Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,hi...Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.展开更多
Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,a...Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,and can be addressed using clustering and routing techniques.Information is sent from the source to the BS via routing procedures.However,these routing protocols must ensure that packets are delivered securely,guaranteeing that neither adversaries nor unauthentic individuals have access to the sent information.Secure data transfer is intended to protect the data from illegal access,damage,or disruption.Thus,in the proposed model,secure data transmission is developed in an energy-effective manner.A low-energy adaptive clustering hierarchy(LEACH)is developed to efficiently transfer the data.For the intrusion detection systems(IDS),Fuzzy logic and artificial neural networks(ANNs)are proposed.Initially,the nodes were randomly placed in the network and initialized to gather information.To ensure fair energy dissipation between the nodes,LEACH randomly chooses cluster heads(CHs)and allocates this role to the various nodes based on a round-robin management mechanism.The intrusion-detection procedure was then utilized to determine whether intruders were present in the network.Within the WSN,a Fuzzy interference rule was utilized to distinguish the malicious nodes from legal nodes.Subsequently,an ANN was employed to distinguish the harmful nodes from suspicious nodes.The effectiveness of the proposed approach was validated using metrics that attained 97%accuracy,97%specificity,and 97%sensitivity of 95%.Thus,it was proved that the LEACH and Fuzzy-based IDS approaches are the best choices for securing data transmission in an energy-efficient manner.展开更多
This paper explains various factors that contribute to saltwater intrusion, including overexploitation of freshwater resources and climate change as well as the different techniques essential for effective saltwater i...This paper explains various factors that contribute to saltwater intrusion, including overexploitation of freshwater resources and climate change as well as the different techniques essential for effective saltwater intrusion management. The impact of saltwater intrusion along coastal regions and its impact on the environment, hydrogeology and groundwater contamination. It suggests potential solutions to mitigate the impact of saltwater intrusion, including effective water management and techniques for managing SWI. The application of A.I (assessment index) serves as a guideline to correctly identify wells with SWI ranging from no intrusion, slight intrusion and strong intrusion. The challenges of saltwater intrusion in Lagos and the salinization of wells were investigated using the hydro-chemical parameters. The study identifies four wells (“AA”, “CMS”, “OBA” and “VIL”) as having high electric conductivities, indicating saline water intrusion, while other wells (“EBM”, “IKJ, and “IKO”) with lower electric conductivities, indicate little or no salt-water intrusion, and “AJ” well shows slight intrusion. The elevation of the wells also played a vital role in the SWI across coastal regions of Lagos. The study recommends continuous monitoring of coastal wells to help sustain and reduce saline intrusion. The findings of the study are important for policymakers, researchers, and practitioners who are interested in addressing the challenges of saltwater intrusion along coastal regions. We assessed the SWI across the eight (8) wells using the Assessment Index to identify wells with SWI. Wells in “CMS” and “VIL” has strong intrusions. A proposed classification system based on specific ion ratios categorizes water quality from good (+) to highly (-) contaminated (refer to Table 4). These findings underscore the need for attention and effective management strategies to address groundwater unsuitability for various purposes.展开更多
Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural N...Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions.展开更多
Longkou City is a coastal area,and lacks water resources.The overexploitation of groundwater causes seawater intrusion.At present,seawater intrudes an area of 68 km2.With the decrease of groundwater extraction,the sea...Longkou City is a coastal area,and lacks water resources.The overexploitation of groundwater causes seawater intrusion.At present,seawater intrudes an area of 68 km2.With the decrease of groundwater extraction,the seawater intrusion area has generally declined.The paper expounds the development process of seawater intrusion as well as the corresponding prevention and control measures of using groundwater replenishment and groundwater throttling in Longkou City.In view of the seawater intrusion problem in Longkou City,some adaptive management countermeasures are put forward,which include:Adjusting industrial and agricultural structure,promoting economic and social development to match water resources;improving water usage structure,optimizing the utilization of water resources;advancing the construction of a water-saving society,using water resources efficiently;implementing inter-basin water transfer,using water resources rationally;developing and utilizing unconventional water sources,making full use of water resources;strengthening water infrastructure construction,increasing the development and utilization potential of water resources;carrying out ecological restoration,protecting water resources and ecological environment;improving the management informationalization level,strengthening the capabilities of groundwater monitoring and management;increasing publicity,improving public awareness of participation.展开更多
