Swarm Intelligence Security | Science of Security Virtual Organization

Swarm Intelligence Security

Swarm Intelligence is a concept using the metaphor of insect colonies to describe decentralized, self-organized systems. The method is often used in artificial intelligence, and there are about a dozen variants ranging from ant colony optimization to stochastic diffusion. For cybersecurity, these systems have significant value both offensively and defensively. The research includes focus on botnets and malware, intrusion detection, cryptanalysis and security risk analysis. The works cited below were published in the first half of 2014.

Dadhich, A; Gupta, A; Yadav, S., "Swarm Intelligence based linear cryptanalysis of four-round Data Encryption Standard algorithm," Issues and Challenges in Intelligent Computing Techniques (ICICT), 2014 International Conference on , vol., no., pp.378,383, 7-8 Feb. 2014. (ID#:14-1807) URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6781312&isnumber=6781240 The proliferation of computers, internet and wireless communication capabilities into the physical world has led to ubiquitous availability of computing infrastructure. With the expanding number and type of internet capable devices and the enlarged physical space of distributed and cloud computing, computer systems are evolving into complex and pervasive networks. Amidst the aforesaid rapid growth in technology, secure transmission of data is also equally important. The amount of sensitive information deposited and transmitted over the internet is absolutely critical and needs principles that enforce legal and restricted use and interpretation of data. The data needs to be protected from eavesdroppers and potential attackers who undermine the security processes and perform actions in excess of their permissions. Cryptography algorithms form a central component of the security mechanisms used to safeguard network transmissions and data storage. As the encrypted data security largely depends on the techniques applied to create, manage and distribute the keys, therefore a cryptographic algorithm might be rendered useless due to poor management of the keys. This paper presents a novel computational intelligence based approach for known ciphertext-only cryptanalysis of four-round Data Encryption Standard algorithm. In ciphertext-only attack, the encryption algorithm used and the ciphertext to be decoded are known to cryptanalyst and is termed as the most difficult attack encountered in cryptanalysis. The proposed approach uses Swarm Intelligences to deduce optimum keys according to their fitness values and identifies the best keys through a statistical probability based fitness function. The results suggest that the proposed approach is intelligent in finding missing key bits of the Data Encryption Standard algorithm. Keywords: cloud computing; cryptography; probability; statistical analysis; swarm intelligence; Internet; ciphertext-only attack; ciphertext-only cryptanalysis; cloud computing; computational intelligence based approach; cryptography algorithms; data storage; distributed computing; four-round data encryption standard algorithm; network transmissions; secure data transmission; statistical probability based fitness function; swarm intelligence based linear cryptanalysis; Cryptography;MATLAB;NIST;Ciphertext;Cryptanalysis;Cryptography;Information Security; Language model; Particle Swarm Optimization; Plaintext; Swarm Intelligence

Fink, Glenn A; Haack, Jereme N.; McKinnon, ADavid; Fulp, Errin W., "Defense on the Move: Ant-Based Cyber Defense," Security & Privacy, IEEE , vol.12, no.2, pp.36,43, Mar.-Apr. 2014. (ID#:14-1808) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6798536&isnumber=6798534 Many common cyberdefenses (like firewalls and intrusion-detection systems) are static, giving attackers the freedom to probe them at will. Moving-target defense (MTD) adds dynamism, putting the systems to be defended in motion, potentially at great cost to the defender. An alternative approach is a mobile resilient defense that removes attackers' ability to rely on prior experience without requiring motion in the protected infrastructure. The defensive technology absorbs most of the cost of motion, is resilient to attack, and is unpredictable to attackers. The authors' mobile resilient defense, Ant-Based Cyber Defense (ABCD), is a set of roaming, bio-inspired, digital-ant agents working with stationary agents in a hierarchy headed by a human supervisor. ABCD provides a resilient, extensible, and flexible defense that can scale to large, multi-enterprise infrastructures such as the smart electric grid. Keywords: Computer crime; Computer security; Cyberspace; Database systems; Detectors; Malware; Mobile communication; Particle swarm intelligence; Statistics; Target tracking; MTD; cybersecurity; digital ants; moving-target defense; swarm intelligence

Aniello Castiglione, Roberto De Prisco, Alfredo De Santis, Ugo Fiore, Francesco Palmieri, “A Botnet-Based Command And Control Approach Relying On Swarm Intelligence,” Journal of Network and Computer Applications, Volume 38, February, 2014, Pages 22-33. (ID#:14-1809) URL: http://dl.acm.org/citation.cfm?id=2567003.2567217&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 This work features a new botnet-based command and control architecture, a solution to the current survivability and scalability challenges of ubiquitous networked systems deployed in questionable communication contexts. This new architecture aims to omit rigid master-slave relationships, and to autonomize bot operating roles. The architecture relies on swarm intelligence, especially stigmergic communication, with a view to provide fault tolerance, dynamic adaptation, and impromptu yet absolute coordination and collaboration among the autonomous bot agents. Keywords: Ant colony optimization, Botnets, Command and control, Malware-based management for homeland defense, Stigmergy, Swarm intelligence

