A Rule-Based Approach for Grey Hole Attack Prediction in Wireless Sensor Networks

The Wireless Sensor Networks(WSN)are vulnerable to assaults due to the fact that the devices connected to them have a reliable connection to the inter-net.A malicious node acts as the controller and uses a grey hole attack to get the data from all of the other nodes in the network.Additionally,the nodes are dis-carding and modifying the data packets according to the requirements of the sys-tem.The assault modifies the fundamental concept of the WSNs,which is that different devices should communicate with one another.In the proposed system,there is a fuzzy idea offered for the purpose of preventing the grey hole attack from making effective communication among the WSN devices.The currently available model is unable to recognise the myriad of different kinds of attacks.The fuzzy engine identified suspicious actions by utilising the rules that were gen-erated to make a prediction about the malicious node that would halt the process.Experiments conducted using simulation are used to determine delay,accuracy,energy consumption,throughput,and the ratio of packets successfully delivered.It stands in contrast to the model that was suggested,as well as the methodologies that are currently being used,and analogue behavioural modelling.In comparison to the existing method,the proposed model achieves an accuracy rate of 45 per-cent,a packet delivery ratio of 79 percent,and a reduction in energy usage of around 35.6 percent.These results from the simulation demonstrate that the fuzzy grey detection technique that was presented has the potential to increase the net-work’s capability of detecting grey hole assaults.

Novel cyber-physical collaborative detection and localization method against dynamic load altering attacks in smart energy grids

Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.

Threshold-Based Software-Defined Networking(SDN)Solution for Healthcare Systems against Intrusion Attacks

The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.

A Cyber Kill Chain Approach for Detecting Advanced Persistent Threats

The number of cybersecurity incidents is on the rise despite significant investment in security measures.The existing conventional security approaches have demonstrated limited success against some of the more complex cyber-attacks.This is primarily due to the sophistication of the attacks and the availability of powerful tools.Interconnected devices such as the Internet of Things(IoT)are also increasing attack exposures due to the increase in vulnerabilities.Over the last few years,we have seen a trend moving towards embracing edge technologies to harness the power of IoT devices and 5G networks.Edge technology brings processing power closer to the network and brings many advantages,including reduced latency,while it can also introduce vulnerabilities that could be exploited.Smart cities are also dependent on technologies where everything is interconnected.This interconnectivity makes them highly vulnerable to cyber-attacks,especially by the Advanced Persistent Threat(APT),as these vulnerabilities are amplified by the need to integrate new technologies with legacy systems.Cybercriminals behind APT attacks have recently been targeting the IoT ecosystems,prevalent in many of these cities.In this paper,we used a publicly available dataset on Advanced Persistent Threats(APT)and developed a data-driven approach for detecting APT stages using the Cyber Kill Chain.APTs are highly sophisticated and targeted forms of attacks that can evade intrusion detection systems,resulting in one of the greatest current challenges facing security professionals.In this experiment,we used multiple machine learning classifiers,such as Naïve Bayes,Bayes Net,KNN,Random Forest and Support Vector Machine(SVM).We used Weka performance metrics to show the numeric results.The best performance result of 91.1%was obtained with the Naïve Bayes classifier.We hope our proposed solution will help security professionals to deal with APTs in a timely and effective manner.

Heuristic multistep attack scenarios construction based on kill chain

Network attacks evolved from single-step and simple attacks to complex multistep attacks.Current methods of multistep attack detection usually match multistep attacks from intrusion detection systems(IDS)alarms based on the correlation between attack steps.However,IDS has false negatives and false positives,which leads to incomplete or incorrect multistep attacks.Association based on simple similarity is difficult to obtain an accurate attack cluster,while association based on prior knowledge such as attack graphs is difficult to guarantee a complete attack knowledge base.To solve the above problems,a heuristic multistep attack scenarios construction method based on the kill chain(HMASCKC)model was proposed.The attack model graph can be obtained from dual data sources and heuristic multistep attack scenarios can be obtained through graph matching.The model graph of the attack and the predicted value of the next attack are obtained by calculating the matching value.And according to the purpose of the multistep attack,the kill chain model is used to define the initial multistep attack model,which is used as the initial graph for graph matching.Experimental results show that HMASCKC model can better fit the multistep attack behavior,the effect has some advantages over the longest common subsequence(LCS)algorithm,which can close to or match the prediction error of judge evaluation of attack intension(JEAN)system.The method can make multistep attack model matching for unknown attacks,so it has some advantages in practical application.

Enhancement of IoT device security using an Improved Elliptic Curve Cryptography algorithm and malware detection utilizing deep LSTM

Internet of things(IoT)has become more popular due to the development and potential of smart technology aspects.Security concerns against IoT infrastructure,applications,and devices have grown along with the need for IoT technologies.Enhanced system security protocols are difficult due to the diverse capabilities of IoT devices and the dynamic,ever-changing environment,and simply applying basic security requirements is dangerous.Therefore,this proposed work designs a malware detection and prevention approach for secure data transmission among IoT gadgets.The malware detection approach is designed with the aid of a deep learning approach.The initial process is identifying attack nodes from normal nodes through a trust value using contextual features.After discovering attack nodes,these are considered for predicting different kinds of attacks present in the network,while some preprocessing and feature extraction strategies are applied for effective classification.The Deep LSTM classifier is applied for this malware detection approach.Once completed malware detection,prevention is performed with the help of the Improved Elliptic Curve Cryptography(IECC)algorithm.A hybrid MA-BW optimization is adopted for selecting the optimal key during transmission.Python 3.8 software is used to test the performance of the proposed approach,and several existing techniques are considered to evaluate its performance.The proposed approach obtained 95%of accuracy,5%of error value and 92%of precision.In addition,the improved ECC algorithm is also compared with some existing algorithm which takes 6.02 s of execution time.Compared to the other methods,the proposed approach provides better security to IoT gadgets during data transmission.