Intelligent Detection and Identification of Attacks in IoT Networks Based on the Combination of DNN and LSTM Methods with a Set of Classifiers

Internet of Things (IoT) networks present unique cybersecurity challenges due to their distributed and heterogeneous nature. Our study explores the effectiveness of two types of deep learning models, long-term memory neural networks (LSTMs) and deep neural networks (DNNs), for detecting attacks in IoT networks. We evaluated the performance of six hybrid models combining LSTM or DNN feature extractors with classifiers such as Random Forest, k-Nearest Neighbors and XGBoost. The LSTM-RF and LSTM-XGBoost models showed lower accuracy variability in the face of different types of attack, indicating greater robustness. The LSTM-RF and LSTM-XGBoost models show variability in results, with accuracies between 58% and 99% for attack types, while LSTM-KNN has higher but more variable accuracies, between 72% and 99%. The DNN-RF and DNN-XGBoost models show lower variability in their results, with accuracies between 59% and 99%, while DNN-KNN has higher but more variable accuracies, between 71% and 99%. LSTM-based models are proving to be more effective for detecting attacks in IoT networks, particularly for sophisticated attacks. However, the final choice of model depends on the constraints of the application, taking into account a trade-off between accuracy and complexity.

Cluster DetectionMethod of Endogenous Security Abnormal Attack Behavior in Air Traffic Control Network

In order to enhance the accuracy of Air Traffic Control(ATC)cybersecurity attack detection,in this paper,a new clustering detection method is designed for air traffic control network security attacks.The feature set for ATC cybersecurity attacks is constructed by setting the feature states,adding recursive features,and determining the feature criticality.The expected information gain and entropy of the feature data are computed to determine the information gain of the feature data and reduce the interference of similar feature data.An autoencoder is introduced into the AI(artificial intelligence)algorithm to encode and decode the characteristics of ATC network security attack behavior to reduce the dimensionality of the ATC network security attack behavior data.Based on the above processing,an unsupervised learning algorithm for clustering detection of ATC network security attacks is designed.First,determine the distance between the clustering clusters of ATC network security attack behavior characteristics,calculate the clustering threshold,and construct the initial clustering center.Then,the new average value of all feature objects in each cluster is recalculated as the new cluster center.Second,it traverses all objects in a cluster of ATC network security attack behavior feature data.Finally,the cluster detection of ATC network security attack behavior is completed by the computation of objective functions.The experiment took three groups of experimental attack behavior data sets as the test object,and took the detection rate,false detection rate and recall rate as the test indicators,and selected three similar methods for comparative test.The experimental results show that the detection rate of this method is about 98%,the false positive rate is below 1%,and the recall rate is above 97%.Research shows that this method can improve the detection performance of security attacks in air traffic control network.

Discussion on the application prospect of the transient electromagnetic method based on the dual launcher and mine advanced detection

The dual transmitter implements the equivalent anti-magnetic flux transient electromagnetic method, which can effectively reduce the scope of the transient electromagnetic detection blind area. However, this method is rarely reported in the detection of pipelines in urban geophysical exploration and the application of coal mines. Based on this, this paper realizes the equivalent anti-magnetic flux transient electromagnetic method based on the dual launcher. The suppression effect of this method on the blind area is analyzed by physical simulation. And the detection experiment of underground pipelines is carried out outdoors. The results show that the dual launcher can significantly reduce the turn-off time, thereby effectively reducing the impact of the blind area on the detection results, and the pipeline detection results verify the device’s effectiveness. Finally, based on the ground experimental results, the application prospect of mine advanced detection is discussed. Compared with other detection fields, the formation of blind areas is mainly caused by the equipment. If the dual launcher can be used to reduce the blind area, the accuracy of advanced detection can be improved more effectively. The above research results are of great significance for improving the detection accuracy of the underground transient electromagnetic method.

Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System

The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene.

