The key objective of intrusion detection systems(IDS)is to protect the particular host or network by investigating and predicting the network traffic as an attack or normal.These IDS uses many methods of machine learn...The key objective of intrusion detection systems(IDS)is to protect the particular host or network by investigating and predicting the network traffic as an attack or normal.These IDS uses many methods of machine learning(ML)to learn from pastexperience attack i.e.signatures based and identify the new ones.Even though these methods are effective,but they have to suffer from large computational costs due to considering all the traffic features,together.Moreover,emerging technologies like the Internet of Things(Io T),big data,etc.are getting advanced day by day;as a result,network traffics are also increasing rapidly.Therefore,the issue of computational cost needs to be addressed properly.Thus,in this research,firstly,the ML methods have been used with the feature selection technique(FST)to reduce the number of features by picking out only the important ones from NSL-KDD,CICIDS2017,and CIC-DDo S2019datasets later that helped to build IDSs with lower cost but with the higher performance which would be appropriate for vast scale network.The experimental result demonstrated that the proposed model i.e.Decision tree(DT)with Recursive feature elimination(RFE)performs better than other classifiers with RFE in terms of accuracy,specificity,precision,sensitivity,F1-score,and G-means on the investigated datasets.展开更多
Cloud computing environments,characterized by dynamic scaling,distributed architectures,and complex work-loads,are increasingly targeted by malicious actors.These threats encompass unauthorized access,data breaches,de...Cloud computing environments,characterized by dynamic scaling,distributed architectures,and complex work-loads,are increasingly targeted by malicious actors.These threats encompass unauthorized access,data breaches,denial-of-service attacks,and evolving malware variants.Traditional security solutions often struggle with the dynamic nature of cloud environments,highlighting the need for robust Adaptive Cloud Intrusion Detection Systems(CIDS).Existing adaptive CIDS solutions,while offering improved detection capabilities,often face limitations such as reliance on approximations for change point detection,hindering their precision in identifying anomalies.This can lead to missed attacks or an abundance of false alarms,impacting overall security effectiveness.To address these challenges,we propose ACIDS(Adaptive Cloud Intrusion Detection System)-PELT.This novel Adaptive CIDS framework leverages the Pruned Exact Linear Time(PELT)algorithm and a Support Vector Machine(SVM)for enhanced accuracy and efficiency.ACIDS-PELT comprises four key components:(1)Feature Selection:Utilizing a hybrid harmony search algorithm and the symmetrical uncertainty filter(HSO-SU)to identify the most relevant features that effectively differentiate between normal and anomalous network traffic in the cloud environment.(2)Surveillance:Employing the PELT algorithm to detect change points within the network traffic data,enabling the identification of anomalies and potential security threats with improved precision compared to existing approaches.(3)Training Set:Labeled network traffic data forms the training set used to train the SVM classifier to distinguish between normal and anomalous behaviour patterns.(4)Testing Set:The testing set evaluates ACIDS-PELT’s performance by measuring its accuracy,precision,and recall in detecting security threats within the cloud environment.We evaluate the performance of ACIDS-PELT using the NSL-KDD benchmark dataset.The results demonstrate that ACIDS-PELT outperforms existing cloud intrusion detection techniques in terms of accuracy,precision,and recall.This superiority stems from ACIDS-PELT’s ability to overcome limitations associated with approximation and imprecision in change point detection while offering a more accurate and precise approach to detecting security threats in dynamic cloud environments.展开更多
Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,hi...Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.展开更多
Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,a...Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,and can be addressed using clustering and routing techniques.Information is sent from the source to the BS via routing procedures.However,these routing protocols must ensure that packets are delivered securely,guaranteeing that neither adversaries nor unauthentic individuals have access to the sent information.Secure data transfer is intended to protect the data from illegal access,damage,or disruption.Thus,in the proposed model,secure data transmission is developed in an energy-effective manner.A low-energy adaptive clustering hierarchy(LEACH)is developed to efficiently transfer the data.For the intrusion detection systems(IDS),Fuzzy logic and artificial neural networks(ANNs)are proposed.Initially,the nodes were randomly placed in the network and initialized to gather information.To ensure fair energy dissipation between the nodes,LEACH randomly chooses cluster heads(CHs)and allocates this role to the various nodes based on a round-robin management mechanism.The intrusion-detection procedure was then utilized to determine whether intruders were present in the network.Within the WSN,a Fuzzy interference rule was utilized to distinguish the malicious nodes from legal nodes.Subsequently,an ANN was employed to distinguish the harmful nodes from suspicious nodes.The effectiveness of the proposed approach was validated using metrics that attained 97%accuracy,97%specificity,and 97%sensitivity of 95%.Thus,it was proved that the LEACH and Fuzzy-based IDS approaches are the best choices for securing data transmission in an energy-efficient manner.展开更多
The novel SoftwareDefined Networking(SDN)architecture potentially resolves specific challenges arising from rapid internet growth of and the static nature of conventional networks to manage organizational business req...The novel SoftwareDefined Networking(SDN)architecture potentially resolves specific challenges arising from rapid internet growth of and the static nature of conventional networks to manage organizational business requirements with distinctive features.Nevertheless,such benefits lead to a more adverse environment entailing network breakdown,systems paralysis,and online banking fraudulence and robbery.As one of the most common and dangerous threats in SDN,probe attack occurs when the attacker scans SDN devices to collect the necessary knowledge on system susceptibilities,which is thenmanipulated to undermine the entire system.Precision,high performance,and real-time systems prove pivotal in successful goal attainment through feature selection to minimize computation time,optimize prediction performance,and provide a holistic understanding of machine learning data.As the extension of astute machine learning algorithms into an Intrusion Detection System(IDS)through SDN has garnered much scholarly attention within the past decade,this study recommended an effective IDS under the Grey-wolf optimizer(GWO)and Light Gradient Boosting Machine(Light-GBM)classifier for probe attack identification.The InSDN dataset was employed to train and test the proposed IDS,which is deemed to be a novel benchmarking dataset in SDN.The proposed IDS assessment demonstrated an optimized performance against that of peer IDSs in probe attack detection within SDN.The results revealed that the proposed IDS outperforms the state-of-the-art IDSs,as it achieved 99.8%accuracy,99.7%recall,99.99%precision,and 99.8%F-measure.展开更多
Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to pr...Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to protect the network from vulnerabilities and attacks.Although extensive research was reported in IDS,detecting novel intrusions with optimal features and reducing false alarm rates are still challenging.Therefore,we developed a novel fusion-based feature importance method to reduce the high dimensional feature space,which helps to identify attacks accurately with less false alarm rate.Initially,to improve training data quality,various preprocessing techniques are utilized.The Adaptive Synthetic oversampling technique generates synthetic samples for minority classes.In the proposed fusion-based feature importance,we use different approaches from the filter,wrapper,and embedded methods like mutual information,random forest importance,permutation importance,Shapley Additive exPlanations(SHAP)-based feature importance,and statistical feature importance methods like the difference of mean and median and standard deviation to rank each feature according to its rank.Then by simple plurality voting,the most optimal features are retrieved.Then the optimal features are fed to various models like Extra Tree(ET),Logistic Regression(LR),Support vector Machine(SVM),Decision Tree(DT),and Extreme Gradient Boosting Machine(XGBM).Then the hyperparameters of classification models are tuned with Halving Random Search cross-validation to enhance the performance.The experiments were carried out on the original imbalanced data and balanced data.The outcomes demonstrate that the balanced data scenario knocked out the imbalanced data.Finally,the experimental analysis proved that our proposed fusionbased feature importance performed well with XGBM giving an accuracy of 99.86%,99.68%,and 92.4%,with 9,7 and 8 features by training time of 1.5,4.5 and 5.5 s on Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD),Canadian Institute for Cybersecurity(CIC-IDS 2017),and UNSW-NB15,datasets respectively.In addition,the suggested technique has been examined and contrasted with the state of art methods on three datasets.展开更多
