Dağıtık Veritabanlarında Saldırı Önleme Metotları
Yıl 2020,
, 425 - 441, 15.04.2020
Cigdem Bakir
,
Veli Hakkoymaz
Banu Diri
Mehmet Güçlü
Öz
Dağıtık sistemlerin kullanılmasıyla birlikte
verilere farklı kullanıcılar farklı yerlerden anlık erişim sağlayabilmekte ve
veriler üzerinde birtakım işlemler yapabilmektedir. Ancak, birden fazla
kullanıcının aynı anda farklı noktalardan sisteme yetkisiz olarak erişmek
istemesi veri güvenliği ve verinin gizliliği noktasında tehlikeli sonuçlar
doğurabilmektedir. Bu çalışma, dağıtık veritabanları üzerine inşa edilmiş
saldırı tespit ve önleme sistemleri üzerine olup, kullanılan metotların
sınıflamasını yaparak, başarılarını analiz etmekte ve karşılaştırmalı olarak
değerlendirmektedir. Üç kategori olarak sınıflandırılan yöntemlerden yapay zeka
teknikleri içerisinde yer alan yapay bağışıklık algoritmasının veri madenciliği ve istatistiksel yöntemler
içerisinde geçen diğer tekniklere oranla daha başarılı sonuçlar verdiği
gözlenmiştir.
Kaynakça
- Abraham, A., Grosan, C. ve Martiv-Vide, C., 2007. Evolutionary design of intrusion detection programs. Int. Journal of Network Security, 4, 328-339.
- Aburonman, A. ve Reaz, M., 2016. A novel SVM-kNN-PSO ensemble method for intrusion detection system. Elseiver Applied Soft Computing, 38, 360-372.
- Alhello, Z., Abdul, A. ve Harleen, K., 2017. On Applicatiablity of Neural Network in Intrusion Detection and Prevention. International Journal of Advanced Research in Computer Science, 8(7), 494-498.
- Bakir, C. ve Hakkoymaz, V., 2015. Veritabanı Güvenliğinde Saldırı Tahmini ve Tespiti için Kullanıcıların Sınıflandırılması, ISCTurkey2015 8.Uluslararası Bilgi Güvenliği ve Kriptoloji Konferansı (VIII. Int’l Conference on Information Security and Cryptology), Ankara, Türkiye, s.1-6.
- Castro, L. ve Timmis J., 2003. Artificial immune systems as a novel soft computing paradigm. Soft computing, Springer, 7(8), 526–544.
- Chen, M., Chang, P. ve Wu, J., 2016. A population-based incremental learning approach with artificial immune system for network intrusion detection. Elseiver Engineering Applications of Artificial Intelligence, 51, 171-181.
- Degang, Y. ve Guo, C., 2007. Learning Vector Quantization Neural Network Method for Network Intrusion Detection. Wuhan University Journal of Natural Sciences, 12(1), 147-150.
- Deng, H.ve Zeng, Q., 2003. SVM-baseed detection system for wireless ad hoca networks, Vehicular Technology Conference, Ekim 2003, Orlando, USA, s. 2147-2151.
- Faraoun, K.M. ve Boukelif, A., 2007. Neural Networks learning improvement using the K-Means clustering algorithm to detect network intrusions. International Journal of Computer and Information Engineering, 1(10), 3138-3145.
- Farhaoui, Y., 2017. Design and Implementation of an Intrusion Prevention System. International Journal of Network Security, 19(5), 675-683.
- Hamman, B. ve Hoffman, D., 2014. Learning vector Quantization for (dis-)-similarities. Elsevier Neurocomputing, 131, 43-51.
- Haslum, K. ve Abraham, A., 2007. Disp: A framework for distributed intrusion prediction and prevention using hidden markov models and online fuzzy risk assesment, 3rd International Symposium on Information Assurance and Security, Ağustos 2007, Manchester, United Kingtom, s.183-190.
- Hassan, M., 2013. Network Intrusion Detection System Using Genetic Algorithm and Fuzzy Logic. International Journal of Innovative Research in Computer and Communication Engineering, 1(7), 435-1445.
- Hu, W. ve Jun, G., 2014. Online Adaboost-Based Parameterized Methods for Dynamic Distributed network Intrusion Detection. IEEE Transactions on CyberNetics, 44(3), 66-82.
