Advanced search
Publication Cover
Journal of Information and Telecommunication Volume 7, 2023 - Issue 4
Submit an article Journal homepage
1,093
Views
0
CrossRef citations to date
0
Altmetric
Articles

Abnormal network packets identification using header information collected from Honeywall architecture

Kha Van Nguyena Can Tho Department of Science and Technology, Can Tho, VietnamView further author information
,
Hai Thanh Nguyenb College of Information and Communication Technology, Can Tho University, Can Tho, VietnamCorrespondence[email protected]
ORCID Iconhttps://orcid.org/0000-0002-1386-1390View further author information
ORCID Icon,
Thang Quyet Leb College of Information and Communication Technology, Can Tho University, Can Tho, VietnamView further author information
&
Quang Nhat Minh Truongc College of Information Technology, Can Tho University of Technology, Can Tho, VietnamView further author information
Pages 437-461 | Received 06 Dec 2022, Accepted 12 May 2023, Published online: 23 May 2023

References

  • Abd, N., Alheeti, K. M. A., & Al-Rawi, S. S. (2020, December). Intelligent intrusion detection system in internal communication systems for driverless cars. Webology, 17(2), 376–393. https://doi.org/10.14704/WEB/V17I2/WEB17039
  • Albaqami, H., Hassan, G. M., Subasi, A., & Datta, A. (2021, September). Automatic detection of abnormal EEG signals using wavelet feature extraction and gradient boosting decision tree. Biomedical Signal Processing and Control, 70, Article 102957. https://doi.org/10.1016/j.bspc.2021.102957
  • Aung, K. M., & Htaik, N. M. (2020). Anomaly detection in SDN's control plane using combining entropy with SVM. In 2020 17th international conference on electrical engineering/electronics, computer, telecommunications and information technology (ECTI-CON) (pp. 122–126). Phuket: IEEE. https://doi.org/10.1109/ECTI-CON49241.2020.9158222
  • Dong, Y. (2021, June). Design of an automatic detection system for abnormal communication data packets of electronic equipment. Wireless Personal Communications, 127(2), 1503–1516. https://doi.org/10.1007/s11277-021-08701-y
  • Farey, G. L. U., Adha, M., Kurniawan, S. Y., Salsabilla, C. A., Rahman, A., & Reza, M. (2023). Wireless network monitoring using snort. JComce - Journal of Computer Science, 2(2). https://jurnal.teknologiriau.net/index.php/jcomce/article/view/11.
  • Feng, C., Li, T., & Chana, D. (2017). Multi-level anomaly detection in industrial control systems via package signatures and LSTM networks. In 2017 47th annual IEEE/IFIP international conference on dependable systems and networks (DSN) (pp. 261–272). Denver, CO: IEEE. https://doi.org/10.1109/DSN.2017.34
  • Franco, J., Aris, A., Canberk, B., & Uluagac, A. S. (2021). A survey of honeypots and honeynets for internet of things, industrial internet of things, and cyber-physical systems. IEEE Communications Surveys & Tutorials, 23(4), 2351–2383. https://doi.org/10.1109/COMST.2021.3106669
  • Jo, W., Kim, S., Lee, C., & Shon, T. (2020, July). Packet preprocessing in CNN-based network intrusion detection system. Electronics, 9(7), Article 1151. https://doi.org/10.3390/electronics9071151
  • Kaur, G. (2016). A preventive approach to mitigate the effects of gray hole attack using genetic algorithm. In 2016 international conference on advances in computing, communication, and automation (ICACCA) (spring) (pp. 1–8). Dehradun: IEEE. https://doi.org/10.1109/ICACCA.2016.7578899
  • Krishnaveni, S., & Prabakaran, S. (2019, May). Ensemble approach for network threat detection and classification on cloud computing. Concurrency and Computation: Practice and Experience, 33(3). https://doi.org/10.1002/cpe.5272
  • Kwon, S., Yoo, H., & Shon, T. (2019). RNN-based anomaly detection in dnp3 transport layer. In 2019 IEEE international conference on communications, control, and computing technologies for smart grids (SmartGridComm) (pp. 1–7). IEEE. https://doi.org/10.1109/SmartGridComm.2019.8909701
  • Larriva-Novo, X. A., Vega-Barbas, M., Villagrá, V. A., & Sanz Rodrigo, M. (2020). Evaluation of cybersecurity data set characteristics for their applicability to neural networks algorithms detecting cybersecurity anomalies. IEEE Access, 8, 9005–9014. https://doi.org/10.1109/ACCESS.2019.2963407