Abhishek Gupta, Om Jee Pandey, Mahendra Shukla, Anjali Dadhich, Anup Ingle, Vishal Ambhore, “Intelligent Perpetual Echo Attack Detection on User Datagram Protocol Port 7 Using Ant Colony Optimization,” ICESC '14 Proceedings of the 2014 International Conference on Electronic Systems, Signal Processing and Computing Technologies, January 2014, Pages 419-424. (ID#:14-1810) URL: http://dl.acm.org/citation.cfm?id=2586119.2587455&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 The escalating complexity of computer networks on a daily basis has increased the probability of malicious exploitation. Even a rare vulnerability in a single computer might compromise the network security of an entire organisation. Intrusion Detection Systems form an integral component of the mechanisms designed to prevent internet and data communication systems from such attacks. The attacks on the network comprise of information gathering and modification through unauthorized access to resources and denial of service to legitimate users. IDS play a key role in detecting the patterns of behaviour on the network that might be indicative of impending attacks. Majority of groundbreaking research on IDS is carried out onKDD'99 dataset and focuses on either all the attacks in the network or the attacks corresponding to TCP/IP protocol. This paper presents a step forward in this direction where the IDS model addresses a specific part of the network attacks commonly detected at port 7 in UDP. Port scans in UDP account for a sizable portion of the internet traffic and comparatively little research characterizes security in UDP port scan activity. To meet the growing trend of attacks and other security challenges in the constantly evolving internet arena, this is paper presents a computationally intelligent intrusion detection mechanism using swarm intelligence paradigm, particularly ant colony optimisation, to analyze sample network traces in UDP port scans. This work aims at generating customised and efficient network intrusion detection systems using soft computing to increase general network security through specific network security. Keywords: Intrusion Detection Systems (IDS), port scans, User Datagram Protocol (UDP), network security, attacks, Ant Colony Optimisation (ACO), perpetual echo

Alexandros Giagkos, Myra S. Wilson, “BeeIP - A Swarm Intelligence Based Routing For Wireless Ad Hoc Networks,” Information Sciences: an International Journal, Volume 265, May, 2014, Pages 23-35. (ID#:14-1811) URL: http://dl.acm.org/citation.cfm?id=2580107.2580277&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 This paper takes a detailed look at Swarm Intelligence-based routing protocols, as well as a newly-proposed routing protocol which aims to deliver wireless ad hoc multi-path routing for mobile nodes. Keywords: Ant-inspired, Bee-inspired, Mobile ad hoc network, Sensor network, Swarm intelligence, Wireless

Fangjun Kuang, Weihong Xu, Siyang Zhang, “A Novel Hybrid KPCA and SVM With GA Model For Intrusion Detection,” Applied Soft Computing, Volume 18, May, 2014, Pages 178-184. (ID#:14-1812) URL: http://dl.acm.org/citation.cfm?id=2611832.2611904&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 The authors of this paper discuss a propose an intrusion-detection support vector machine (SVM) concept that combines kernel principal component analysis (KPCA) with genetic algorithm (GA). Results of experimentation are detailed, explaining how the proposed model provides higher predictive accuracy, rapid convergence speed, and significantly improved generalization. Keywords: Genetic algorithm, Intrusion detection, Kernel function, Kernel principal component analysis, Support vector machines

Nan Feng, Harry Jiannan Wang, Minqiang Li, “A Security Risk Analysis Model for Information Systems: Causal Relationships Of Risk Factors And Vulnerability Propagation Analysis,” Information Sciences: an International Journal, Volume 256, January, 2014, Pages 57-73. (ID#:14-1813) URL: http://dl.acm.org/citation.cfm?id=2542832.2543066&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 A novel security risk analysis model (SRAM) is proposed in this paper, which aims to help identify casual correlations between risk factors, as well as to analyze the challenges associated with vulnerability propagation. Keywords: Ant colony optimization, Bayesian networks, Information systems, Security risk, Vulnerability propagation

