A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a...A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.展开更多
Malicious attacks against data are unavoidable in the interconnected,open and shared Energy Internet(EI),Intrusion tolerant techniques are critical to the data security of EI.Existing intrusion tolerant techniques suf...Malicious attacks against data are unavoidable in the interconnected,open and shared Energy Internet(EI),Intrusion tolerant techniques are critical to the data security of EI.Existing intrusion tolerant techniques suffered from problems such as low adaptability,policy lag,and difficulty in determining the degree of tolerance.To address these issues,we propose a novel adaptive intrusion tolerance model based on game theory that enjoys two-fold ideas:(1)it constructs an improved replica of the intrusion tolerance model of the dynamic equation evolution game to induce incentive weights;and (2)it combines a tournament competition model with incentive weights to obtain optimal strategies for each stage of the game process.Extensive experiments are conducted in the IEEE 39-bus system,whose results demonstrate the feasibility of the incentive weights,confirm the proposed strategy strengthens the system’s ability to tolerate aggression,and improves the dynamic adaptability and response efficiency of the aggression-tolerant system in the case of limited resources.展开更多
A large number of network security breaches in IoT networks have demonstrated the unreliability of current Network Intrusion Detection Systems(NIDSs).Consequently,network interruptions and loss of sensitive data have ...A large number of network security breaches in IoT networks have demonstrated the unreliability of current Network Intrusion Detection Systems(NIDSs).Consequently,network interruptions and loss of sensitive data have occurred,which led to an active research area for improving NIDS technologies.In an analysis of related works,it was observed that most researchers aim to obtain better classification results by using a set of untried combinations of Feature Reduction(FR)and Machine Learning(ML)techniques on NIDS datasets.However,these datasets are different in feature sets,attack types,and network design.Therefore,this paper aims to discover whether these techniques can be generalised across various datasets.Six ML models are utilised:a Deep Feed Forward(DFF),Convolutional Neural Network(CNN),Recurrent Neural Network(RNN),Decision Tree(DT),Logistic Regression(LR),and Naive Bayes(NB).The accuracy of three Feature Extraction(FE)algorithms is detected;Principal Component Analysis(PCA),Auto-encoder(AE),and Linear Discriminant Analysis(LDA),are evaluated using three benchmark datasets:UNSW-NB15,ToN-IoT and CSE-CIC-IDS2018.Although PCA and AE algorithms have been widely used,the determination of their optimal number of extracted dimensions has been overlooked.The results indicate that no clear FE method or ML model can achieve the best scores for all datasets.The optimal number of extracted dimensions has been identified for each dataset,and LDA degrades the performance of the ML models on two datasets.The variance is used to analyse the extracted dimensions of LDA and PCA.Finally,this paper concludes that the choice of datasets significantly alters the performance of the applied techniques.We believe that a universal(benchmark)feature set is needed to facilitate further advancement and progress of research in this field.展开更多
To solve the problem of poor detection and limited application range of current intrusion detection methods,this paper attempts to use deep learning neural network technology to study a new type of intrusion detection...To solve the problem of poor detection and limited application range of current intrusion detection methods,this paper attempts to use deep learning neural network technology to study a new type of intrusion detection method.Hence,we proposed an intrusion detection algorithm based on convolutional neural network(CNN)and AdaBoost algorithm.This algorithm uses CNN to extract the characteristics of network traffic data,which is particularly suitable for the analysis of continuous and classified attack data.The AdaBoost algorithm is used to classify network attack data that improved the detection effect of unbalanced data classification.We adopt the UNSW-NB15 dataset to test of this algorithm in the PyCharm environment.The results show that the detection rate of algorithm is99.27%and the false positive rate is lower than 0.98%.Comparative analysis shows that this algorithm has advantages over existing methods in terms of detection rate and false positive rate for small proportion of attack data.展开更多
The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during the...The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during these situations.Also,the security issues in the Internet of Medical Things(IoMT)used in these service,make the situation even more critical because cyberattacks on the medical devices might cause treatment delays or clinical failures.Hence,services in the healthcare ecosystem need rapid,uninterrupted,and secure facilities.The solution provided in this research addresses security concerns and services availability for patients with critical health in remote areas.This research aims to develop an intelligent Software Defined Networks(SDNs)enabled secure framework for IoT healthcare ecosystem.We propose a hybrid of machine learning and deep learning techniques(DNN+SVM)to identify network intrusions in the sensor-based healthcare data.In addition,this system can efficiently monitor connected devices and suspicious behaviours.Finally,we evaluate the performance of our proposed framework using various performance metrics based on the healthcare application scenarios.the experimental results show that the proposed approach effectively detects and mitigates attacks in the SDN-enabled IoT networks and performs better that other state-of-art-approaches.展开更多
With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(...With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(IDS).However,both unsupervised and semisupervised anomalous traffic detection methods suffer from the drawback of ignoring potential correlations between features,resulting in an analysis that is not an optimal set.Therefore,in order to extract more representative traffic features as well as to improve the accuracy of traffic identification,this paper proposes a feature dimensionality reduction method combining principal component analysis and Hotelling’s T^(2) and a multilayer convolutional bidirectional long short-term memory(MSC_BiLSTM)classifier model for network traffic intrusion detection.This method reduces the parameters and redundancy of the model by feature extraction and extracts the dependent features between the data by a bidirectional long short-term memory(BiLSTM)network,which fully considers the influence between the before and after features.The network traffic is first characteristically downscaled by principal component analysis(PCA),and then the downscaled principal components are used as input to Hotelling’s T^(2) to compare the differences between groups.For datasets with outliers,Hotelling’s T^(2) can help identify the groups where the outliers are located and quantitatively measure the extent of the outliers.Finally,a multilayer convolutional neural network and a BiLSTM network are used to extract the spatial and temporal features of network traffic data.The empirical consequences exhibit that the suggested approach in this manuscript attains superior outcomes in precision,recall and F1-score juxtaposed with the prevailing techniques.The results show that the intrusion detection accuracy,precision,and F1-score of the proposed MSC_BiLSTM model for the CIC-IDS 2017 dataset are 98.71%,95.97%,and 90.22%.展开更多