Global temperature is predicted to increase in the end of the century and one of the primary consequences of this warming is the sea level rise. Considering the vulnerabilities on coastal systems and water resources, ...Global temperature is predicted to increase in the end of the century and one of the primary consequences of this warming is the sea level rise. Considering the vulnerabilities on coastal systems and water resources, it is important to evaluate the potential effects of this rising in coastal areas, since the saline intrusion on rivers would be intensified, leading to problems related to water quality. In this context, the present work aimed to verify saline intrusion changes along an important river, São Francisco Canal, located in Rio de Janeiro State, Brazil. For this purpose, a hydrodynamic modeling was performed using SisBaHiA, considering different sea levels and tide conditions. According to the results, it was verified the intensification on saline intrusion and higher salinity values due to a sea level rise of 0.5 m. These results show that new licenses for water withdrawals must be carefully analyzed as the fluvial flow plays an important role to contain the saltwater intrusion on the studied river. Accordingly, it is recommended the evaluation of climate change effects in order to choose best strategies to reduce coastal vulnerability, and the use of this theme on environmental licensing and territorial planning, integrating water planning with coastal management.展开更多
Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechani...Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry.However,real-time training and classifying network traffic pose challenges,as they can lead to the degradation of the overall dataset and difficulties preventing attacks.Additionally,existing semi-supervised learning research might need to analyze the experimental results comprehensively.This paper proposes XA-GANomaly,a novel technique for explainable adaptive semi-supervised learning using GANomaly,an image anomalous detection model that dynamically trains small subsets to these issues.First,this research introduces a deep neural network(DNN)-based GANomaly for semi-supervised learning.Second,this paper presents the proposed adaptive algorithm for the DNN-based GANomaly,which is validated with four subsets of the adaptive dataset.Finally,this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations,reconstruction error visualization,and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage,semi-supervised learning,and adaptive learning.Compared to other single-class classification techniques,the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13%and 8%of F1 scores and 4.17%and 11.51%for accuracy,respectively.Furthermore,experiments of the proposed adaptive learning reveal mostly improved results over the initial values.An analysis and monitoring system based on the combination of the three explainable methodologies is also described.Thus,the proposed method has the potential advantages to be applied in practical industry,and future research will explore handling unbalanced real-time datasets in various scenarios.展开更多
The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge...The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge for firewalls to detect and prevent due to the similarity between legit-imate and intrusion traffic.The vast network traffic volume also complicates most network monitoring systems and algorithms.Several intrusion detection methods have been proposed,with machine learning techniques regarded as promising for dealing with these incidents.This study presents an Intrusion Detection System Based on Stacking Ensemble Learning base(Random For-est,Decision Tree,and k-Nearest-Neighbors).The proposed system employs pre-processing techniques to enhance classification efficiency and integrates seven machine learning algorithms.The stacking ensemble technique increases performance by incorporating three base models(Random Forest,Decision Tree,and k-Nearest-Neighbors)and a meta-model represented by the Logistic Regression algorithm.Evaluated using the UNSW-NB15 dataset,the pro-posed IDS gained an accuracy of 96.16%in the training phase and 97.95%in the testing phase,with precision of 97.78%,and 98.40%for taring and testing,respectively.The obtained results demonstrate improvements in other measurement criteria.展开更多
A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Que...A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Query Language queries is proposed to easily permit the use of the worked clustering algorithm.A new clustering algorithm that uses a tube search with adaptive memory is applied to database log files to create users’profiles.Then,queries issued for each user are checked against the related user profile using a classifier to determine whether or not each query is malicious.The IDS will stop query execution or report the threat to the responsible person if the query is malicious.A simple classifier based on the Euclidean distance is used and the issued query is transformed to the proposed simple representation using a classifier,where the Euclidean distance between the centers and the profile’s issued query is calculated.A synthetic data set is used for our experimental evaluations.Normal user access behavior in relation to the database is modelled using the data set.The false negative(FN)and false positive(FP)rates are used to compare our proposed algorithm with other methods.The experimental results indicate that our proposed method results in very small FN and FP rates.展开更多
Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increas...Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works.展开更多
Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the ...Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.展开更多
The integration of clusters,grids,clouds,edges and other computing platforms result in contemporary technology of jungle computing.This novel technique has the aptitude to tackle high performance computation systems a...The integration of clusters,grids,clouds,edges and other computing platforms result in contemporary technology of jungle computing.This novel technique has the aptitude to tackle high performance computation systems and it manages the usage of all computing platforms at a time.Federated learning is a collaborative machine learning approach without centralized training data.The proposed system effectively detects the intrusion attack without human intervention and subsequently detects anomalous deviations in device communication behavior,potentially caused by malicious adversaries and it can emerge with new and unknown attacks.The main objective is to learn overall behavior of an intruder while performing attacks to the assumed target service.Moreover,the updated system model is send to the centralized server in jungle computing,to detect their pattern.Federated learning greatly helps the machine to study the type of attack from each device and this technique paves a way to complete dominion over all malicious behaviors.In our proposed work,we have implemented an intrusion detection system that has high accuracy,low False Positive Rate(FPR)scalable,and versatile for the jungle computing environment.The execution time taken to complete a round is less than two seconds,with an accuracy rate of 96%.展开更多
Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work e...Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work effectively unless they are combined with additional algorithms that can alter the classifier’s parameters or select the optimal sub-set of features for the problem.Optimizers are used in tandem with classifiers to increase the stability and with efficiency of the classifiers in detecting invasion.These algorithms,on the other hand,have a number of limitations,particularly when used to detect new types of threats.In this paper,the NSL KDD dataset and KDD Cup 99 is used to find the performance of the proposed classifier model and compared;These two IDS dataset is preprocessed,then Auto Cryptographic Denoising(ACD)adopted to remove noise in the feature of the IDS dataset;the classifier algorithms,K-Means and Neural network classifies the dataset with adam optimizer.IDS classifier is evaluated by measuring performance measures like f-measure,recall,precision,detection rate and accuracy.The neural network obtained the highest classifying accuracy as 91.12%with drop-out function that shows the efficiency of the classifier model with drop-out function for KDD Cup99 dataset.Explaining their power and limitations in the proposed methodology that could be used in future works in the IDS area.展开更多
The demand for cybersecurity is rising recently due to the rapid improvement of network technologies.As a primary defense mechanism,an intrusion detection system(IDS)was anticipated to adapt and secure com-puting infr...The demand for cybersecurity is rising recently due to the rapid improvement of network technologies.As a primary defense mechanism,an intrusion detection system(IDS)was anticipated to adapt and secure com-puting infrastructures from the constantly evolving,sophisticated threat land-scape.Recently,various deep learning methods have been put forth;however,these methods struggle to recognize all forms of assaults,especially infrequent attacks,because of network traffic imbalances and a shortage of aberrant traffic samples for model training.This work introduces deep learning(DL)based Attention based Nested U-Net(ANU-Net)for intrusion detection to address these issues and enhance detection performance.For this IDS model,the first data preprocessing is carried out in three stages:duplication elimi-nation,label transformation,and data normalization.Then the features are extracted and selected based on the Improved Flower Pollination Algorithm(IFPA).The Improved Monarchy Butterfly Optimization Algorithm(IMBO),a new metaheuristic,is used to modify the hyper-parameters in ANU-Net,effectively increasing the learning rate for spatial-temporal information and resolving the imbalance problem.Through the use of parallel programming,the MapReduce architecture reduces computation complexity while signifi-cantly accelerating processing.Three publicly available data sets were used to evaluate and test the approach.The investigational outcomes suggest that the proposed technique can more efficiently boost the performances of IDS under the scenario of unbalanced data.The proposed method achieves above 98%accuracy and classifies various attacks significantly well compared to other classifiers.展开更多
