Network Security Enhanced with Deep Neural Network-Based Intrusion Detection System

This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.

CNN Channel Attention Intrusion Detection SystemUsing NSL-KDD Dataset

Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.

IDS-INT:Intrusion detection system using transformer-based transfer learning for imbalanced network traffic

A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.

Double DQN Method For Botnet Traffic Detection System

In the face of the increasingly severe Botnet problem on the Internet,how to effectively detect Botnet traffic in realtime has become a critical problem.Although the existing deepQnetwork(DQN)algorithminDeep reinforcement learning can solve the problem of real-time updating,its prediction results are always higher than the actual results.In Botnet traffic detection,although it performs well in the training set,the accuracy rate of predicting traffic is as high as%;however,in the test set,its accuracy has declined,and it is impossible to adjust its prediction strategy on time based on new data samples.However,in the new dataset,its accuracy has declined significantly.Therefore,this paper proposes a Botnet traffic detection system based on double-layer DQN(DDQN).Two Q-values are designed to adjust the model in policy and action,respectively,to achieve real-time model updates and improve the universality and robustness of the model under different data sets.Experiments show that compared with the DQN model,when using DDQN,the Q-value is not too high,and the detectionmodel has improved the accuracy and precision of Botnet traffic.Moreover,when using Botnet data sets other than the test set,the accuracy and precision of theDDQNmodel are still higher than DQN.

A Security Trade-Off Scheme of Anomaly Detection System in IoT to Defend against Data-Tampering Attacks

Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.

Advanced Optimized Anomaly Detection System for IoT Cyberattacks Using Artificial Intelligence

While emerging technologies such as the Internet of Things(IoT)have many benefits,they also pose considerable security challenges that require innovative solutions,including those based on artificial intelligence(AI),given that these techniques are increasingly being used by malicious actors to compromise IoT systems.Although an ample body of research focusing on conventional AI methods exists,there is a paucity of studies related to advanced statistical and optimization approaches aimed at enhancing security measures.To contribute to this nascent research stream,a novel AI-driven security system denoted as“AI2AI”is presented in this work.AI2AI employs AI techniques to enhance the performance and optimize security mechanisms within the IoT framework.We also introduce the Genetic Algorithm Anomaly Detection and Prevention Deep Neural Networks(GAADPSDNN)sys-tem that can be implemented to effectively identify,detect,and prevent cyberattacks targeting IoT devices.Notably,this system demonstrates adaptability to both federated and centralized learning environments,accommodating a wide array of IoT devices.Our evaluation of the GAADPSDNN system using the recently complied WUSTL-IIoT and Edge-IIoT datasets underscores its efficacy.Achieving an impressive overall accuracy of 98.18%on the Edge-IIoT dataset,the GAADPSDNN outperforms the standard deep neural network(DNN)classifier with 94.11%accuracy.Furthermore,with the proposed enhancements,the accuracy of the unoptimized random forest classifier(80.89%)is improved to 93.51%,while the overall accuracy(98.18%)surpasses the results(93.91%,94.67%,94.94%,and 94.96%)achieved when alternative systems based on diverse optimization techniques and the same dataset are employed.The proposed optimization techniques increase the effectiveness of the anomaly detection system by efficiently achieving high accuracy and reducing the computational load on IoT devices through the adaptive selection of active features.

Machine learning algorithm partially reconfigured on FPGA for an image edge detection system