In many commercial and public sectors,the Internet of Things(IoT)is deeply embedded.Cyber security threats aimed at compromising the security,reliability,or accessibility of data are a serious concern for the IoT.Due ...In many commercial and public sectors,the Internet of Things(IoT)is deeply embedded.Cyber security threats aimed at compromising the security,reliability,or accessibility of data are a serious concern for the IoT.Due to the collection of data from several IoT devices,the IoT presents unique challenges for detecting anomalous behavior.It is the responsibility of an Intrusion Detection System(IDS)to ensure the security of a network by reporting any suspicious activity.By identifying failed and successful attacks,IDS provides a more comprehensive security capability.A reliable and efficient anomaly detection system is essential for IoT-driven decision-making.Using deep learning-based anomaly detection,this study proposes an IoT anomaly detection system capable of identifying relevant characteristics in a controlled environment.These factors are used by the classifier to improve its ability to identify fraudulent IoT data.For efficient outlier detection,the author proposed a Convolutional Neural Network(CNN)with Long Short Term Memory(LSTM)based Attention Mechanism(ACNN-LSTM).As part of the ACNN-LSTM model,CNN units are deployed with an attention mechanism to avoid memory loss and gradient dispersion.Using the N-BaIoT and IoT-23 datasets,the model is verified.According to the N-BaIoT dataset,the overall accuracy is 99%,and precision,recall,and F1-score are also 0.99.In addition,the IoT-23 dataset shows a commendable accuracy of 99%.In terms of accuracy and recall,it scored 0.99,while the F1-score was 0.98.The LSTM model with attention achieved an accuracy of 95%,while the CNN model achieved an accuracy of 88%.According to the loss graph,attention-based models had lower loss values,indicating that they were more effective at detecting anomalies.In both the N-BaIoT and IoT-23 datasets,the receiver operating characteristic and area under the curve(ROC-AUC)graphs demonstrated exceptional accuracy of 99%to 100%for the Attention-based CNN and LSTM models.This indicates that these models are capable of making precise predictions.展开更多
Deep learning(DL)is a subdivision of machine learning(ML)that employs numerous algorithms,each of which provides various explanations of the data it consumes;mobile ad-hoc networks(MANET)are growing in promi-nence.For...Deep learning(DL)is a subdivision of machine learning(ML)that employs numerous algorithms,each of which provides various explanations of the data it consumes;mobile ad-hoc networks(MANET)are growing in promi-nence.For reasons including node mobility,due to MANET’s potential to provide small-cost solutions for real-world contact challenges,decentralized management,and restricted bandwidth,MANETs are more vulnerable to security threats.When protecting MANETs from attack,encryption and authentication schemes have their limits.However,deep learning(DL)approaches in intrusion detection sys-tems(IDS)can adapt to the changing environment of MANETs and allow a sys-tem to make intrusion decisions while learning about its mobility in the environment.IDSs are a secondary defiance system for mobile ad-hoc networks vs.attacks since they monitor network traffic and report anything unusual.Recently,many scientists have employed deep neural networks(DNNs)to address intrusion detection concerns.This paper used MANET to recognize com-plex patterns by focusing on security standards through efficiency determination and identifying malicious nodes,and mitigating network attacks using the three algorithms presented Cascading Back Propagation Neural Network(CBPNN),Feedforward-Neural-Network(FNN),and Cascading-Back-Propagation-Neural-Network(CBPNN)(FFNN).In addition to Convolutional-Neural-Network(CNN),these primary forms of deep neural network(DNN)building designs are widely used to improve the performance of intrusion detection systems(IDS)and the use of IDS in conjunction with machine learning(ML).Further-more,machine learning(ML)techniques than their statistical and logical methods provide MANET network learning capabilities and encourage adaptation to differ-ent environments.Compared with another current model,The proposed model has better average receiving packet(ARP)and end-to-end(E2E)performance.The results have been obtained from CBP,FFNN and CNN 74%,82%and 85%,respectively,by the time(27,18,and 17 s).展开更多
Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increas...Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works.展开更多
Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the ...Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.展开更多
Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work e...Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work effectively unless they are combined with additional algorithms that can alter the classifier’s parameters or select the optimal sub-set of features for the problem.Optimizers are used in tandem with classifiers to increase the stability and with efficiency of the classifiers in detecting invasion.These algorithms,on the other hand,have a number of limitations,particularly when used to detect new types of threats.In this paper,the NSL KDD dataset and KDD Cup 99 is used to find the performance of the proposed classifier model and compared;These two IDS dataset is preprocessed,then Auto Cryptographic Denoising(ACD)adopted to remove noise in the feature of the IDS dataset;the classifier algorithms,K-Means and Neural network classifies the dataset with adam optimizer.IDS classifier is evaluated by measuring performance measures like f-measure,recall,precision,detection rate and accuracy.The neural network obtained the highest classifying accuracy as 91.12%with drop-out function that shows the efficiency of the classifier model with drop-out function for KDD Cup99 dataset.Explaining their power and limitations in the proposed methodology that could be used in future works in the IDS area.展开更多
Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural N...Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions.展开更多
目的:探索分化抑制因子3及分化抑制因子4(inhibitor of differentiation 3 and inhibitor of differentiation 4,ID3/ID4)两基因在急性髓系白血病(acute myeloid leukemia,AML)患者骨髓中的表达及其临床意义。方法:应用实时荧光定量PCR...目的:探索分化抑制因子3及分化抑制因子4(inhibitor of differentiation 3 and inhibitor of differentiation 4,ID3/ID4)两基因在急性髓系白血病(acute myeloid leukemia,AML)患者骨髓中的表达及其临床意义。方法:应用实时荧光定量PCR的方法检测32例非恶性血液病(设对照组)及133例初诊AML患者骨髓单个核细胞中ID3/ID4转录本水平,通过分组分析两者表达的临床意义。结果:AML患者骨髓中ID3/ID4转录本水平较对照组均显著降低(P=0.001及0.002),并且两者之间表达存在轻度正相关(r=0.282,P=0.001)。接收者操作特征曲线分析揭示ID3/ID4转录本水平可作为辅助诊断AML的潜在分子标志(AUC=0.682,P=0.001及AUC=0.673,P=0.002)。通过分组分析发现ID3低表达组患者年龄略小于ID3高表达组患者(P=0.054),NRAS突变频率略低于ID3高表达组患者(P=0.053)。ID4低表达组患者白细胞计数略高于ID4高表达组患者(P=0.088),CEBPA突变频率略高于ID4高表达组患者(P=0.099)。此外,无论在全部患者还是非M3患者中,ID4低表达组病例经过诱导化疗后达完全缓解的概率略低于ID4高表达组病例(P=0.080及0.065)。生存分析发现AML患者及其亚组(非M3及正常核型)中ID3低表达与ID3高表达组患者总体生存相似(P>0.05),ID4低表达病例的总体生存略低于ID4高表达组病例(P=0.058),而在非M3及正常核型患者中存在显著统计学差异(P=0.014及0.002)。结论:ID3/ID4表达下调可能是AML中的常见分子事件,其中ID4表达可能为AML预后判断提供重要参考。展开更多
文摘The key objective of intrusion detection systems(IDS)is to protect the particular host or network by investigating and predicting the network traffic as an attack or normal.These IDS uses many methods of machine learning(ML)to learn from pastexperience attack i.e.signatures based and identify the new ones.Even though these methods are effective,but they have to suffer from large computational costs due to considering all the traffic features,together.Moreover,emerging technologies like the Internet of Things(Io T),big data,etc.are getting advanced day by day;as a result,network traffics are also increasing rapidly.Therefore,the issue of computational cost needs to be addressed properly.Thus,in this research,firstly,the ML methods have been used with the feature selection technique(FST)to reduce the number of features by picking out only the important ones from NSL-KDD,CICIDS2017,and CIC-DDo S2019datasets later that helped to build IDSs with lower cost but with the higher performance which would be appropriate for vast scale network.The experimental result demonstrated that the proposed model i.e.Decision tree(DT)with Recursive feature elimination(RFE)performs better than other classifiers with RFE in terms of accuracy,specificity,precision,sensitivity,F1-score,and G-means on the investigated datasets.
基金funded by the Deanship of Scientific Research at Imam Mohammad Ibn Saud Islamic University(IMSIU)through Research Partnership Program No.RP-21-07-09.