  • Li, X., Chen, W., Zhang, Q., & Wu, L. (2020, August). Building auto-encoder intrusion detection system based on random forest feature selection. Computers & Security, 95, Article 101851. https://doi.org/10.1016/j.cose.2020.101851
  • Liu, H., Lang, B., Liu, M., & Yan, H. (2019, January). CNN and RNN based payload classification methods for attack detection. Knowledge-Based Systems, 163, 332–341. https://doi.org/10.1016/j.knosys.2018.08.036
  • Longari, S., Nova Valcarcel, D. H., Zago, M., Carminati, M., & Zanero, S. (2021). Cannolo: An anomaly detection system based on LSTM autoencoders for controller area network. IEEE Transactions on Network and Service Management, 18(2), 1913–1924. https://doi.org/10.1109/TNSM.2020.3038991
  • Maesschalck, S., Giotsas, V., Green, B., & Race, N. (2022, March). Don't get stung, cover your ICS in honey: How do honeypots fit within industrial control system security. Computers and Security, 114, Article 102598. https://doi.org/10.1016/j.cose.2021.102598
  • Mishra, S. (2021). Detection and mitigation of attacks in SDN-based IoT network using SVM. International Journal of Computer Applications in Technology, 65(3), Article 270. https://doi.org/10.1504/IJCAT.2021.116009
  • Nguyen, T. H., Prifti, E., Sokolovska, N., & Zucker, J. (2019, 3). Disease prediction using synthetic image representations of metagenomic data and convolutional neural networks. In Proceedings of the 13th IEEE-RIVF international conference on computing and communication technologies (pp. 231–236). IEEE.
  • Nguyen, T. H., & Zucker, J.-D. (2019). Enhancing metagenome-based disease prediction by unsupervised binning approaches. In The 2019 11th international conference on knowledge and systems engineering (KSE-IEEE) (pp. 381–385). IEEE. ISSN 978-1-7281-3003-3. https://doi.org/10.1109/KSE.2019.8919295
  • Nguyen, V. K., Nhat Quang Truong, M., Le, V. L., Thang Le, Q., & Nguyen, T. H. (2019). A novel approach for data collection and network attack warning. In 2019 11th international conference on knowledge and systems engineering (KSE) (pp. 1–6). IEEE. https://doi.org/10.1109/KSE.2019.8919494
  • Niandong, L., Yanqi, S., Sheng, S., Xianshen, H., & Haoliang, M. (2020, July). Detection of probe flow anomalies using information entropy and random forest method. Journal of Intelligent and Fuzzy Systems, 39(1), 433–447. https://doi.org/10.3233/JIFS-191448
  • Ozsahin, D. U., Taiwo Mustapha, M., Mubarak, A. S., Said Ameen, Z., & Uzun, B. (2022). Impact of feature scaling on machine learning models for the diagnosis of diabetes. In 2022 international conference on artificial intelligence in everything (pp. 87–94). IEEE. https://doi.org/10.1109/AIE57029.2022.00024
  • Park, S. H., Park, H. J., & Choi, Y.-J. (2020). RNN-based prediction for network intrusion detection. In 2020 international conference on artificial intelligence in information and communication (ICAIIC) (pp. 572–574). IEEE. https://doi.org/10.1109/ICAIIC48513.2020.9065249
  • Patel, N., Mehtre, B., & Wankar, R. (2023). A snort-based secure edge router for smart home. International Journal of Sensor Networks, 41(1), Article 42. https://doi.org/10.1504/IJSNET.2023.128505
  • Perkins, R. C., & Howell, C. J. (2021). Honeypots for cybercrime research. In A. Lavorgna, & T. J. Holt (Eds.), Researching cybercrimes (pp. 233–261). East Lansing, MI: Springer International Publishing. https://doi.org/10.1007/978-3-030-74837-1_12
  • Provos, N., & Holz, T. (2007, July). Virtual honeypots. Addison-Wesley Educational.
  • Putri, A. A., Agustina, C., Fauzan, H., Saputra, M. R. E., Erdiansyah, M., & Wardani, P. S. (2023, January). Network security implementation with snort-based intrusion detection system using windows 10. JComce - Journal of Computer Science, 1(1). https://jurnal.teknologiriau.net/index.php/jcomce/article/view/49.
  • Ren, J., Zhang, C., & Hao, Q. (2021). A theoretical method to evaluate honeynet potency. Future Generation Computer Systems, 116, 76–85. https://doi.org/10.1016/j.future.2020.08.021
  • Salim, M. M., Singh, S. K., & Park, J. H. (2021, December). Securing smart cities using LSTM algorithm and lightweight containers against botnet attacks. Applied Soft Computing, 113, Article 107859. https://doi.org/10.1016/j.asoc.2021.107859
