Journal articles on the topic 'Network security intrusion detection'
To see the other types of publications on this topic, follow the link: Network security intrusion detection.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Network security intrusion detection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Patidar, Sadhana, Priyanka Parihar, and Chetan Agrawal. "A Review of Intrusion Detection Datasets and Techniques." SMART MOVES JOURNAL IJOSCIENCE 6, no. 3 (March 10, 2020): 14–22. http://dx.doi.org/10.24113/ijoscience.v6i3.277.
Full textAbstract:
As network applications grow rapidly, network security mechanisms require more attention to improve speed and accuracy. The evolving nature of new types of intrusion poses a serious threat to network security: although many network securities tools have been developed, the rapid growth of intrusive activities is still a serious problem. Intrusion detection systems (IDS) are used to detect intrusive network activity. In order to prevent and detect the unauthorized access of any computer is a concern of Computer security. Hence computer security provides a measure of the level associated with Prevention and Detection which facilitate to avoid suspicious users. Deep learning have been widely used in recent years to improve intrusion detection in networks. These techniques allow the automatic detection of network traffic anomalies. This paper presents literature review on intrusion detection techniques.
2
Javidi, Mohammad Masoud. "Game Theory Approaches in Taxonomy of Intrusion Detection for MANETs." Computer Engineering and Applications Journal 4, no. 1 (February 18, 2015): 31–42. http://dx.doi.org/10.18495/comengapp.v4i1.111.
Full textAbstract:
MANETs are self configuring networks that are formed by a set of wireless mobile nodes and have no fixed network infrastructure nor administrative support. Since transmission range of wireless network interfaces is limited, forwarding hosts may be needed. Each node in a wireless ad hoc network functions is as both a host and a router. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions so, security is a critical issue. Network security is usually provided in the three phases: intrusion prevention, intrusion detection and intrusion tolerance phase. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theory approaches to address the network security issues. This paper reviews some existing game theory solutions which are designed to enhance network security in the intrusion detection phase. Keywords: Mobile Ad hoc Network (MANET), Intrusion detection system (IDS), Cluster head, host based, Game theory.
3
Liu, Gui Guo. "Intrusion Detection Systems." Applied Mechanics and Materials 596 (July 2014): 852–55. http://dx.doi.org/10.4028/www.scientific.net/amm.596.852.
Full textAbstract:
In the ear of information society, network security have become a very important issues. Intrusion is a behavior that tries to destroy confidentiality, data integrality, and data availability of network information. Intrusion detection systems are constructed as a software that automates the automatically detects possible intrusions. In this paper, we present the existing intrusion detection techniques in details including intrusion detection types, firewalls, etc.
4
Kaur, Harpreet. "NETWORK INTRUSION DETECTION AND PREVENTION ATTACKS." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 2, no. 3 (June 30, 2012): 21–23. http://dx.doi.org/10.24297/ijct.v2i3a.2669.
Full textAbstract:
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
5
Reshmi, B. M., S. S. Manvi, and Bhagyavati. "An Agent Based Intrusion Detection Model for Mobile Ad Hoc Networks." Mobile Information Systems 2, no. 4 (2006): 169–91. http://dx.doi.org/10.1155/2006/921047.
Full textAbstract:
Intrusion detection has over the last few years, assumed paramount importance within the broad realm of network security, more so in case of wireless mobile ad hoc networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement traditional security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based mobile wireless ad hoc network environment. The model comprises of a set of static and mobile agents, which are used to detect intrusions, respond to intrusions, and distribute selected and aggregated intrusion information to all other nodes in the network in an intelligent manner. The model is simulated to test its operation effectiveness by considering the performance parameters such as, detection rate, false positives, agent overheads, and intrusion information distribution time. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, flexibility, and customization.
6
Aranganathan, A., and C. D. Suriyakala. "Agent based secure intrusion detection and prevention for rushing attacks in clustering MANETs." International Journal of Engineering & Technology 7, no. 2.20 (April 18, 2018): 22. http://dx.doi.org/10.14419/ijet.v7i2.20.11736.
Full textAbstract:
Intrusion detection is one of challenging issues in wireless networks. The inherently vulnerable characteristics of wireless mobile ad hoc networks make them susceptible to attacks in-spite of some security measures, and it may be too late before any counter action can take effect. As such, there is a need to complement security mechanisms with efficient intrusion detection and response systems. This paper proposes an agent-based model to address the aspect of intrusion detection in cluster based Mobile ad hoc network environment. The model comprises of mobile agents, which are used to detect intrusions, respond to intrusions, mainly preventing the routing attacks while securing them and distributing selected and aggregated intrusion information to all other nodes in the network in an intelligent manner to compensate the attack. The model is simulated to test its operation effectiveness by considering various performance parameters such as, packet delivery ratio, communication overhead, throughput. It implements a secure detection and prevention technique that contains the Blowfish algorithm which is a symmetric encryption and decryption algorithm having a secure standard till date against attacks to make the network transmission secure while monitoring malicious nodes and preventing them from compromising the integrity of the network. Agent based approach facilitates flexible and adaptable security services. Also, it supports component based software engineering components such as maintainability, reachability, reusability, adaptability, and flexibility.
7
Erlansari, Aan, Funny Farady Coastera, and Afief Husamudin. "Early Intrusion Detection System (IDS) using Snort and Telegram approach." SISFORMA 7, no. 1 (June 10, 2020): 21. http://dx.doi.org/10.24167/sisforma.v7i1.2629.
Full textAbstract:
Computer network security is an important factor that must be considered. Guaranteed security can avoid losses caused by attacks on the network security system. The most common prevention against network attacks is to place an administrator, but problems will arise when the administrator is not supervising the network, so to overcome these problems a system called IDS (Intrusion Detection System) can detect suspicious activity on the network through automating the work functions of an administrator. Snort is one of the software that functions to find out the intrusion. Data packets that pass through network traffic will be analyzed. Data packets detected as intrusion will trigger alerts which are then stored in log files. Thus, administrators can find out intrusions that occur on computer networks, and the existence of instant messaging applications can help administrators to get realtime notifications, one of which is using the Telegram application. The results of this study are, Snort able to detect intrusion of attacks on computer networks and the system can send alerts from snort to administrators via telegram bot in real-time.