In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. ...In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. It relies on the expert knowledge to provide evidences,needing the evidences to be independent,and this make it difficult in application. To solve this problem,a hybrid system of rough sets and evidence theory is proposed. Firstly,simplification are made based on Variable Precision Rough Set (VPRS) conditional entropy. Thus,the Basic Belief Assignment (BBA) for all evidences can be calculated. Secondly,Dempster’s rule of combination is used,and a decision-making is given. In the proposed approach,the difficulties in acquiring the BBAs are solved,the correlativity among the evidences is reduced and the subjectivity of evidences is weakened. An illustrative example in an intrusion detection shows that the two theories combination is feasible and effective.展开更多
The number of attacks is growing tremendously in tandem with the growth of internet technologies.As a result,protecting the private data from prying eyes has become a critical and tough undertaking.Many intrusion dete...The number of attacks is growing tremendously in tandem with the growth of internet technologies.As a result,protecting the private data from prying eyes has become a critical and tough undertaking.Many intrusion detection solutions have been offered by researchers in order to decrease the effect of these attacks.For attack detection,the prior system has created an SMSRPF(Stacking Model Significant Rule Power Factor)classifier.To provide creative instance detection,the SMSRPF combines the detection of trained classifiers such as DT(Decision Tree)and RF(Random Forest).Nevertheless,it does not generate any accuratefindings that are adequate.The suggested system has built an EWF(Ensemble Wrapper Filter)feature selection with SMSRPF classifier for attack detection so as to overcome this problem.The UNSW-NB15 dataset is used as an input in this proposed research project.Specifically,min–max normalization approach is used to pre-process the incoming data.The feature selection is then carried out using EWF.Based on the selected features,SMSRPF classifiers are utilized to detect the attacks.The SMSRPF is integrated with the trained classi-fiers such as DT and RF to create creative instance detection.After that,the testing data is classified using MCAR(Multi-Class Classification based on Association Rules).The SRPF judges the rules correctly even when the confidence and the lift measures fail.Regarding accuracy,precision,recall,f-measure,computation time,and error,the experimental findings suggest that the new system outperforms the prior systems.展开更多
Support vector machine (SVM) technique has recently become a research focus in intrusion detection field for its better generalization performance when given less priori knowledge than other soft-computing techniques....Support vector machine (SVM) technique has recently become a research focus in intrusion detection field for its better generalization performance when given less priori knowledge than other soft-computing techniques. But the randomicity of parameter selection in its implement often prevents it achieving expected performance. By utilizing genetic algorithm (GA) to optimize the parameters in data preprocessing and the training model of SVM simultaneously, a hybrid optimization algorithm is proposed in the paper to address this problem. The experimental results demonstrate that it’s an effective method and can improve the performance of SVM-based intrusion detection system further.展开更多
The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash...The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail.展开更多
基金The authors would like to thank Princess Nourah bint Abdulrahman University for funding this project through the Researchers Supporting Project(PNURSP2023R319)this research was funded by the Prince Sultan University,Riyadh,Saudi Arabia.
文摘Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.
文摘Wireless sensor networks(WSN)gather information and sense information samples in a certain region and communicate these readings to a base station(BS).Energy efficiency is considered a major design issue in the WSNs,and can be addressed using clustering and routing techniques.Information is sent from the source to the BS via routing procedures.However,these routing protocols must ensure that packets are delivered securely,guaranteeing that neither adversaries nor unauthentic individuals have access to the sent information.Secure data transfer is intended to protect the data from illegal access,damage,or disruption.Thus,in the proposed model,secure data transmission is developed in an energy-effective manner.A low-energy adaptive clustering hierarchy(LEACH)is developed to efficiently transfer the data.For the intrusion detection systems(IDS),Fuzzy logic and artificial neural networks(ANNs)are proposed.Initially,the nodes were randomly placed in the network and initialized to gather information.To ensure fair energy dissipation between the nodes,LEACH randomly chooses cluster heads(CHs)and allocates this role to the various nodes based on a round-robin management mechanism.The intrusion-detection procedure was then utilized to determine whether intruders were present in the network.Within the WSN,a Fuzzy interference rule was utilized to distinguish the malicious nodes from legal nodes.Subsequently,an ANN was employed to distinguish the harmful nodes from suspicious nodes.The effectiveness of the proposed approach was validated using metrics that attained 97%accuracy,97%specificity,and 97%sensitivity of 95%.Thus,it was proved that the LEACH and Fuzzy-based IDS approaches are the best choices for securing data transmission in an energy-efficient manner.