Unmanned aerial vehicles(UAVs)have been widely used in military,medical,wireless communications,aerial surveillance,etc.One key topic involving UAVs is pose estimation in autonomous navigation.A standard procedure for this process is to combine inertial navigation system sensor information with the global navigation satellite system(GNSS)signal.However,some factors can interfere with the GNSS signal,such as ionospheric scintillation,jamming,or spoofing.One alternative method to avoid using the GNSS signal is to apply an image processing approach by matching UAV images with georeferenced images.But a high effort is required for image edge extraction.Here a support vector regression(SVR)model is proposed to reduce this computational load and processing time.The dynamic partial reconfiguration(DPR)of part of the SVR datapath is implemented to accelerate the process,reduce the area,and analyze its granularity by increasing the grain size of the reconfigurable region.Results show that the implementation in hardware is 68 times faster than that in software.This architecture with DPR also facilitates the low power consumption of 4 mW,leading to a reduction of 57%than that without DPR.This is also the lowest power consumption in current machine learning hardware implementations.Besides,the circuitry area is 41 times smaller.SVR with Gaussian kernel shows a success rate of 99.18%and minimum square error of 0.0146 for testing with the planning trajectory.This system is useful for adaptive applications where the user/designer can modify/reconfigure the hardware layout during its application,thus contributing to lower power consumption,smaller hardware area,and shorter execution time.

Enhanced Coyote Optimization with Deep Learning Based Cloud-Intrusion Detection System

Cloud Computing(CC)is the preference of all information technology(IT)organizations as it offers pay-per-use based and flexible services to its users.But the privacy and security become the main hindrances in its achievement due to distributed and open architecture that is prone to intruders.Intrusion Detection System(IDS)refers to one of the commonly utilized system for detecting attacks on cloud.IDS proves to be an effective and promising technique,that identifies malicious activities and known threats by observing traffic data in computers,and warnings are given when such threatswere identified.The current mainstream IDS are assisted with machine learning(ML)but have issues of low detection rates and demanded wide feature engineering.This article devises an Enhanced Coyote Optimization with Deep Learning based Intrusion Detection System for Cloud Security(ECODL-IDSCS)model.The ECODL-IDSCS model initially addresses the class imbalance data problem by the use of Adaptive Synthetic(ADASYN)technique.For detecting and classification of intrusions,long short term memory(LSTM)model is exploited.In addition,ECO algorithm is derived to optimally fine tune the hyperparameters related to the LSTM model to enhance its detection efficiency in the cloud environment.Once the presented ECODL-IDSCS model is tested on benchmark dataset,the experimental results show the promising performance of the ECODL-IDSCS model over the existing IDS models.

Intelligent Intrusion Detection System for Industrial Internet of Things Environment

Rapid increase in the large quantity of industrial data,Industry 4.0/5.0 poses several challenging issues such as heterogeneous data generation,data sensing and collection,real-time data processing,and high request arrival rates.The classical intrusion detection system(IDS)is not a practical solution to the Industry 4.0 environment owing to the resource limitations and complexity.To resolve these issues,this paper designs a new Chaotic Cuckoo Search Optimiza-tion Algorithm(CCSOA)with optimal wavelet kernel extreme learning machine(OWKELM)named CCSOA-OWKELM technique for IDS on the Industry 4.0 platform.The CCSOA-OWKELM technique focuses on the design of feature selection with classification approach to achieve minimum computation complex-ity and maximum detection accuracy.The CCSOA-OWKELM technique involves the design of CCSOA based feature selection technique,which incorpo-rates the concepts of chaotic maps with CSOA.Besides,the OWKELM technique is applied for the intrusion detection and classification process.In addition,the OWKELM technique is derived by the hyperparameter tuning of the WKELM technique by the use of sunflower optimization(SFO)algorithm.The utilization of CCSOA for feature subset selection and SFO algorithm based hyperparameter tuning leads to better performance.In order to guarantee the supreme performance of the CCSOA-OWKELM technique,a wide range of experiments take place on two benchmark datasets and the experimental outcomes demonstrate the promis-ing performance of the CCSOA-OWKELM technique over the recent state of art techniques.