8
Mahfouz, Ahmed, Abdullah Abuhussein, Deepak Venugopal, and Sajjan Shiva. "Ensemble Classifiers for Network Intrusion Detection Using a Novel Network Attack Dataset." Future Internet 12, no. 11 (October 26, 2020): 180. http://dx.doi.org/10.3390/fi12110180.
Full textAbstract:
Due to the extensive use of computer networks, new risks have arisen, and improving the speed and accuracy of security mechanisms has become a critical need. Although new security tools have been developed, the fast growth of malicious activities continues to be a pressing issue that creates severe threats to network security. Classical security tools such as firewalls are used as a first-line defense against security problems. However, firewalls do not entirely or perfectly eliminate intrusions. Thus, network administrators rely heavily on intrusion detection systems (IDSs) to detect such network intrusion activities. Machine learning (ML) is a practical approach to intrusion detection that, based on data, learns how to differentiate between abnormal and regular traffic. This paper provides a comprehensive analysis of some existing ML classifiers for identifying intrusions in network traffic. It also produces a new reliable dataset called GTCS (Game Theory and Cyber Security) that matches real-world criteria and can be used to assess the performance of the ML classifiers in a detailed experimental evaluation. Finally, the paper proposes an ensemble and adaptive classifier model composed of multiple classifiers with different learning paradigms to address the issue of the accuracy and false alarm rate in IDSs. Our classifiers show high precision and recall rates and use a comprehensive set of features compared to previous work.
9
Chueh, Hao-En, Shun-Chuan Ho, Shih-Peng Chang, and Ping-Yu Hsu. "Online Intrusion Behaviors: Sequences and Time Intervals." Social Behavior and Personality: an international journal 38, no. 10 (November 1, 2010): 1307–12. http://dx.doi.org/10.2224/sbp.2010.38.10.1307.
Full textAbstract:
In this study we model the sequences and time intervals of online intrusion behaviors. To maintain network security, intrusion detection systems monitor network environments; however, most existing intrusion detection systems produce too many intrusion alerts, causing network managers to investigate many potential intrusions individually to determine their validity. To solve this problem, we combined a clustering analysis of the time intervals of online users' behaviors with a sequential pattern analysis to identify genuine intrusion behaviors. Knowledge of the patterns generated by intruder behaviors can help network managers maintain network security.
10
Einy, Sajad, Cemil Oz, and Yahya Dorostkar Navaei. "The Anomaly- and Signature-Based IDS for Network Security Using Hybrid Inference Systems." Mathematical Problems in Engineering 2021 (March 12, 2021): 1–10. http://dx.doi.org/10.1155/2021/6639714.
Full textAbstract:
With the expansion of communication in today’s world and the possibility of creating interactions between people through communication networks regardless of the distance dimension, the issue of creating security for the data and information exchanged has received much attention from researchers. Various methods have been proposed for this purpose; one of the most important methods is intrusion detection systems to quickly detect intrusions into the network and inform the manager or responsible people to carry out an operational set to reduce the amount of damage caused by these intruders. The main challenge of the proposed intrusion detection systems is the number of erroneous warning messages generated and the low percentage of accurate detection of intrusions in them. In this research, the Suricata IDS/IPS is deployed along with the NN model for the metaheuristic’s manual detection of malicious traffic in the targeted network. For the metaheuristic-based feature selection, the neural network, and the anomaly-based detection, the fuzzy logic is used in this research paper. The latest stable version of Kali Linux 2020.3 is used as an attacking system for web applications and different types of operating systems. The proposed method has achieved 96.111% accuracy for detecting network intrusion.
11
ZHONG, SHI, TAGHI M. KHOSHGOFTAAR, and NAEEM SELIYA. "CLUSTERING-BASED NETWORK INTRUSION DETECTION." International Journal of Reliability, Quality and Safety Engineering 14, no. 02 (April 2007): 169–87. http://dx.doi.org/10.1142/s0218539307002568.
Full textAbstract:
Recently data mining methods have gained importance in addressing network security issues, including network intrusion detection — a challenging task in network security. Intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. Classification-based data mining models for intrusion detection are often ineffective in dealing with dynamic changes in intrusion patterns and characteristics. Consequently, unsupervised learning methods have been given a closer look for network intrusion detection. We investigate multiple centroid-based unsupervised clustering algorithms for intrusion detection, and propose a simple yet effective self-labeling heuristic for detecting attack and normal clusters of network traffic audit data. The clustering algorithms investigated include, k-means, Mixture-Of-Spherical Gaussians, Self-Organizing Map, and Neural-Gas. The network traffic datasets provided by the DARPA 1998 offline intrusion detection project are used in our empirical investigation, which demonstrates the feasibility and promise of unsupervised learning methods for network intrusion detection. In addition, a comparative analysis shows the advantage of clustering-based methods over supervised classification techniques in identifying new or unseen attack types.
12
Et. al., T. Sushma,. "A Review of the cluster based Mobile Adhoc Network Intrusion Detection System." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 2 (April 11, 2021): 2070–76. http://dx.doi.org/10.17762/turcomat.v12i2.1811.
Full textAbstract:
The Mobile Ad-hoc Network is decentralized and consisting of numerous different communication devices. Its distributed design and lack of infrastructure are the means of numerous network assaults. For personal computer users, companies, and the military, network security has become more important. Safety becomes a significant issue with the rise of the internet, and the past of security enables a better understanding of the evolution of security technology. Via the audit and monitoring phase, the implementation of Intrusion Detection Systems (IDS) in ad-hoc node securities was improved. This framework is made up of clustering protocols that are extremely efficient in finding intrusions with low resource and overhead computing costs. Current protocols have been related to routes that are not popular in intrusion detection. The cluster is barely impacted by the weak road layout and route renewal. The cluster is unpredictable and results in processing maximization together with network traffic. In general, battery-based ad hoc networks are organized and dependent on power constraints. To detect and react rapidly against intrusions, an active monitoring node is required. Only if the clusters are strong and extensive maintaining capabilities can it be accomplished. The routes also shift as the cluster shifts and it would not be feasible to prominently process the achievement of intrusion detection. This raises the need for a better clustering algorithm that addresses these disadvantages and guarantees the protection of the network in any way. A powerful clustering algorithm that is ahead of the current routing protocol is the cluster-based Intrusion Detection Method. Regardless of routes that perfectly track the intrusion, it is permanent. This streamlined technique of clustering achieves strong intrusion detection speeds with low processing as well as memory overhead. It also overcomes the other limitations of traffic, connections, and node mobility on the network, regardless of the routes. In detecting the attack or malicious node, the individual nodes in the network are not active.
