Abstract
Cyber Defense is becoming a major issue for every organization to keep business continuity intact. The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm (ABC) as an Nature Inspired Cyber Security mechanism to achieve adaptive defense. It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node. Businesses today have adapted their service distribution models to include the use of the Internet, allowing them to effectively manage and interact with their customer data. This shift has created an increased reliance on online services to store vast amounts of confidential customer data, meaning any disruption or outage of these services could be disastrous for the business, leaving them without the knowledge to serve their customers. Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers. The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity. For any changes in network parameters, the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.
Abstract
With ever-evolving cyberspace, adaptive defense is crucial. In this paper, we show the Adaptive Defense Mechanism to identify Anomalous hosts in a network using the Artificial Bees Colonization Algorithm. A self-driven metric has been defined to determine the performance of a network that would detect the behavior of its nodes. This algorithmic metric is inspired by the Nature-Inspired Artificial Bees Colonization Algorithm. The end result is randomly generated using a dimension index that gives the same result on the node’s behavior which is then used to determine the probabilistic parametric fitness of the individual nodes. This helps to determine which nodes are getting affected the most or are nearer to the attack surface. The defense mechanism is based on the Nature Inspired Artificial Bees Colonization Algorithm, which is able to detect the nearest point/s of attack on nodes based on the experimental simulation of attacked nodes. It also shows the impact of the defense mechanism on the various topologies of the nodes as predefined in the testbed implementing a Distributed Denial-of-Service attack on the nodes. The proposed algorithm showcases the nodes that are affected due to the attack, providing the nearest point of the breach, which can provide a comprehensive way of examining the intrusion point. This algorithm outperformed in terms of stability and early identification of the malicious nodes.
Copyright Office, Govt of India > Modified Artificial Bee Colony Algorithm For Adaptive Intrusion Detection System
Abstract
The outcome of the code is a graphical representation of the Nodes under normal and attack conditions. This code helps determine the state of nodes in the network and recursively calculates their health to identify if they are under attack. Once flagged, modern-day firewall systems can further investigate these nodes.
Copyright Office, Govt of India > Enhanced Artificial Bees Colonization Algorithm for Adaptive Nature-Inspired Cyber Defense
Abstract
The provided code represents an algorithmic implementation of the Health Function derived from the Artificial Bees Colonization Algorithm. It has been integrated with Cyber Defense techniques to create a novel concept known as Nature-Inspired Cyber Security. This innovative approach aims to address and mitigate the challenges posed by contemporary Cyber Security issues, offering robust solutions to safeguard against cyber threats.
Abstract
Adaptive Defense has become an important factor in order to maintain device safety and security on the Internet. In 2021, there were more than 10 billion devices connected to the Internet which is estimated to exceed 25.4 billion by 2030. In order to implement the defensive mechanism approach to security, this paper demonstrates the implementation of the Artificial Bees Colonization (ABC) Approach as Nature Inspired Cyber Security Algorithm. This paper analyzes the defensive approach to Distributed Denial-of-Service attack which limits the amount of traffic flow from each node, therefore, minimizing the attack surface. The simulated network shows the difference between the normal and attack throughput and compares the fitness of the network intermediaries with reference to the parametric graph that shows the effect of a simulated attack on each network intermediary. Thereafter, the state of defense from the ABC’s point of view shows the effectiveness of the proposed algorithm in detecting and minimizing traffic flow from malicious nodes thus, maintaining the network throughput while keeping the network stable.
The proposed algorithm introduces an Adaptive Defense Approach that works recursively on the nodes attached to a network of clusters that prepares a solution set of probable malicious nodes that are attached to the network. The detected nodes are then analyzed by their properties based on the network parameters such as Network Throughput, End-to-End Delay, and Packet Delivery Ratio. On change in any of the factors in the devised properties, the node or cluster of nodes is marked as malicious and the rate of traffic flow along with the packet delivery ratio is reduced to match the normal node’s generic properties such that the hammering of the network with traffic is done under a controlled environment and the network works with reduced performance but does not halt even under attack thereby, maintaining business continuity under attack scenario.
An adaptive grid stabilization system based on nature-inspired cybersecurity (Ein anpassungsfähiges Netzstabilisierungssystem auf der Grundlage der von der Natur inspirierten Cybersicherheit)
Abstract
This patent focuses on an Adaptive Defense approach based on a modified Artificial Bees Colony algorithm. It works recursively on a set of nodes or computing devices, calculating and managing the network parameters to control the attack scenario conditions, such that the Availability phase of the CIA triad is retained.
Abstract
With the significant growth of the cyber environment over recent years, defensive mechanisms against adversaries have become an important step in maintaining online safety. The adaptive defense mechanism is an evolving approach that, when combined with nature-inspired algorithms, allows users to effectively run a series of artificial intelligence-driven tests on their customized networks to detect normal and under attack behavior of the nodes or machines attached to the network. This includes a detailed analysis of the difference in the throughput, end-to-end delay, and packet delivery ratio of the nodes before and after an attack. In this paper, we compare the behavior and fitness of the nodes when nodes under a simulated attack are altered, aiding several nature-inspired cyber security-based adaptive defense mechanism approaches and achieving clear experimental results. The simulation results show the effectiveness of the fitness of the nodes and their differences through a specially crafted metric value defined using the network performance statistics and the actual throughput difference of the attacked node before and after the attack.
Abstract
To determine the effectiveness of any defense mechanism, there is a need for comprehensive real-time network data that solely references various attack scenarios based on older software versions or unprotected ports, and so on. This presented dataset has entire network data at the time of several cyber attacks to enable experimentation on challenges based on implementing defense mechanisms on a larger scale. For collecting the data, we captured the network traffic of configured virtual machines using Wireshark and tcpdump. To analyze the impact of several cyber attack scenarios, this dataset presents a set of ten computers connected to Router1 on VLAN1 in a Docker Bridge network, that try and exploit each other. It includes browsing the web and downloading foreign packages including malicious ones. Also, services like File Transfer Protocol (FTP) and Secure Shell (SSH) were exploited using several attack mechanisms. The presented dataset shows the importance of updating and patching systems to protect themselves to a greater extent, by following attack tactics on older versions of packages as compared to the newer and updated ones. This dataset also includes an Apache Server hosted on a different subset of VLAN2 which is connected to the VLAN1 to demonstrate isolation and cross- VLAN communication. The services on this web server were also exploited by the previously stated ten computers. The attack types include Distributed Denial of Service, SQL Injection, Account Takeover, Service Exploitation (SSH, FTP), DNS and ARP Spoofing, Scanning and Firewall Searching and Indexing (using Nmap), Hammering the services to brute-force passwords and usernames, Malware attacks, Spoofing, and Man-in-the-Middle Attack. The attack scenarios also show various scanning mechanisms and the impact of Insider Threats on the entire network.