Taking the Paleogene Shahejie Formation in Nanpu sag of Bohai Bay Basin as an example,this study comprehensively utilizes seismic,mud logging,well logging,physical property analysis and core thin section data to inves...Taking the Paleogene Shahejie Formation in Nanpu sag of Bohai Bay Basin as an example,this study comprehensively utilizes seismic,mud logging,well logging,physical property analysis and core thin section data to investigate the metamorphic reservoir formed by contact metamorphism after igneous rock intrusion.(1)A geological model of the igneous intrusion contact met amorphic system is proposed,which can be divided into five structural layers vertically:the intrusion,upper metamorphic aureole,lower metamorphic aureole,normal sedimentary layers on the roof and floor.(2)The intrusion is characterized by xenoliths indicating intrusive facies at the top,regular changes in rock texture and mineral crystallization from the center to the edge on a microscopic scale,and low-angle oblique penetrations of the intrusion through sedimentary strata on a macroscopic scale.The metamorphic aureole has characteristics such as sedimentary rocks as the host rock,typical palimpsest textures developed,various low-temperature thermal metamorphic minerals developed,and medium-low grade thermal metamorphic rocks as the lithology.(3)The reservoir in contact metamorphic aureole has two types of reservoir spaces:matrix pores and fractures.The matrix pores are secondary"intergranular pores"distributed around metamorphic minerals after thermal metamorphic transformation in metasandstones.The fractures are mainly structural fractures and intrusive compressive fractures in metamudstones.The reservoirs generally have three spatial distribution characteristics:layered,porphyritic and hydrocarbon impregnation along fracture.(4)The distribution of reservoirs in the metamorphic aureole is mainly controlled by the intensity of thermal baking.Furthermore,the distribution of favorable reservoirs is controlled by the coupling of favorable lithofacies and thermal contact metamorphism,intrusive compression and hydrothermal dissolution.The proposal and application of the geological model of the intrusion contact metamorphic system are expected to promote the discovery of exploration targets of contact metamorphic rock in Nanpu sag,and provide a reference for the study and exploration of deep contact metamorphic rock reservoirs in the Bohai Bay Basin.展开更多
In recent years,frequent network attacks have highlighted the importance of efficient detection methods for ensuring cyberspace security.This paper presents a novel intrusion detection system consisting of a data prep...In recent years,frequent network attacks have highlighted the importance of efficient detection methods for ensuring cyberspace security.This paper presents a novel intrusion detection system consisting of a data prepro-cessing stage and a deep learning model for accurately identifying network attacks.We have proposed four deep neural network models,which are constructed using architectures such as Convolutional Neural Networks(CNN),Bi-directional Long Short-Term Memory(BiLSTM),Bidirectional Gate Recurrent Unit(BiGRU),and Attention mechanism.These models have been evaluated for their detection performance on the NSL-KDD dataset.To enhance the compatibility between the data and the models,we apply various preprocessing techniques and employ the particle swarm optimization algorithm to perform feature selection on the NSL-KDD dataset,resulting in an optimized feature subset.Moreover,we address class imbalance in the dataset using focal loss.Finally,we employ the BO-TPE algorithm to optimize the hyperparameters of the four models,maximizing their detection performance.The test results demonstrate that the proposed model is capable of extracting the spatiotemporal features of network traffic data effectively.In binary and multiclass experiments,it achieved accuracy rates of 0.999158 and 0.999091,respectively,surpassing other state-of-the-art methods.展开更多
Typhoons in the western Pacific have a significant impact on the transport of heat,salt and particles through the Luzon Strait.However,there are very limited field observations of this impact because of extreme diffic...Typhoons in the western Pacific have a significant impact on the transport of heat,salt and particles through the Luzon Strait.However,there are very limited field observations of this impact because of extreme difficulties and even dangers for ship-based measurements during the rough weather.Here,we present the preliminary results from analyzing a dataset collected by a glider deployed west of the Luzon Strait a few days prior to the arrival of typhoon MITAG.The gilder data revealed an abnormally salinity(>34.8)subsurface water apparently sourced from Kuroshio intrusion during the typhoon.When typhoon MITAG traveled on the east of the Luzon Strait,the positive wind stress curl strengthened the cyclonic eddy and weakened the anti-cyclonic eddy.This led to a slowdown of Kuroshio and made its intrusion easier.The main axis of the Kuroshio at the northern part of the strait shifted westward after the typhoon and did not return to its original position until a week later.The Ekman transport from persistent northerly wind of typhoon MITAG was significant,but its importance in enhancing the Kuroshio intrusion is only secondary relative to the eddies variations.展开更多
Intrusion detection is a predominant task that monitors and protects the network infrastructure.Therefore,many datasets have been published and investigated by researchers to analyze and understand the problem of intr...Intrusion detection is a predominant task that monitors and protects the network infrastructure.Therefore,many datasets have been published and investigated by researchers to analyze and understand the problem of intrusion prediction and detection.In particular,the Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD)is an extensively used benchmark dataset for evaluating intrusion detection systems(IDSs)as it incorporates various network traffic attacks.It is worth mentioning that a large number of studies have tackled the problem of intrusion detection using machine learning models,but the performance of these models often decreases when evaluated on new attacks.This has led to the utilization of deep learning techniques,which have showcased significant potential for processing large datasets and therefore improving detection accuracy.For that reason,this paper focuses on the role of stacking deep learning models,including convolution neural network(CNN)and deep neural network(DNN)for improving the intrusion detection rate of the NSL-KDD dataset.Each base model is trained on the NSL-KDD dataset to extract significant features.Once the base models have been trained,the stacking process proceeds to the second stage,where a simple meta-model has been trained on the predictions generated from the proposed base models.The combination of the predictions allows the meta-model to distinguish different classes of attacks and increase the detection rate.Our experimental evaluations using the NSL-KDD dataset have shown the efficacy of stacking deep learning models for intrusion detection.The performance of the ensemble of base models,combined with the meta-model,exceeds the performance of individual models.Our stacking model has attained an accuracy of 99%and an average F1-score of 93%for the multi-classification scenario.Besides,the training time of the proposed ensemble model is lower than the training time of benchmark techniques,demonstrating its efficiency and robustness.展开更多