Effects of Standing Time during Pretreatment on the Nitrite Concentration Detected by Spectrophotometric Method

Food safety problems caused by excessive nitrite addition have been frequently reported and the detection of nitrite in food is particularly important. The standing time during the pretreatment of primary sample has a great influence on the concentration of nitrite tested by spectrophotometric method. In this context, three kinds of food samples are prepared, including canned mustard, canned fish and home-made pickled water. A series of standing times are placed during the sample pretreatments and the corresponding nitrite contents in these samples are detected by spectrophotometric method based on N-ethylenediamine dihydrochloride. This study aims to find out a reasonable standing time during the pretreatment of food sample, providing influence factor for precise detection of nitrite.

Novel cyber-physical collaborative detection and localization method against dynamic load altering attacks in smart energy grids

Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.

A Security Trade-Off Scheme of Anomaly Detection System in IoT to Defend against Data-Tampering Attacks

Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.

CL2ES-KDBC:A Novel Covariance Embedded Selection Based on Kernel Distributed Bayes Classifier for Detection of Cyber-Attacks in IoT Systems

The Internet of Things(IoT)is a growing technology that allows the sharing of data with other devices across wireless networks.Specifically,IoT systems are vulnerable to cyberattacks due to its opennes The proposed work intends to implement a new security framework for detecting the most specific and harmful intrusions in IoT networks.In this framework,a Covariance Linear Learning Embedding Selection(CL2ES)methodology is used at first to extract the features highly associated with the IoT intrusions.Then,the Kernel Distributed Bayes Classifier(KDBC)is created to forecast attacks based on the probability distribution value precisely.In addition,a unique Mongolian Gazellas Optimization(MGO)algorithm is used to optimize the weight value for the learning of the classifier.The effectiveness of the proposed CL2ES-KDBC framework has been assessed using several IoT cyber-attack datasets,The obtained results are then compared with current classification methods regarding accuracy(97%),precision(96.5%),and other factors.Computational analysis of the CL2ES-KDBC system on IoT intrusion datasets is performed,which provides valuable insight into its performance,efficiency,and suitability for securing IoT networks.

A Novel Intrusion Detection Model of Unknown Attacks Using Convolutional Neural Networks

With the increasing number of connected devices in the Internet of Things(IoT)era,the number of intrusions is also increasing.An intrusion detection system(IDS)is a secondary intelligent system for monitoring,detecting and alerting against malicious activity.IDS is important in developing advanced security models.This study reviews the importance of various techniques,tools,and methods used in IoT detection and/or prevention systems.Specifically,it focuses on machine learning(ML)and deep learning(DL)techniques for IDS.This paper proposes an accurate intrusion detection model to detect traditional and new attacks on the Internet of Vehicles.To speed up the detection of recent attacks,the proposed network architecture developed at the data processing layer is incorporated with a convolutional neural network(CNN),which performs better than a support vector machine(SVM).Processing data are enhanced using the synthetic minority oversampling technique to ensure learning accuracy.The nearest class mean classifier is applied during the testing phase to identify new attacks.Experimental results using the AWID dataset,which is one of the most common open intrusion detection datasets,revealed a higher detection accuracy(94%)compared to SVM and random forest methods.

Research Progress of Detection Methods for Microplastics

Microplastics are plastic particles or fibers with a diameter of less than 5 mm,and they widely exist in the environment and pose potential risks to the ecosystem and human health.Microplastics detection can provide basic data for formulating effective environmental protection strategies.In this paper,the physical,chemical and biological detection methods of microplastics are reviewed,and the advantages and disadvantages of different methods are analyzed.The problems and challenges encountered in microplastics detection are analyzed,and the future research is discussed.

Advances in Research of Collection and Detection Methods of Microplastics in Environment

As a new type of environmental pollutants,microplastics have gradually attracted people's attention.A large number of plastics discharged into the environment by human beings are constantly aging and breaking,and finally become microplastics.Microplastics can adsorb pollutants in the environment,and their components have certain toxicity,which can cause different degrees of harm to organisms.Due to the structural characteristics of microplastic particles,such as small particle size,large specific surface area,and their distribution in different environmental media,it is very difficult to accurately detect microplastics.Reliable collection and detection methods are the key to the study of environmental behavior of microplastics.In this study,the collection and detection methods of microplastics in the environment were reviewed,and the development direction of microplastics detection technology in the future was prospected.This study has a certain reference value for the related research and the prevention and treatment of micro-plastic pollution.

