50 research outputs found

    Ultra-low-power media access control protocol based on clock drift characteristics in wireless sensor networks

    No full text
    Many researchers have analyzed sources of uncertainty in synchronization protocols for wireless sensor networks. However, very few researchers perform this work in depth, and failed to discover comprehensive characteristics since they worked with only one or two measurement intervals. To overcome this problem, extensive measurements were conducted and analyzed to find the characteristics of the sources according to various measurement intervals. Using the characteristics, a new media access control protocol, WideMAC, was designed to support a wide range of duty cycles for various applications. The transmission node in WideMAC calculates the wakeup time of the reception node before transmitting a packet and adaptively estimates the synchronization error size according to the synchronization interval from seconds to hours. To track the reception node’s wakeup time for synchronization, WideMAC uses two estimation algorithms that estimate the wakeup time and the upper bound of the total timing error. Accurate estimation of the wakeup time results in a significant amount of energy saving at the transmission node. Finally, through extensive performance evaluations in a testbed, WideMAC confirmed that it can significantly outperform existing state-of-the-art protocols. </jats:p

    Scalable Inline Network-Intrusion Detection System with Minimized Memory Requirement

    No full text
    Currently used network-intrusion detection systems (NIDSs) using deep learning have limitations in processing large amounts of data in real time. This is because collecting flow information and creating features are time consuming and require considerable memory. To solve this problem, a novel NIDS with &theta;(1) memory complexity for processing a flow is proposed in this study. Owing to its small memory requirement, the proposed model can handle numerous concurrent flows. In addition, it uses raw packet data as input features for the deep learning models, resulting in a lightweight feature-creation process. For fast detection, the proposed NIDS classifies a flow using a received packet, though it is prone to false detection. This weakness is solved through the validation model proposed in this research, resulting in high detection accuracy. Furthermore, real-time detection is possible since intrusion detection can be performed for every received packet using the Inception model. A performance comparison with existing methods confirmed an effectively improved detection time and lower memory requirement by 73% and 77% on average while maintaining high detection accuracy. Thus, the proposed model can effectively overcome the problems with modern deep-learning-based NIDSs

    Integrated Feature-Based Network Intrusion Detection System Using Incremental Feature Generation

    No full text
    Machine learning (ML)-based network intrusion detection systems (NIDSs) depend entirely on the performance of machine learning models. Therefore, many studies have been conducted to improve the performance of ML models. Nevertheless, relatively few studies have focused on the feature set, which significantly affects the performance of ML models. In addition, features are generated by analyzing data collected after the session ends, which requires a significant amount of memory and a long processing time. To solve this problem, this study presents a new session feature set to improve the existing NIDSs. Current session-feature-based NIDSs are largely classified into NIDSs using a single-host feature set and NIDSs using a multi-host feature set. This research merges two different session feature sets into an integrated feature set, which is used to train an ML model for the NIDS. In addition, an incremental feature generation approach is proposed to eliminate the delay between the session end time and the integrated feature creation time. The improved performance of the NIDS using integrated features was confirmed through experiments. Compared to a NIDS based on ML models using existing single-host feature sets and multi-host feature sets, the NIDS with the proposed integrated feature set improves the detection rate by 4.15% and 5.9% on average, respectively

    Deep Learning-Based Network Intrusion Detection Using Multiple Image Transformers

    No full text
    The development of computer vision-based deep learning models for accurate two-dimensional (2D) image classification has enabled us to surpass existing machine learning-based classifiers and human classification capabilities. Recently, steady efforts have been made to apply these sophisticated vision-based deep learning models as network intrusion detection domains, and various experimental results have confirmed their applicability and limitations. In this paper, we present an optimized method for processing network intrusion detection system (NIDS) datasets using vision-based deep learning models by further expanding existing studies to overcome these limitations. In the proposed method, the NIDS dataset can further enhance the performance of existing deep-learning-based intrusion detection by converting the dataset into 2D images through various image transformers and then integrating into three-channel RGB color images, unlike the existing method. Various performance evaluations confirm that the proposed method can significantly improve intrusion detection performance over the recent method using grayscale images, and existing NIDSs without the use of images. As network intrusion is increasingly evolving in complexity and variety, we anticipate that the intrusion detection algorithm outlined in this study will facilitate network security

    Hybrid Classification for High-Speed and High-Accuracy Network Intrusion Detection System

    No full text
    Cybercrime is growing at a rapid pace, and its techniques are becoming more sophisticated. In order to actively cope with such threats, new approaches based on machine learning and requiring less administrator intervention have been proposed, but there are still many technical difficulties in detecting security attacks in real time. To solve this problem, we propose a new machine learning-based real-time intrusion detection algorithm. Unlike the existing approaches, the one proposed can detect the presence of an attack every time a packet is received, enabling real-time detection. In addition, our algorithm effectively reduces the system load, which may significantly increase from real-time detection, compared to non-real-time detection. In the algorithm, the increase in the number of memory accesses can be minimized (to below 30 &#x0025;) compared to conventional methods. Since the proposed method is pure software-based approach, it has excellent scalability and flexibility against various attacks. Therefore, the proposed method cannot support the high classification performance of the hardware-based method but also the high flexibility of the software-based method simultaneously, it can effectively detect and prevent various cyber-attacks

    Hierarchical LSTM-Based Network Intrusion Detection System Using Hybrid Classification

    No full text
    Most existing network intrusion detection systems (NIDSs) perform intrusion detection using only a partial packet data of fixed size, but they suffer to increase the detection rate. In this study, in order to find the cause of a limited detection rate, accurate intrusion detection performance was analyzed by adjusting the amount of information used as features according to the size of the packet and length of the session. The results indicate that the total packet data and all packets in the session should be used for the maximum detection rate. However, existing NIDS cannot be extended to use all packet data of each session because the model could be too large owing to the excessive number of features, hampering realistic training and classification speeds. Therefore, in this paper, we present a novel approach for the classifier of NIDSs. The proposed NIDS can effectively handle the entire packet information using the hierarchical long short-term memory and achieves higher detection accuracy than existing methods. Performance evaluation confirms that detection performance can be greatly improved compared to existing NIDSs that use only partial packet information. The proposed NIDS achieves a detection rate of 95.16% and 99.70% when the existing NIDS show the highest detection rate of 93.49% and 98.31% based on the F1-score using two datasets. The proposed method can improve the limitations of existing NIDS and safeguard the network from malicious users by utilizing information on the entire packet
    corecore