13
Solomon, Irin Anna, Aman Jatain, and Shalini Bhaskar Bajaj. "Intrusion Detection System Using Deep Learning." Asian Journal of Computer Science and Technology 8, no. 2 (May 5, 2019): 105–10. http://dx.doi.org/10.51983/ajcst-2019.8.2.2132.
Full textAbstract:
Intrusion detection system (IDS) plays a very critical part in identifying threats and monitoring malicious activities in networking system. The system administrators can use IDS to detect unauthorized access by intruders in different organizations. It has become an inevitable element to the security administration of every organization. IDSs can be generally categorized into two categories. The first group focuses on patterns/signatures of network packets/traffic and they identify network intrusions using rule-based matching. The second group uses machine learning (ML) based approaches such as supervised and/or semi-supervised learning and train IDS models on a collection of labeled and/or unlabeled network data. This method has obtained better detection compared to the previous method. This project paper’s scope involves implementing an intrusion detection system using deep learning technology for efficient detection of intrusion and intrusive activities that can cause disruption in the networking system. We use a Feed-forward Neural Network, a deep learning based technique, on KDD99 CUP – a commonly used dataset for network intrusion. In this paper the performance of the proposed system is compared with the existing previous work.
14
Veselý, A., and D. Brechlerová. "Neural networks in intrusion detection systems." Agricultural Economics (Zemědělská ekonomika) 50, No. 1 (February 24, 2012): 35–40. http://dx.doi.org/10.17221/5164-agricecon.
Full textAbstract:
Security of an information system is its very important property, especially today, when computers are interconnected via internet. Because no system can be absolutely secure, the timely and accurate detection of intrusions is necessary. For this purpose, Intrusion Detection Systems (IDS) were designed. There are two basic models of IDS: misuse IDS and anomaly IDS. Misuse systems detect intrusions by looking for activity that corresponds to the known signatures of intrusions or vulnerabilities. Anomaly systems detect intrusions by searching for an abnormal system activity. Most IDS commercial tools are misuse systems with rule-based expert system structure. However, these techniques are less successful when attack characteristics vary from built-in signatures. Artificial neural networks offer the potential to resolve these problems. As far as anomaly systems are concerned, it is very difficult to build them, because it is difficult to define the normal and abnormal behaviour of a system. Also for building anomaly system, neural networks can be used, because they can learn to discriminate the normal and abnormal behaviour of a system from examples. Therefore, they offer a promising technique for building anomaly systems. This paper presents an overview of the applicability of neural networks in building intrusion systems and discusses advantages and drawbacks of neural network technology.
15
Lou, Ya Fang, Zhi Jun Yuan, and Hao Wu. "The Application of BP Neural Network in Network Intrusion Detection." Advanced Materials Research 765-767 (September 2013): 1415–18. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1415.
Full textAbstract:
As the network is impacting enormously to all aspects of society, the network security becomes a critical problem. The traditional intrusion detection technology exists some disadvantages: the imperfection of architecture, the slow detecting of system, the vulnerable of itself architecture, and so on. This paper presents an intrusion detection model based on BP neural network which has the incomparable advantages against traditional intrusion detection systems. Therefore, the study of this subject possesses the practical significance.
16
Ghawade, Miss Manoshri A. "Study of Intrusion Detection System." International Journal for Research in Applied Science and Engineering Technology 9, no. VI (June 14, 2021): 788–92. http://dx.doi.org/10.22214/ijraset.2021.34935.
Full textAbstract:
An intrusion detection system (IDS) could be a device or software application that observes a network for malicious activity or policy violations. Any malicious activity or violation is often reported or collected centrally employing a security information and event management system. Some IDS’s are proficient of responding to detected intrusion upon discovery. These are classified as intrusion prevention systems (IPS). A system that analyzes incoming network traffic is thought as Network intrusion detection system (NIDS). A system that monitors important software files is understood as Host intrusion detection system (HIDS). Wireless sensor networks (WSNs) are vulnerable to different kinds of security threats which will degenrate the performance of the entire network; that may lead to fatal problems like denial of service (DoS) attacks, direction attacks, Sybil attack etc. Key management protocols, authentication protocols and secure routing cannot provide security to WSNs for these varieties of attacks. Intrusion detection system (IDS) could be a solution to the present problem. It analyzes the network by collecting sufficient amount of knowledge and detects abnormal behavior of sensor node(s).
17
Bajtoš, Tomáš, Andrej Gajdoš, Lenka Kleinová, Katarína Lučivjanská, and Pavol Sokol. "Network Intrusion Detection with Threat Agent Profiling." Security and Communication Networks 2018 (2018): 1–17. http://dx.doi.org/10.1155/2018/3614093.
Full textAbstract:
With the increase in usage of computer systems and computer networks, the problem of intrusion detection in network security has become an important issue. In this paper, we discuss approaches that simplify network administrator’s work. We applied clustering methods for security incident profiling. We considerK-means, PAM, and CLARA clustering algorithms. For this purpose, we used data collected in Warden system from various security tools. We do not aim to differentiate between normal and abnormal network traffic, but we focus on grouping similar threat agents based on attributes of security events. We suggest a case of a fine classification and a case of a coarse classification and discuss advantages of both cases.