Application Research of Sonar Detection Method in Melting Exploration at the Bottom of Piles

Karst landforms are widely distributed in China,and are most common in Yunnan,Guizhou and Guangxi.If the development of karst caves at the bottom of the piles cannot be accurately ascertained before the construction of bridge pile foundations,accidents such as hole collapse,slurry leakage,and drill sticking will easily occur.In this paper,the principle and method of sonar detection for detecting karst caves at the bottom of bridge piles was introduced,and the sonar detection data and the cave situation at the bottom of the pile during the construction process in combination with the case of Yunnan Zhenguo Highway Project was analyzed,which verifies the practicability and reliability of sonar detection method reliability.

Improving Transferable Targeted Adversarial Attack for Object Detection Using RCEN Framework and Logit Loss Optimization

Object detection finds wide application in various sectors,including autonomous driving,industry,and healthcare.Recent studies have highlighted the vulnerability of object detection models built using deep neural networks when confronted with carefully crafted adversarial examples.This not only reveals their shortcomings in defending against malicious attacks but also raises widespread concerns about the security of existing systems.Most existing adversarial attack strategies focus primarily on image classification problems,failing to fully exploit the unique characteristics of object detectionmodels,thus resulting in widespread deficiencies in their transferability.Furthermore,previous research has predominantly concentrated on the transferability issues of non-targeted attacks,whereas enhancing the transferability of targeted adversarial examples presents even greater challenges.Traditional attack techniques typically employ cross-entropy as a loss measure,iteratively adjusting adversarial examples to match target categories.However,their inherent limitations restrict their broad applicability and transferability across different models.To address the aforementioned challenges,this study proposes a novel targeted adversarial attack method aimed at enhancing the transferability of adversarial samples across object detection models.Within the framework of iterative attacks,we devise a new objective function designed to mitigate consistency issues arising from cumulative noise and to enhance the separation between target and non-target categories(logit margin).Secondly,a data augmentation framework incorporating random erasing and color transformations is introduced into targeted adversarial attacks.This enhances the diversity of gradients,preventing overfitting to white-box models.Lastly,perturbations are applied only within the specified object’s bounding box to reduce the perturbation range,enhancing attack stealthiness.Experiments were conducted on the Microsoft Common Objects in Context(MS COCO)dataset using You Only Look Once version 3(YOLOv3),You Only Look Once version 8(YOLOv8),Faster Region-based Convolutional Neural Networks(Faster R-CNN),and RetinaNet.The results demonstrate a significant advantage of the proposed method in black-box settings.Among these,the success rate of RetinaNet transfer attacks reached a maximum of 82.59%.

An Erebus Attack Detection Method Oriented to Blockchain Network Layer

Recently,the Erebus attack has proved to be a security threat to the blockchain network layer,and the existing research has faced challenges in detecting the Erebus attack on the blockchain network layer.The cloud-based active defense and one-sidedness detection strategies are the hindrances in detecting Erebus attacks.This study designs a detection approach by establishing a ReliefF_WMRmR-based two-stage feature selection algorithm and a deep learning-based multimodal classification detection model for Erebus attacks and responding to security threats to the blockchain network layer.The goal is to improve the performance of Erebus attack detection methods,by combining the traffic behavior with the routing status based on multimodal deep feature learning.The traffic behavior and routing status were first defined and used to describe the attack characteristics at diverse stages of s leak monitoring,hidden traffic overlay,and transaction identity forgery.The goal is to clarify how an Erebus attack affects the routing transfer and traffic state on the blockchain network layer.Consequently,detecting objects is expected to become more relevant and sensitive.A two-stage feature selection algorithm was designed based on ReliefF and weighted maximum relevance minimum redundancy(ReliefF_WMRmR)to alleviate the overfitting of the training model caused by redundant information and noise in multiple source features of the routing status and traffic behavior.The ReliefF algorithm was introduced to select strong correlations and highly informative features of the labeled data.According to WMRmR,a feature selection framework was defined to eliminate weakly correlated features,eliminate redundant information,and reduce the detection overhead of the model.A multimodal deep learning model was constructed based on the multilayer perceptron(MLP)to settle the high false alarm rates incurred by multisource data.Using this model,isolated inputs and deep learning were conducted on the selected routing status and traffic behavior.Redundant intermodal information was removed because of the complementarity of the multimodal network,which was followed by feature fusion and output feature representation to boost classification detection precision.The experimental results demonstrate that the proposed method can detect features,such as traffic data,at key link nodes and route messages in a real blockchain network environment.Additionally,the model can detect Erebus attacks effectively.This study provides novelty to the existing Erebus attack detection by increasing the accuracy detection by 1.05%,the recall rate by 2.01%,and the F1-score by 2.43%.

