Scalable Approach Towards Discovery of Unknown Vulnerabilities

Of all the hazards confronting enterprise IT systems, zeroday vulnerabilities are among the most harmful. Zero-day vulnerabilities are flaws that leave users exposed to network attacks before a patch or work around is available. Every day an exploit remains unpatched, our risk of a data breach increases dramatically. Only a multi-layered approach that fully integrates with organization's IT defense stands a chance of stopping them. This paper presented a novel hybrid three layer architecture framework for zero-day attack detection and risk level assessment with respect to likelihood of exploits. The first layer of the proposed framework is liable to detect the unknown vulnerability which is based on statistical, signature and behavior based techniques; the second layer focuses on risk measurement; and the third physical layer contains centralized database and centralized server that are used during processing of first two layers. The proposed framework is analyzed in network environment of Vikram University Ujjain, India in order to evaluate the performance; experimental results show detection rate of 89% with 3% false positive rate.

[1]  Umesh Kumar Singh,et al.  Quantitative Security Risk Evaluation using CVSS Metrics by Estimation of Frequency and Maturity of Exploit , 2016 .

[2]  Umesh Kumar Singh,et al.  ZDAR System: Defending Against the Unknown , 2016 .

[3]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[4]  Ruinan Chi Intrusion Detection System Based on Snort , 2014 .

[5]  Maninder Singh,et al.  Efficient hybrid technique for detecting zero-day polymorphic worms , 2014, 2014 IEEE International Advance Computing Conference (IACC).

[6]  Jia Wang,et al.  Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects? , 2008, NDSS.

[7]  Umesh Singh,et al.  A Novel Approach towards Integration of Semantic Web Mining with Link Analysis to Improve the Effectiveness of the Personalized Web , 2015 .

[8]  Umesh Kumar Singh,et al.  Information Security Risk Management Framework for University Computing Environment , 2017, Int. J. Netw. Secur..

[9]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[10]  Umesh Kumar Singh,et al.  Information security risks management framework - A step towards mitigating security risks in university network , 2017, J. Inf. Secur. Appl..

[11]  Maninder Singh,et al.  Automatic Evaluation and Signature Generation Technique for Thwarting Zero-Day Attacks , 2014, SNDS.

[12]  Umesh Singh,et al.  Quantifying Security Risk by Critical Network Vulnerabilities Assessment , 2016 .

[13]  Deris Stiawan,et al.  Penetration Testing and Mitigation of Vulnerabilities Windows Server , 2016, Int. J. Netw. Secur..

[14]  Umesh Kumar Singh,et al.  Zero day Attacks Defense Technique for Protecting System against Unknown Vulnerabilities , 2017 .

[15]  Sencun Zhu,et al.  Improving sensor network immunity under worm attacks: a software diversity approach , 2008, MobiHoc '08.

[16]  Umesh Singh,et al.  Information Security Assessment by Quantifying Risk Level of Network Vulnerabilities , 2016 .

[17]  Vrushank Shah,et al.  An analysis of Network Intrusion Detection System using SNORT , 2013 .

[18]  U. Singh,et al.  Performance Evaluation of Web Application Security Scanners for More Effective Defense , 2016 .