Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System

The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene.

L_(1)-Smooth SVM with Distributed Adaptive Proximal Stochastic Gradient Descent with Momentum for Fast Brain Tumor Detection

Brain tumors come in various types,each with distinct characteristics and treatment approaches,making manual detection a time-consuming and potentially ambiguous process.Brain tumor detection is a valuable tool for gaining a deeper understanding of tumors and improving treatment outcomes.Machine learning models have become key players in automating brain tumor detection.Gradient descent methods are the mainstream algorithms for solving machine learning models.In this paper,we propose a novel distributed proximal stochastic gradient descent approach to solve the L_(1)-Smooth Support Vector Machine(SVM)classifier for brain tumor detection.Firstly,the smooth hinge loss is introduced to be used as the loss function of SVM.It avoids the issue of nondifferentiability at the zero point encountered by the traditional hinge loss function during gradient descent optimization.Secondly,the L_(1) regularization method is employed to sparsify features and enhance the robustness of the model.Finally,adaptive proximal stochastic gradient descent(PGD)with momentum,and distributed adaptive PGDwithmomentum(DPGD)are proposed and applied to the L_(1)-Smooth SVM.Distributed computing is crucial in large-scale data analysis,with its value manifested in extending algorithms to distributed clusters,thus enabling more efficient processing ofmassive amounts of data.The DPGD algorithm leverages Spark,enabling full utilization of the computer’s multi-core resources.Due to its sparsity induced by L_(1) regularization on parameters,it exhibits significantly accelerated convergence speed.From the perspective of loss reduction,DPGD converges faster than PGD.The experimental results show that adaptive PGD withmomentumand its variants have achieved cutting-edge accuracy and efficiency in brain tumor detection.Frompre-trained models,both the PGD andDPGD outperform other models,boasting an accuracy of 95.21%.

CL2ES-KDBC:A Novel Covariance Embedded Selection Based on Kernel Distributed Bayes Classifier for Detection of Cyber-Attacks in IoT Systems

The Internet of Things(IoT)is a growing technology that allows the sharing of data with other devices across wireless networks.Specifically,IoT systems are vulnerable to cyberattacks due to its opennes The proposed work intends to implement a new security framework for detecting the most specific and harmful intrusions in IoT networks.In this framework,a Covariance Linear Learning Embedding Selection(CL2ES)methodology is used at first to extract the features highly associated with the IoT intrusions.Then,the Kernel Distributed Bayes Classifier(KDBC)is created to forecast attacks based on the probability distribution value precisely.In addition,a unique Mongolian Gazellas Optimization(MGO)algorithm is used to optimize the weight value for the learning of the classifier.The effectiveness of the proposed CL2ES-KDBC framework has been assessed using several IoT cyber-attack datasets,The obtained results are then compared with current classification methods regarding accuracy(97%),precision(96.5%),and other factors.Computational analysis of the CL2ES-KDBC system on IoT intrusion datasets is performed,which provides valuable insight into its performance,efficiency,and suitability for securing IoT networks.

A Distributed Ant Colony Optimization Applied in Edge Detection

With the rise of image data and increased complexity of tasks in edge detection, conventional artificial intelligence techniques have been severely impacted. To be able to solve even greater problems of the future, learning algorithms must maintain high speed and accuracy through economical means. Traditional edge detection approaches cannot detect edges in images in a timely manner due to memory and computational time constraints. In this work, a novel parallelized ant colony optimization technique in a distributed framework provided by the Hadoop/Map-Reduce infrastructure is proposed to improve the edge detection capabilities. Moreover, a filtering technique is applied to reduce the noisy background of images to achieve significant improvement in the accuracy of edge detection. Close examinations of the implementation of the proposed algorithm are discussed and demonstrated through experiments. Results reveal high classification accuracy and significant improvements in speedup, scaleup and sizeup compared to the standard algorithms.