- Hu, Y. ve Panda, B., 2004. A data mining approach for Database Intrusion Detection. ACM Symposium on Applied Computing, 711-716.
- Jemili, F., 2009. Hybrid Intrusion Detection and Prediction multiAgent System, HIDPAS, (IJCSIS) International Journal of Computer Science and Information Security, 5(1), 62-71.
- Kannan S., Ruban M. ve Arun, M., 2016. Intelligent Intrusion Detection System using Genetic Algorithm. Journal of Advances in Chemistry, 12(17), 5020-5025.
- Law, K. ve Kwok, F., 2004. IDS False Alarm Filtering using KNN Classifier. Springer Information Security Applications Lecture Notes in Computer Science, 114-121.
- Mahit, D., 2015. Using Artifical Neural Network Classification and Invertion of Intrusion in Classification and Intrusion Detection System. International Journal of Innovative in Computer and Communication Engineering, 3(2), 1102-1108.
- Malhotra, S., Bali, V. ve Paliwal, K., 2017. Genetic Programming and K-nearest neighbour classifier based intrusion detection model, 7th International Conference on Cloud Computing, Ocak 2017, s.42-46.
- Moon, D., Im, H. ve Kim, I., 2017. Dtb:Ids: An Intrusion Detection System based on Decision Tree using Behavior Analysis for Preventing Apt Attacks. The Journal of Supercomputing, 73(7), 2881-2895.
- Mukherjee, D.S. ve Sharma, N., 2012. Intrusion Detection using Naive Bayes Classifier with Feature Reduction. Elsevier Procedia Technology, 4, 119-128.
- Mukkamala, S. ve Janoski, G., 2002. Intrusion Detection using Neural Networks and Support Vector Machines, IJCNN’02 Proceedings of the 2002 International Joint Conference on, Mayıs 2002, s.1702-1707.
- Nadiammai, G.U. ve Hemalathen, M., 2012. An evaluation of clustering technique over intrusion detection system, ICACCI '12 Proceedings of the International Conference on Advances in Computing, Communications and Informatics, Ağustos 2012, s.1054-1060.
- Noum, R. ve Al-Sultani, Z., 2012. Learning Vector Quantization (LVQ) and k-Nearest Neighbor for Intrusion Classification. World of Computer Science and Information Technology Journal (WCSIT), 2(3), 105-109.
- Obeidat M., Hamadreh N. ve Alakasassbeh M., 2019. Intensive Pre-Processing of KDD Cup 99 for Network Intrusion Classification Using Machine Learning Techniques. International Journal of Interactive Mobile Tehnologies, 16(1), 71-84.
- Rabier, L.R., 1990. A tutorial on Hidden Markov Models and Selected applications speech recognition. Ready in Speech Recognition, 267-296.
- Rachburee, N. ve Punlumjeak, W., 2017. Big Data Analytics: Feature Selection and Machine Learning for Intrusion Detection on Microsoft Azure Platform. Journal of Telecommunication Electronic and Computer Engineering, 9(1-4), 1-5.
- Ramasubramanian, P. ve Kannan, A., 2014. Multi-Agent based Quickprop Neural Network Short-term Forecasting Framework for Database Intrusion Prediction System. CiteSeerX.
- Rizvi, S., Labrador, G. ve Guyan, M., 2016. Advocating for Hybrid Intrusion Detection Prevention System and Framework Improvement. Elsevier Procesia Computer Science, 95, 369-374.
- Romasubramanian, P. ve Kannan, A., 2006. A genetic-algorithm based neural network short-term farecasting framework for database intrusion prediction system. Soft Computing, 10(8), 699-714.
- Sağıroğlu, Ş., Yolaçan, E.N ve Yavanoğlu, U., 2012. Zeki Saldırı Tespit Sistemi Tasarımı ve Gerçekleştirilmesi. Gazi Mühendislik-Mimarlık Fakültesi Dergisi, 26(2), 325-340.
- Sharma P., Sengupta J. ve Suri P.K., 2018. Wli-Fcm and Artificial Neural Network Based Cloud Intrusion Detection System. International Journall Advanced Networking and Applications, 10(1), 3698-3703.