18
Tolіupa, Serhii, Oleksandr Pliushch, and Ivan Parkhomenko. "CONSTRUCTION OF ATTACK DETECTION SYSTEMS IN INFORMATION NETWORKS ON NEURAL NETWORK STRUCTURES." Cybersecurity: Education, Science, Technique 2, no. 10 (2020): 169–83. http://dx.doi.org/10.28925/2663-4023.2020.10.169183.
Full textAbstract:
Systems for detecting network intrusions and detecting signs of attacks on information systems have long been used as one of the necessary lines of defense of information systems. Today, intrusion and attack detection systems are usually software or hardware-software solutions that automate the process of monitoring events occurring in an information system or network, as well as independently analyze these events in search of signs of security problems. As the number of different types and ways of organizing unauthorized intrusions into foreign networks has increased significantly in recent years, attack detection systems (ATS) have become a necessary component of the security infrastructure of most organizations. The article proposes a software prototype of a network attack detection system based on selected methods of data mining and neural network structures. The conducted experimental researches confirm efficiency of the created model of detection for protection of an information network. Experiments with a software prototype showed high quality detection of network attacks based on neural network structures and methods of intelligent data distribution. The state of protection of information systems to counter cyber attacks is analyzed, which made it possible to draw conclusions that to ensure the security of cyberspace it is necessary to implement a set of systems and protection mechanisms, namely systems: delimitation of user access; firewall; cryptographic protection of information; virtual private networks; anti-virus protection of ITS elements; detection and prevention of intrusions; authentication, authorization and audit; data loss prevention; security and event management; security management.
19
Sun, Yu Tao. "Design and Research on Intrusion Detection System in the Computer Network Security." Applied Mechanics and Materials 416-417 (September 2013): 1418–22. http://dx.doi.org/10.4028/www.scientific.net/amm.416-417.1418.
Full textAbstract:
This paper first discusses the information security and network security, security threat, hacker intrusion process, system and network security vulnerabilities, and then introduces the status of intrusion detection system. By the comparison of two kinds of intrusion detection systems, the article puts forward the detection system based on the combination of the soil and the intrusion of network intrusion detection technology. Combined with the actual project development, this article focuses on the key technology design idea and the realization of the intrusion detection system in network security.
20
Ahmad, Bilal, Wang Jian, and Zain Anwar Ali. "Role of Machine Learning and Data Mining in Internet Security: Standing State with Future Directions." Journal of Computer Networks and Communications 2018 (July 2, 2018): 1–10. http://dx.doi.org/10.1155/2018/6383145.
Full textAbstract:
As time progresses with vast development of information technology, a large number of industries are more dependent on network connections for sensitive business trading and security matters. Communications and networks are highly vulnerable to threats because of increase in hacking. Personnel, governments, and armed classified networks are more exposed to difficulties, so the need of the hour is to install safety measures for network to prevent illegal modification, damage, or leakage of serious information. Intrusion detection, an important entity towards network security, has the ability to observe network activity as well as detect intrusions/attacks. This study highlights the developing research about the application of machine learning and data mining in Internet security. We provide background, enthusiasm, discussion of challenges, and recommendations for the application of ML/DM in the field of intrusion detection.
21
Nagarjuna Reddy, Tella, and K. Annapurani Panaiyappan. "Intrusion Detection on Software Defined Networking." International Journal of Engineering & Technology 7, no. 3.12 (July 20, 2018): 330. http://dx.doi.org/10.14419/ijet.v7i3.12.16052.
Full textAbstract:
Software Defined Networking and programmability on network have established themselves as current trends in IT by bringing autonomous operation with dynamic flow to network. Networks must be programmable, and it must be aware of the application in order to operate autonomously. Networks need to evolve to catch up with the current trends without losing their current status and operation, reliability, robustness, or security, and without distorting current investments. SDN is a transpiring network architecture where network control plane is distinguished from data plane and by that the network is directly programmable. This control, was initially bound in every network devices, enabled in the network to be abstracted for applications and services. Security is a major challenge for organizational and campus networks. The future of Internet depends on virtualization which is to provide numerous networks hosted the same physical hardware. This proposal takes a great advantage of the programmability provided by SDN to utilize Intrusion Detection System.
22
Shyla and Vishal Bhatnagar. "Comprehensive Examination of Network Intrusion Detection Models on Data Science." International Journal of Information Retrieval Research 11, no. 4 (October 2021): 14–40. http://dx.doi.org/10.4018/ijirr.2021100102.
Full textAbstract:
The increased requirement of data science in recent times has given rise to the concept of data security, which has become a major issue; thus, the amalgamation of data science methodology with intrusion detection systems as a field of research has acquired a lot of prominence. The level of access to the information system and its visibility to user pursuit was required to operate securely. Intrusion detection has been gaining popularity in the area of data science to incorporate the overall information security infrastructure, where regular operations depend upon shared use of information. The problems are to build an intrusion detection system efficient enough for detecting attacks and to reduce the false positives with a high detection rate. In this paper, the authors analyse various techniques of intrusion detection combined with data science, which will help in understanding the best fit technique under different circumstances.
23
Wei, Min, Kee Wook Rim, and Kee Cheon Kim. "An Intrusion Detection Scheme for Home Wireless Sensor Networks." Applied Mechanics and Materials 121-126 (October 2011): 3799–804. http://dx.doi.org/10.4028/www.scientific.net/amm.121-126.3799.
Full textAbstract:
In this paper, we propose an intrusion detection framework through multi-agents scheme for wireless home automation networks. Our mechanisms include the wireless sensor network intrusion detection architecture and an intrusion detection scheme for security enhancement. For the performance evaluation of our mechanism, we use the wireless data measured on the real wireless home networks. The simulation results show that the security manager detect the intrusion attack to improve the whole performance of the system, and can prolong the lifetime of the network.
24
Prof. Krishnakumar L, Prof Krishnakumar L., and Nisha Mariam Varughese. "Intrusion Detection Using Collaborative Network Security Management System in Cloud Computing." Indian Journal of Applied Research 4, no. 3 (October 1, 2011): 145–47. http://dx.doi.org/10.15373/2249555x/mar2014/42.
