Browsing by Author "Elmasry, Wisam"
Now showing 1 - 3 of 3
- Results Per Page
- Sort Options
Publication Comparative Evaluation of Different Classification Techniques for Masquerade Attack Detection(Inderscience Enterprises Ltd., 2020) Elmasry, Wisam; AKBULUT, AKHAN; Zaim, Abdul HalimMasquerade detection is a special type of intrusion detection problem. Effective and early intrusion detection is a crucial basis for computer security. Although of considerable work has been focused on masquerade detection for more than a decade, achieving a high level of accuracy and a comparatively low degree of false alarm rate is still a big challenge. In this paper, we present an extensive empirical study in the area of user behaviour profiling-based masquerade detection using six of different existed machine learning methods in Azure Machine Learning (AML) studio. In order to surpass previous studies on this subject, we used four free and publicly available datasets with seven data configurations are implemented from them. Moreover, eight well-known masquerade detection evaluation metrics are used to assess methods performance against each data configuration. Finally, intensive quantitative and ROC curves analyses of results are provided at the end of this paper.Publication Deep Learning Approaches for Predictive Masquerade Detection(Wiley-Hindawi, Adam House, 3rd Fl, 1 Fitzroy Sq, London, Wit 5He, England, 2018) Elmasry, Wisam; Zaim, Abdül Halim; AKBULUT, AKHAN; 116056; 8693In computer security, masquerade detection is a special type of intrusion detection problem. Effective and early intrusion detection is a crucial factor for computer security. Although considerable work has been focused on masquerade detection for more than a decade, achieving a high level of accuracy and a comparatively low false alarm rate is still a big challenge. In this paper, we present a comprehensive empirical study in the area of anomaly-based masquerade detection using three deep learning models, namely, Deep Neural Networks (DNN), Long Short-Term Memory Recurrent Neural Networks (LSTM-RNN), and Convolutional Neural Networks (CNN). In order to surpass previous studies on this subject, we used three UNIX command line-based datasets, with six variant data configurations implemented from them. Furthermore, static and dynamic masquerade detection approaches were utilized in this study. In a static approach, DNN and LSTM-RNN models are used along with a Particle Swarm Optimization-based algorithm for their hyperparameters selection. On the other hand, a CNN model is employed in a dynamic approach. Moreover, twelve well-known evaluation metrics are used to assess model performance in each of the data configurations. Finally, intensive quantitative and ROC curves analyses of results are provided at the end of this paper. The results not only show that deep learning models outperform all traditional machine learning methods in the literature but also prove their ability to enhance masquerade detection on the used datasets significantly.Publication A Design of an Integrated Cloud-Based Intrusion Detection System with Third Party Cloud Service(Walter de Gruyter GmbH, 2021) Elmasry, Wisam; AKBULUT, AKHAN; Zaim, Abdul HalimAlthough cloud computing is considered the most widespread technology nowadays, it still suffers from many challenges, especially related to its security. Due to the open and distributed nature of the cloud environment, this makes the cloud itself vulnerable to various attacks. In this paper, the design of a novel integrated Cloud-based Intrusion Detection System (CIDS) is proposed to immunise the cloud against any possible attacks. The proposed CIDS consists of five main modules to do the following actions: monitoring the network, capturing the traffic flows, extracting features, analyzing the flows, detecting intrusions, taking a reaction, and logging all activities. Furthermore an enhanced bagging ensemble system of three deep learning models is utilized to predict intrusions effectively. Moreover, a third-party Cloud-based Intrusion Detection System Service (CIDSS) is also exploited to control the proposed CIDS and provide the reporting service. Finally, it has been shown that the proposed approach overcomes all problems associated with attacks on the cloud raised in the literature. © 2021 Wisam Elmasry et al., published by De Gruyter 2021.