- Senthilnayaki, B., Venkatalakshmi, K., Kannan, A., 2019. Intrusion Detection System using Fuzzy Rough Set Feature Selection and Modified KNN Classifier, The International Arab Journal of Information Technology, 16(4), 746-753.
- Shams, E.A., Rizaer, A. ve Ulusoy, A.H., 2018. Trust aware Supporrt Vector Machine Intrusion Detection and Preventin System in Vehicular ad hoc Networks. Elsevier Computers&Security, 78, 245-254.
- Shanmugavadivu, R. ve Nagarajan, N., 2014. Network Intrusion Detection System using Fuzzy Logic. Indian Journal of Computer Science and Engineering (IJCSE), 2(1), 101-111.
- Sharma, S., 2012. An Improved Network Intrusion Detection Technique based on k-means clustering via Naive Bayes Classification, IEEE-International Conference on Advances In Engineering, Science and Management (ICAESM-2012), Mart 2012, Nagapattinum, India, s.417-422.
- Shen, J. ve Wang, J., 2011. Network Intrusion Detection by Artificial Immune System, IEEE Power and Energy General Meeting, 1-8.
- Soleiman, E. ve Fetarat, A., 2014. Using Learning Vector Quantization (LVQ) in Intrsuion Detection Systems. International Journal of Innovative Research in Advanced Engineering (IJIRAE), 1(10).
- Tajbakhsh, A. ve Rahmati, M., 2009. Intrusion detection using fuzzy assocation rules. Elsevier Applied Soft Computing, 9, 462-469.
- Tian, J., 2005. Intrusion detection combining Multiple Decision Trees by Fuzzy Logic, Proceedings of the sixth International Conference on Parallel and Distributed Computing. Applications and Technologies (PDCAT’05).
- Tong, X. ve Wang, Z., 2009. A research using hybrid RBF/Elman neural networks for intrusion detection system secure model. Elsevier Computer Physics Communications, 180, 1795-1801.
- Ugochukwu, C. ve Bennett E.O., 2018. Intrusion Detection System using Machine Learning Algorithm. International Journal of Computer Science and Mathematical Theory, 4(1), 39-47.
- Yıldırım, M.Z., Çavuşoğlu, A., Şen, B. ve Budak, İ., 2014. Yapay Sinir Ağları ile Ağ Üzerinde Saldırı Tespiti ve Paralel Optimizasyonu, XVI, Akademik Bilişim, Şubat 2014, Mersin, Türkiye, s.671-677.
Intrusion Prevention Methods in Distributed Databases
Yıl 2020,
, 425 - 441, 15.04.2020
Cigdem Bakir
,
Veli Hakkoymaz
Banu Diri
Mehmet Güçlü
Öz
With the use of distributed systems, different users
can instantly access data from different locations and perform some operations
on the data. However, the unauthorized access of multiple users to the system
from different points at the same time can lead to dangerous results in terms
of data security and confidentiality of the data. This study is based on
intrusion detection and prevention systems built on distributed databases and
classifies the methods used to analyze and evaluate successes comparatively. It
is observed that the artificial immunity algorithm we have described in
artificial intelligence techniques, which is one of the methods classified as three
categories, gives more successful results compared to the other techniques
mentioned in the data mining and statistical methods.
Kaynakça
- Abraham, A., Grosan, C. ve Martiv-Vide, C., 2007. Evolutionary design of intrusion detection programs. Int. Journal of Network Security, 4, 328-339.
- Aburonman, A. ve Reaz, M., 2016. A novel SVM-kNN-PSO ensemble method for intrusion detection system. Elseiver Applied Soft Computing, 38, 360-372.
- Alhello, Z., Abdul, A. ve Harleen, K., 2017. On Applicatiablity of Neural Network in Intrusion Detection and Prevention. International Journal of Advanced Research in Computer Science, 8(7), 494-498.
- Bakir, C. ve Hakkoymaz, V., 2015. Veritabanı Güvenliğinde Saldırı Tahmini ve Tespiti için Kullanıcıların Sınıflandırılması, ISCTurkey2015 8.Uluslararası Bilgi Güvenliği ve Kriptoloji Konferansı (VIII. Int’l Conference on Information Security and Cryptology), Ankara, Türkiye, s.1-6.
- Castro, L. ve Timmis J., 2003. Artificial immune systems as a novel soft computing paradigm. Soft computing, Springer, 7(8), 526–544.