文摘This paper explains various factors that contribute to saltwater intrusion, including overexploitation of freshwater resources and climate change as well as the different techniques essential for effective saltwater intrusion management. The impact of saltwater intrusion along coastal regions and its impact on the environment, hydrogeology and groundwater contamination. It suggests potential solutions to mitigate the impact of saltwater intrusion, including effective water management and techniques for managing SWI. The application of A.I (assessment index) serves as a guideline to correctly identify wells with SWI ranging from no intrusion, slight intrusion and strong intrusion. The challenges of saltwater intrusion in Lagos and the salinization of wells were investigated using the hydro-chemical parameters. The study identifies four wells (“AA”, “CMS”, “OBA” and “VIL”) as having high electric conductivities, indicating saline water intrusion, while other wells (“EBM”, “IKJ, and “IKO”) with lower electric conductivities, indicate little or no salt-water intrusion, and “AJ” well shows slight intrusion. The elevation of the wells also played a vital role in the SWI across coastal regions of Lagos. The study recommends continuous monitoring of coastal wells to help sustain and reduce saline intrusion. The findings of the study are important for policymakers, researchers, and practitioners who are interested in addressing the challenges of saltwater intrusion along coastal regions. We assessed the SWI across the eight (8) wells using the Assessment Index to identify wells with SWI. Wells in “CMS” and “VIL” has strong intrusions. A proposed classification system based on specific ion ratios categorizes water quality from good (+) to highly (-) contaminated (refer to Table 4). These findings underscore the need for attention and effective management strategies to address groundwater unsuitability for various purposes.
文摘Intrusion Detection Systems (IDS) are pivotal in safeguarding computer networks from malicious activities. This study presents a novel approach by proposing a Hybrid Dense Neural Network-Radial Basis Function Neural Network (DNN-RBFNN) architecture to enhance the accuracy and efficiency of IDS. The hybrid model synergizes the strengths of both dense learning and radial basis function networks, aiming to address the limitations of traditional IDS techniques in classifying packets that could result in Remote-to-local (R2L), Denial of Service (Dos), and User-to-root (U2R) intrusions.
基金funded by the National Key Research and Development Program of China(No.2016YFC0402800)
文摘Longkou City is a coastal area,and lacks water resources.The overexploitation of groundwater causes seawater intrusion.At present,seawater intrudes an area of 68 km2.With the decrease of groundwater extraction,the seawater intrusion area has generally declined.The paper expounds the development process of seawater intrusion as well as the corresponding prevention and control measures of using groundwater replenishment and groundwater throttling in Longkou City.In view of the seawater intrusion problem in Longkou City,some adaptive management countermeasures are put forward,which include:Adjusting industrial and agricultural structure,promoting economic and social development to match water resources;improving water usage structure,optimizing the utilization of water resources;advancing the construction of a water-saving society,using water resources efficiently;implementing inter-basin water transfer,using water resources rationally;developing and utilizing unconventional water sources,making full use of water resources;strengthening water infrastructure construction,increasing the development and utilization potential of water resources;carrying out ecological restoration,protecting water resources and ecological environment;improving the management informationalization level,strengthening the capabilities of groundwater monitoring and management;increasing publicity,improving public awareness of participation.
文摘Global temperature is predicted to increase in the end of the century and one of the primary consequences of this warming is the sea level rise. Considering the vulnerabilities on coastal systems and water resources, it is important to evaluate the potential effects of this rising in coastal areas, since the saline intrusion on rivers would be intensified, leading to problems related to water quality. In this context, the present work aimed to verify saline intrusion changes along an important river, São Francisco Canal, located in Rio de Janeiro State, Brazil. For this purpose, a hydrodynamic modeling was performed using SisBaHiA, considering different sea levels and tide conditions. According to the results, it was verified the intensification on saline intrusion and higher salinity values due to a sea level rise of 0.5 m. These results show that new licenses for water withdrawals must be carefully analyzed as the fluvial flow plays an important role to contain the saltwater intrusion on the studied river. Accordingly, it is recommended the evaluation of climate change effects in order to choose best strategies to reduce coastal vulnerability, and the use of this theme on environmental licensing and territorial planning, integrating water planning with coastal management.
基金supported by Korea Institute for Advancement of Technology(KIAT)grant funded by theKoreaGovernment(MOTIE)(P0008703,The CompetencyDevelopment Program for Industry Specialist).