  • Sharma, S., Nand, P., & Sharma, P. (2022). Intrusion detection and prevention systems using snort. In S. Borah, S. K. Mishra, B. K. Mishra, V. E. Balas, & Z. Polkowski (Eds.), Advances in data science and management (pp. 473–486). Springer Nature Singapore. https://doi.org/10.1007/978-981-16-5685-9_46
  • Sheikh, A. (2021). Evading intrusion detection systems, firewalls, and honeypots. In Certified ethical hacker (CEH) preparation guide (pp. 153–164). Apress. https://doi.org/10.1007/978-1-4842-7258-9_13
  • Sheng, C., Yao, Y., Fu, Q., Yang, W., & Liu, Y. (2021, September). Study on the intelligent honeynet model for containing the spread of industrial viruses. Computers and Security, 111, Article 102460. https://doi.org/10.1016/j.cose.2021.102460
  • Song, Y., Bu, B., & Yang, X. (2020). Hybrid intrusion detection with decision tree and critical state analysis for CBTC. In B. Liu, L. Jia, Y. Qin, Z. Liu, L. Diao, & M. An (Eds.), Lecture notes in electrical engineering (pp. 153–161). Springer Singapore.
  • Spiekermann, D., & Keller, J. (2021, June). Unsupervised packet-based anomaly detection in virtual networks. Computer Networks, 192, Article 108017. https://doi.org/10.1016/j.comnet.2021.108017
  • Staudemeyer, R. C., & Omlin, C. W. (2014, June). Extracting salient features for network intrusion detection using machine learning methods. South African Computer Journal, 52, 82–96. https://doi.org/10.18489/sacj.v52i0.200
  • Sturm, R., Pollard, C., & Craig, J. (2017). Managing containerized applications. In Application performance management (APM) in the digital enterprise (pp. 177–185). Elsevier. https://doi.org/10.1016/b978-0-12-804018-8.00013-9
  • Su, M.-Y. (2011). Real-time anomaly detection systems for denial-of-service attacks by weighted k-nearest-neighbor classifiers. Expert Systems with Applications, 38(4), 3492–3498. https://doi.org/10.1016/j.eswa.2010.08.137
  • Subba, B., Biswas, S., & Karmakar, S. (2016). A neural network based system for intrusion detection and attack classification. In 2016 twenty second national conference on communication (NCC) (pp. 1–6). IEEE. https://doi.org/10.1109/NCC.2016.7561088
  • Sun, Y. (2016, April). The study on network information security. In 2016 international conference on network and information systems for computers (ICNISC). IEEE. https://doi.org/10.1109/icnisc.2016.028
  • Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD cup 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications (pp. 1–6). IEEE. https://doi.org/10.1109/CISDA.2009.5356528
  • Tharwat, A., Gaber, T., Ibrahim, A., & Hassanien, A. E. (2017, May). Linear discriminant analysis: A detailed tutorial. AI Communications, 30(2), 169–190. https://doi.org/10.3233/AIC-170729
  • Vetterl, A., Clayton, R., & Walden, I. (2019). Counting outdated honeypots: Legal and useful. In 2019 IEEE security and privacy workshops (SPW) (pp. 224–229). IEEE. https://doi.org/10.1109/SPW.2019.00049
  • Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A., & Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7, 41525–41550. https://doi.org/10.1109/Access.6287639
  • Wakui, T., Kondo, T., & Teraoka, F. (2021, August). GAMPAL: An anomaly detection mechanism for internet backbone traffic by flow size prediction with LSTM-RNN. Annals of Telecommunications, 77, 437–454. https://doi.org/10.1007/s12243-021-00874-8
  • Wang, H., He, H., Zhang, W., Liu, W., Liu, P., & Javadpour, A. (2022, September). Using honeypots to model botnet attacks on the internet of medical things. Computers and Electrical Engineering, 102, Article 108212. https://doi.org/10.1016/j.compeleceng.2022.108212
  • Yusof, M. H. M., Almohammedi, A. A., Shepelev, V., & Ahmed, O. (2022). Visualizing realistic benchmarked ids dataset: Cira-cic-dohbrw-2020. IEEE Access, 10, 94624–94642. https://doi.org/10.1109/ACCESS.2022.3204690
  • Zhong, Y., Chen, W., Wang, Z., Chen, Y., Wang, K., Li, Y., Yin, X., Shi, X., Yang, J., & Li, K. (2020, March). HELAD: A novel network anomaly detection model based on heterogeneous ensemble learning. Computer Networks, 169, Article 107049. https://doi.org/10.1016/j.comnet.2019.107049

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.