- Chen, M., Chang, P. ve Wu, J., 2016. A population-based incremental learning approach with artificial immune system for network intrusion detection. Elseiver Engineering Applications of Artificial Intelligence, 51, 171-181.
- Degang, Y. ve Guo, C., 2007. Learning Vector Quantization Neural Network Method for Network Intrusion Detection. Wuhan University Journal of Natural Sciences, 12(1), 147-150.
- Deng, H.ve Zeng, Q., 2003. SVM-baseed detection system for wireless ad hoca networks, Vehicular Technology Conference, Ekim 2003, Orlando, USA, s. 2147-2151.
- Faraoun, K.M. ve Boukelif, A., 2007. Neural Networks learning improvement using the K-Means clustering algorithm to detect network intrusions. International Journal of Computer and Information Engineering, 1(10), 3138-3145.
- Farhaoui, Y., 2017. Design and Implementation of an Intrusion Prevention System. International Journal of Network Security, 19(5), 675-683.
- Hamman, B. ve Hoffman, D., 2014. Learning vector Quantization for (dis-)-similarities. Elsevier Neurocomputing, 131, 43-51.
- Haslum, K. ve Abraham, A., 2007. Disp: A framework for distributed intrusion prediction and prevention using hidden markov models and online fuzzy risk assesment, 3rd International Symposium on Information Assurance and Security, Ağustos 2007, Manchester, United Kingtom, s.183-190.
- Hassan, M., 2013. Network Intrusion Detection System Using Genetic Algorithm and Fuzzy Logic. International Journal of Innovative Research in Computer and Communication Engineering, 1(7), 435-1445.
- Hu, W. ve Jun, G., 2014. Online Adaboost-Based Parameterized Methods for Dynamic Distributed network Intrusion Detection. IEEE Transactions on CyberNetics, 44(3), 66-82.
- Hu, Y. ve Panda, B., 2004. A data mining approach for Database Intrusion Detection. ACM Symposium on Applied Computing, 711-716.
- Jemili, F., 2009. Hybrid Intrusion Detection and Prediction multiAgent System, HIDPAS, (IJCSIS) International Journal of Computer Science and Information Security, 5(1), 62-71.
- Kannan S., Ruban M. ve Arun, M., 2016. Intelligent Intrusion Detection System using Genetic Algorithm. Journal of Advances in Chemistry, 12(17), 5020-5025.
- Law, K. ve Kwok, F., 2004. IDS False Alarm Filtering using KNN Classifier. Springer Information Security Applications Lecture Notes in Computer Science, 114-121.
- Mahit, D., 2015. Using Artifical Neural Network Classification and Invertion of Intrusion in Classification and Intrusion Detection System. International Journal of Innovative in Computer and Communication Engineering, 3(2), 1102-1108.
- Malhotra, S., Bali, V. ve Paliwal, K., 2017. Genetic Programming and K-nearest neighbour classifier based intrusion detection model, 7th International Conference on Cloud Computing, Ocak 2017, s.42-46.
- Moon, D., Im, H. ve Kim, I., 2017. Dtb:Ids: An Intrusion Detection System based on Decision Tree using Behavior Analysis for Preventing Apt Attacks. The Journal of Supercomputing, 73(7), 2881-2895.
- Mukherjee, D.S. ve Sharma, N., 2012. Intrusion Detection using Naive Bayes Classifier with Feature Reduction. Elsevier Procedia Technology, 4, 119-128.
- Mukkamala, S. ve Janoski, G., 2002. Intrusion Detection using Neural Networks and Support Vector Machines, IJCNN’02 Proceedings of the 2002 International Joint Conference on, Mayıs 2002, s.1702-1707.
- Nadiammai, G.U. ve Hemalathen, M., 2012. An evaluation of clustering technique over intrusion detection system, ICACCI '12 Proceedings of the International Conference on Advances in Computing, Communications and Informatics, Ağustos 2012, s.1054-1060.
- Noum, R. ve Al-Sultani, Z., 2012. Learning Vector Quantization (LVQ) and k-Nearest Neighbor for Intrusion Classification. World of Computer Science and Information Technology Journal (WCSIT), 2(3), 105-109.