Artificial Immune Detection for Network Intrusion Data Based on Quantitative Matching Method

Artificial immune detection can be used to detect network intrusions in an adaptive approach and proper matching methods can improve the accuracy of immune detection methods.This paper proposes an artificial immune detection model for network intrusion data based on a quantitative matching method.The proposed model defines the detection process by using network data and decimal values to express features and artificial immune mechanisms are simulated to define immune elements.Then,to improve the accuracy of similarity calculation,a quantitative matching method is proposed.The model uses mathematical methods to train and evolve immune elements,increasing the diversity of immune recognition and allowing for the successful detection of unknown intrusions.The proposed model’s objective is to accurately identify known intrusions and expand the identification of unknown intrusions through signature detection and immune detection,overcoming the disadvantages of traditional methods.The experiment results show that the proposed model can detect intrusions effectively.It has a detection rate of more than 99.6%on average and a false alarm rate of 0.0264%.It outperforms existing immune intrusion detection methods in terms of comprehensive detection performance.

MaliFuzz:Adversarial Malware Detection Model for Defending Against Fuzzing Attack

With the prevalence of machine learning in malware defense,hackers have tried to attack machine learning models to evade detection.It is generally difficult to explore the details of malware detection models,hackers can adopt fuzzing attack to manipulate the features of the malware closer to benign programs on the premise of retaining their functions.In this paper,attack and defense methods on malware detection models based on machine learning algorithms were studied.Firstly,we designed a fuzzing attack method by randomly modifying features to evade detection.The fuzzing attack can effectively descend the accuracy of machine learning model with single feature.Then an adversarial malware detection model MaliFuzz is proposed to defend fuzzing attack.Different from the ordinary single feature detection model,the combined features by static and dynamic analysis to improve the defense ability are used.The experiment results show that the adversarial malware detection model with combined features can deal with the attack.The methods designed in this paper have great significance in improving the security of malware detection models and have good application prospects.

Establishment of Reverse-transcription Loopmediated Isothermal Amplification Method for Detection of Wheat Streak Mosaic Virus

A reverse-transcription loop-mediated isothermal amplification （RT-LAMP） method was established for the detection of wheat streak mosaic virus （WSMV）. Ac-cording to the conservative regions of the genes that encode the coat protein of WSMV, 2 pairs of primers were designed. Final y, the 1st pair of primers was select-ed through the specificity test. The sensitivity test showed the sensitivity of RT-LAMP method was 10 times higher than that of RT-PCR. In addition, the amplifica-tion of target gene could be judged visual y from the presence of fluorescence （cal-cein） in the final reaction system. The RT-LAMP method, established in this study, was rapid, easy, specific and sensitive. Moreover, it did not require sophisticated equip-ment. The RT-LAMP was suitable for the rapid detection of WSMV.

