Artificial Neural Network in Computer Security: 205983

  1. Assessments

3.1 Deliverables

Interim report (20%)

  • Project Proposal Form (5%)
    Project proposal that details the problem statement and objectives of the project, including an outline of the artefact, methodology to be used, required resources to realise the artefact and identification of any ethical issues.
  • Contextual Review (15%)
    Comprehensive primary and secondary research to support the workings of the project. The analysis of which should result in artefact specification and design blueprints (which in turn would be used to realise artefact).

Final report (80%)

  • Project Management (10%)
    Management of project work (effective meetings with supervisor, initiatives shown in project definition, documentation, timing, process of investigation, etc).
  • Thesis Report (50%)
    Quality of analysis, originality and depth, artefact produced, research conducted and references used, and overall presentation including structure and clarity.
  • Poster (10%)
    Presentation of overall work via a poster (conformance of requirements, relevance, detail, quality of presentation, ability to defend, etc).
  • Oral Presentation (10%)
    Presentation, clarity, knowledge and questions and answers.


 References on projects

  • Dawson, C., Projects in Computing and Information Systems: a Student’s Guide, 2nd Edition, Addison Wesley, 2009
  • Berndtsson, M., Hansson, J., Olsson, B., Lundell, B., Thesis Projects: a Guide for Students in Computer Science and Information Systems, 1st Edition, Springer, 2007

MSc Final Project Report Guidelines

Structure of the Final Project Report

 

The main body of the Report is subdivided into logical sections, or chapters.  The structure should follow the following example format (the details may vary depending on your particular project):

 

  • Title page
  • –    Abstract
  • Acknowledgements
  • Dedication

–     Key words

  • Table of Contents
  • Chapter 1 Introduction, Aims and Objectives
  • Chapter 2 Literature review
  • Chapter 3 Artefact Design, Development & Testing
  • Chapter 4 Testing and Evaluation
  • Chapter 5 Conclusions & Further Work
  • References
  • Appendices

 

 

Abstract

The abstract should be a concise summary of the study, identifying the nature and scope, the major findings and the contribution to the overall field of the subject. Abstracts give the reader an overview and feel for the work without first having to study the whole project.

 

The abstract must be succinct (not exceeding 200 words) and clearly written.  It is important to note that the abstract is not an introduction.

Acknowledgements

This section should be used to state the names of the individuals who provided substantial help.  Care must be taken not to forget the supervisor!!

Dedication

The author usually dedicates the project to their spouse, parents, dog, or whomever they choose.  This decision is left to the individual.

Keywords

Assume that the project is to be converted to electronic form (e.g. CDROM or Internet).  You need to supply key words and/or phrases so that researchers can locate the project by means of searches.  The total number of key words must not exceed eight.

The Contents Page

The Contents should be structured by ‘nesting’ as shown in the example:

 

Contents List

 

  1. CHAPTER TITLE
    • Sub-section Title

1.2       Sub-section Title

 

  1. CHAPTER TITLE

2.1       Sub-section Title

2.2       Sub-section Title

 

APPENDIX A              TITLE

APPENDIX B              TITLE

APPENDIX C             TITLE


 

Interim Report Format

Introduction

This is always the first chapter and informs the reader about the nature of the artifact, the project, the aim and objectives.  It should put the work into context, including history and the background to the study.  The introduction presents a broad general development of the work covered in the project. For example, the introduction should be presented under the sub-sections:

 

  • Introduction to Problem
  • Introduction to Project, Aim and Objectives
  • Introduction to Artefact

 

The introduction should also detail the structure of the report.

 

The Main Body of the Report

In the various chapters of the main body, the findings of the literature search, pertinent facts, evidence, data, analyses, findings, discussions and arguments are all presented.  These chapters and the nested sections and sub-sections should be well structured and must remain focused.  It is essential that the chapters, sections, sub-sections are all clearly linked together and are presented in a logical sequence.  There should be a clear match between the contents of these chapters and the hypothesis, the questions asked and the aims and objectives presented in the Introduction.