- Obeidat M., Hamadreh N. ve Alakasassbeh M., 2019. Intensive Pre-Processing of KDD Cup 99 for Network Intrusion Classification Using Machine Learning Techniques. International Journal of Interactive Mobile Tehnologies, 16(1), 71-84.
- Rabier, L.R., 1990. A tutorial on Hidden Markov Models and Selected applications speech recognition. Ready in Speech Recognition, 267-296.
- Rachburee, N. ve Punlumjeak, W., 2017. Big Data Analytics: Feature Selection and Machine Learning for Intrusion Detection on Microsoft Azure Platform. Journal of Telecommunication Electronic and Computer Engineering, 9(1-4), 1-5.
- Ramasubramanian, P. ve Kannan, A., 2014. Multi-Agent based Quickprop Neural Network Short-term Forecasting Framework for Database Intrusion Prediction System. CiteSeerX.
- Rizvi, S., Labrador, G. ve Guyan, M., 2016. Advocating for Hybrid Intrusion Detection Prevention System and Framework Improvement. Elsevier Procesia Computer Science, 95, 369-374.
- Romasubramanian, P. ve Kannan, A., 2006. A genetic-algorithm based neural network short-term farecasting framework for database intrusion prediction system. Soft Computing, 10(8), 699-714.
- Sağıroğlu, Ş., Yolaçan, E.N ve Yavanoğlu, U., 2012. Zeki Saldırı Tespit Sistemi Tasarımı ve Gerçekleştirilmesi. Gazi Mühendislik-Mimarlık Fakültesi Dergisi, 26(2), 325-340.
- Sharma P., Sengupta J. ve Suri P.K., 2018. Wli-Fcm and Artificial Neural Network Based Cloud Intrusion Detection System. International Journall Advanced Networking and Applications, 10(1), 3698-3703.
- Senthilnayaki, B., Venkatalakshmi, K., Kannan, A., 2019. Intrusion Detection System using Fuzzy Rough Set Feature Selection and Modified KNN Classifier, The International Arab Journal of Information Technology, 16(4), 746-753.
- Shams, E.A., Rizaer, A. ve Ulusoy, A.H., 2018. Trust aware Supporrt Vector Machine Intrusion Detection and Preventin System in Vehicular ad hoc Networks. Elsevier Computers&Security, 78, 245-254.
- Shanmugavadivu, R. ve Nagarajan, N., 2014. Network Intrusion Detection System using Fuzzy Logic. Indian Journal of Computer Science and Engineering (IJCSE), 2(1), 101-111.
- Sharma, S., 2012. An Improved Network Intrusion Detection Technique based on k-means clustering via Naive Bayes Classification, IEEE-International Conference on Advances In Engineering, Science and Management (ICAESM-2012), Mart 2012, Nagapattinum, India, s.417-422.
- Shen, J. ve Wang, J., 2011. Network Intrusion Detection by Artificial Immune System, IEEE Power and Energy General Meeting, 1-8.
- Soleiman, E. ve Fetarat, A., 2014. Using Learning Vector Quantization (LVQ) in Intrsuion Detection Systems. International Journal of Innovative Research in Advanced Engineering (IJIRAE), 1(10).
- Tajbakhsh, A. ve Rahmati, M., 2009. Intrusion detection using fuzzy assocation rules. Elsevier Applied Soft Computing, 9, 462-469.
- Tian, J., 2005. Intrusion detection combining Multiple Decision Trees by Fuzzy Logic, Proceedings of the sixth International Conference on Parallel and Distributed Computing. Applications and Technologies (PDCAT’05).
- Tong, X. ve Wang, Z., 2009. A research using hybrid RBF/Elman neural networks for intrusion detection system secure model. Elsevier Computer Physics Communications, 180, 1795-1801.
- Ugochukwu, C. ve Bennett E.O., 2018. Intrusion Detection System using Machine Learning Algorithm. International Journal of Computer Science and Mathematical Theory, 4(1), 39-47.
- Yıldırım, M.Z., Çavuşoğlu, A., Şen, B. ve Budak, İ., 2014. Yapay Sinir Ağları ile Ağ Üzerinde Saldırı Tespiti ve Paralel Optimizasyonu, XVI, Akademik Bilişim, Şubat 2014, Mersin, Türkiye, s.671-677.