Full text
25
Jia, Ling. "Campus Network Security Program Based on Snort Network Security Intrusion Detection System." Advanced Materials Research 433-440 (January 2012): 3235–40. http://dx.doi.org/10.4028/www.scientific.net/amr.433-440.3235.
Full textAbstract:
This paper studies the security problems of campus network and summarizes the current on the current security risks and threats that campus network faces, focusing on analysis of attack-defense strategies on DOS network layer, proposing the security program of campus network which uses firewall as well as network security intrusion detection system snort. This paper analyzes the functional advantages of the program and presents in details the setup deployment and collocation methods of network security intrusion detection system based on snort in the campus network, and its application results are also summarized.
26
Jiang, Ya Ping, Shi Hui Cheng, and Yong Gan. "Network Security Prevention Model Based-Immune." Applied Mechanics and Materials 16-19 (October 2009): 881–85. http://dx.doi.org/10.4028/www.scientific.net/amm.16-19.881.
Full textAbstract:
With the concepts of self, nonself, antibody, vaccine and antigen in an intrusion detection and prevention system presented in this paper, the architecture of network intrusion and prevention based on immune principle is proposed. The intrusion information gotten from current monitored network is encapsulated and sent to the neighbor network as bacterin; therefore the neighbor network can make use of the bacterin and predict the danger of network. The experimental results show that the new model not only actualizes an active prevention method but also improves the ability of intrusion detection and prevention than that of the traditional passive intrusion prevention systems.
27
Simavoryan, Simon Zhorzhevich, Arsen Rafikovich Simonyan, Georgii Aleksandrovich Popov, and Elena Ivanovna Ulitina. "The procedure of intrusions detection in information security systems based on the use of neural networks." Программные системы и вычислительные методы, no. 3 (March 2020): 1–9. http://dx.doi.org/10.7256/2454-0714.2020.3.33734.
Full textAbstract:
The subject of the research is the problem of identifying and countering intrusions (attacks) in information security systems (ISS) based on the system-conceptual approach, developed within the framework of the RFBR funded project No. 19-01-00383. The object of the research is neural networks and information security systems (ISS) of automated data processing systems (ADPS). The authors proceed from the basic conceptual requirements for intrusion detection systems - adaptability, learnability and manageability. The developed intrusion detection procedure considers both internal and external threats. It consists of two subsystems: a subsystem for detecting possible intrusions, which includes subsystems for predicting, controlling and managing access, analyzing and detecting the recurrence of intrusions, as well as a subsystem for countering intrusions, which includes subsystems for blocking / destroying protected resources, assessing losses associated with intrusions, and eliminating the consequences of the invasion. Methodological studies on the development of intrusion detection procedures are carried out using artificial intelligence methods, system analysis, and the theory of neural systems in the field of information security. Research in this work is carried out on the basis of the achievements of the system-conceptual approach to information security in ADPS.The main result obtained in this work is a block diagram (algorithm) of an adaptive intrusion detection procedure, which contains protection means and mechanisms, built by analogy with neural systems used in security systems.The developed general structure of the intrusion detection and counteraction system allows systematically interconnecting the subsystems for detecting possible intrusions and counteracting intrusions at the conceptual level.
28
Qian, Jie, Yan Ping Wang, and Han Xi Li. "The Network Security System Research Based on Intrusion Detection." Applied Mechanics and Materials 596 (July 2014): 888–91. http://dx.doi.org/10.4028/www.scientific.net/amm.596.888.
Full textAbstract:
With the rapid development of Internet and the network information resources can be Shared height, information system security face severe challenges. Firstly, this article from the current status of the network security, combined the new changes of the network security situation, getting the conclusion that the use of the necessity of intrusion detection system. And then it made a comprehensive overview on network security model put forward that was to achieve the purpose of security, which need to establish a reasonable network security model. By introducing the common types of network intrusion and network security technology, it lead to an intrusion detection system, and the concept of intrusion detection system, system structure and detection methods in detail in this paper.
29
Liu, Chun. "Network Intrusion Detection Model Based on Genetic Algorithm Optimizing Parameters of Support Vector Machine." Advanced Materials Research 989-994 (July 2014): 2012–15. http://dx.doi.org/10.4028/www.scientific.net/amr.989-994.2012.
Full textAbstract:
Intrusion detection is an emerging area of research in the computer security and networks with the growing usage of internet in everyday life. Parameters selection of support vector machine is a important problems in network intrusion detection. In order to improve network intrusion detection precision, this paper proposed a network intrusion detection model based on parameters of support vector machine (SVM) by genetic algorithm. The performance of the model was tested by KDD Cup 99 data. Compared with other network intrusion detection models, the proposed model has significantly improved the detection precision of network intrusion.
30
Tang, Jian Gang, Shi Jun Zhang, and Ji Jiang. "Research on Network Security Issues and Security Model." Applied Mechanics and Materials 519-520 (February 2014): 128–31. http://dx.doi.org/10.4028/www.scientific.net/amm.519-520.128.
Full textAbstract:
Network security issues came from traditional network, wireless network and cloud computing environment. Large-scale cloud computing, versatility and virtualization features of network security had become a hidden threat source. This paper analyzed the sources of network security threats, and established a network security model which encompasses all types of currently known network security factors; it could provide countermeasures to ensure network security. The security model had capabilities of real-time detection, rapid response, immediate recovery, and interaction between various independent modules. The security model used such security technologies as firewall, intrusion detection, intrusion deception, security scanning and PKI.
31
Musthafa, Mohamed. "AN ENHANCED LID ROUTING SECURITY SCHEME FOR MOBILE AD-HOC NETWORKS." JOURNAL OF ADVANCES IN CHEMISTRY 12, no. 11 (June 16, 2016): 4549–56. http://dx.doi.org/10.24297/jac.v12i11.821.
