PRISM: A Hierarchical Intrusion Detection Architecture for Large-Scale Cyber Networks
نویسندگان
چکیده
The increase in scale of cyber networks and the rise sophistication cyber-attacks have introduced several challenges intrusion detection. primary challenge is requirement to detect complex multi-stage attacks realtime by processing immense amount traffic produced present-day networks. In this paper we present PRISM, a hierarchical detection architecture that uses novel attacker behavior model-based sampling technique minimize overhead. PRISM has unique multi-layered monitors network distributedly provide efficiency modularity design. employs Hidden Markov Model-based prediction mechanism identify ascertain attack progression for proactive response. Furthermore, introduces stream management procedure rectifies issue alert reordering when collected from distributed reporting systems. To evaluate performance multiple metrics been proposed, various experiments conducted on dataset. results exhibit up 7.5x improvement overhead as compared standard centralized IDS without loss accuracy while demonstrating ability predict different stages promptly.
منابع مشابه
A Hierarchical Intrusion Detection Architecture for Wireless Sensor Networks
Networks protection against different types of attacks is one of most important posed issue into the network and information security application domains. This problem on Wireless Sensor Networks (WSNs), in attention to their special properties, has more importance. Now, there are some of proposed architectures and guide lines to protect Wireless Sensor Networks (WSNs) against different types o...
متن کاملEntropy Based Fuzzy Rule Weighting for Hierarchical Intrusion Detection
Predicting different behaviors in computer networks is the subject of many data mining researches. Providing a balanced Intrusion Detection System (IDS) that directly addresses the trade-off between the ability to detect new attack types and providing low false detection rate is a fundamental challenge. Many of the proposed methods perform well in one of the two aspects, and concentrate on a su...
متن کاملHierarchical Online Intrusion Detection for SCADA Networks
We propose a novel hierarchical online intrusion detection system (HOIDS) for supervisory control and data acquisition (SCADA) networks based on machine learning algorithms. By utilizing the server-client topology while keeping clients distributed for global protection, high detection rate is achieved with minimum network impact. We implement accurate models of normal-abnormal binary detection ...
متن کاملLarge-Scale Network Intrusion Detection
Intrusion Detection System (IDS) monitors and analyzes networks’ activities for potential intrusions and security attacks. However, the performance of existing IDSs does not seem to be satisfactory due to the rapid evolution of sophisticated cyber threats in recent decades. Moreover, the volumes of data to be analyzed are beyond the ability of commonly used computer software and hardware tools....
متن کاملDesigning a New Security Architecture for Online - Banking : A Hierarchical Intrusion Detection Architecture and Intrusion Detection System
Nowadays internet has a key role in interaction between peoples and their businesses (such as banking). One of domain which uses this new communication channel for more and better interacts with its customers is online-banking (OB) industry. Using of OB is increasing rapidly. the significant growth in presenting and using of OB services such as responding to customers' requests on every time an...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Dependable and Secure Computing
سال: 2023
ISSN: ['1941-0018', '1545-5971', '2160-9209']
DOI: https://doi.org/10.1109/tdsc.2023.3240315