The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and th...The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and threats.Many interesting Intrusion Detection Systems(IDSs)are presented based on machine learning(ML)techniques to overcome this problem.Given the resource limitations of fog computing environments,a lightweight IDS is essential.This paper introduces a hybrid deep learning(DL)method that combines convolutional neural networks(CNN)and long short-term memory(LSTM)to build an energy-aware,anomaly-based IDS.We test this system on a recent dataset,focusing on reducing overhead while maintaining high accuracy and a low false alarm rate.We compare CICIoT2023,KDD-99 and NSL-KDD datasets to evaluate the performance of the proposed IDS model based on key metrics,including latency,energy consumption,false alarm rate and detection rate metrics.Our findings show an accuracy rate over 92%and a false alarm rate below 0.38%.These results demonstrate that our system provides strong security without excessive resource use.The practicality of deploying IDS with limited resources is demonstrated by the successful implementation of IDS functionality on a Raspberry Pi acting as a Fog node.The proposed lightweight model,with a maximum power consumption of 6.12 W,demonstrates its potential to operate effectively on energy-limited devices such as low-power fog nodes or edge devices.We prioritize energy efficiency whilemaintaining high accuracy,distinguishing our scheme fromexisting approaches.Extensive experiments demonstrate a significant reduction in false positives,ensuring accurate identification of genuine security threats while minimizing unnecessary alerts.展开更多
With the rapid development of the Internet,network security and data privacy are increasingly valued.Although classical Network Intrusion Detection System(NIDS)based on Deep Learning(DL)models can provide good detecti...With the rapid development of the Internet,network security and data privacy are increasingly valued.Although classical Network Intrusion Detection System(NIDS)based on Deep Learning(DL)models can provide good detection accuracy,but collecting samples for centralized training brings the huge risk of data privacy leakage.Furthermore,the training of supervised deep learning models requires a large number of labeled samples,which is usually cumbersome.The“black-box”problem also makes the DL models of NIDS untrustworthy.In this paper,we propose a trusted Federated Learning(FL)Traffic IDS method called FL-TIDS to address the above-mentioned problems.In FL-TIDS,we design an unsupervised intrusion detection model based on autoencoders that alleviates the reliance on marked samples.At the same time,we use FL for model training to protect data privacy.In addition,we design an improved SHAP interpretable method based on chi-square test to perform interpretable analysis of the trained model.We conducted several experiments to evaluate the proposed FL-TIDS.We first determine experimentally the structure and the number of neurons of the unsupervised AE model.Secondly,we evaluated the proposed method using the UNSW-NB15 and CICIDS2017 datasets.The exper-imental results show that the unsupervised AE model has better performance than the other 7 intrusion detection models in terms of precision,recall and f1-score.Then,federated learning is used to train the intrusion detection model.The experimental results indicate that the model is more accurate than the local learning model.Finally,we use an improved SHAP explainability method based on Chi-square test to analyze the explainability.The analysis results show that the identification characteristics of the model are consistent with the attack characteristics,and the model is reliable.展开更多
The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accide...The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accident prevention,cost reduction,and enhanced traffic regularity.Despite these benefits,IoV technology is susceptible to cyber-attacks,which can exploit vulnerabilities in the vehicle network,leading to perturbations,disturbances,non-recognition of traffic signs,accidents,and vehicle immobilization.This paper reviews the state-of-the-art achievements and developments in applying Deep Transfer Learning(DTL)models for Intrusion Detection Systems in the Internet of Vehicles(IDS-IoV)based on anomaly detection.IDS-IoV leverages anomaly detection through machine learning and DTL techniques to mitigate the risks posed by cyber-attacks.These systems can autonomously create specific models based on network data to differentiate between regular traffic and cyber-attacks.Among these techniques,transfer learning models are particularly promising due to their efficacy with tagged data,reduced training time,lower memory usage,and decreased computational complexity.We evaluate DTL models against criteria including the ability to transfer knowledge,detection rate,accurate analysis of complex data,and stability.This review highlights the significant progress made in the field,showcasing how DTL models enhance the performance and reliability of IDS-IoV systems.By examining recent advancements,we provide insights into how DTL can effectively address cyber-attack challenges in IoV environments,ensuring safer and more efficient transportation networks.展开更多
The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device has...The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device hascaught the attention of cyber hackers, as it provides them with expanded avenues to access valuable data. Thishas resulted in a myriad of security challenges, including information leakage, malware propagation, and financialloss, among others. Consequently, developing an intrusion detection system to identify both active and potentialintrusion traffic in IoT networks is of paramount importance. In this paper, we propose ResNeSt-biGRU, a practicalintrusion detection model that combines the strengths of ResNeSt, a variant of Residual Neural Network, andbidirectionalGated RecurrentUnitNetwork (biGRU).Our ResNeSt-biGRUframework diverges fromconventionalintrusion detection systems (IDS) by employing this dual-layeredmechanism that exploits the temporal continuityand spatial feature within network data streams, a methodological innovation that enhances detection accuracy.In conjunction with this, we introduce the PreIoT dataset, a compilation of prevalent IoT network behaviors, totrain and evaluate IDSmodels with a focus on identifying potential intrusion traffics. The effectiveness of proposedscheme is demonstrated through testing, wherein it achieved an average accuracy of 99.90% on theN-BaIoT datasetas well as on the PreIoT dataset and 94.45% on UNSW-NB15 dataset. The outcomes of this research reveal thepotential of ResNeSt-biGRU to bolster security measures, diminish intrusion-related vulnerabilities, and preservethe overall security of IoT ecosystems.展开更多