Conclusions & Further Work

This section is used to bring together and summarise the main points and findings, along with any recommendations.  The conclusion must not be used to introduce new material. You should finish your discussion with thoughts on future developments and/or recommendations.

References

These should be presented as per the Literature Review.

 

Here is a Harvard Reference Generator – http://www.neilstoolbox.com/bibliography-creator/

The Appendices

The appendix or appendices can be used to present detailed information of relevance that is not essential in the main text.  Appendices help to minimise ‘clutter’ in the main body of the project, making it more readable.  The project plan should be made the first Appendix. Any completed forms for the supervisor-student progress meetings might also be included as an appendix – as per the advice given by the supervisor. Any source code listings should be included as an appendix or submitted as a separate document – again as advised by the supervisor. Appendices may include, for example, data, graphs, tables, data sheets, background theory and lists of relevant names and addresses to support the main text.  It is not acceptable to include photocopies of materials from books, journals or the Internet merely to show that certain documents were previously consulted.  Material in appendices should be closely linked to the main document.

 

Every appendix should be coded with a letter, Appendix A, Appendix B, and so on, and should be titled.  Each appendix begins on a fresh page. All material in the appendix should be cited in the main text.

Presentation

  • The final document must be word-processed using the ‘formal’ font Times New Roman. The font size must be 12 point. The text should be left justified. You should use 1.5 line spacing.

 

  • Paper size should be A4 and printing must only be on one side of the page.

 

  • The margin on the left side of the sheet should be 4cm – to allow for binding.

 

Length

Length for Interim Report is 5-7 Pages

Thesis Length:

The length of the main body of the thesis should be approximately 12,000 words.

Proof-reading

As the writing progresses, every aspect of the entire project should be read and re-read, checked and double-checked to minimise errors.  Electronic checking is also helpful with errors in spelling and grammar.  Calculations should also be thoroughly checked.  References must be scrutinised for accuracy.  Mistakes, sloppy presentation, numerous typographical errors, all give a very bad impression.

 

Title of Project Security Issues in Cloud Computing
Description of your artefact Due to the fast growing development in the field of computer, security is becoming a major issue. Security of computer is divided into two areas detection of security violation and preventative security. Both these areas are different from each other because preventative security leads towards the prevention of system while detection is to detect the root cause for security. Preventative security is easier and cost effective while detection is difficult part to detect the vulnerability in system and it costs more. In practise detection depends on the system administrator’s knowledge about the system and about its users, which is similar to penetration testing. Cloud computing is quickly expanding that has a technology connection with Grid Computing, Utility Computing, Distributed Computing.

 

The aim of this contribution is to identify data security challenges for adopting cloud computing and solution from real world for the challenge. Also, list out solution for the cloud computing data security challenge that has no mitigation strategies identified.

 

The objective of this work is to provide a solution which will be able to enhance the security of data that is stored by user on cloud systems. For data security and data privacy DCS approach is used in this work to achieve the desired results.

·         The first task is to identify the characteristics of this approach for using in data security.

·         Based on those characteristics, research would be done on the available security techniques.

·         Check their suitability to be used in the DCS approach.

·         Last step will be to evaluate the proposed solution in cloud environment test bed.

 

When multiple organizations at the same time share resources there is a risk of data security or data misuse. To avoid risk it is necessary to secure data repositories. Protection of data and privacy of data is the most Important challenge.

What methodology (structured process) will you be following to realise your artefact? As data security and data privacy is normally handled by the service providers. The data owner or user may not be fully aware of the security challenges. The research for finding the solution to these data security issues is active in different directions. There are researches which focus towards improving the data security at application levels or hardware levels. The solution provided through these researches does not normally provide comprehensive solution.  They still keep the effort to establish security measures under the control of cloud provider.

Data Centric Security (DCS) is a developing methodology that aims to give data owners with full control of their data security from inside the data itself, rather than the security of networks all through the data lifecycle on the cloud. The idea of the DCS approach is interpreted in different ways in the literature and there is not yet a standardized framework of applying this way to deal with the cloud model.

This project is intended to enhance cloud computing security by proposing a solution based on the DCS approach. DCS will provide security on the data level to the client.