Full textAbstract:
In this work we present novel security architecture for MANETs that merges the clustering and the threshold key management techniques. The proposed distributed authentication architecture reacts with the frequently changing topology of the network and enhances the process of assigning the node's public key. In the proposed architecture, the overall network is divided into clusters where the cluster heads (CH) are connected by virtual networks and share the private key of the Central Authority (CA) using Lagrange interpolation. Experimental results show that the proposed architecture reaches to almost 95.5% of all nodes within an ad-hoc network that are able to communicate securely, 9 times faster than other architectures, to attain the same results. Moreover, the solution is fully decentralized to operate in a large-scale mobile network. We also proposing a special security routing architecture called Local Intrusion Detection (LID) to detect Black Hole Attack (BHA) over Ad hoc On Demand Distance Vector (AODV) MANET routing protocol. In LID security routing mechanism, the intrusion detection is performed locally using the previous node of the attacker node instead of performing the intrusion detection via the source node as in Source Intrusion Detection (SID) security routing mechanism. By performing LID security routing mechanism, the security mechanism overhead would be decreased.
32
Jawhar, Muna M. T., and Monica Mehrotra. "A Hybrid FCM Clustering- Neural Network Model for Intrusion Detection." Advanced Materials Research 403-408 (November 2011): 3519–27. http://dx.doi.org/10.4028/www.scientific.net/amr.403-408.3519.
Full textAbstract:
Security has become an important issue for networks. Intrusion detection technology is an effective approach in dealing with the problems of network security. In this paper, we present an intrusion detection model based on hybrid fuzzy logic and neural network. The key idea is to take advantage of different classification abilities of fuzzy clustering and neural network for intrusion detection system. The new model has ability to recognize an attack, to differentiate one attack from another (i.e. classifying attacks), and the most important, to detect new attacks with high detection rate and low false negative. Training and testing data were obtained from the Defense Advanced Research Projects Agency intrusion detection evaluation data set.
33
Korani, Ravinder, and Dr P. Chandra Sekhar Reddy. "Anomaly based Intrusion Detection by Heuristics to Predict Intrusion Scope of IOT Network Transactions." International Journal of Engineering & Technology 7, no. 2.7 (March 18, 2018): 797. http://dx.doi.org/10.14419/ijet.v7i2.7.10982.
Full textAbstract:
Conventional intrusion detection mechanisms face serious limitations in identifying heterogeneous and distributed type of intrusions over the IoT environment. This is due to inadequate resources and open deployment environment of IoT. Accordingly, ensuring data security and privacy are tough challenges in the practical context. This manuscript discusses various aspects of networking security and related challenges along with the concepts of system architecture. Further, endeavored to define a machine learning model that outlines two heuristics called Intrusion Scope Heuristic ( ), and benign scope heuristic ( ), which further uses in predictive analysis to identify the IOT network transaction is prone to intrusion or benign. The experimental study revealed the significance of the proposal with maximal detection accuracy, and minimal miss rate.
34
Anitha, Arul. "Network Security using Linux Intrusion Detection System." International Journal of Research in Computer Science 2, no. 1 (December 30, 2011): 33–38. http://dx.doi.org/10.7815/ijorcs.21.2011.012.
Full text
35
Hancock, Bill. "Automated intrusion detection systems and network security." Network Security 1998, no. 1 (January 1998): 14–15. http://dx.doi.org/10.1016/s1353-4858(00)87593-5.
Full text
36
Lv, Tai Fu. "Research on High-Density Network Intrusion Features Detection Algorithm." Applied Mechanics and Materials 644-650 (September 2014): 1054–57. http://dx.doi.org/10.4028/www.scientific.net/amm.644-650.1054.
Full textAbstract:
Research on high-density network intrusion features problems, which improves the detection accuracy. For high-density network, an intrusion feature detection system based on intelligent expert systems and neural networks in is proposed. First, use expert systems for known high-density network intrusion detection. Use the neural network expert system to detect those which cannot find the unknown high-density network intrusion. Finally test results using neural network expert system rule library to be updated. Experimental results show that this method can effectively detect high-density network intrusion features, which ensures the security of the network and achieves satisfactory results.
37
Suganya, D., and A. V. Santhosh Babu. "Performance Comparison of Secure Communication in Mobile Ad Hoc NETwork Using Intrusion Detection Techniques." Sensor Letters 18, no. 4 (April 1, 2020): 273–79. http://dx.doi.org/10.1166/sl.2020.4227.
Full textAbstract:
In recent years, wireless networks are the key concern in communication field. Mobile Ad Hoc NETwork (MANET) comprised number of wireless nodes to communicate with each other for information exchange. MANET is temporary network constructed for particular purpose and no need of any pre-established infrastructure. MANET became well-liked technology due to its flexibility for various applications. The flexibility brings new security threats in MANET. Intrusion detection system used to identify and prevent the security attacks at different levels. IDS needed continuous monitoring which resulted in fast exhaustion of node battery life. Many researchers introduced different intrusion detection techniques for detecting the attacks variants. But, the energy consumption and intrusion detection performance was not improved. In order to address these problems, the existing intrusion detection techniques are reviewed.
38
Qi, Guohong, Jie Zhou, Wenxian Jia, Menghan Liu, Shengnan Zhang, and Mengying Xu. "Intrusion Detection for Network Based on Elite Clone Artificial Bee Colony and Back Propagation Neural Network." Wireless Communications and Mobile Computing 2021 (September 13, 2021): 1–11. http://dx.doi.org/10.1155/2021/9956371.
Full textAbstract:
With the rapid development of Internet technology, network attacks have become more frequent and complex, and intrusion detection has also played an increasingly important role in network security. Intrusion detection is real-time and proactive, and it is an indispensable technology under the diversified trend of network security issues. In terms of network security, neural networks have the characteristics of self-learning, self-adaptation, and parallel computing, which are very important in intrusion detection. This paper combines back propagation neural network (BPNN) and elite clone artificial bee colony (ECABC) to propose a new ECABC-BPNN, which updates and optimizes the settings of traditional BPNN weights and thresholds. Then, apply ECABC-BPNN to network intrusion detection. Use the attack data samples of KDD CUP 99 and water pipe for attack classification experiments using GA-BPNN, PSO-BPNN, and ECABC-BPNN. The results show that the ECABC-BPNN proposed in this paper has an accuracy rate of 98.08% on KDD 99 and 99.76% on water pipe data. ECABC-BPNN effectively improves the accuracy of network intrusion classification and reduces classification errors. In addition, the time complexity of using ECABC-BPNN to classify network attacks is relatively low. Therefore, ECABC-BPNN has superior performance in network intrusion detection and classification.