Joanna Kołodziej, Samee Ullah Khan, Lizhe Wang, Marek Kisiel-Dorohinicki, Sajjad A. Madani, Ewa Niewiadomska-Szynkiewicz, Albert Y. Zomaya, Cheng-Zhong Xu, “Security, Energy, And Performance-Aware Resource Allocation Mechanisms For Computational Grids,” Future Generation Computer Systems, Volume 31, February, 2014, Pages 77-92. (ID#:14-1814) URL: http://dl.acm.org/citation.cfm?id=2564944.2565285&coll=DL&dl=GUIDE&CFID=390598023&CFTOKEN=68395339 This paper recognizes the challenges of modeling relationships between computing hardware and physical environments for Distributed Cyber Physical Systems (DCPSs), to ensure efficiency, thermal safety, and continuous operation. The authors of this paper use the Dynamic Voltage Scaling (DVS) methodology to reduce power strain by system resources. Discussed are the developed algorithms and heuristics, and their effectiveness as a solution, for the optimization challenge. Keywords: Distributed cyber physical systems, Dynamic voltage scaling, Energy optimization, Evolutionary algorithm, Resource reliability, Scheduling, Secure computational grid

Gupta, A; Pandey, O.J.; Shukla, M.; Dadhich, A; Ingle, A; Ambhore, V., "Intelligent Perpetual Echo Attack Detection on User Datagram Protocol Port 7 Using Ant Colony Optimization," Electronic Systems, Signal Processing and Computing Technologies (ICESC), 2014 International Conference on , vol., no., pp.419,424, 9-11 Jan. 2014. (ID#:14-1815) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6745415&isnumber=6745317 The escalating complexity of computer networks on a daily basis has increased the probability of malicious exploitation. Even a rare vulnerability in a single computer might compromise the network security of an entire organisation. Intrusion Detection Systems form an integral component of the mechanisms designed to prevent internet and data communication systems from such attacks. The attacks on the network comprise of information gathering and modification through unauthorized access to resources and denial of service to legitimate users. IDS play a key role in detecting the patterns of behaviour on the network that might be indicative of impending attacks. Majority of groundbreaking research on IDS is carried out on KDD'99 dataset and focuses on either all the attacks in the network or the attacks corresponding to TCP/IP protocol. This paper presents a step forward in this direction where the IDS model addresses a specific part of the network attacks commonly detected at port 7 in UDP. Port scans in UDP account for a sizable portion of the Internet traffic and comparatively little research characterizes security in UDP port scan activity. To meet the growing trend of attacks and other security challenges in the constantly evolving internet arena, this is paper presents a computationally intelligent intrusion detection mechanism using swarm intelligence paradigm, particularly ant colony optimization, to analyze sample network traces in UDP port scans. This work aims at generating customized and efficient network intrusion detection systems using soft computing to increase general network security through specific network security. Keywords: ant colony optimization; computer network security; transport protocols; Internet traffic; TCP/IP protocol; ant colony optimization; computer network security; computer networks escalating complexity; denial of service; intelligent intrusion detection mechanism; intelligent perpetual echo attack detection ;malicious exploitation probability; unauthorized access; user datagram protocol port 7;Computers;Internet;Intrusion detection; Ports (Computers);Protocols; Real-time systems; Ant Colony Optimization (ACO);Intrusion Detection Systems (IDS);User Datagram Protocol (UDP);attacks; network security; perpetual echo; port scans

Zhongshan Zhang; Keping Long; Jianping Wang; Dressler, F., "On Swarm Intelligence Inspired Self-Organized Networking: Its Bionic Mechanisms, Designing Principles and Optimization Approaches," Communications Surveys & Tutorials, IEEE , vol.16, no.1, pp.513,537, First Quarter 2014. (ID#:14-1816) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6553299&isnumber=6734841 Inspired by swarm intelligence observed in social species, the artificial self-organized networking (SON) systems are expected to exhibit some intelligent features (e.g., flexibility, robustness, decentralized control, and self-evolution, etc.) that may have made social species so successful in the biosphere. Self-organized networks with swarm intelligence as one possible solution have attracted a lot of attention from both academia and industry. In this paper, we survey different aspects of bio-inspired mechanisms and examine various algorithms that have been applied to artificial SON systems. The existing well-known bio-inspired algorithms such as pulse-coupled oscillators (PCO)-based synchronization, ant- and/or bee-inspired cooperation and division of labor, immune systems inspired network security and Ant Colony Optimization (ACO)-based multipath routing have been surveyed and compared. The main contributions of this survey include 1) providing principles and optimization approaches of variant bio-inspired algorithms, 2) surveying and comparing critical SON issues from the perspective of physical-layer, Media Access Control (MAC)-layer and network-layer operations, and 3) discussing advantages, drawbacks, and further design challenges of variant algorithms, and then identifying their new directions and applications. In consideration of the development trends of communications networks (e.g., large-scale, heterogeneity, spectrum scarcity, etc.), some open research issues, including SON designing tradeoffs, Self-X capabilities in the 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE)/LTE-Advanced systems, cognitive machine-to-machine (M2M) self-optimization, cross-layer design, resource scheduling, and power control, etc., are also discussed in this survey. Keywords: 3G mobile communication; Long Term Evolution; ant colony optimization; cooperative communication; oscillators; power control; scheduling; synchronization; telecommunication network routing; telecommunication security;3GPP;3rd Generation Partnership Project; LTE-Advanced systems; Long Term Evolution; MAC layer; PCO; ant colony optimization-based multipath routing; ant-inspired cooperation; artificial SON systems; artificial self-organized networking; bee-inspired cooperation; bio-inspired mechanisms; bionic mechanisms; cognitive machine-to-machine self-optimization; cross-layer design; immune systems inspired network security; media access control layer; network layer; physical layer; power control; pulse coupled oscillators-based synchronization; resource scheduling; swarm intelligence inspired self-organized networking; Adaptive Routing; Bio-Inspired; Cognitive Radio; Cooperation; Heterogeneous; Load Balancing; Machine-to-Machine; Network Security; Self-Organized Networking; Swarm Intelligence; Synchronization