文摘Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission.Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry.However,real-time training and classifying network traffic pose challenges,as they can lead to the degradation of the overall dataset and difficulties preventing attacks.Additionally,existing semi-supervised learning research might need to analyze the experimental results comprehensively.This paper proposes XA-GANomaly,a novel technique for explainable adaptive semi-supervised learning using GANomaly,an image anomalous detection model that dynamically trains small subsets to these issues.First,this research introduces a deep neural network(DNN)-based GANomaly for semi-supervised learning.Second,this paper presents the proposed adaptive algorithm for the DNN-based GANomaly,which is validated with four subsets of the adaptive dataset.Finally,this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations,reconstruction error visualization,and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage,semi-supervised learning,and adaptive learning.Compared to other single-class classification techniques,the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13%and 8%of F1 scores and 4.17%and 11.51%for accuracy,respectively.Furthermore,experiments of the proposed adaptive learning reveal mostly improved results over the initial values.An analysis and monitoring system based on the combination of the three explainable methodologies is also described.Thus,the proposed method has the potential advantages to be applied in practical industry,and future research will explore handling unbalanced real-time datasets in various scenarios.
文摘The exponential growth of Internet and network usage has neces-sitated heightened security measures to protect against data and network breaches.Intrusions,executed through network packets,pose a significant challenge for firewalls to detect and prevent due to the similarity between legit-imate and intrusion traffic.The vast network traffic volume also complicates most network monitoring systems and algorithms.Several intrusion detection methods have been proposed,with machine learning techniques regarded as promising for dealing with these incidents.This study presents an Intrusion Detection System Based on Stacking Ensemble Learning base(Random For-est,Decision Tree,and k-Nearest-Neighbors).The proposed system employs pre-processing techniques to enhance classification efficiency and integrates seven machine learning algorithms.The stacking ensemble technique increases performance by incorporating three base models(Random Forest,Decision Tree,and k-Nearest-Neighbors)and a meta-model represented by the Logistic Regression algorithm.Evaluated using the UNSW-NB15 dataset,the pro-posed IDS gained an accuracy of 96.16%in the training phase and 97.95%in the testing phase,with precision of 97.78%,and 98.40%for taring and testing,respectively.The obtained results demonstrate improvements in other measurement criteria.
文摘A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Query Language queries is proposed to easily permit the use of the worked clustering algorithm.A new clustering algorithm that uses a tube search with adaptive memory is applied to database log files to create users’profiles.Then,queries issued for each user are checked against the related user profile using a classifier to determine whether or not each query is malicious.The IDS will stop query execution or report the threat to the responsible person if the query is malicious.A simple classifier based on the Euclidean distance is used and the issued query is transformed to the proposed simple representation using a classifier,where the Euclidean distance between the centers and the profile’s issued query is calculated.A synthetic data set is used for our experimental evaluations.Normal user access behavior in relation to the database is modelled using the data set.The false negative(FN)and false positive(FP)rates are used to compare our proposed algorithm with other methods.The experimental results indicate that our proposed method results in very small FN and FP rates.
文摘Blockchain merges technology with the Internet of Things(IoT)for addressing security and privacy-related issues.However,conventional blockchain suffers from scalability issues due to its linear structure,which increases the storage overhead,and Intrusion detection performed was limited with attack severity,leading to performance degradation.To overcome these issues,we proposed MZWB(Multi-Zone-Wise Blockchain)model.Initially,all the authenticated IoT nodes in the network ensure their legitimacy by using the Enhanced Blowfish Algorithm(EBA),considering several metrics.Then,the legitimately considered nodes for network construction for managing the network using Bayesian-Direct Acyclic Graph(B-DAG),which considers several metrics.The intrusion detection is performed based on two tiers.In the first tier,a Deep Convolution Neural Network(DCNN)analyzes the data packets by extracting packet flow features to classify the packets as normal,malicious,and suspicious.In the second tier,the suspicious packets are classified as normal or malicious using the Generative Adversarial Network(GAN).Finally,intrusion scenario performed reconstruction to reduce the severity of attacks in which Improved Monkey Optimization(IMO)is used for attack path discovery by considering several metrics,and the Graph cut utilized algorithm for attack scenario reconstruction(ASR).UNSW-NB15 and BoT-IoT utilized datasets for the MZWB method simulated using a Network simulator(NS-3.26).Compared with previous performance metrics such as energy consumption,storage overhead accuracy,response time,attack detection rate,precision,recall,and F-measure.The simulation result shows that the proposed MZWB method achieves high performance than existing works.