Abstract

 

Computer technology become key feature in every field of our daily life and routine. Everyone share their sensitive data by using this information processing over the internet with the help of computer technologies. For the protection of this sensitive data, there must be need of trustworthiness. Computer system and networks must be secure so that anyone can exchange their data without any hassle. Computer security must not only deal with protection of sensitive information from unauthorised access or modification but also it insures the security of whole computer network system and address the problems for future misuse.

In current scenario many techniques are use to increase the security of computers and information technology. Artificial Neural Network (ANN) is a branch of computer science which provides a meaningful solution for security of computers. Many researchers and reputed organization play a special attention in this field. In this report we perform a survey on Artificial Neural Network (ANN), design of ANN, algorithms used in testing and training of ANN, use of activation function. We also perform a literature survey on computer security by using of ANN.

 

 

 

 

Keywords

 

Artificial Neural Network, Back-propagation Algorithm, Activation Function, Feed-forward Network, Data Mining, Supervised Training, Unsupervised Training, Access control, Intrusion Detection System (IDS).

 

 


 

Introduction

 

Computer security become more essential now days due to sensitive and private data stored in it. Information system become basic need of our life. Internet and information system are use in explosive level for educational, research, industrial organization and government organizations. All organizations share their information on internet via computer and information technology. To protect the computer system from unauthorised access, many technologies were introduced. The latest technology that used for protection and security of computer system is pattern recognition and classification. This technique is derived from Artificial Neural Network (ANN), which is inspired from human intelligence and biological neuron system. By using this pattern recognition technique, a computer system identifies the authorized user and provide the full access towards the resources. On the other hand, unauthorized user or access will be blocked by computer system.

There are many techniques that were introduced along with information technology evolution. At the starting the information exchange is limited thus very less security nedded by systems. But as evolution of technique and load of information were increased, new methods of security were also introduced. Here we discuss some of methods for computer information security that were introduced previously.

The previous techniques that used for computer security were handwriting analysis, typing speed techniques, cryptographic techniques and many more. As technology become more advanced new security features were added to computers. Pattern classification of ANN is the latest technique that is use in computers these days. The access control method is adopted by most of researchers. It is a password based authentication and widely used. Cryptographic technique also introduces in access control method. This method is not secure due to encryption attacks on the system. Thus, ANN is applied on access control in this method ANN learn for dataset of user ID and password and generate the matching signals. These signals are generated in learning phase. The input attributes are controlled by weight of ANN. Thus at testing phase the matching of signal not required and system became more strong for access control.

Intrusion Detection System (IDS) were introduce for analysis of computer system and communication network for detection of unauthorised or suspicious activity. IDS is an active process and IDS may be any hardware, software or combined architecture of both. IDS can detect any security vulnerability before the system get infected. When ANN is applied to IDS, normal dataset is applied to ANN architecture and system learn from this data. The coefficient of ANN automatically adjusted during the training phase. This learning may be supervised or unsupervised, depending upon attributes of IDS. During testing phase unknown dataset of IDS attributes are applied on ANN. After the testing ANN detects the attributes and abnormal behaviour of IDS. Some more machine learning techniques are also used with IDS for example One-Class Support Vector Machine (OCSVM), Bayesian Network, Genetic Algorithm.

At present scenario most of communication system and computer system are based on TCP/IP protocol. Some networks have compatibility issues with TCP/IP. This problem may be detected and overcome by the IDS along with ANN. In this research project we discus the computer security problems which are related to communication between to systems or networks. For this we select some attributes like TCP/IP protocols, Source and destination address, port address, FLAGS. We design an architect of ANN and train the network. For the training of ANN, we select the attributes from laboratory environment and take real time data and traffic. After the training of ANN, this network will be tested for unknown real time data. From results of testing data, we conclude that whether the system is secure or not. For purpose of comparisons and testing we will select the Mean Square Error (MSE) function.

 

In this report we survey use of artificial neural network in computer security. In section 2, a literature survey describes existing work on computer security by using ANN. In section 3, explains the artificial neural network. In section 4, we proposed our finding and work. Section 5 conclude our report. In last section we proposed our future work for medical diagnosis.

