Literature review on trustworthiness of Signature-Based and Anomaly detection in Wireless Networks

Spångberg, Josephine, Mikelinskas, Vainius

January 2023

The internet has become an essential part of most people's daily lives in recent years, and as more devices connect to the internet, the risk of cyber threats increases dramatically. As malware becomes more sophisticated, traditional security prevention measures are becoming less effective at defending from cyber attacks. As a result, Signature Based Detection and Anomaly Detection are two of many advanced techniques that have become crucial to defend against cyber threats such as malware, but even these are sometimes not enough to stop modern cyberattacks. In this literature review the goal is to discuss how trustworthy each of the mentioned malware detection techniques are at detecting malware in wireless networks. The study will measure trustworthiness by looking further into scalability, adaptability and robustness and resource consumption. This study concludes that both anomaly and signature-based malware detection methods exhibit strengths and weaknesses in scalability, robustness, adaptability, and resource consumption. Furthermore, more research is needed and as malware becomes more sophisticated and an increased threat to the world it is an area that is highly relevant.

Cyber threats

Malware

Cyber attacks

Signature Based Detection

Anomaly Detection

Cyber defense

Sophisticated attacks

Modern cyberattacks

malware detection in wireless network

IoT

Computer Sciences

Datavetenskap (datalogi)

Enhancing Network Security through Investigative Traffic Analysis: A Case Study

SUNNY, WINLIYA JEWEL, MOHAN, ANJANA

January 2024

In this time of increasing cyber risks, robust intrusion detection systems (IDS) arefundamentally necessary for protecting network systems. This master thesis compares twoprimary network intrusion detection resources to clarify their effectiveness, advantages, andboundaries. The investigation follows a thorough approach, including reviewing existingliterature, practical experimentation, and assessing their performance. The primary goal revolves around a deeper comprehension of the operational procedures, threatdetection capacity, and scalability of the chosen IDS solutions. Through carefulexperimentation and scrutiny, this study investigates various elements such as detection accuracy, false favorable rates, the usage of resources, and resilience in varied networksituations. Real-life data sets and contrived attack situations are harnessed to measure the proficiency of these tools in identifying both identified and fresh intrusion efforts. Finally, our experimentation did not identify a single optimal tool due to certain imperfections in both evaluated tools. However, these findings were instrumental in concluding the properties that would constitute an ideal tool. In the end, this study propels the forward arena of networksecurity, offering a detailed insight into the capabilities and limitations of day-to-day intrusion detection tools. This study aims to strengthen cybersecurity defenses and nurture improved decision-making capabilities. These efforts mitigate the constantly changing threats caused byharmful entities in our digital world.

intrusion detection system

network traffic analysis

Zeek

Snort

network security

signature-based detection

Computer and Information Sciences

Data- och informationsvetenskap

Computer Engineering

Datorteknik

Engineering and Technology

Teknik och teknologier