基金supported in part by the 2021 Autonomous Driving Development Innovation Project of the Ministry of Science and ICT,‘Development of Technology for Security and Ultra-High-Speed Integrity of the Next-Generation Internal Net-Work of Autonomous Vehicles’(No.2021-0-01348)and in part by the National Research Foundation of Korea(NRF)grant funded by the Korean Government Ministry of Science and ICT(MSIT)under Grant NRF-2021R1A2C2014428.
文摘Recently,automotive intrusion detection systems(IDSs)have emerged as promising defense approaches to counter attacks on in-vehicle networks(IVNs).However,the effectiveness of IDSs relies heavily on the quality of the datasets used for training and evaluation.Despite the availability of several datasets for automotive IDSs,there has been a lack of comprehensive analysis focusing on assessing these datasets.This paper aims to address the need for dataset assessment in the context of automotive IDSs.It proposes qualitative and quantitative metrics that are independent of specific automotive IDSs,to evaluate the quality of datasets.These metrics take into consideration various aspects such as dataset description,collection environment,and attack complexity.This paper evaluates eight commonly used datasets for automotive IDSs using the proposed metrics.The evaluation reveals biases in the datasets,particularly in terms of limited contexts and lack of diversity.Additionally,it highlights that the attacks in the datasets were mostly injected without considering normal behaviors,which poses challenges for training and evaluating machine learning-based IDSs.This paper emphasizes the importance of addressing the identified limitations in existing datasets to improve the performance and adaptability of automotive IDSs.The proposed metrics can serve as valuable guidelines for researchers and practitioners in selecting and constructing high-quality datasets for automotive security applications.Finally,this paper presents the requirements for high-quality datasets,including the need for representativeness,diversity,and balance.
文摘The integration of clusters,grids,clouds,edges and other computing platforms result in contemporary technology of jungle computing.This novel technique has the aptitude to tackle high performance computation systems and it manages the usage of all computing platforms at a time.Federated learning is a collaborative machine learning approach without centralized training data.The proposed system effectively detects the intrusion attack without human intervention and subsequently detects anomalous deviations in device communication behavior,potentially caused by malicious adversaries and it can emerge with new and unknown attacks.The main objective is to learn overall behavior of an intruder while performing attacks to the assumed target service.Moreover,the updated system model is send to the centralized server in jungle computing,to detect their pattern.Federated learning greatly helps the machine to study the type of attack from each device and this technique paves a way to complete dominion over all malicious behaviors.In our proposed work,we have implemented an intrusion detection system that has high accuracy,low False Positive Rate(FPR)scalable,and versatile for the jungle computing environment.The execution time taken to complete a round is less than two seconds,with an accuracy rate of 96%.
文摘Intrusion detection systems(IDS)are one of the most promising ways for securing data and networks;In recent decades,IDS has used a variety of categorization algorithms.These classifiers,on the other hand,do not work effectively unless they are combined with additional algorithms that can alter the classifier’s parameters or select the optimal sub-set of features for the problem.Optimizers are used in tandem with classifiers to increase the stability and with efficiency of the classifiers in detecting invasion.These algorithms,on the other hand,have a number of limitations,particularly when used to detect new types of threats.In this paper,the NSL KDD dataset and KDD Cup 99 is used to find the performance of the proposed classifier model and compared;These two IDS dataset is preprocessed,then Auto Cryptographic Denoising(ACD)adopted to remove noise in the feature of the IDS dataset;the classifier algorithms,K-Means and Neural network classifies the dataset with adam optimizer.IDS classifier is evaluated by measuring performance measures like f-measure,recall,precision,detection rate and accuracy.The neural network obtained the highest classifying accuracy as 91.12%with drop-out function that shows the efficiency of the classifier model with drop-out function for KDD Cup99 dataset.Explaining their power and limitations in the proposed methodology that could be used in future works in the IDS area.