 

 

 

 

 

Existing work in the field of Computer Security using ANN

 

To secure the computer system, communication network and information technology, ANN is applied in many different domains. ANN may be applied on hardware level or software level. Application of ANN depends upon the complexity of architecture of computer network and need of security.

Ciaramella et al, proposed a model of ANN for access control problem. They focus their research on password selection and authentication. Password based scheme provide extra layer of security to information processing and communication network. They implement a password checker by using of ANN. They proposed both single layer and multi layer perceptron model for selection of proactive password checker. They also perform their testing on different topology of networks.

Lin et al, proposed a model of back-propagation neural network to establish a relation between ID and password. Their model have capability to produce a automatic password for provided ID. They create two different and separate table for ID and password. Their model provides special security for sensitive data.

Lin et al, proposed a different model for remote access authentication system. They proposed a multi server level architecture neural network for their research. For training of multi server architecture, they adopted back-propagation learning algorithm. Their model based on pattern classification scheme. Their model able to authenticate the server at real time from a remote location. This model is applicable on both multi-user and multi –server communication network. Any user can able to login on any server for a given communication network.

Wang et al, proposed a Hopfield neural network for access control. In their model there is no need to create a conventional verification table. Thus Hopfield neural network able to extract the information for an authorized user at real time.

Dewan et al, proposed a model for Intrusion Detection System (IDS). They implement a new decision tree algorithm in their proposed model. Their proposed ANN able to distinguish different type of intrusion behaviours.

Nguyen et al, proposed a neural network for detection of distributed IDS. Their proposed model based on feature selection algorithm. In their research they separate normal behaviour and intrusion behaviour class for training purpose. Binary classifier was used for distinguish of each class. Feature selection method used for pair wise selection of that particular class. This feature selection algorithm is more capable and unique for detection and classification accuracy.

Chan et al, proposed a AFID neural network for IDS. They proposed a improve support vector machine algorithm for classification of normal and DOS attacks. Their SVM is modified Gaussian kernel enabled. It perform the conformal mapping of features attributes.

 

Artificial Neural Network

 

Artificial Neural Network (ANN) or Artificial Intelligence (AI) or Neural Network (NN) is a branch of computer science. ANN is based on function of human brain. Artificial neuron is inspired from biological neuron of human brain. In Human brain biological neurons are connected to each other. Biological neuron gets information from physical world and surroundings. This information act as input data for these biological neurons. This information is passed to neighbouring neurons after the processing. Simultaneously, the result of processed information is stored in human memory. Human brain have trillions of biological neurons thus it consists of enough memory power. The result of processed information is used for future prediction and probabilities. Biological neurons have different size and functionality. Basically neurons are classified in three categories: the neuron which receive information known as dendrite, information processing unit is known as some and the neuron who transmit the processed information is known as axon.

The mathematical expression for biological neuron is proposed by McCulloch and Pitts in 1943. They also proposed a mathematical model for artificial neuron. Figure 1 explain the mathematical expression of biological neuron and figure 2 express the expression of artificial neuron.

1

Artificial neuron works on the principle of biological neuron. Thus in ANN, artificial neurons are also connected with other neighbouring neurons. Architecture of any ANN depends upon the complexity of problem. ANN consist of many layers of neuron in structure and a single layer also consists of different number of neurons. In layered structure of ANN, three layers are main: input layer hidden layer and output layer. Input layer receive information through the input nodes, hidden layer process the received information and output layer provides the results.

 

In the figure 2, x is input node, w is interconnected link between two nodes, b is bias and y is output of ANN. The output also knows as sum of products. Multiplication of input node and weight is known as product. All product of the network of individual layer is than add and provide the output.