Digital Text Document Watermarking Based Tampering Attack Detection via Internet

Owing to the rapid increase in the interchange of text information through internet networks,the reliability and security of digital content are becoming a major research problem.Tampering detection,Content authentication,and integrity verification of digital content interchanged through the Internet were utilized to solve a major concern in information and communication technologies.The authors’difficulties were tampering detection,authentication,and integrity verification of the digital contents.This study develops an Automated Data Mining based Digital Text Document Watermarking for Tampering Attack Detection(ADMDTW-TAD)via the Internet.The DM concept is exploited in the presented ADMDTW-TAD technique to identify the document’s appropriate characteristics to embed larger watermark information.The presented secure watermarking scheme intends to transmit digital text documents over the Internet securely.Once the watermark is embedded with no damage to the original document,it is then shared with the destination.The watermark extraction process is performed to get the original document securely.The experimental validation of the ADMDTW-TAD technique is carried out under varying levels of attack volumes,and the outcomes were inspected in terms of different measures.The simulation values indicated that the ADMDTW-TAD technique improved performance over other models.

Posture Detection of Heart Disease Using Multi-Head Attention Vision Hybrid(MHAVH)Model

Cardiovascular disease is the leading cause of death globally.This disease causes loss of heart muscles and is also responsible for the death of heart cells,sometimes damaging their functionality.A person’s life may depend on receiving timely assistance as soon as possible.Thus,minimizing the death ratio can be achieved by early detection of heart attack(HA)symptoms.In the United States alone,an estimated 610,000 people die fromheart attacks each year,accounting for one in every four fatalities.However,by identifying and reporting heart attack symptoms early on,it is possible to reduce damage and save many lives significantly.Our objective is to devise an algorithm aimed at helping individuals,particularly elderly individuals living independently,to safeguard their lives.To address these challenges,we employ deep learning techniques.We have utilized a vision transformer(ViT)to address this problem.However,it has a significant overhead cost due to its memory consumption and computational complexity because of scaling dot-product attention.Also,since transformer performance typically relies on large-scale or adequate data,adapting ViT for smaller datasets is more challenging.In response,we propose a three-in-one steam model,theMulti-Head Attention Vision Hybrid(MHAVH).Thismodel integrates a real-time posture recognition framework to identify chest pain postures indicative of heart attacks using transfer learning techniques,such as ResNet-50 and VGG-16,renowned for their robust feature extraction capabilities.By incorporatingmultiple heads into the vision transformer to generate additional metrics and enhance heart-detection capabilities,we leverage a 2019 posture-based dataset comprising RGB images,a novel creation by the author that marks the first dataset tailored for posture-based heart attack detection.Given the limited online data availability,we segmented this dataset into gender categories(male and female)and conducted testing on both segmented and original datasets.The training accuracy of our model reached an impressive 99.77%.Upon testing,the accuracy for male and female datasets was recorded at 92.87%and 75.47%,respectively.The combined dataset accuracy is 93.96%,showcasing a commendable performance overall.Our proposed approach demonstrates versatility in accommodating small and large datasets,offering promising prospects for real-world applications.

Impact of climate change and human activities on the spatiotemporal dynamics of surface water area in Gansu Province, China

Understanding the dynamics of surface water area and their drivers is crucial for human survival and ecosystem stability in inland arid and semi-arid areas.This study took Gansu Province,China,a typical area with complex terrain and variable climate,as the research subject.Based on Google Earth Engine,we used Landsat data and the Open-surface Water Detection Method with Enhanced Impurity Control method to monitor the spatiotemporal dynamics of surface water area in Gansu Province from 1985 to 2022,and quantitatively analyzed the main causes of regional differences in surface water area.The findings revealed that surface water area in Gansu Province expanded by 406.88 km2 from 1985 to 2022.Seasonal surface water area exhibited significant fluctuations,while permanent surface water area showed a steady increase.Notably,terrestrial water storage exhibited a trend of first decreasing and then increasing,correlated with the dynamics of surface water area.Climate change and human activities jointly affected surface hydrological processes,with the impact of climate change being slightly higher than that of human activities.Spatially,climate change affected the'source'of surface water to a greater extent,while human activities tended to affect the'destination'of surface water.Challenges of surface water resources faced by inland arid and semi-arid areas like Gansu Province are multifaceted.Therefore,we summarized the surface hydrology patterns typical in inland arid and semi-arid areas and tailored surface water'supply-demand'balance strategies.The study not only sheds light on the dynamics of surface water area in Gansu Province,but also offers valuable insights for ecological protection and surface water resource management in inland arid and semi-arid areas facing water scarcity.