Machine Learning Techniques for Intrusion Detection Systems in SDN-Recent Advances,Challenges and Future Directions

Software-Defined Networking(SDN)enables flexibility in developing security tools that can effectively and efficiently analyze and detect malicious network traffic for detecting intrusions.Recently Machine Learning(ML)techniques have attracted lots of attention from researchers and industry for developing intrusion detection systems(IDSs)considering logically centralized control and global view of the network provided by SDN.Many IDSs have developed using advances in machine learning and deep learning.This study presents a comprehensive review of recent work ofML-based IDS in context to SDN.It presents a comprehensive study of the existing review papers in the field.It is followed by introducing intrusion detection,ML techniques and their types.Specifically,we present a systematic study of recent works,discuss ongoing research challenges for effective implementation of ML-based intrusion detection in SDN,and promising future works in this field.

Intrusion Detection System with Customized Machine Learning Techniques for NSL-KDD Dataset

Modern networks are at risk from a variety of threats as a result of the enormous growth in internet-based traffic.By consuming time and resources,intrusive traffic hampers the efficient operation of network infrastructure.An effective strategy for preventing,detecting,and mitigating intrusion incidents will increase productivity.A crucial element of secure network traffic is Intrusion Detection System(IDS).An IDS system may be host-based or network-based to monitor intrusive network activity.Finding unusual internet traffic has become a severe security risk for intelligent devices.These systems are negatively impacted by several attacks,which are slowing computation.In addition,networked communication anomalies and breaches must be detected using Machine Learning(ML).This paper uses the NSL-KDD data set to propose a novel IDS based on Artificial Neural Networks(ANNs).As a result,the ML model generalizes sufficiently to perform well on untried data.The NSL-KDD dataset shall be utilized for both training and testing.In this paper,we present a custom ANN model architecture using the Keras open-source software package.The specific arrangement of nodes and layers,along with the activation functions,enhances the model’s ability to capture intricate patterns in network data.The performance of the ANN is carefully tested and evaluated,resulting in the identification of a maximum detection accuracy of 97.5%.We thoroughly compared our suggested model to industry-recognized benchmark methods,such as decision classifier combinations and ML classifiers like k-Nearest Neighbors(KNN),Deep Learning(DL),Support Vector Machine(SVM),Long Short-Term Memory(LSTM),Deep Neural Network(DNN),and ANN.It is encouraging to see that our model consistently outperformed each of these tried-and-true techniques in all evaluations.This result underlines the effectiveness of the suggested methodology by demonstrating the ANN’s capacity to accurately assess the effectiveness of the developed strategy in identifying and categorizing instances of network intrusion.

An Intelligent Intrusion Detection System in Smart Grid Using PRNN Classifier

Typically,smart grid systems enhance the ability of conventional power system networks as it is vulnerable to several kinds of attacks.These vulnerabil-ities might cause the attackers or intruders to collapse the entire network system thus breaching the confidentiality and integrity of smart grid systems.Thus,for this purpose,Intrusion detection system(IDS)plays a pivotal part in offering a reliable and secured range of services in the smart grid framework.Several exist-ing approaches are there to detect the intrusions in smart grid framework,however they are utilizing an old dataset to detect anomaly thus resulting in reduced rate of detection accuracy in real-time and huge data sources.So as to overcome these limitations,the proposed technique is presented which employs both real-time raw data from the smart grid network and KDD99 dataset thus detecting anoma-lies in the smart grid network.In the grid side data acquisition,the power trans-mitted to the grid is checked and enhanced in terms of power quality by eradicating distortion in transmission lines.In this approach,power quality in the smart grid network is enhanced by rectifying the fault using a FACT device termed UPQC(Unified Power Quality Controller)and thereby storing the data in cloud storage.The data from smart grid cloud storage and KDD99 are pre-pro-cessed and are optimized using Improved Aquila Swarm Optimization(IASO)to extract optimal features.The probabilistic Recurrent Neural Network(PRNN)classifier is then employed for the prediction and classification of intrusions.At last,the performance is estimated and the outcomes are projected in terms of grid voltage,grid current,Total Harmonic Distortion(THD),voltage sag/swell,accu-racy,precision,recall,F-score,false acceptance rate(FAR),and detection rate of the classifier.The analysis is compared with existing techniques to validate the proposed model efficiency.