The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Gener...The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.展开更多
More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.T...More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.This paper examines a cyber-attack prediction system combining feature selection(FS)and ML.Our technique’s foundation was based on Correlation Analysis(CA),Mutual Information(MI),and recursive feature reduction with cross-validation.To optimize the IDS performance,the security features must be carefully selected from multiple-dimensional datasets,and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets.Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT.We evaluated prediction using seven ML methods:Decision Tree(DT),Random Forest(RF),Logistic Regression(LR),Naive Bayes(NB),K-Nearest Neighbors(KNN),Support Vector Machines(SVM),and Multilayer Perceptron(MLP)classifiers.The DT,RF,NB,and MLP classifiers helped our model surpass the competition on both datasets.Therefore,the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.展开更多
This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intr...This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.展开更多
In the Saloum region of central-western Senegal, water needs are essentially met by tapping an underground aquifer associated with the sandy-clay formations of the Continental Terminal, in contact with both the ocean ...In the Saloum region of central-western Senegal, water needs are essentially met by tapping an underground aquifer associated with the sandy-clay formations of the Continental Terminal, in contact with both the ocean to the west and the highly saline waters of the Saloum River to the north. In this estuarine and deltaic zone with its very low relief, the hydraulic loads in the water tables are generally close to zero or even negative, creating a reversal of the natural flow and encouraging saline intrusion into this system, which makes it very vulnerable. This study concerns the implementation of a numerical model of saline intrusion to provide a better understanding of the vulnerability of the water table by analyzing the variability of the freshwater/saltwater interface. The Modflow-2005 code is used to simulate saline intrusion using the SWI2 module, coupled with the GRASS (Geographic Resources Analysis Support System) software under the Linux operating system with the steep interface approach. The probable expansion of the wedge is studied in three scenarios, taking into account its position relative to the bedrock at 1 m, 5 m and 10 m. Simulations carried out under imposed potential and river conditions, based on variations in groundwater reserves using two effective porosity values, 10−1 and 10−2, show that the water table is highly vulnerable in the northwest sector. The probable expansion of the wedge increases as the storage coefficient decreases and is more marked with river conditions in the areas surrounding the Saloum River, reaching 6 km with a probability of 1. The probability of the wedge reaching a certain degree of expansion decreases from 1 to 0.5, and then cancels out as it moves inland. The probable position of the wedge is limited to 500 m or even 1 km depending on the corner around the coast to the southwest and in the southern zone. This modelling, carried out under natural conditions, will be developed further, taking into account climatic parameters and pumping from wells and boreholes.展开更多
The rapid growth of Internet of Things(IoT)devices has brought numerous benefits to the interconnected world.However,the ubiquitous nature of IoT networks exposes them to various security threats,including anomaly int...The rapid growth of Internet of Things(IoT)devices has brought numerous benefits to the interconnected world.However,the ubiquitous nature of IoT networks exposes them to various security threats,including anomaly intrusion attacks.In addition,IoT devices generate a high volume of unstructured data.Traditional intrusion detection systems often struggle to cope with the unique characteristics of IoT networks,such as resource constraints and heterogeneous data sources.Given the unpredictable nature of network technologies and diverse intrusion methods,conventional machine-learning approaches seem to lack efficiency.Across numerous research domains,deep learning techniques have demonstrated their capability to precisely detect anomalies.This study designs and enhances a novel anomaly-based intrusion detection system(AIDS)for IoT networks.Firstly,a Sparse Autoencoder(SAE)is applied to reduce the high dimension and get a significant data representation by calculating the reconstructed error.Secondly,the Convolutional Neural Network(CNN)technique is employed to create a binary classification approach.The proposed SAE-CNN approach is validated using the Bot-IoT dataset.The proposed models exceed the performance of the existing deep learning approach in the literature with an accuracy of 99.9%,precision of 99.9%,recall of 100%,F1 of 99.9%,False Positive Rate(FPR)of 0.0003,and True Positive Rate(TPR)of 0.9992.In addition,alternative metrics,such as training and testing durations,indicated that SAE-CNN performs better.展开更多
Artificial immune detection can be used to detect network intrusions in an adaptive approach and proper matching methods can improve the accuracy of immune detection methods.This paper proposes an artificial immune de...Artificial immune detection can be used to detect network intrusions in an adaptive approach and proper matching methods can improve the accuracy of immune detection methods.This paper proposes an artificial immune detection model for network intrusion data based on a quantitative matching method.The proposed model defines the detection process by using network data and decimal values to express features and artificial immune mechanisms are simulated to define immune elements.Then,to improve the accuracy of similarity calculation,a quantitative matching method is proposed.The model uses mathematical methods to train and evolve immune elements,increasing the diversity of immune recognition and allowing for the successful detection of unknown intrusions.The proposed model’s objective is to accurately identify known intrusions and expand the identification of unknown intrusions through signature detection and immune detection,overcoming the disadvantages of traditional methods.The experiment results show that the proposed model can detect intrusions effectively.It has a detection rate of more than 99.6%on average and a false alarm rate of 0.0264%.It outperforms existing immune intrusion detection methods in terms of comprehensive detection performance.展开更多
文摘A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.