文摘The demand for cybersecurity is rising recently due to the rapid improvement of network technologies.As a primary defense mechanism,an intrusion detection system(IDS)was anticipated to adapt and secure com-puting infrastructures from the constantly evolving,sophisticated threat land-scape.Recently,various deep learning methods have been put forth;however,these methods struggle to recognize all forms of assaults,especially infrequent attacks,because of network traffic imbalances and a shortage of aberrant traffic samples for model training.This work introduces deep learning(DL)based Attention based Nested U-Net(ANU-Net)for intrusion detection to address these issues and enhance detection performance.For this IDS model,the first data preprocessing is carried out in three stages:duplication elimi-nation,label transformation,and data normalization.Then the features are extracted and selected based on the Improved Flower Pollination Algorithm(IFPA).The Improved Monarchy Butterfly Optimization Algorithm(IMBO),a new metaheuristic,is used to modify the hyper-parameters in ANU-Net,effectively increasing the learning rate for spatial-temporal information and resolving the imbalance problem.Through the use of parallel programming,the MapReduce architecture reduces computation complexity while signifi-cantly accelerating processing.Three publicly available data sets were used to evaluate and test the approach.The investigational outcomes suggest that the proposed technique can more efficiently boost the performances of IDS under the scenario of unbalanced data.The proposed method achieves above 98%accuracy and classifies various attacks significantly well compared to other classifiers.
基金Supported by the National Natural Science Foundation of China (No. 60774029)
文摘In this paper,we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. It relies on the expert knowledge to provide evidences,needing the evidences to be independent,and this make it difficult in application. To solve this problem,a hybrid system of rough sets and evidence theory is proposed. Firstly,simplification are made based on Variable Precision Rough Set (VPRS) conditional entropy. Thus,the Basic Belief Assignment (BBA) for all evidences can be calculated. Secondly,Dempster’s rule of combination is used,and a decision-making is given. In the proposed approach,the difficulties in acquiring the BBAs are solved,the correlativity among the evidences is reduced and the subjectivity of evidences is weakened. An illustrative example in an intrusion detection shows that the two theories combination is feasible and effective.
文摘The number of attacks is growing tremendously in tandem with the growth of internet technologies.As a result,protecting the private data from prying eyes has become a critical and tough undertaking.Many intrusion detection solutions have been offered by researchers in order to decrease the effect of these attacks.For attack detection,the prior system has created an SMSRPF(Stacking Model Significant Rule Power Factor)classifier.To provide creative instance detection,the SMSRPF combines the detection of trained classifiers such as DT(Decision Tree)and RF(Random Forest).Nevertheless,it does not generate any accuratefindings that are adequate.The suggested system has built an EWF(Ensemble Wrapper Filter)feature selection with SMSRPF classifier for attack detection so as to overcome this problem.The UNSW-NB15 dataset is used as an input in this proposed research project.Specifically,min–max normalization approach is used to pre-process the incoming data.The feature selection is then carried out using EWF.Based on the selected features,SMSRPF classifiers are utilized to detect the attacks.The SMSRPF is integrated with the trained classi-fiers such as DT and RF to create creative instance detection.After that,the testing data is classified using MCAR(Multi-Class Classification based on Association Rules).The SRPF judges the rules correctly even when the confidence and the lift measures fail.Regarding accuracy,precision,recall,f-measure,computation time,and error,the experimental findings suggest that the new system outperforms the prior systems.
基金This work was supported by the Research Grant of SEC E-Institute :Shanghai High Institution Grid and the Science Foundation ofShanghai Municipal Commission of Science and Technology No.00JC14052
文摘Support vector machine (SVM) technique has recently become a research focus in intrusion detection field for its better generalization performance when given less priori knowledge than other soft-computing techniques. But the randomicity of parameter selection in its implement often prevents it achieving expected performance. By utilizing genetic algorithm (GA) to optimize the parameters in data preprocessing and the training model of SVM simultaneously, a hybrid optimization algorithm is proposed in the paper to address this problem. The experimental results demonstrate that it’s an effective method and can improve the performance of SVM-based intrusion detection system further.
基金The National Natural Science Foundation of China(No.71071033)the Innovation Project of Jiangsu Postgraduate Education(No.CX10B_058Z)
文摘The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail.