An enhanced network intrusion detection system for malicious crawler detection and security event correlations in ubiquitous banking infrastructure

Int. J. Pervasive Comput. Commun. Pub Date : 2021-09-06 DOI:10.1108/ijpcc-04-2021-0102

Sivaraman Eswaran, Vakula Rani, Daniel Dominic, Jayabrabu Ramakrishnan, S. Selvakumar

{"title":"An enhanced network intrusion detection system for malicious crawler detection and security event correlations in ubiquitous banking infrastructure","authors":"Sivaraman Eswaran, Vakula Rani, Daniel Dominic, Jayabrabu Ramakrishnan, S. Selvakumar","doi":"10.1108/ijpcc-04-2021-0102","DOIUrl":null,"url":null,"abstract":"\nPurpose\nIn the recent era, banking infrastructure constructs various remotely handled platforms for users. However, the security risk toward the banking sector has also elevated, as it is visible from the rising number of reported attacks against these security systems. Intelligence shows that cyberattacks of the crawlers are increasing. Malicious crawlers can crawl the Web pages, crack the passwords and reap the private data of the users. Besides, intrusion detection systems in a dynamic environment provide more false positives. The purpose of this research paper is to propose an efficient methodology to sense the attacks for creating low levels of false positives.\n\n\nDesign/methodology/approach\nIn this research, the authors have developed an efficient approach for malicious crawler detection and correlated the security alerts. The behavioral features of the crawlers are examined for the recognition of the malicious crawlers, and a novel methodology is proposed to improvise the bank user portal security. The authors have compared various machine learning strategies including Bayesian network, support sector machine (SVM) and decision tree.\n\n\nFindings\nThis proposed work stretches in various aspects. Initially, the outcomes are stated for the mixture of different kinds of log files. Then, distinct sites of various log files are selected for the construction of the acceptable data sets. Session identification, attribute extraction, session labeling and classification were held. Moreover, this approach clustered the meta-alerts into higher level meta-alerts for fusing multistages of attacks and the various types of attacks.\n\n\nOriginality/value\nThis methodology used incremental clustering techniques and analyzed the probability of existing topologies in SVM classifiers for more deterministic classification. It also enhanced the taxonomy for various domains.\n","PeriodicalId":210948,"journal":{"name":"Int. J. Pervasive Comput. Commun.","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Pervasive Comput. Commun.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ijpcc-04-2021-0102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

Purpose In the recent era, banking infrastructure constructs various remotely handled platforms for users. However, the security risk toward the banking sector has also elevated, as it is visible from the rising number of reported attacks against these security systems. Intelligence shows that cyberattacks of the crawlers are increasing. Malicious crawlers can crawl the Web pages, crack the passwords and reap the private data of the users. Besides, intrusion detection systems in a dynamic environment provide more false positives. The purpose of this research paper is to propose an efficient methodology to sense the attacks for creating low levels of false positives. Design/methodology/approach In this research, the authors have developed an efficient approach for malicious crawler detection and correlated the security alerts. The behavioral features of the crawlers are examined for the recognition of the malicious crawlers, and a novel methodology is proposed to improvise the bank user portal security. The authors have compared various machine learning strategies including Bayesian network, support sector machine (SVM) and decision tree. Findings This proposed work stretches in various aspects. Initially, the outcomes are stated for the mixture of different kinds of log files. Then, distinct sites of various log files are selected for the construction of the acceptable data sets. Session identification, attribute extraction, session labeling and classification were held. Moreover, this approach clustered the meta-alerts into higher level meta-alerts for fusing multistages of attacks and the various types of attacks. Originality/value This methodology used incremental clustering techniques and analyzed the probability of existing topologies in SVM classifiers for more deterministic classification. It also enhanced the taxonomy for various domains.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

一种增强的网络入侵检测系统，用于无处不在的银行基础设施中的恶意爬虫检测和安全事件关联

目的近年来，银行基础设施为用户构建了各种远程办理平台。然而，银行业面临的安全风险也有所上升，这一点从越来越多的针对这些安全系统的攻击报告中可见一斑。情报显示，爬虫的网络攻击正在增加。恶意爬虫可以抓取网页，破解密码，获取用户的私人数据。此外，动态环境下的入侵检测系统会产生更多的误报。本研究论文的目的是提出一种有效的方法来感知攻击，以创造低水平的误报。设计/方法/方法在本研究中，作者开发了一种有效的恶意爬虫检测方法，并将安全警报关联起来。通过分析爬虫的行为特征来识别恶意爬虫，提出了一种提高银行用户门户安全性的新方法。作者比较了各种机器学习策略，包括贝叶斯网络、支持扇区机(SVM)和决策树。研究结果这项工作涉及多个方面。最初，对不同类型的日志文件的混合表示结果。然后，选择不同日志文件的不同位置构建可接受的数据集。进行了会话识别、属性提取、会话标注和分类。此外，该方法还将元警报聚类为更高级的元警报，以融合多阶段攻击和各种类型的攻击。该方法使用增量聚类技术，并分析支持向量机分类器中现有拓扑的概率，以获得更确定的分类。它还增强了各个领域的分类法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Int. J. Pervasive Comput. Commun.

自引率

0.00%

发文量