基金supported by the National Natural Science Foundation of China(Nos.51977113,62293500,62293501 and 62293505).
文摘Malicious attacks against data are unavoidable in the interconnected,open and shared Energy Internet(EI),Intrusion tolerant techniques are critical to the data security of EI.Existing intrusion tolerant techniques suffered from problems such as low adaptability,policy lag,and difficulty in determining the degree of tolerance.To address these issues,we propose a novel adaptive intrusion tolerance model based on game theory that enjoys two-fold ideas:(1)it constructs an improved replica of the intrusion tolerance model of the dynamic equation evolution game to induce incentive weights;and (2)it combines a tournament competition model with incentive weights to obtain optimal strategies for each stage of the game process.Extensive experiments are conducted in the IEEE 39-bus system,whose results demonstrate the feasibility of the incentive weights,confirm the proposed strategy strengthens the system’s ability to tolerate aggression,and improves the dynamic adaptability and response efficiency of the aggression-tolerant system in the case of limited resources.
文摘A large number of network security breaches in IoT networks have demonstrated the unreliability of current Network Intrusion Detection Systems(NIDSs).Consequently,network interruptions and loss of sensitive data have occurred,which led to an active research area for improving NIDS technologies.In an analysis of related works,it was observed that most researchers aim to obtain better classification results by using a set of untried combinations of Feature Reduction(FR)and Machine Learning(ML)techniques on NIDS datasets.However,these datasets are different in feature sets,attack types,and network design.Therefore,this paper aims to discover whether these techniques can be generalised across various datasets.Six ML models are utilised:a Deep Feed Forward(DFF),Convolutional Neural Network(CNN),Recurrent Neural Network(RNN),Decision Tree(DT),Logistic Regression(LR),and Naive Bayes(NB).The accuracy of three Feature Extraction(FE)algorithms is detected;Principal Component Analysis(PCA),Auto-encoder(AE),and Linear Discriminant Analysis(LDA),are evaluated using three benchmark datasets:UNSW-NB15,ToN-IoT and CSE-CIC-IDS2018.Although PCA and AE algorithms have been widely used,the determination of their optimal number of extracted dimensions has been overlooked.The results indicate that no clear FE method or ML model can achieve the best scores for all datasets.The optimal number of extracted dimensions has been identified for each dataset,and LDA degrades the performance of the ML models on two datasets.The variance is used to analyse the extracted dimensions of LDA and PCA.Finally,this paper concludes that the choice of datasets significantly alters the performance of the applied techniques.We believe that a universal(benchmark)feature set is needed to facilitate further advancement and progress of research in this field.
基金supported in part by the National Key R&D Program of China(No.2022YFB3904503)National Natural Science Foundation of China(No.62172418)。
文摘To solve the problem of poor detection and limited application range of current intrusion detection methods,this paper attempts to use deep learning neural network technology to study a new type of intrusion detection method.Hence,we proposed an intrusion detection algorithm based on convolutional neural network(CNN)and AdaBoost algorithm.This algorithm uses CNN to extract the characteristics of network traffic data,which is particularly suitable for the analysis of continuous and classified attack data.The AdaBoost algorithm is used to classify network attack data that improved the detection effect of unbalanced data classification.We adopt the UNSW-NB15 dataset to test of this algorithm in the PyCharm environment.The results show that the detection rate of algorithm is99.27%and the false positive rate is lower than 0.98%.Comparative analysis shows that this algorithm has advantages over existing methods in terms of detection rate and false positive rate for small proportion of attack data.
文摘The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during these situations.Also,the security issues in the Internet of Medical Things(IoMT)used in these service,make the situation even more critical because cyberattacks on the medical devices might cause treatment delays or clinical failures.Hence,services in the healthcare ecosystem need rapid,uninterrupted,and secure facilities.The solution provided in this research addresses security concerns and services availability for patients with critical health in remote areas.This research aims to develop an intelligent Software Defined Networks(SDNs)enabled secure framework for IoT healthcare ecosystem.We propose a hybrid of machine learning and deep learning techniques(DNN+SVM)to identify network intrusions in the sensor-based healthcare data.In addition,this system can efficiently monitor connected devices and suspicious behaviours.Finally,we evaluate the performance of our proposed framework using various performance metrics based on the healthcare application scenarios.the experimental results show that the proposed approach effectively detects and mitigates attacks in the SDN-enabled IoT networks and performs better that other state-of-art-approaches.
基金supported by Tianshan Talent Training Project-Xinjiang Science and Technology Innovation Team Program(2023TSYCTD).
文摘With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(IDS).However,both unsupervised and semisupervised anomalous traffic detection methods suffer from the drawback of ignoring potential correlations between features,resulting in an analysis that is not an optimal set.Therefore,in order to extract more representative traffic features as well as to improve the accuracy of traffic identification,this paper proposes a feature dimensionality reduction method combining principal component analysis and Hotelling’s T^(2) and a multilayer convolutional bidirectional long short-term memory(MSC_BiLSTM)classifier model for network traffic intrusion detection.This method reduces the parameters and redundancy of the model by feature extraction and extracts the dependent features between the data by a bidirectional long short-term memory(BiLSTM)network,which fully considers the influence between the before and after features.The network traffic is first characteristically downscaled by principal component analysis(PCA),and then the downscaled principal components are used as input to Hotelling’s T^(2) to compare the differences between groups.For datasets with outliers,Hotelling’s T^(2) can help identify the groups where the outliers are located and quantitatively measure the extent of the outliers.Finally,a multilayer convolutional neural network and a BiLSTM network are used to extract the spatial and temporal features of network traffic data.The empirical consequences exhibit that the suggested approach in this manuscript attains superior outcomes in precision,recall and F1-score juxtaposed with the prevailing techniques.The results show that the intrusion detection accuracy,precision,and F1-score of the proposed MSC_BiLSTM model for the CIC-IDS 2017 dataset are 98.71%,95.97%,and 90.22%.