文摘Cloud computing environments,characterized by dynamic scaling,distributed architectures,and complex work-loads,are increasingly targeted by malicious actors.These threats encompass unauthorized access,data breaches,denial-of-service attacks,and evolving malware variants.Traditional security solutions often struggle with the dynamic nature of cloud environments,highlighting the need for robust Adaptive Cloud Intrusion Detection Systems(CIDS).Existing adaptive CIDS solutions,while offering improved detection capabilities,often face limitations such as reliance on approximations for change point detection,hindering their precision in identifying anomalies.This can lead to missed attacks or an abundance of false alarms,impacting overall security effectiveness.To address these challenges,we propose ACIDS(Adaptive Cloud Intrusion Detection System)-PELT.This novel Adaptive CIDS framework leverages the Pruned Exact Linear Time(PELT)algorithm and a Support Vector Machine(SVM)for enhanced accuracy and efficiency.ACIDS-PELT comprises four key components:(1)Feature Selection:Utilizing a hybrid harmony search algorithm and the symmetrical uncertainty filter(HSO-SU)to identify the most relevant features that effectively differentiate between normal and anomalous network traffic in the cloud environment.(2)Surveillance:Employing the PELT algorithm to detect change points within the network traffic data,enabling the identification of anomalies and potential security threats with improved precision compared to existing approaches.(3)Training Set:Labeled network traffic data forms the training set used to train the SVM classifier to distinguish between normal and anomalous behaviour patterns.(4)Testing Set:The testing set evaluates ACIDS-PELT’s performance by measuring its accuracy,precision,and recall in detecting security threats within the cloud environment.We evaluate the performance of ACIDS-PELT using the NSL-KDD benchmark dataset.The results demonstrate that ACIDS-PELT outperforms existing cloud intrusion detection techniques in terms of accuracy,precision,and recall.This superiority stems from ACIDS-PELT’s ability to overcome limitations associated with approximation and imprecision in change point detection while offering a more accurate and precise approach to detecting security threats in dynamic cloud environments.
基金The authors would like to thank Princess Nourah bint Abdulrahman University for funding this project through the Researchers Supporting Project(PNURSP2023R319)this research was funded by the Prince Sultan University,Riyadh,Saudi Arabia.
文摘Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.
文摘Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,and can be addressed using clustering and routing techniques.Information is sent from the source to the BS via routing procedures.However,these routing protocols must ensure that packets are delivered securely,guaranteeing that neither adversaries nor unauthentic individuals have access to the sent information.Secure data transfer is intended to protect the data from illegal access,damage,or disruption.Thus,in the proposed model,secure data transmission is developed in an energy-effective manner.A low-energy adaptive clustering hierarchy(LEACH)is developed to efficiently transfer the data.For the intrusion detection systems(IDS),Fuzzy logic and artificial neural networks(ANNs)are proposed.Initially,the nodes were randomly placed in the network and initialized to gather information.To ensure fair energy dissipation between the nodes,LEACH randomly chooses cluster heads(CHs)and allocates this role to the various nodes based on a round-robin management mechanism.The intrusion-detection procedure was then utilized to determine whether intruders were present in the network.Within the WSN,a Fuzzy interference rule was utilized to distinguish the malicious nodes from legal nodes.Subsequently,an ANN was employed to distinguish the harmful nodes from suspicious nodes.The effectiveness of the proposed approach was validated using metrics that attained 97%accuracy,97%specificity,and 97%sensitivity of 95%.Thus,it was proved that the LEACH and Fuzzy-based IDS approaches are the best choices for securing data transmission in an energy-efficient manner.
基金The authors would like to thank the Deanship of Scientific Research and the research ServicesSupport Unit(RSSU)at King Saud University for their support in this paper.
文摘The novel SoftwareDefined Networking(SDN)architecture potentially resolves specific challenges arising from rapid internet growth of and the static nature of conventional networks to manage organizational business requirements with distinctive features.Nevertheless,such benefits lead to a more adverse environment entailing network breakdown,systems paralysis,and online banking fraudulence and robbery.As one of the most common and dangerous threats in SDN,probe attack occurs when the attacker scans SDN devices to collect the necessary knowledge on system susceptibilities,which is thenmanipulated to undermine the entire system.Precision,high performance,and real-time systems prove pivotal in successful goal attainment through feature selection to minimize computation time,optimize prediction performance,and provide a holistic understanding of machine learning data.As the extension of astute machine learning algorithms into an Intrusion Detection System(IDS)through SDN has garnered much scholarly attention within the past decade,this study recommended an effective IDS under the Grey-wolf optimizer(GWO)and Light Gradient Boosting Machine(Light-GBM)classifier for probe attack identification.The InSDN dataset was employed to train and test the proposed IDS,which is deemed to be a novel benchmarking dataset in SDN.The proposed IDS assessment demonstrated an optimized performance against that of peer IDSs in probe attack detection within SDN.The results revealed that the proposed IDS outperforms the state-of-the-art IDSs,as it achieved 99.8%accuracy,99.7%recall,99.99%precision,and 99.8%F-measure.