Augmenting IoT Intrusion Detection System Performance Using Deep Neural Network

Due to their low power consumption and limited computing power,Internet of Things(IoT)devices are difficult to secure.Moreover,the rapid growth of IoT devices in homes increases the risk of cyber-attacks.Intrusion detection systems(IDS)are commonly employed to prevent cyberattacks.These systems detect incoming attacks and instantly notify users to allow for the implementation of appropriate countermeasures.Attempts have been made in the past to detect new attacks using machine learning and deep learning techniques,however,these efforts have been unsuccessful.In this paper,we propose two deep learning models to automatically detect various types of intrusion attacks in IoT networks.Specifically,we experimentally evaluate the use of two Convolutional Neural Networks(CNN)to detect nine distinct types of attacks listed in the NF-UNSW-NB15-v2 dataset.To accomplish this goal,the network stream data were initially converted to twodimensional images,which were then used to train the neural network models.We also propose two baseline models to demonstrate the performance of the proposed models.Generally,both models achieve high accuracy in detecting the majority of these nine attacks.

A Comprehensive Analysis of Datasets for Automotive Intrusion Detection Systems

Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.

Internet of Things Intrusion Detection System Based on Convolutional Neural Network

In recent years, the Internet of Things (IoT) technology has developedby leaps and bounds. However, the large and heterogeneous networkstructure of IoT brings high management costs. In particular, the low costof IoT devices exposes them to more serious security concerns. First, aconvolutional neural network intrusion detection system for IoT devices isproposed. After cleaning and preprocessing the NSL-KDD dataset, this paperuses feature engineering methods to select appropriate features. Then, basedon the combination of DCNN and machine learning, this paper designs acloud-based loss function, which adopts a regularization method to preventoverfitting. The model consists of one input layer, two convolutional layers,two pooling layers and three fully connected layers and one output layer.Finally, a framework that can fully consider the user’s privacy protection isproposed. The framework can only exchange model parameters or intermediateresults without exchanging local individuals or sample data. This paperfurther builds a global model based on virtual fusion data, so as to achievea balance between data privacy protection and data sharing computing. Theperformance indicators such as accuracy, precision, recall, F1 score, and AUCof the model are verified by simulation. The results show that the model ishelpful in solving the problem that the IoT intrusion detection system cannotachieve high precision and low cost at the same time.

Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network

Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.

Securing Cloud Computing from Flash Crowd Attack Using Ensemble Intrusion Detection System

Flash Crowd attacks are a form of Distributed Denial of Service(DDoS)attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing(CC).Botnets are often used by attackers to perform a wide range of DDoS attacks.With advancements in technology,bots are now able to simulate DDoS attacks as flash crowd events,making them difficult to detect.When it comes to application layer DDoS attacks,the Flash Crowd attack that occurs during a Flash Event is viewed as the most intricate issue.This is mainly because it can imitate typical user behavior,leading to a substantial influx of requests that can overwhelm the server by consuming either its network bandwidth or resources.Therefore,identifying these types of attacks on web servers has become crucial,particularly in the CC.In this article,an efficient intrusion detection method is proposed based on White Shark Optimizer and ensemble classifier(Convolutional Neural Network(CNN)and LighGBM).Experiments were conducted using a CICIDS 2017 dataset to evaluate the performance of the proposed method in real-life situations.The proposed IDS achieved superior results,with 95.84%accuracy,96.15%precision,95.54%recall,and 95.84%F1 measure.Flash crowd attacks are challenging to detect,but the proposed IDS has proven its effectiveness in identifying such attacks in CC and holds potential for future improvement.

