Network Intrusion Detection

Detecting Computer Network Attacks Using a Multi-objective Evolutionary Programming Approach

ABSTRACT

Attacks against computer networks are becoming more sophisticated, with adversaries using new attacks or modifying existing attacks. This research uses two types of multi-objective approaches, lexicographic and Pareto-based, in a multi- objective evolutionary programming algorithm to develop a new method for detecting such attacks. The approach evolves finite state transducers to detect attacks; this approach may allow the system to detect attacks with features similar to known attacks. Initial testing shows the algorithm performs satisfactorily in generating finite state transducers capable of detecting simulated attacks.

Introduction of Random Forest Classifier to ZigBee Device Network Authentication Using RF-DNA Fingerprinting

ABSTRACT

The decentralized architecture of ZigBee ad-hoc networks creates unique security challenges to ensure only authentic devices are granted network access. Non-parametric Random Forest (RndF) and Multi-Class AdaBoost (MCA) ensemble classifiers were introduced with RF-Distinct Native Attribute (RF-DNA) fingerprinting to enhance device authentication performance. Correct classification (%C) performance is improved up to 24% over other classifiers, with 10% improvement at the lowest SNR = 0.0 dB. Network intrusion tests correctly rejected 31/36 rogue devices vs. 25/36 and 28/36 with previously used classifiers. The key benefit of ensemble method processing is improved rogue rejection in noisy environments–gains of up to Gs = 18.0 dB are realized over other classifiers. Collectively considering demonstrated %C and rogue rejection capability, the use of ensemble methods improves ZigBee network authentication and enhances anti-spoofing protection afforded by RF-DNA fingerprinting.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com