文摘Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to protect the network from vulnerabilities and attacks.Although extensive research was reported in IDS,detecting novel intrusions with optimal features and reducing false alarm rates are still challenging.Therefore,we developed a novel fusion-based feature importance method to reduce the high dimensional feature space,which helps to identify attacks accurately with less false alarm rate.Initially,to improve training data quality,various preprocessing techniques are utilized.The Adaptive Synthetic oversampling technique generates synthetic samples for minority classes.In the proposed fusion-based feature importance,we use different approaches from the filter,wrapper,and embedded methods like mutual information,random forest importance,permutation importance,Shapley Additive exPlanations(SHAP)-based feature importance,and statistical feature importance methods like the difference of mean and median and standard deviation to rank each feature according to its rank.Then by simple plurality voting,the most optimal features are retrieved.Then the optimal features are fed to various models like Extra Tree(ET),Logistic Regression(LR),Support vector Machine(SVM),Decision Tree(DT),and Extreme Gradient Boosting Machine(XGBM).Then the hyperparameters of classification models are tuned with Halving Random Search cross-validation to enhance the performance.The experiments were carried out on the original imbalanced data and balanced data.The outcomes demonstrate that the balanced data scenario knocked out the imbalanced data.Finally,the experimental analysis proved that our proposed fusionbased feature importance performed well with XGBM giving an accuracy of 99.86%,99.68%,and 92.4%,with 9,7 and 8 features by training time of 1.5,4.5 and 5.5 s on Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD),Canadian Institute for Cybersecurity(CIC-IDS 2017),and UNSW-NB15,datasets respectively.In addition,the suggested technique has been examined and contrasted with the state of art methods on three datasets.
基金supported via funding from Prince Sattam Bin Abdulaziz University Project Number(PSAU/2023/R/1444).
文摘In many commercial and public sectors,the Internet of Things(IoT)is deeply embedded.Cyber security threats aimed at compromising the security,reliability,or accessibility of data are a serious concern for the IoT.Due to the collection of data from several IoT devices,the IoT presents unique challenges for detecting anomalous behavior.It is the responsibility of an Intrusion Detection System(IDS)to ensure the security of a network by reporting any suspicious activity.By identifying failed and successful attacks,IDS provides a more comprehensive security capability.A reliable and efficient anomaly detection system is essential for IoT-driven decision-making.Using deep learning-based anomaly detection,this study proposes an IoT anomaly detection system capable of identifying relevant characteristics in a controlled environment.These factors are used by the classifier to improve its ability to identify fraudulent IoT data.For efficient outlier detection,the author proposed a Convolutional Neural Network(CNN)with Long Short Term Memory(LSTM)based Attention Mechanism(ACNN-LSTM).As part of the ACNN-LSTM model,CNN units are deployed with an attention mechanism to avoid memory loss and gradient dispersion.Using the N-BaIoT and IoT-23 datasets,the model is verified.According to the N-BaIoT dataset,the overall accuracy is 99%,and precision,recall,and F1-score are also 0.99.In addition,the IoT-23 dataset shows a commendable accuracy of 99%.In terms of accuracy and recall,it scored 0.99,while the F1-score was 0.98.The LSTM model with attention achieved an accuracy of 95%,while the CNN model achieved an accuracy of 88%.According to the loss graph,attention-based models had lower loss values,indicating that they were more effective at detecting anomalies.In both the N-BaIoT and IoT-23 datasets,the receiver operating characteristic and area under the curve(ROC-AUC)graphs demonstrated exceptional accuracy of 99%to 100%for the Attention-based CNN and LSTM models.This indicates that these models are capable of making precise predictions.