Dis-NDVW: Distributed Network Asset Detection and Vulnerability Warning Platform

With the rapid development of Internet technology,the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry.However,most existing detection tools operate in a single-node mode and cannot parallelly process large-scale tasks,which cannot meet the current needs of the industry.To address the above issues,this paper proposes a distributed network asset detection and vulnerability warning platform(Dis-NDVW)based on distributed systems and multiple detection tools.Specifically,this paper proposes a distributed message sub-scription and publication system based on Zookeeper and Kafka,which endows Dis-NDVW with the ability to parallelly process large-scale tasks.Meanwhile,Dis-NDVW combines the RangeAssignor,RoundRobinAssignor,and StickyAssignor algorithms to achieve load balancing of task nodes in a distributed detection cluster.In terms of a large-scale task processing strategy,this paper proposes a task partitioning method based on First-In-First-Out(FIFO)queue.This method realizes the parallel operation of task producers and task consumers by dividing pending tasks into different queues according to task types.To ensure the data reliability of the task cluster,Dis-NDVW provides a redundant storage strategy for master-slave partition replicas.In terms of distributed storage,Dis-NDVW utilizes a distributed elastic storage service based on ElasticSearch to achieve distributed storage and efficient retrieval of big data.Experimental verification shows that Dis-NDVW can better meet the basic requirements of ultra-large-scale detection tasks.

Detection method of forward-scatter signal based on Rényi entropy

The application scope of the forward scatter radar(FSR)based on the Global Navigation Satellite System(GNSS)can be expanded by improving the detection capability.Firstly,the forward-scatter signal model when the target crosses the baseline is constructed.Then,the detection method of the for-ward-scatter signal based on the Rényi entropy of time-fre-quency distribution is proposed and the detection performance with different time-frequency distributions is compared.Simula-tion results show that the method based on the smooth pseudo Wigner-Ville distribution(SPWVD)can achieve the best perfor-mance.Next,combined with the geometry of FSR,the influence on detection performance of the relative distance between the target and the baseline is analyzed.Finally,the proposed method is validated by the anechoic chamber measurements and the results show that the detection ability has a 10 dB improvement compared with the common constant false alarm rate(CFAR)detection.

Adaptive Butterfly Optimization Algorithm(ABOA)Based Feature Selection and Deep Neural Network(DNN)for Detection of Distributed Denial-of-Service(DDoS)Attacks in Cloud

Cloud computing technology provides flexible,on-demand,and completely controlled computing resources and services are highly desirable.Despite this,with its distributed and dynamic nature and shortcomings in virtualization deployment,the cloud environment is exposed to a wide variety of cyber-attacks and security difficulties.The Intrusion Detection System(IDS)is a specialized security tool that network professionals use for the safety and security of the networks against attacks launched from various sources.DDoS attacks are becoming more frequent and powerful,and their attack pathways are continually changing,which requiring the development of new detection methods.Here the purpose of the study is to improve detection accuracy.Feature Selection(FS)is critical.At the same time,the IDS’s computational problem is limited by focusing on the most relevant elements,and its performance and accuracy increase.In this research work,the suggested Adaptive butterfly optimization algorithm(ABOA)framework is used to assess the effectiveness of a reduced feature subset during the feature selection phase,that was motivated by this motive Candidates.Accurate classification is not compromised by using an ABOA technique.The design of Deep Neural Networks(DNN)has simplified the categorization of network traffic into normal and DDoS threat traffic.DNN’s parameters can be finetuned to detect DDoS attacks better using specially built algorithms.Reduced reconstruction error,no exploding or vanishing gradients,and reduced network are all benefits of the changes outlined in this paper.When it comes to performance criteria like accuracy,precision,recall,and F1-Score are the performance measures that show the suggested architecture outperforms the other existing approaches.Hence the proposed ABOA+DNN is an excellent method for obtaining accurate predictions,with an improved accuracy rate of 99.05%compared to other existing approaches.

Performance Analysis of Distributed Neyman-Pearson Detection Systems

The performance of a distributed Neyman-Pearson detection system is considered with the decision rules of the sensors given and the decisions from different sensors being mutually independent conditioned on both hypothese. To achieve the better performance at the fusion center for a general detection system of n 〉 3 sensor configuration, the necessary and sufficient conditions are derived by comparing the probability of detec- tion at the fusion center with that of each of the sensors, with the constraint that the probability of false alarm at the fusion center is equal to that of the sensor. The conditions are related with the performances of the sensors and using the results we can predict the performance at the fusion center of a distributed detection system and can choose appropriate sensors to construct efficient distributed detection systems.

Performance Study of Distributed Multi-Agent Intrusion Detection System

Traditional Intrusion Detection System （IDS） based on hosts or networks no longer meets the security requirements in today＇s network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.