 

Mathematical expression of output is:

 

The value of output is dependent on an activation function. Depending on complexity of problem and the structure and learning algorithm of ANN there are different types of activation functions:

  • Linear activation function
  • Radial Basis activation function
  • Bipolar Sigmoid activation function
  • Uni-Polar Sigmoid activation function
  • Hyperbolic Tangent activation function

 

In ANN, the artificial neurons are arranged in different manners. This arrangement of knows as structure of ANN. Structure of ANN also depend upon learning algorithms. Sometimes structure also depends upon input attributes of complex problems. Some well known structures which are proposed by many authors and researchers are:

 

  • Single layered network
  • Single layered feedforward network
  • Multi-layered network
  • Multi-layered feedforward network
  • Single layered recurrent network
  • Multi-layered recurrent network

 

 

 


 

Applications of Artificial Neural Network

 

Artificial Neural Network have many advantages because it has prediction ability. Due to its parallel distributed structure, neural network performs generalization calculations. ANN learn from previous conditions or data and perform its testing and prediction for unknown data. This ability of ANN can be applied on complex scenarios like medical diagnosis, biometric recognition, face reorganization, image processing, driverless motor & vehicle designing, map design and many other domains. Some of major ability and fictional properties of ANN are:

 

  • Input mapping & output mapping
  • Pattern classification
  • Pattern recognition
  • Pattern association
  • Pattern adaptability
  • Supervised and unsupervised learning adaptation
  • Nonlinearity mapping
  • Fault detection and tolerance
  • Design and implementation of VLSI
  • Biological neuron and medical analysis
  • Medical condition diagnosis

 


 

Conclusion

 

The development of computer system and technology introduced a new term “Information revolution”. From past two decades, the amount of public and private data have been increased day by day. With the evolution of technology, unwanted or undesirable elements also introduce, that are unsecure for the privacy of data. Many approaches are implemented to overcome this privacy issue. ANN provides a robust approach for this problem because it is based on pattern recognition and learning technique.

In this survey report we conclude that ANN is very new and effective approach for detection of security vulnerabilities in computer and information technology. Many different architectures and modes are designed and implemented by researchers. The major issue that faced during the implementation of ANN, is selection of input parameters for network. It is necessary to derived and select meaningful attribute for ANN because network are trained from these attributes and store results for future prediction. The other issue for ANN is, selection of learning algorithms. In this survey report we found that most of researchers proposed and adopt the back-propagation learning algorithm with feed-forward neural network. By this technique, error function is reduced. Thus, the approximation for any problem can be easily achieved. By using of suitable activation function we can also minimize the error function.

Future Work

 

As we discussed previous, the ANN is based on previous learning from attributes and provide the future prediction for unknown attributes, so in future work we take dataset known results and train ANN for these dataset. We will design a ANN which is feed-forward in nature. The advantage of feed-forward neural network is that it can minimize the error in on direction. We will adopt the back-propagation learning algorithm for training of ANN. The benefit of BP algorithm is that it can able to learn the network in both forward and backward direction. We also test different activation function on proposed neural network model. After the ANN in learn by learning algorithm, we test the ANN on unknown datasets and verify the network.

 

 