文摘Deep learning(DL)is a subdivision of machine learning(ML)that employs numerous algorithms,each of which provides various explanations of the data it consumes;mobile ad-hoc networks(MANET)are growing in promi-nence.For reasons including node mobility,due to MANET’s potential to provide small-cost solutions for real-world contact challenges,decentralized management,and restricted bandwidth,MANETs are more vulnerable to security threats.When protecting MANETs from attack,encryption and authentication schemes have their limits.However,deep learning(DL)approaches in intrusion detection sys-tems(IDS)can adapt to the changing environment of MANETs and allow a sys-tem to make intrusion decisions while learning about its mobility in the environment.IDSs are a secondary defiance system for mobile ad-hoc networks vs.attacks since they monitor network traffic and report anything unusual.Recently,many scientists have employed deep neural networks(DNNs)to address intrusion detection concerns.This paper used MANET to recognize com-plex patterns by focusing on security standards through efficiency determination and identifying malicious nodes,and mitigating network attacks using the three algorithms presented Cascading Back Propagation Neural Network(CBPNN),Feedforward-Neural-Network(FNN),and Cascading-Back-Propagation-Neural-Network(CBPNN)(FFNN).In addition to Convolutional-Neural-Network(CNN),these primary forms of deep neural network(DNN)building designs are widely used to improve the performance of intrusion detection systems(IDS)and the use of IDS in conjunction with machine learning(ML).Further-more,machine learning(ML)techniques than their statistical and logical methods provide MANET network learning capabilities and encourage adaptation to differ-ent environments.Compared with another current model,The proposed model has better average receiving packet(ARP)and end-to-end(E2E)performance.The results have been obtained from CBP,FFNN and CNN 74%,82%and 85%,respectively,by the time(27,18,and 17 s).
文摘Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works.
基金supported in part by the 2021 Autonomous Driving Development Innovation Project of the Ministry of Science and ICT,‘Development of Technology for Security and Ultra-High-Speed Integrity of the Next-Generation Internal Net-Work of Autonomous Vehicles’(No.2021-0-01348)and in part by the National Research Foundation of Korea(NRF)grant funded by the Korean Government Ministry of Science and ICT(MSIT)under Grant NRF-2021R1A2C2014428.
文摘Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.
文摘Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work effectively unless they are combined with additional algorithms that can alter the classifier’s parameters or select the optimal sub-set of features for the problem.Optimizers are used in tandem with classifiers to increase the stability and with efficiency of the classifiers in detecting invasion.These algorithms,on the other hand,have a number of limitations,particularly when used to detect new types of threats.In this paper,the NSL KDD dataset and KDD Cup 99 is used to find the performance of the proposed classifier model and compared;These two IDS dataset is preprocessed,then Auto Cryptographic Denoising(ACD)adopted to remove noise in the feature of the IDS dataset;the classifier algorithms,K-Means and Neural network classifies the dataset with adam optimizer.IDS classifier is evaluated by measuring performance measures like f-measure,recall,precision,detection rate and accuracy.The neural network obtained the highest classifying accuracy as 91.12%with drop-out function that shows the efficiency of the classifier model with drop-out function for KDD Cup99 dataset.Explaining their power and limitations in the proposed methodology that could be used in future works in the IDS area.
文摘Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions.
文摘目的:探索分化抑制因子3及分化抑制因子4(inhibitor of differentiation 3 and inhibitor of differentiation 4,ID3/ID4)两基因在急性髓系白血病(acute myeloid leukemia,AML)患者骨髓中的表达及其临床意义。方法:应用实时荧光定量PCR的方法检测32例非恶性血液病(设对照组)及133例初诊AML患者骨髓单个核细胞中ID3/ID4转录本水平,通过分组分析两者表达的临床意义。结果:AML患者骨髓中ID3/ID4转录本水平较对照组均显著降低(P=0.001及0.002),并且两者之间表达存在轻度正相关(r=0.282,P=0.001)。接收者操作特征曲线分析揭示ID3/ID4转录本水平可作为辅助诊断AML的潜在分子标志(AUC=0.682,P=0.001及AUC=0.673,P=0.002)。通过分组分析发现ID3低表达组患者年龄略小于ID3高表达组患者(P=0.054),NRAS突变频率略低于ID3高表达组患者(P=0.053)。ID4低表达组患者白细胞计数略高于ID4高表达组患者(P=0.088),CEBPA突变频率略高于ID4高表达组患者(P=0.099)。此外,无论在全部患者还是非M3患者中,ID4低表达组病例经过诱导化疗后达完全缓解的概率略低于ID4高表达组病例(P=0.080及0.065)。生存分析发现AML患者及其亚组(非M3及正常核型)中ID3低表达与ID3高表达组患者总体生存相似(P>0.05),ID4低表达病例的总体生存略低于ID4高表达组病例(P=0.058),而在非M3及正常核型患者中存在显著统计学差异(P=0.014及0.002)。结论:ID3/ID4表达下调可能是AML中的常见分子事件,其中ID4表达可能为AML预后判断提供重要参考。