Single Source Self-Screen Jamming Elimination and Target Detection for Distributed Dual Antennas Radar System

Detecting target echo in the existence of self-screen jamming is a challenging work for radar system, especially when digital radio frequency memory(DRFM) technique is employed that mixes the jamming and target echo both in spatial and time-frequency domain. The conventional way to solve this problem would suffer from performance degradation when physical target(PT) and false target(FT) are superposed in time. In this paper, we propose a new spatial filter according to the different correlation characteristic between PT and FT. The filter takes the ratio of expected signal power to expected jamming and noise power as the objective function under the constant filter modulus constraint. The optimal filter coefficients are derived with a generalized rayleigh quotient approach. Moreover, we analytically compute the target detection probability and demonstrate the applicability of the proposed method to the correlation coefficient. Monte Carlo simulations are provided to corroborate the proposed studies. Furthermore, the proposed method has simple architecture and low computation complexity, making it easily applied in modern radar system.

Finite sensor selection algorithm in distributed MIMO radar for joint target tracking and detection

Due to the requirement of anti-interception and the limitation of processing capability of the fusion center, the subarray selection is very important for the distributed multiple-input multiple-output(MIMO) radar system, especially in the hostile environment. In such conditions, an efficient subarray selection strategy is proposed for MIMO radar performing tasks of target tracking and detection. The goal of the proposed strategy is to minimize the worst-case predicted posterior Cramer-Rao lower bound(PCRLB) while maximizing the detection probability for a certain region. It is shown that the subarray selection problem is NP-hard, and a modified particle swarm optimization(MPSO) algorithm is developed as the solution strategy. A large number of simulations verify that the MPSO can provide close performance to the exhaustive search(ES) algorithm. Furthermore, the MPSO has the advantages of simpler structure and lower computational complexity than the multi-start local search algorithm.

A Distributed Intrusion Detection Model via Nondestructive Partitioning and Balanced Allocation for Big Data

There are two key issues in distributed intrusion detection system,that is,maintaining load balance of system and protecting data integrity.To address these issues,this paper proposes a new distributed intrusion detection model for big data based on nondestructive partitioning and balanced allocation.A data allocation strategy based on capacity and workload is introduced to achieve local load balance,and a dynamic load adjustment strategy is adopted to maintain global load balance of cluster.Moreover,data integrity is protected by using session reassemble and session partitioning.The simulation results show that the new model enjoys favorable advantages such as good load balance,higher detection rate and detection efficiency.

Simulation of distributed optical fiber disturbance detection system based on Sagnac/Mach-Zehnder interferometer and cross-correlation location

A distributed optical fiber disturbance detection system consisted of a Sagnac interferometer and a Mach-Zehnder interferometer is demonstrated. Two interferometers outputs are connected to an electric band-pass filter via a detector respectively. The central frequencies of the two filters are selected adaptively according to the disturbance frequency. The disturbance frequency is obtained by either frequency spectrum of the two interferometers outputs. An alarm is given out only when the Sagnac interferometer output is changed. A disturbance position is determined by calculating a time difference with a cross-correlation method between the filter output connected to the Sagnac interferometer and derivative of the filter output connected to the Mach-Zehnder interferometer. The frequency spectrum, derivative and cross-correlation are obtained by a signal processing system. Theory analysis and simulation results are presented. They show that the system structure and location method are effective, accurate, and immune to environmental variations.

Islanding Detection Method for Multi-Inverter Distributed Generation

Islanding detection is an essential function for safety and reliability in grid-connected distributed generation (DG) systems. Several methods for islanding detection are proposed, but most of them may fail under multi-source configurations, or they may produce important power quality degradation which gets worse with increasing DG penetration. This paper presents an active islanding detection algorithm for Voltage Source Inverter (VSI) based multi-source DG systems. The proposed method is based on the Voltage Positive Feedback (VPF) theory to generate a limited active power perturbation. Theoretical analyses were performed and simulations by MATLAB /Simulink /SimPowerSystems were used to evaluate the algorithm’s performance and its advantages concerning the time response and the effects on power quality, which turned out to be negligible. The algorithm performance was tested under critical conditions: load with unity power factor, load with high quality factor, and load matching DER’s powers.

Distributed Fault Detection for Consensus in Second-Order Discrete-Time Multiagent Systems with Adversary

This paper is concerned with distributed fault detection of second-order discrete-time multi-agent systems with adversary,where the adversary is regarded as a slowly time-varying signal.Firstly,a novel intrusion detection scheme based on the theory of unknown input observability( UIO) is proposed. By constructing a bank of UIO,the states of the malicious agents can be directly estimated. Secondly,the faulty-node-removal algorithm is provided.Simulations are also provided to demonstrate the effectiveness of the theoretical results.