39
Kulhare, Rachna, and Dr Divakar Singh. "Survey paper on intrusion detection techniques." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 6, no. 2 (May 20, 2013): 329–35. http://dx.doi.org/10.24297/ijct.v6i2.3498.
Full textAbstract:
Network security has been one of the most important problems in Computer Network Management and Intrusion is the most publicized threats to security. In recent years, intrusion detection has emerged as an important field for network security. IDSs obtain better results when each class ofattacks is treated as a separate problem and handled by specialized algorithms. Now in days various model and method are available for intrusion detection. In this paper, we present a study of intrusion detection. Detection method to improve the detection rate & helping the users to develop secure information systems.
40
Preethi D. and Neelu Khare. "An Intelligent Network Intrusion Detection System Using Particle Swarm Optimization (PSO) and Deep Network Networks (DNN)." International Journal of Swarm Intelligence Research 12, no. 2 (April 2021): 57–73. http://dx.doi.org/10.4018/ijsir.2021040104.
Full textAbstract:
Network intrusion detection system (NIDS) plays a major role in ensuring network security. In this paper, the authors propose a PSO-DNN-based intrusion detection system. The correlation-based feature selection (CFS) applied for feature selection with particle swarm optimization (PSO) as search method and deep neural networks (DNN) for classification of network intrusions. The Adam optimizer is applied for optimizing the learning rate, and softmax classifier is used for classification. The experimentations were duly conducted on the standard benchmark NSL-KDD dataset. The proposed model is validated using 10-fold cross-validation and evaluated using the performance metrics such as accuracy, precision, recall, and F1-score. Also, the results are also compared with DNN and CFS+DNN. The experimental results show that the proposed model performs better compared with other methods considered for comparison.
41
Srinivasan, S., and S. P. Alampalayam. "Intrusion Detection Algorithm for MANET." International Journal of Information Security and Privacy 5, no. 3 (July 2011): 36–49. http://dx.doi.org/10.4018/jisp.2011070103.
Full textAbstract:
Mobile ad hoc networks (MANET) present the opportunity to connect transient nodes to the internet without having central control. This very design supports new nodes to join and leave the network based on their proximity to the MANET. Concurrently, it creates many security challenges for authenticating nodes that are not present in a traditional wired network. Much of the existing work on MANET security has focused on routing and mobility. In this paper, the authors present an algorithm that considers the neighboring nodes’ status to determine if a particular node is malicious or not. The authors used NS2 simulation tool to test the algorithm and present the results in the paper. The major benefits of this research work are in military applications.
42
Liu, Guojie, and Jianbiao Zhang. "CNID: Research of Network Intrusion Detection Based on Convolutional Neural Network." Discrete Dynamics in Nature and Society 2020 (May 21, 2020): 1–11. http://dx.doi.org/10.1155/2020/4705982.
Full textAbstract:
Network intrusion detection system can effectively detect network attack behaviour, which is very important to network security. In this paper, a multiclassification network intrusion detection model based on convolutional neural network is proposed, and the algorithm is optimized. First, the data is preprocessed, the original one-dimensional network intrusion data is converted into two-dimensional data, and then the effective features are learned using optimized convolutional neural networks, and, finally, the final test results are produced in conjunction with the Softmax classifier. In this paper, KDD-CUP 99 and NSL-KDD standard network intrusion detection dataset were used to carry out the multiclassification network intrusion detection experiment; the experimental results show that the multiclassification network intrusion detection model proposed in this paper improves the accuracy and check rate, reduces the false positive rate, and also obtains better test results for the detection of unknown attacks.
43
Rasha Thamer Shawe, Kawther Thabt Saleh, and Farah Neamah Abbas. "Building attack detection system base on machine learning." Global Journal of Engineering and Technology Advances 6, no. 2 (February 28, 2021): 018–32. http://dx.doi.org/10.30574/gjeta.2021.6.2.0010.
Full textAbstract:
These days, security threats detection, generally discussed to as intrusion, has befitted actual significant and serious problem in network, information and data security. Thus, an intrusion detection system (IDS) has befitted actual important element in computer or network security. Avoidance of such intrusions wholly bases on detection ability of Intrusion Detection System (IDS) which productions necessary job in network security such it identifies different kinds of attacks in network. Moreover, the data mining has been playing an important job in the different disciplines of technologies and sciences. For computer security, data mining are presented for serving intrusion detection System (IDS) to detect intruders accurately. One of the vital techniques of data mining is characteristic, so we suggest Intrusion Detection System utilizing data mining approach: SVM (Support Vector Machine). In suggest system, the classification will be through by employing SVM and realization concerning the suggested system efficiency will be accomplish by executing a number of experiments employing KDD Cup’99 dataset. SVM (Support Vector Machine) is one of the best distinguished classification techniques in the data mining region. KDD Cup’99 data set is utilized to execute several investigates in our suggested system. The experimental results illustration that we can decrease wide time is taken to construct SVM model by accomplishment suitable data set pre-processing. False Positive Rate (FPR) is decrease and Attack detection rate of SVM is increased .applied with classification algorithm gives the accuracy highest result. Implementation Environment Intrusion detection system is implemented using Mat lab 2015 programming language, and the examinations have been implemented in the environment of Windows-7 operating system mat lab R2015a, the processor: Core i7- Duo CPU 2670, 2.5 GHz, and (8GB) RAM.
44
Huang, Luo Guang, Li Min Meng, and Yong Hong Guo. "The Application of Network Intrusion Detection Technology in Instrument." Applied Mechanics and Materials 325-326 (June 2013): 1683–87. http://dx.doi.org/10.4028/www.scientific.net/amm.325-326.1683.
Full textAbstract:
The development of intrusion detection systems in the world are reviewed in this article first. On the basis of in-depth analysis of the characteristics of network attacks and intrusions we aim at to solving the problems mentioned above, the characteristics of survival of the fittest genetic algorithm is used to solve the problem. Second, a detection model based on genetic algorithms is established, and finally the model is simulated. The simulation results show that the model can solve its intrusion detection system, security issues, with a theoretical and practical application.