Modified Metaheuristics with Weighted Majority Voting Ensemble Deep Learning Model for Intrusion Detection System

The Internet of Things(IoT)system has confronted dramatic growth in high dimensionality and data traffic.The system named intrusion detection systems(IDS)is broadly utilized for the enhancement of security posture in an IT infrastructure.An IDS is a practical and suitable method for assuring network security and identifying attacks by protecting it from intrusive hackers.Nowadays,machine learning(ML)-related techniques were used for detecting intrusion in IoTs IDSs.But,the IoT IDS mechanism faces significant challenges because of physical and functional diversity.Such IoT features use every attribute and feature for IDS self-protection unrealistic and difficult.This study develops a Modified Metaheuristics with Weighted Majority Voting Ensemble Deep Learning(MM-WMVEDL)model for IDS.The proposed MM-WMVEDL technique aims to discriminate distinct kinds of attacks in the IoT environment.To attain this,the presented MM-WMVEDL technique implements min-max normalization to scale the input dataset.For feature selection purposes,the MM-WMVEDL technique exploits the Harris hawk optimization-based elite fractional derivative mutation(HHO-EFDM)technique.In the presented MM-WMVEDL technique,a Bi-directional long short-term memory(BiLSTM),extreme learning machine(ELM)and an ensemble of gated recurrent unit(GRU)models take place.A wide range of simulation analyses was performed on CICIDS-2017 dataset to exhibit the promising performance of the MM-WMVEDL technique.The comparison study pointed out the supremacy of the MM-WMVEDL method over other recent methods with accuracy of 99.67%.

An Efficient Cyber Security and Intrusion Detection System Using CRSR with PXORP-ECC and LTH-CNN

Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack the required level of security to prevent sophisticated attacks.This problem can result in the system being vulnerable to attacks,which can lead to the loss of sensitive data and potential system failure.Therefore,this paper proposes an Intrusion Detection System using Logistic Tanh-based Convolutional Neural Network Classification(LTH-CNN).Here,the Correlation Coefficient based Mayfly Optimization(CC-MA)algorithm is used to extract the input characteristics for the IDS from the input data.Then,the optimized features are utilized by the LTH-CNN,which returns the attacked and non-attacked data.After that,the attacked data is stored in the log file and non-attacked data is mapped to the cyber security and data security phases.To prevent the system from cyber-attack,the Source and Destination IP address is converted into a complex binary format named 1’s Complement Reverse Shift Right(CRSR),where,in the data security phase the sensed data is converted into an encrypted format using Senders Public key Exclusive OR Receivers Public Key-Elliptic Curve Cryptography(PXORP-ECC)Algorithm to improve the data security.TheNetwork Security Laboratory-Knowledge Discovery inDatabases(NSLKDD)dataset and real-time sensor are used to train and evaluate the proposed LTH-CNN.The suggested model is evaluated based on accuracy,sensitivity,and specificity,which outperformed the existing IDS methods,according to the results of the experiments.

FIDS:Filtering-Based Intrusion Detection System for In-Vehicle CAN

Modern vehicles are equipped with multiple Electronic Control Units(ECUs)that support various convenient driving functions,such as the Advanced Driver Assistance System(ADAS).To enable communication between these ECUs,the Controller Area Network(CAN)protocol is widely used.However,since CAN lacks any security technologies,it is vulnerable to cyber attacks.To address this,researchers have conducted studies on machine learning-based intrusion detection systems(IDSs)for CAN.However,most existing IDSs still have non-negligible detection errors.In this paper,we pro-pose a new filtering-based intrusion detection system(FIDS)to minimize the detection errors of machine learning-based IDSs.FIDS uses a whitelist and a blacklist created from CAN datasets.The whitelist stores the cryptographic hash value of normal packet sequences to correct false positives(FP),while the blacklist corrects false negatives(FN)based on transmission intervals and identifiers of CAN packets.We evaluated the performance of the proposed FIDS by implementing a machine learning-based IDS and applying FIDS to it.We conducted the evaluation using two CAN attack datasets provided by the Hacking and Countermeasure Research Lab(HCRL),which confirmed that FIDS can effectively reduce the FP and FN of the existing IDS.