R. Mythili^{1, *}, P. Kalpana²

CMC-Computers, Materials & Continua, Vol.62, No.3, pp. 1097-1107, 2020, DOI:10.32604/cmc.2020.08396

Abstract NIDS (Network Intrusion Detection Systems) plays a vital role in security threats to computers and networks. With the onset of gigabit networks, hardware-based Intrusion Detection System gains popularity because of its high performance when compared to the software-based NIDS. The software-based system limits parallel execution, which in turn confines the performance of a modern network. This paper presents a signature-based lookup technique using reconfigurable hardware. Content Addressable Memory (CAM) is used as a lookup table architecture to improve the speed instead of search algorithms. To minimize the power and to increase the speed, precomputation based CAM (PBCAM) can be used,… More >

B. Amaziane¹, A. Naji², D. Ouazar³, A. H.-D. Cheng⁴

CMC-Computers, Materials & Continua, Vol.2, No.2, pp. 85-96, 2005, DOI:10.3970/cmc.2005.002.085

Abstract In this paper the optimization of groundwater pumping in coastal aquifers under the threat of saltwater intrusion is investigated. The aquifer is inhomogeneous and contains several hydraulic conductivities zones. The aquifer data such as the hydraulic conductivities are uncertain, but with their expected mean and standard deviation values given. A stochastic boundary element method based on the perturbation technique is employed as the simulation tool. The stochastic optimization is handled by the chance-constrained programming. Genetic algorithm is selected as the optimization tool. Numerical examples of deterministic and stochastic problems are provided to demonstrate the feasibility of the proposed schemes. More >

Xiaonian Wu^1,*, Chuyun Zhang³, Runlian Zhang², Yujue Wang², Jinhua Cui⁴

CMC-Computers, Materials & Continua, Vol.56, No.1, pp. 61-72, 2018, DOI: 10.3970/cmc.2018.02449

Abstract There are two key issues in distributed intrusion detection system, that is, maintaining load balance of system and protecting data integrity. To address these issues, this paper proposes a new distributed intrusion detection model for big data based on nondestructive partitioning and balanced allocation. A data allocation strategy based on capacity and workload is introduced to achieve local load balance, and a dynamic load adjustment strategy is adopted to maintain global load balance of cluster. Moreover, data integrity is protected by using session reassemble and session partitioning. The simulation results show that the new model enjoys favorable advantages such as… More >

Jin Yang¹, Tao Li¹, Gang Liang^1,*, Wenbo He², Yue Zhao³

CMES-Computer Modeling in Engineering & Sciences, Vol.120, No.1, pp. 1-23, 2019, DOI:10.32604/cmes.2019.04727

Abstract Deep Learning presents a critical capability to be geared into environments being constantly changed and ongoing learning dynamic, which is especially relevant in Network Intrusion Detection. In this paper, as enlightened by the theory of Deep Learning Neural Networks, Hierarchy Distributed-Agents Model for Network Risk Evaluation, a newly developed model, is proposed. The architecture taken on by the distributed-agents model are given, as well as the approach of analyzing network intrusion detection using Deep Learning, the mechanism of sharing hyper-parameters to improve the efficiency of learning is presented, and the hierarchical evaluative framework for Network Risk Evaluation of the proposed… More >

Ling Tan^1,*, Chong Li², Jingming Xia², Jun Cao³

CMC-Computers, Materials & Continua, Vol.61, No.1, pp. 275-288, 2019, DOI:10.32604/cmc.2019.03735

Abstract Due to the widespread use of the Internet, customer information is vulnerable to computer systems attack, which brings urgent need for the intrusion detection technology. Recently, network intrusion detection has been one of the most important technologies in network security detection. The accuracy of network intrusion detection has reached higher accuracy so far. However, these methods have very low efficiency in network intrusion detection, even the most popular SOM neural network method. In this paper, an efficient and fast network intrusion detection method was proposed. Firstly, the fundamental of the two different methods are introduced respectively. Then, the self-organizing feature… More >

Xiang Yu¹, Zhihong Tian², Jing Qiu^2,*, Shen Su^2,*, Xiaoran Yan³

CMC-Computers, Materials & Continua, Vol.61, No.1, pp. 255-274, 2019, DOI:10.32604/cmc.2019.05821

Abstract With the development of Information technology and the popularization of Internet, whenever and wherever possible, people can connect to the Internet optionally. Meanwhile, the security of network traffic is threatened by various of online malicious behaviors. The aim of an intrusion detection system (IDS) is to detect the network behaviors which are diverse and malicious. Since a conventional firewall cannot detect most of the malicious behaviors, such as malicious network traffic or computer abuse, some advanced learning methods are introduced and integrated with intrusion detection approaches in order to improve the performance of detection approaches. However, there are very few… More >

Jiyuan Liu¹, Yingzhi Zeng², Jiangyong Shi², Yuexiang Yang^2,∗, Rui Wang³, Liangzhong He⁴

CMC-Computers, Materials & Continua, Vol.60, No.2, pp. 721-739, 2019, DOI:10.32604/cmc.2019.05610

Abstract Recently, TLS protocol has been widely used to secure the application data carried in network traffic. It becomes more difficult for attackers to decipher messages through capturing the traffic generated from communications of hosts. On the other hand, malwares adopt TLS protocol when accessing to internet, which makes most malware traffic detection methods, such as DPI (Deep Packet Inspection), ineffective. Some literatures use statistical method with extracting the observable data fields exposed in TLS connections to train machine learning classifiers so as to infer whether a traffic flow is malware or not. However, most of them adopt the features based… More >

Chak Fong Cheang^1,*, Yiqin Wang¹, Zhiping Cai², Gen Xu¹

CMC-Computers, Materials & Continua, Vol.57, No.2, pp. 297-306, 2018, DOI:10.32604/cmc.2018.03808

Abstract Cloud computing provides easy and on-demand access to computing resources in a configurable pool. The flexibility of the cloud environment attracts more and more network services to be deployed on the cloud using groups of virtual machines (VMs), instead of being restricted on a single physical server. When more and more network services are deployed on the cloud, the detection of the intrusion likes Distributed Denial-of-Service (DDoS) attack becomes much more challenging than that on the traditional servers because even a single network service now is possibly provided by groups of VMs across the cloud system. In this paper, we… More >