References

  1. Anagun, A. S. (1999). Neural network application for a computer access security system: Keystroke dynamics versus voice patterns. In Intelligent Engineering Systems Through Artificial Neural Networks (Vol. 9, pp. 905–910).
  2. Anagun, A. S. (2002). Designing A Neural Network Based Computer Access Security System: Keystroke Dynamics and/or Voice Patterns. International Journal of Smart Engineering System Design, 4(2), pp. 125–132.
  3. Bhavya Daya. (2013). Network security: History, importance and future. University of Florida Department of Electrical.
  4. Burse, K., Yadav, R., Shrivastava, S., & Kirar, V. (2009), ‘A Compact Pi Network for Reducing Bit Error Rate in Dispersive FIR Channel Noise Model’, World Academy of Science, Engineering and Technology, International Science Index 26, 3(2), 182 – 185.
  5. Burse, K., Manoria, M. & Kirar, V., (2011). Improved Back Propagation Algorithm to Avoid Local Minima in Multiplicative Neuron Model. In V. Das, G. Thomas, & F. Lumban Gaol, eds. Information Technology and Mobile Communication SE-11. Communications in Computer and Information Science. Springer Berlin Heidelberg, pp. 67–73.
  6. Capuano, N., Marsella, M., Miranda, S., & Salerno, S., (1999). User Authentication with Neural Networks. Duch (Ed), Proceedings of The V International Conference on Engineering Applications of Neural Networks, pp. 200-205.
  7. Chen, T., & Zhong, S. (2009). Privacy-preserving backpropagation neural network learning. IEEE Transactions on Neural Networks a Publication of the IEEE Neural Networks Council, 20(10), pp. 1554–64.
  8. Ciaramella, A., D’arco, P., De Santis, A., Galdi, G., & Tagliaferri, R. (2006). Neural Network Techniques for Proactive Password Checking. IEEE Trans. on Dependable and Secure Computing, 3(4), pp. 327-339.
  9. Deng, L., Hinton, G., & Kingsbury, B. (2013). New types of deep neural network learning for speech recognition and related applications: an overview. 2013 IEEE International Conference on Acoustics, Speech and Signal Processing, 8599–8603.
  10. Gollmann, D. (2010). Computer security. Wiley Interdisciplinary Reviews: Computational Statistics, 2(5), pp. 544–554.
  11. Gupta, K. C. (2000). Neural Network Structures. In Neural Networks for RF and Microwave Design, pp. 61–103.
  12. Hansen, L. K., & Salamon, P. (1990). Neural network ensembles. IEEE Transactions on Pattern Analysis and Machine, 12(10), pp. 993–1001.
  13. Igor, H., Bohuslava, J., Martin, J., & Martin, N. (2014). Application of neural networks in computer security. In Procedia Engineering, 69, pp. 1209–1215.
  14. Kalchbrenner, N., Grefenstette, E., & Blunsom, P. (2014). A Convolutional Neural Network for Modelling Sentences. pp. 655–665.
  15. Kamruzzaman, S.M. & Islam, M.M., (2010). An Algorithm to Extract Rules from Artificial Neural Networks for Medical Diagnosis Problems, pp.537-540.
  16. Kirar, V. (2015a). Use of Artificial Neral Network in Medical Diagnosis, University of Bedfordshire.
  17. Kirar, V. (2015b). ‘Artificial Neural Networks for Cognitive Radio Network: A Survey’, World Academy of Science, Engineering and Technology, International Science Index 97, International Journal of Computer, Control, Quantum and Information Engineering, 9(1), 224 – 229.
  18. Kirar, V. (2015c). ‘Improving the Performance of Back-Propagation Training Algorithm by Using ANN’, World Academy of Science, Engineering and Technology, International Science Index 97, International Journal of Computer, Control, Quantum and Information Engineering, 9(1), 187 – 192.
  19. Kizza, J. M. (2013). Guide to Computer Network Security. Guide to Computer Network Security, pp. 545.
  20. Kraemer, S., & Carayon, P. (2007). Human errors and violations in computer and information security: The viewpoint of network administrators and security specialists. Applied Ergonomics, 38(2), 143–154.
  21. Lebtinen, R. (2006). Computer Security Basics. OReilly.
  22. Lee, K. C., Han, I., & Kwon, Y. (1996). Hybrid neural network models for bankruptcy predictions. Decision Support Systems, 18(1 SPEC. ISS.), pp. 63–72.
  23. Li, L., Lin, I., & Hwang, M. (2001). A Remote Password Authentication Scheme for Multiserver Architecture Using Neural Networks. IEEE Transactions on Neural Networks, 12(6), (November 2001), pp. 1498-1504.
  24. Lin, I., Ou, H. & Hwang, M. (2005). A User Authentication System Using Back-Propagation Network. Neural Computing and Applications, 14, pp. 243-249.
  25. Lin, S. (2000). “An Introduction Of Computer Security. Informing Science, (1995), pp. 1–7.
  26. Lirov, Y. (1992). Computer aided neural network engineering. Neural Networks, 5(4), pp. 711–719.
  27. Macchiarolo, D. T. (1993). An On-Line Neural Network System for Computer Access Security. IEEE Transactions on Industrial Electronics, 40(2), pp. 235–242.
  28. Mikolov, T., & Kombrink, S. (2011). Extensions of recurrent neural network language model. Icassp, pp. 5528–5531.
  29. Obaidat, M. S., & Macchairolo, D. T., (1993). An online neural network system for computer access security, in IEEE Transactions on Industrial Electronics, 40(2) pp. 235-242.
  30. Obaidat, M. S., & Macchairolo, D. T. (1994). A multilayer neural network system for computer access security. IEEE Transactions on Systems, Man and Cybernetics, 24(5), pp. 806–813.
  31. Rowley, H. A., Baluja, S., & Kanade, T. (1998). Neural network-based face detection. IEEE Transactions on Pattern Analysis and Machine Intelligence, 20(1), pp. 23–38.
  32. Rutledge, L. S., & Hoffman, L. J. (1986). A survey of issues in computer network security. Computers and Security, 5(4), pp. 296–308.
  33. Santiago Ramón y Cajal, (1911). Histologie du Systeme Nerveux de l’Homme et des Vertebretes, vol. 1 & 2.
  34. Saxena, S., Kirar, V. P. S., Burse, K., (2013). A Polynomial Neural Network Model for Prognosis Breast Cancer Prediction. In International Conference on Advance in Computer Science and Engineering (ICACSE-WARSE). 99-102.
  35. Specht, D. F. (1991). A general regression neural network. Neural Networks, IEEE Transactions on, 2(6), pp. 568–576.
  36. Stallings, W. (2000). Network security essentials: applications and standards. William Stallings books on computer and data communications technology.
  37. Stallings, W. (2006). Cryptography and Network Security. Network Security, 66–74.
  38. White, D., & Rea, A. (2006). A Backpropagation Neural Network for Computer Network Security. Journal of Computer Science, 2(9), pp. 710–715.
  39. Tan, K., (1995). The application of neural networks to UNIX computer security, IEEE International Conference on Neural Networks, 1995, pp. 476-481.
  40. Wang, S. & Wang, H. (2008). Password Authentication Using Hopfield Neural Networks. IEEE Transactions on Systems, Man and Cybernetics, Part C: Applications and Reviews, 38(2), pp. 265-268.
  41. Wilamowski, B. M., & Yu, H. (2010). Neural network learning without backpropagation. IEEE Transactions on Neural Networks / a Publication of the IEEE Neural Networks Council, 21(11), pp. 1793–1803.
  42. Zaremba, W., Sutskever, I., & Vinyals, O. (2014). Recurrent Neural Network Regularization. Icrl.