Wireless distributed computing for cyclostationary feature detection

Recently, wireless distributed computing （WDC） concept has emerged promising manifolds improvements to current wireless technotogies. Despite the various expected benefits of this concept, significant drawbacks were addressed in the open literature. One of WDC key challenges is the impact of wireless channel quality on the load of distributed computations. Therefore, this research investigates the wireless channel impact on WDC performance when the tatter is applied to spectrum sensing in cognitive radio （CR） technology. However, a trade- off is found between accuracy and computational complexity in spectrum sensing approaches. Increasing these approaches accuracy is accompanied by an increase in computational complexity. This results in greater power consumption and processing time. A novel WDC scheme for cyclostationary feature detection spectrum sensing approach is proposed in this paper and thoroughly investigated. The benefits of the proposed scheme are firstly presented. Then, the impact of the wireless channel of the proposed scheme is addressed considering two scenarios. In the first scenario, workload matrices are distributed over the wireless channel

Improved Ship Target Detection Accuracy in SAR Image Based on Modified CFAR Algorithm

A novel algorithm for the detection of ship target with high accuracy in the synthetic aperture radar(SAR) with high spatial resolution image is proposed. The SAR image may include not only the ship targets but also the interferences such as the sea clutter,the strong reflection target,the sidelobe and so on.The conventional constant false alarm rate(CFAR) algorithm has some disadvantages,and it has not enough prior information about the size of the ships. Hence,it cannot separate the adjacent ships correctly. A comprehensive algorithm based on the modified CFAR algorithm and opening operation is presented to solve the problem,and the detection accuracy can be improved consequently. The results of SAR image illustrate the effectiveness of the method in this paper.

Sequence detection data fusion with distributed multisensor

This Paper presents a data fusion method with distributed sequence detection for on hypothasis testingtheory including the data fusion algorithm of sequence detection based on least error probability rule, the decision ruleand the calcation formula of the detction times and the simulation result of system performance as well.

MA-IDS: A Distributed Intrusion Detection System Based on Data Mining

Aiming at the shortcomings in intrusion detection systems (IDSs) used incommercial and research fields, we propose the MA-IDS system, a distributed intrusion detectionsystem based on data mining. In this model, misuse intrusion detection system CM1DS) and anomalyintrusion de-lection system (AIDS) are combined. Data mining is applied to raise detectionperformance, and distributed mechanism is employed to increase the scalability and efficiency. Host-and network-based mining algorithms employ an improved. Bayes-ian decision theorem that suits forreal security environment to minimize the risks incurred by false decisions. We describe the overallarchitecture of the MA-IDS system, and discuss specific design and implementation issue.

A Novel Framework for DDoS Attacks Detection Using Hybrid LSTM Techniques

The recent development of cloud computing offers various services on demand for organization and individual users,such as storage,shared computing space,networking,etc.Although Cloud Computing provides various advantages for users,it remains vulnerable to many types of attacks that attract cyber criminals.Distributed Denial of Service(DDoS)is the most common type of attack on cloud computing.Consequently,Cloud computing professionals and security experts have focused on the growth of preventive processes towards DDoS attacks.Since DDoS attacks have become increasingly widespread,it becomes difficult for some DDoS attack methods based on individual network flow features to distinguish various types of DDoS attacks.Further,the monitoring pattern of traffic changes and accurate detection of DDoS attacks are most important and urgent.In this research work,DDoS attack detection methods based on deep belief network feature extraction and Hybrid Long Short-Term Memory(LSTM)model have been proposed with NSL-KDD dataset.In Hybrid LSTM method,the Particle Swarm Optimization(PSO)technique,which is combined to optimize the weights of the LSTM neural network,reduces the prediction error.This deep belief network method is used to extract the features of IP packets,and it identifies DDoS attacks based on PSO-LSTM model.Moreover,it accurately predicts normal network traffic and detects anomalies resulting from DDoS attacks.The proposed PSO-LSTM architecture outperforms the classification techniques including standard Support Vector Machine(SVM)and LSTM in terms of attack detection performance along with the results of the measurement of accuracy,recall,f-measure,precision.