基金Supported by the Basic Science Research Fund Project of PetroChina Affiliated Institute(2020D-5008-06)。
文摘Taking the Paleogene Shahejie Formation in Nanpu sag of Bohai Bay Basin as an example,this study comprehensively utilizes seismic,mud logging,well logging,physical property analysis and core thin section data to investigate the metamorphic reservoir formed by contact metamorphism after igneous rock intrusion.(1)A geological model of the igneous intrusion contact met amorphic system is proposed,which can be divided into five structural layers vertically:the intrusion,upper metamorphic aureole,lower metamorphic aureole,normal sedimentary layers on the roof and floor.(2)The intrusion is characterized by xenoliths indicating intrusive facies at the top,regular changes in rock texture and mineral crystallization from the center to the edge on a microscopic scale,and low-angle oblique penetrations of the intrusion through sedimentary strata on a macroscopic scale.The metamorphic aureole has characteristics such as sedimentary rocks as the host rock,typical palimpsest textures developed,various low-temperature thermal metamorphic minerals developed,and medium-low grade thermal metamorphic rocks as the lithology.(3)The reservoir in contact metamorphic aureole has two types of reservoir spaces:matrix pores and fractures.The matrix pores are secondary"intergranular pores"distributed around metamorphic minerals after thermal metamorphic transformation in metasandstones.The fractures are mainly structural fractures and intrusive compressive fractures in metamudstones.The reservoirs generally have three spatial distribution characteristics:layered,porphyritic and hydrocarbon impregnation along fracture.(4)The distribution of reservoirs in the metamorphic aureole is mainly controlled by the intensity of thermal baking.Furthermore,the distribution of favorable reservoirs is controlled by the coupling of favorable lithofacies and thermal contact metamorphism,intrusive compression and hydrothermal dissolution.The proposal and application of the geological model of the intrusion contact metamorphic system are expected to promote the discovery of exploration targets of contact metamorphic rock in Nanpu sag,and provide a reference for the study and exploration of deep contact metamorphic rock reservoirs in the Bohai Bay Basin.
文摘In recent years,frequent network attacks have highlighted the importance of efficient detection methods for ensuring cyberspace security.This paper presents a novel intrusion detection system consisting of a data prepro-cessing stage and a deep learning model for accurately identifying network attacks.We have proposed four deep neural network models,which are constructed using architectures such as Convolutional Neural Networks(CNN),Bi-directional Long Short-Term Memory(BiLSTM),Bidirectional Gate Recurrent Unit(BiGRU),and Attention mechanism.These models have been evaluated for their detection performance on the NSL-KDD dataset.To enhance the compatibility between the data and the models,we apply various preprocessing techniques and employ the particle swarm optimization algorithm to perform feature selection on the NSL-KDD dataset,resulting in an optimized feature subset.Moreover,we address class imbalance in the dataset using focal loss.Finally,we employ the BO-TPE algorithm to optimize the hyperparameters of the four models,maximizing their detection performance.The test results demonstrate that the proposed model is capable of extracting the spatiotemporal features of network traffic data effectively.In binary and multiclass experiments,it achieved accuracy rates of 0.999158 and 0.999091,respectively,surpassing other state-of-the-art methods.
基金The fund from Science,Technology and Innovation Commission of Shenzhen Municipality under contract No.JCYJ20210324105211031the National Natural Science Foundation of China under contract No.41720104001.
文摘Typhoons in the western Pacific have a significant impact on the transport of heat,salt and particles through the Luzon Strait.However,there are very limited field observations of this impact because of extreme difficulties and even dangers for ship-based measurements during the rough weather.Here,we present the preliminary results from analyzing a dataset collected by a glider deployed west of the Luzon Strait a few days prior to the arrival of typhoon MITAG.The gilder data revealed an abnormally salinity(>34.8)subsurface water apparently sourced from Kuroshio intrusion during the typhoon.When typhoon MITAG traveled on the east of the Luzon Strait,the positive wind stress curl strengthened the cyclonic eddy and weakened the anti-cyclonic eddy.This led to a slowdown of Kuroshio and made its intrusion easier.The main axis of the Kuroshio at the northern part of the strait shifted westward after the typhoon and did not return to its original position until a week later.The Ekman transport from persistent northerly wind of typhoon MITAG was significant,but its importance in enhancing the Kuroshio intrusion is only secondary relative to the eddies variations.
文摘Intrusion detection is a predominant task that monitors and protects the network infrastructure.Therefore,many datasets have been published and investigated by researchers to analyze and understand the problem of intrusion prediction and detection.In particular,the Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD)is an extensively used benchmark dataset for evaluating intrusion detection systems(IDSs)as it incorporates various network traffic attacks.It is worth mentioning that a large number of studies have tackled the problem of intrusion detection using machine learning models,but the performance of these models often decreases when evaluated on new attacks.This has led to the utilization of deep learning techniques,which have showcased significant potential for processing large datasets and therefore improving detection accuracy.For that reason,this paper focuses on the role of stacking deep learning models,including convolution neural network(CNN)and deep neural network(DNN)for improving the intrusion detection rate of the NSL-KDD dataset.Each base model is trained on the NSL-KDD dataset to extract significant features.Once the base models have been trained,the stacking process proceeds to the second stage,where a simple meta-model has been trained on the predictions generated from the proposed base models.The combination of the predictions allows the meta-model to distinguish different classes of attacks and increase the detection rate.Our experimental evaluations using the NSL-KDD dataset have shown the efficacy of stacking deep learning models for intrusion detection.The performance of the ensemble of base models,combined with the meta-model,exceeds the performance of individual models.Our stacking model has attained an accuracy of 99%and an average F1-score of 93%for the multi-classification scenario.Besides,the training time of the proposed ensemble model is lower than the training time of benchmark techniques,demonstrating its efficiency and robustness.
基金supported by the interdisciplinary center of smart mobility and logistics at King Fahd University of Petroleum and Minerals(Grant number INML2400).
文摘The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and threats.Many interesting Intrusion Detection Systems(IDSs)are presented based on machine learning(ML)techniques to overcome this problem.Given the resource limitations of fog computing environments,a lightweight IDS is essential.This paper introduces a hybrid deep learning(DL)method that combines convolutional neural networks(CNN)and long short-term memory(LSTM)to build an energy-aware,anomaly-based IDS.We test this system on a recent dataset,focusing on reducing overhead while maintaining high accuracy and a low false alarm rate.We compare CICIoT2023,KDD-99 and NSL-KDD datasets to evaluate the performance of the proposed IDS model based on key metrics,including latency,energy consumption,false alarm rate and detection rate metrics.Our findings show an accuracy rate over 92%and a false alarm rate below 0.38%.These results demonstrate that our system provides strong security without excessive resource use.The practicality of deploying IDS with limited resources is demonstrated by the successful implementation of IDS functionality on a Raspberry Pi acting as a Fog node.The proposed lightweight model,with a maximum power consumption of 6.12 W,demonstrates its potential to operate effectively on energy-limited devices such as low-power fog nodes or edge devices.We prioritize energy efficiency whilemaintaining high accuracy,distinguishing our scheme fromexisting approaches.Extensive experiments demonstrate a significant reduction in false positives,ensuring accurate identification of genuine security threats while minimizing unnecessary alerts.
基金supported by National Natural Science Fundation of China under Grant 61972208National Natural Science Fundation(General Program)of China under Grant 61972211+2 种基金National Key Research and Development Project of China under Grant 2020YFB1804700Future Network Innovation Research and Application Projects under Grant No.2021FNA020062021 Jiangsu Postgraduate Research Innovation Plan under Grant No.KYCX210794.
文摘With the rapid development of the Internet,network security and data privacy are increasingly valued.Although classical Network Intrusion Detection System(NIDS)based on Deep Learning(DL)models can provide good detection accuracy,but collecting samples for centralized training brings the huge risk of data privacy leakage.Furthermore,the training of supervised deep learning models requires a large number of labeled samples,which is usually cumbersome.The“black-box”problem also makes the DL models of NIDS untrustworthy.In this paper,we propose a trusted Federated Learning(FL)Traffic IDS method called FL-TIDS to address the above-mentioned problems.In FL-TIDS,we design an unsupervised intrusion detection model based on autoencoders that alleviates the reliance on marked samples.At the same time,we use FL for model training to protect data privacy.In addition,we design an improved SHAP interpretable method based on chi-square test to perform interpretable analysis of the trained model.We conducted several experiments to evaluate the proposed FL-TIDS.We first determine experimentally the structure and the number of neurons of the unsupervised AE model.Secondly,we evaluated the proposed method using the UNSW-NB15 and CICIDS2017 datasets.The exper-imental results show that the unsupervised AE model has better performance than the other 7 intrusion detection models in terms of precision,recall and f1-score.Then,federated learning is used to train the intrusion detection model.The experimental results indicate that the model is more accurate than the local learning model.Finally,we use an improved SHAP explainability method based on Chi-square test to analyze the explainability.The analysis results show that the identification characteristics of the model are consistent with the attack characteristics,and the model is reliable.
基金This paper is financed by the European Union-NextGenerationEU,through the National Recovery and Resilience Plan of the Republic of Bulgaria,Project No.BG-RRP-2.004-0001-C01.
文摘The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accident prevention,cost reduction,and enhanced traffic regularity.Despite these benefits,IoV technology is susceptible to cyber-attacks,which can exploit vulnerabilities in the vehicle network,leading to perturbations,disturbances,non-recognition of traffic signs,accidents,and vehicle immobilization.This paper reviews the state-of-the-art achievements and developments in applying Deep Transfer Learning(DTL)models for Intrusion Detection Systems in the Internet of Vehicles(IDS-IoV)based on anomaly detection.IDS-IoV leverages anomaly detection through machine learning and DTL techniques to mitigate the risks posed by cyber-attacks.These systems can autonomously create specific models based on network data to differentiate between regular traffic and cyber-attacks.Among these techniques,transfer learning models are particularly promising due to their efficacy with tagged data,reduced training time,lower memory usage,and decreased computational complexity.We evaluate DTL models against criteria including the ability to transfer knowledge,detection rate,accurate analysis of complex data,and stability.This review highlights the significant progress made in the field,showcasing how DTL models enhance the performance and reliability of IDS-IoV systems.By examining recent advancements,we provide insights into how DTL can effectively address cyber-attack challenges in IoV environments,ensuring safer and more efficient transportation networks.
基金the National Natural Science Foundation of China(No.61662004).
