-day Polymorphic Worms with Provable Attack Resilience. In: IEEE Symposium on Security and Privacy (2006)

      [15] Jun Yang ; Jiangdong Deng ; Baojiang Cui ; Haifeng Jin,"Research on the Performance of Mining Packets of Educational Network for Malware Detection between PM and VM",Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2015 9th International Conference,8-10 July 2015

      [16] Mohamed El Boujnouni ; Mohamed Jedra ; Noureddine Zahid, "New malware detection framework based on N-grams and Support Vector Domain Description",Information Assurance and Security (IAS), 2015 11th International Conference,14-16 Dec. 2015

      [17] Mohamed Yassin ; Hakima Ould- Slimane ;Chamseddine Talhi ; Hanifa Boucheneb,"SQLIIDaaS: A SQL Injection Intrusion Detection Framework as a Service for SaaS Providers",Cyber Security and Cloud Computing (CSCloud), 2017 IEEE 4th International Conference,26-28 June 2017

      [18] Pratik Satam ; Douglas Kelly ; Salim Hariri,"Anomaly behavior analysis of website vulnerability and security",Computer Systems and Applications (AICCSA), 2016 IEEE/ACS 13th International Conference,29 Nov.-2

      Dec. 2016

      [19] Byron Hawkins ; Brian Demsky,"ZenIDS: Introspective Intrusion Detection for PHP Applications",Software Engineering (ICSE), 2017 IEEE/ACM 39th International Conference, 20-28 May 2017

      [20] Parisa Alaei ; Fakhroddin Noorbehbahani,"Incremental anomaly- based intrusion detection system using limited labeled data",Web Research (ICWR), 2017 3th International Conference,19-20 April 2017

      [21] Paul Marinescu ; Chad Parry ; Marjor Pomarole ; Yuan Tian ; Patrick Tague ; Ioannis Papagiannis,"IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks", Security and Privacy (SP), 2017 IEEE Symposium,22-26 May 2017

      [22] M. Ridwan Zalbina ; Tri Wanda Septian ; Deris Stiawan ; Moh. Yazid Idris ; Ahmad Heryanto ; Rahmat Budiarto,"Payload recognition and detection of Cross Site Scripting attack",Anti-Cyber Crimes (ICACC), 2017 2nd International Conference,26-27 March 2017

      [23] Jing Yu ; Dan Tao ; Zhaowen Lin,"A hybrid web log based intrusion detection model",Cloud Computing and Intelligence Systems (CCIS), 2016 4th International Conference,17-19 Aug. 2016

      [24] Ankit Shrivastava ; Santosh Choudhary ;Ashish Kumar ,"XSS vulnerability assessment and prevention in web application", Next Generation Computing Technologies (NGCT), 2016 2nd International Conference,14-16 Oct. 2016

      [25] A.M. Resmi ; R. Manicka Chezian, "An extension of intrusion prevention, detection and response system for secure content delivery networks", Advances in Computer Applications (ICACA), IEEE International Conference,24 Oct. 2016

      [26] Melody Moh ; Santhosh Pininti ; Sindhusha Doddapaneni ; Teng-Sheng Moh," Detecting Web Attacks Using Multi- stage Log Analysis ",Advanced Computing (IACC), 2016 IEEE 6th International Conference, 27-28 Feb. 2016

      [27] Ashan Chulanga Perera ; Krishnadeva Kesavan ; Sripa Vimukthi Bannakkotuwa ; Chethana Liyanapathirana ; Lakmal Rupasinghe,"E-commerce (WEB) Application Security: Defense against Reconnaissance", 2016 IEEE International Conference,8-10 Dec 2016

      [28] Piyush Nimbalkar ; Varish Mulwad ; Nikhil Puranik ; Anupam Joshi ; Tim Finin," Semantic Interpretation of Structured Log Files ",Information Reuse and Integration (IRI),2016 IEEE International Conference 28-30 July 2016

      [29] D. Seethalakshmi ; G. M. Nasira," Detecting and preventing intrusion in multi- tier web applications using double guard”, Computing for Sustainable Global Development (INDIACom), 2016 3rd International Conference,16-18 March 2016

      [30] Zhou Li ; Alina Oprea,"Operational Security Log Analytics for Enterprise Breach Detection" ,Cybersecurity Development (SecDev), IEEE,3-4 Nov.2016

      [31] Mohammad Ashiqur Rahaman ; Cédric Hebert ; Jürgen Frank,"An Attack Pattern Framework for Monitoring Enterprise Information Systems",Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE),2016 IEEE 25th International Conference ,13-15 June 2016

      [32] Xinlong Zhao ; Weishi Zhang,"Hybrid Intrusion Detection Method Based on Improved Bisecting K-Means in Cloud Computing",Web Information Systems and Applications Conference, 2016 13th,23-25 Sept.2016


 

View

Download

Article ID: 13036
 
DOI: 10.14419/ijet.v7i2.4.13036




Copyright © 2012-2015 Science Publishing Corporation Inc. All rights reserved.