Search Results (2)

Advances in connectivity, communication, computation, and algorithms are driving a revolution that will bring economic and social benefits through smart technologies of the Industry 4.0 era. At the same time, attackers are targeting this expanded cyberspace to exploit it. Therefore, many cyberattacks are reported each year at an increasing rate. Traditional security devices such as firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), anti-viruses, and the like, often cannot detect sophisticated cyberattacks. The security information and event management (SIEM) system has proven to be a very effective security tool for detecting and mitigating such cyberattacks. A SIEM system provides a holistic view of the security status of a corporate network by analyzing log data from various network devices. The correlation engine is the most important module of the SIEM system. In this study, we propose the optimized correlator (OC), a novel correlation engine that replaces the traditional regex matching sub-module with a novel high-performance multiple regex matching library called “Hyperscan” for parallel log data scanning to improve the performance of the SIEM system. Log files of 102 MB, 256 MB, 512 MB, and 1024 MB, generated from log data received from various devices in the network, are input into the OC and simple event correlator (SEC) for applying correlation rules. The results indicate that OC is 21 times faster than SEC in real-time response and 2.5 times more efficient in execution time. Furthermore, OC can detect multi-layered attacks successfully. Full article

Wireless Local Area Networks (WLANs) have become an increasingly popular mode of communication and networking, with a wide range of applications in various fields. However, the increasing popularity of WLANs has also led to an increase in security threats, including denial of service (DoS) attacks. In this study, management-frames-based DoS attacks, in which the attacker floods the network with management frames, are particularly concerning as they can cause widespread disruptions in the network. Attacks known as denial of service (DoS) can target wireless LANs. None of the wireless security mechanisms in use today contemplate defence against them. At the MAC layer, there are multiple vulnerabilities that can be exploited to launch DoS attacks. This paper focuses on designing and developing an artificial neural network (NN) scheme for detecting management-frames-based DoS attacks. The proposed scheme aims to effectively detect fake de-authentication/disassociation frames and improve network performance by avoiding communication interruption caused by such attacks. The proposed NN scheme leverages machine learning techniques to analyse patterns and features in the management frames exchanged between wireless devices. By training the NN, the system can learn to accurately detect potential DoS attacks. This approach offers a more sophisticated and effective solution to the problem of DoS attacks in wireless LANs and has the potential to significantly enhance the security and reliability of these networks. According to the experimental results, the proposed technique exhibits higher effectiveness in detection compared to existing methods, as evidenced by a significantly increased true positive rate and a decreased false positive rate. Full article