文摘The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device hascaught the attention of cyber hackers, as it provides them with expanded avenues to access valuable data. Thishas resulted in a myriad of security challenges, including information leakage, malware propagation, and financialloss, among others. Consequently, developing an intrusion detection system to identify both active and potentialintrusion traffic in IoT networks is of paramount importance. In this paper, we propose ResNeSt-biGRU, a practicalintrusion detection model that combines the strengths of ResNeSt, a variant of Residual Neural Network, andbidirectionalGated RecurrentUnitNetwork (biGRU).Our ResNeSt-biGRUframework diverges fromconventionalintrusion detection systems (IDS) by employing this dual-layeredmechanism that exploits the temporal continuityand spatial feature within network data streams, a methodological innovation that enhances detection accuracy.In conjunction with this, we introduce the PreIoT dataset, a compilation of prevalent IoT network behaviors, totrain and evaluate IDSmodels with a focus on identifying potential intrusion traffics. The effectiveness of proposedscheme is demonstrated through testing, wherein it achieved an average accuracy of 99.90% on theN-BaIoT datasetas well as on the PreIoT dataset and 94.45% on UNSW-NB15 dataset. The outcomes of this research reveal thepotential of ResNeSt-biGRU to bolster security measures, diminish intrusion-related vulnerabilities, and preservethe overall security of IoT ecosystems.
文摘The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.
文摘More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.This paper examines a cyber-attack prediction system combining feature selection(FS)and ML.Our technique’s foundation was based on Correlation Analysis(CA),Mutual Information(MI),and recursive feature reduction with cross-validation.To optimize the IDS performance,the security features must be carefully selected from multiple-dimensional datasets,and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets.Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT.We evaluated prediction using seven ML methods:Decision Tree(DT),Random Forest(RF),Logistic Regression(LR),Naive Bayes(NB),K-Nearest Neighbors(KNN),Support Vector Machines(SVM),and Multilayer Perceptron(MLP)classifiers.The DT,RF,NB,and MLP classifiers helped our model surpass the competition on both datasets.Therefore,the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.
基金Princess Nourah bint Abdulrahman University for funding this project through the Researchers Supporting Project(PNURSP2024R319)funded by the Prince Sultan University,Riyadh,Saudi Arabia.
文摘This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.
文摘In the Saloum region of central-western Senegal, water needs are essentially met by tapping an underground aquifer associated with the sandy-clay formations of the Continental Terminal, in contact with both the ocean to the west and the highly saline waters of the Saloum River to the north. In this estuarine and deltaic zone with its very low relief, the hydraulic loads in the water tables are generally close to zero or even negative, creating a reversal of the natural flow and encouraging saline intrusion into this system, which makes it very vulnerable. This study concerns the implementation of a numerical model of saline intrusion to provide a better understanding of the vulnerability of the water table by analyzing the variability of the freshwater/saltwater interface. The Modflow-2005 code is used to simulate saline intrusion using the SWI2 module, coupled with the GRASS (Geographic Resources Analysis Support System) software under the Linux operating system with the steep interface approach. The probable expansion of the wedge is studied in three scenarios, taking into account its position relative to the bedrock at 1 m, 5 m and 10 m. Simulations carried out under imposed potential and river conditions, based on variations in groundwater reserves using two effective porosity values, 10−1 and 10−2, show that the water table is highly vulnerable in the northwest sector. The probable expansion of the wedge increases as the storage coefficient decreases and is more marked with river conditions in the areas surrounding the Saloum River, reaching 6 km with a probability of 1. The probability of the wedge reaching a certain degree of expansion decreases from 1 to 0.5, and then cancels out as it moves inland. The probable position of the wedge is limited to 500 m or even 1 km depending on the corner around the coast to the southwest and in the southern zone. This modelling, carried out under natural conditions, will be developed further, taking into account climatic parameters and pumping from wells and boreholes.
基金Researchers Supporting Project Number(RSP2024R206),King Saud University,Riyadh,Saudi Arabia.
文摘The rapid growth of Internet of Things(IoT)devices has brought numerous benefits to the interconnected world.However,the ubiquitous nature of IoT networks exposes them to various security threats,including anomaly intrusion attacks.In addition,IoT devices generate a high volume of unstructured data.Traditional intrusion detection systems often struggle to cope with the unique characteristics of IoT networks,such as resource constraints and heterogeneous data sources.Given the unpredictable nature of network technologies and diverse intrusion methods,conventional machine-learning approaches seem to lack efficiency.Across numerous research domains,deep learning techniques have demonstrated their capability to precisely detect anomalies.This study designs and enhances a novel anomaly-based intrusion detection system(AIDS)for IoT networks.Firstly,a Sparse Autoencoder(SAE)is applied to reduce the high dimension and get a significant data representation by calculating the reconstructed error.Secondly,the Convolutional Neural Network(CNN)technique is employed to create a binary classification approach.The proposed SAE-CNN approach is validated using the Bot-IoT dataset.The proposed models exceed the performance of the existing deep learning approach in the literature with an accuracy of 99.9%,precision of 99.9%,recall of 100%,F1 of 99.9%,False Positive Rate(FPR)of 0.0003,and True Positive Rate(TPR)of 0.9992.In addition,alternative metrics,such as training and testing durations,indicated that SAE-CNN performs better.
基金This research was funded by the Scientific Research Project of Leshan Normal University(No.2022SSDX002)the Scientific Plan Project of Leshan(No.22NZD012).
文摘Artificial immune detection can be used to detect network intrusions in an adaptive approach and proper matching methods can improve the accuracy of immune detection methods.This paper proposes an artificial immune detection model for network intrusion data based on a quantitative matching method.The proposed model defines the detection process by using network data and decimal values to express features and artificial immune mechanisms are simulated to define immune elements.Then,to improve the accuracy of similarity calculation,a quantitative matching method is proposed.The model uses mathematical methods to train and evolve immune elements,increasing the diversity of immune recognition and allowing for the successful detection of unknown intrusions.The proposed model’s objective is to accurately identify known intrusions and expand the identification of unknown intrusions through signature detection and immune detection,overcoming the disadvantages of traditional methods.The experiment results show that the proposed model can detect intrusions effectively.It has a detection rate of more than 99.6%on average and a false alarm rate of 0.0264%.It outperforms existing immune intrusion detection methods in terms of comprehensive detection performance.