Enache, Adriana-Cristina; Patriciu, Victor Valeriu, "Intrusions detection based on Support Vector Machine optimized with swarm intelligence," Applied Computational Intelligence and Informatics (SACI), 2014 IEEE 9th International Symposium on , vol., no., pp.153,158, 15-17 May 2014. (ID#:14-1817) URL:http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6840052&isnumber=6840030 Intrusion Detection Systems(IDS) have become a necessary component of almost every security infrastructure. Recently, Support Vector Machines (SVM) has been employed to provide potential solutions for IDS. With its many variants for classification SVM is a state-of-the-art machine learning algorithm. However, the performance of SVM depends on selection of the appropriate parameters. In this paper we propose an IDS model based on Information Gain for feature selection combined with the SVM classifier. The parameters for SVM will be selected by a swarm intelligence algorithm (Particle Swarm Optimization or Artificial Bee Colony). We use the NSL-KDD data set and show that our model can achieve higher detection rate and lower false alarm rate than regular SVM. Keywords: ABC and NSL-KDD; Intrusion Detection; PSO; SVM

Weiming Hu; Jun Gao; Yanguo Wang; Ou Wu; Maybank, S., "Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection," Cybernetics, IEEE Transactions on , vol.44, no.1, pp.66,82, Jan. 2014 (ID#:14-1818) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6488798&isnumber=6683070 Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two online Adaboost-based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types. Keywords: Gaussian processes; computer architecture; computer network security; distributed processing; learning (artificial intelligence); particle swarm optimization; support vector machines; GMM; PSO;SVM-based algorithm; distributed architectures; dynamic distributed network intrusion detection; local parameterized detection model; network attack detection; network information security; online Adaboost process; online Adaboost-based intrusion detection algorithms; online Adaboost-based parameterized methods; online Gaussian mixture models; particle swarm optimization; support vector machines; weak classifiers; Dynamic distributed detection; network intrusions; online Adaboost learning; parameterized model

Zafar, S.; Soni, M.K., "Trust based QOS protocol(TBQP) using meta-heuristic genetic algorithm for optimizing and securing MANET," Optimization, Reliability, and Information Technology (ICROIT), 2014 International Conference on , vol., no., pp.173,177, 6-8 Feb. 2014. (ID#:14-1819) URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6798315&isnumber=6798279 This paper includes a prospective approach of developing a trust based QOS protocol (TBQP) using meta-heuristic genetic algorithm for optimizing and securing MANET. Genetic algorithm will help in maintaining Quality of Service(QOS) by selecting a fittest i.e. shortest route hence providing better performance. Intelligent optimization approaches or meta heuristic algorithms like, genetic algorithm(GA), neural networks(NN) based on artificial intelligence(AI), particle swarm optimization(PSO) technique and simulated annealing(SA) in the recent years have well consigned QOS issues. Ad-hoc networks face the primary defiance of restraining attacks against data, like, unauthorized data modification impersonation etc caused by malicious nodes in the network. This problem is tackled by trust application in our proposed approach which helps in securing ad-hoc networks. Keywords: artificial intelligence; genetic algorithms; mobile ad hoc networks; mobile computing ;neural nets; protocols; quality of service; simulated annealing; telecommunication security; AI; MANET optimization; MANET security; PSO; TBQP; ad-hoc networks; artificial intelligence; impersonation; intelligent optimization approaches; malicious nodes; metaheuristic genetic algorithm; neural networks; particle swarm optimization; quality of service; route; simulated annealing; trust application; trust based QOS protocol; unauthorized data modification; Ad hoc networks; Encryption; Face; Mobile communication; Mobile computing; Quality of service; Routing; Meta-Heuristic Algorithm; security challenges confronted by MANET; trust; user authentication

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.