45
Yu, Yang, Yu Nan Wang, and Wei Yang. "Security Framework Based on SDN." Advanced Materials Research 989-994 (July 2014): 4690–93. http://dx.doi.org/10.4028/www.scientific.net/amr.989-994.4690.
Full textAbstract:
With the growing demand for information, it has a strategic importance for the future of sustainable development how to create a safe and robust network system to ensure the security of important information. Intrusion detection technology can proactively react against intrusion behavior and adjust its strategies in time. So it provides an effective means for network security to minimize or avoid loss when network system is attacked. It is an important part of network security system. This article first explains the current framework and the working principle of SDN. Then it explains the existing security threats of current framework. Next intrusion detection system based on SDN is proposed after the introduction of the intrusion detection system. And we made experiments to verify it. Finally we analyze the lack of the structure and propose some improvements.
46
Fegade, Saurabh, Amey Bhadkamka, Kamlesh Karekar, Jaikishan Jeshnani, and Vinayak Kachare. "Network Intrusion Detection System Using C4.5 Algorithm." Journal of Communications Technology, Electronics and Computer Science 10 (March 1, 2017): 15. http://dx.doi.org/10.22385/jctecs.v10i0.139.
Full textAbstract:
There is a great concern about the security of computer these days. The number of attacks has increased in a great number in the last few years, intrusion detection is the main source of information assurance. While firewalls can provide some protection, they fail to provide protection fully and they even need to be complemented with an intrusion detection system (IDS). A newer approach for Intrusion detection is data mining techniques.IDS system can be developed using individual algorithms like neural networks, clustering, classification, etc. The result of these systems is good detection rate and low false alarm rate. According to a recent study, cascading of multiple algorithms gives a way better performance than single algorithm. Single algorithm systems have a high alarm rate. Therefore, to solve this problem, a combination of different algorithms are required. In this research paper, we use the hybrid algorithm for developing the intrusion detection system. C4.5 Support Vector Machine (SVM) and Decision Tree combined to achieve high accuracy and diminish the false alarm rate. Intrusions can be classified into types like Normal, DOS, R2L and U2R.Intrusion detection with Decision trees and SVM were tested with benchmark standard NSL- KDD, which is the extended version of KDD Cup 1999 for intrusion detection (ID).
47
Zhu, Yongkuan, Gurjot Singh Gaba, Fahad M. Almansour, Roobaea Alroobaea, and Mehedi Masud. "Application of data mining technology in detecting network intrusion and security maintenance." Journal of Intelligent Systems 30, no. 1 (January 1, 2021): 664–76. http://dx.doi.org/10.1515/jisys-2020-0146.
Full textAbstract:
Abstract In order to correct the deficiencies of intrusion detection technology, the entire computer and network security system are needed to be more perfect. This work proposes an improved k-means algorithm and an improved Apriori algorithm applied in data mining technology to detect network intrusion and security maintenance. The classical KDDCUP99 dataset has been utilized in this work for performing the experimentation with the improved algorithms. The algorithm’s detection rate and false alarm rate are compared with the experimental data before the improvement. The outcomes of proposed algorithms are analyzed in terms of various simulation parameters like average time, false alarm rate, absolute error as well as accuracy value. The results show that the improved algorithm advances the detection efficiency and accuracy using the designed detection model. The improved and tested detection model is then applied to a new intrusion detection system. After intrusion detection experiments, the experimental results show that the proposed system improves detection accuracy and reduces the false alarm rate. A significant improvement of 90.57% can be seen in detecting new attack type intrusion detection using the proposed algorithm.
48
Farhana, Kaniz, Maqsudur Rahman, and Md Tofael Ahmed. "An intrusion detection system for packet and flow based networks using deep neural network approach." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 5 (October 1, 2020): 5514. http://dx.doi.org/10.11591/ijece.v10i5.pp5514-5525.
Full textAbstract:
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest data set available at online, formatted with packet based, flow based data and some additional metadata. The data set is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multi-class classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
49
Tang, Jian Gang. "Reach on Wireless Sensor Networks Security Issues and IDS Model." Applied Mechanics and Materials 530-531 (February 2014): 45–49. http://dx.doi.org/10.4028/www.scientific.net/amm.530-531.45.
Full textAbstract:
Security measures could not absolutely prevent network intrusion. The security technology of intrusion detection system had made up for the lack of preventive measures; it could provide real-time intrusion detection and take appropriate protection for network. The research directions of WSN security were how to improve security strength and prolong the life of nodes, how to enhance the preventive ability of intelligent security system and real-time detection with high detection accuracy. This paper analyzed the typical network intrusion and defensive strategies, and researched WSN intrusion detection model by analyzing the typical algorithm. IDS model was divided into three types the first was based on single-node detection, the other was based on Multi-node peer cooperative, and the third was based on task decomposition level. Finally the paper gave the main research topic and direction for WSN security issues.
50
Thamilarasu, Geethapriya, and Shiven Chawla. "Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things." Sensors 19, no. 9 (April 27, 2019): 1977. http://dx.doi.org/10.3390/s19091977.
Full textAbstract:
Cyber-attacks on the Internet of Things (IoT) are growing at an alarming rate as devices, applications, and communication networks are becoming increasingly connected and integrated. When attacks on IoT networks go undetected for longer periods, it affects availability of critical systems for end users, increases the number of data breaches and identity theft, drives up the costs and impacts the revenue. It is imperative to detect attacks on IoT systems in near real time to provide effective security and defense. In this paper, we develop an intelligent intrusion-detection system tailored to the IoT environment. Specifically, we use a deep-learning algorithm to detect malicious traffic in IoT networks. The detection solution provides security as a service and facilitates interoperability between various network communication protocols used in IoT. We evaluate our proposed detection framework using both real-network traces for providing a proof of concept, and using simulation for providing evidence of its scalability. Our experimental results confirm that the proposed intrusion-detection system can detect real-world intrusions effectively.