    Threat 1

    Data Logs from an Unknown Source

    Mitigation

    The data logs that are received from thee unknown sources can be prevented by applying and implementing authentication techniques in the system. The authentication would prevent entry in the logs from unknown sources, and every entry would be accounted for by linking it with the user database.

    Some wildcard checks can also be implemented for mitigation, so that garbage value is not entered in the logs by unknown sources.
     

    Threat 2

    Missing XML Validation

    Mitigation

    The XML database should be validated from the authentic validation sources so that errors and formatting issues can be avoided. This would also avoid database garbage values. To mitigate this issue, the implementation of automatic validation technique, such as w3c site API, can be implemented.
     

    Threat 3

    Data Flow Sniffing

    Mitigation

    The data flow sniffing can be mitigated by installing anti malware tools in the system. As this issue is generally caused by malwares, which are mostly in the form of Trojan Horses, hence, just an installation of the antivirus software or an anti-malware software would mitigate this error.

    The data sent and received from the sources can be pre-encrypted to avoid any leak of information from sniffing, even after installing of the anti-malware software.
     

    Threat 4

    Weak Credential Storage

    Mitigation

    The credentials that are stored on the database should be protected more than the authentication technique itself, to avoid any privacy breach. To mitigate this issue, salt and hash technique can be used to prevent the database. The passwords entered by the user can be hashed and combined with the salt before storing, so that it cannot be reverse engineered into obtaining the actual password.
     

    Threat 5

    Data Store Inaccessible

    Mitigation

    This issue is caused by the DoS or denial of service attack. This issue can be resolved by implementing DoS prevention techniques like wild card implementations in the backend database and connection scripts of the system. The unauthenticated entry could be avoided so that DoS attack can be prevented. The mitigation can also be implemented by blocking the IP address of the attack.