IDS-INT:Intrusion detection system using transformer-based transfer learning for imbalanced network traffic

A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.

A Hybrid Intrusion Detection Method Based on Convolutional Neural Network and AdaBoost

To solve the problem of poor detection and limited application range of current intrusion detection methods,this paper attempts to use deep learning neural network technology to study a new type of intrusion detection method.Hence,we proposed an intrusion detection algorithm based on convolutional neural network(CNN)and AdaBoost algorithm.This algorithm uses CNN to extract the characteristics of network traffic data,which is particularly suitable for the analysis of continuous and classified attack data.The AdaBoost algorithm is used to classify network attack data that improved the detection effect of unbalanced data classification.We adopt the UNSW-NB15 dataset to test of this algorithm in the PyCharm environment.The results show that the detection rate of algorithm is99.27%and the false positive rate is lower than 0.98%.Comparative analysis shows that this algorithm has advantages over existing methods in terms of detection rate and false positive rate for small proportion of attack data.

An Intelligent SDN-IoT Enabled Intrusion Detection System for Healthcare Systems Using a Hybrid Deep Learning and Machine Learning Approach

The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during these situations.Also,the security issues in the Internet of Medical Things(IoMT)used in these service,make the situation even more critical because cyberattacks on the medical devices might cause treatment delays or clinical failures.Hence,services in the healthcare ecosystem need rapid,uninterrupted,and secure facilities.The solution provided in this research addresses security concerns and services availability for patients with critical health in remote areas.This research aims to develop an intelligent Software Defined Networks(SDNs)enabled secure framework for IoT healthcare ecosystem.We propose a hybrid of machine learning and deep learning techniques(DNN+SVM)to identify network intrusions in the sensor-based healthcare data.In addition,this system can efficiently monitor connected devices and suspicious behaviours.Finally,we evaluate the performance of our proposed framework using various performance metrics based on the healthcare application scenarios.the experimental results show that the proposed approach effectively detects and mitigates attacks in the SDN-enabled IoT networks and performs better that other state-of-art-approaches.

A Data Intrusion Tolerance Model Based on an Improved Evolutionary Game Theory for the Energy Internet

Malicious attacks against data are unavoidable in the interconnected,open and shared Energy Internet(EI),Intrusion tolerant techniques are critical to the data security of EI.Existing intrusion tolerant techniques suffered from problems such as low adaptability,policy lag,and difficulty in determining the degree of tolerance.To address these issues,we propose a novel adaptive intrusion tolerance model based on game theory that enjoys two-fold ideas:(1)it constructs an improved replica of the intrusion tolerance model of the dynamic equation evolution game to induce incentive weights;and (2)it combines a tournament competition model with incentive weights to obtain optimal strategies for each stage of the game process.Extensive experiments are conducted in the IEEE 39-bus system,whose results demonstrate the feasibility of the incentive weights,confirm the proposed strategy strengthens the system’s ability to tolerate aggression,and improves the dynamic adaptability and response efficiency of the aggression-tolerant system in the case of limited resources.

Feature extraction for machine learning-based intrusion detection in IoT networks

A large number of network security breaches in IoT networks have demonstrated the unreliability of current Network Intrusion Detection Systems(NIDSs).Consequently,network interruptions and loss of sensitive data have occurred,which led to an active research area for improving NIDS technologies.In an analysis of related works,it was observed that most researchers aim to obtain better classification results by using a set of untried combinations of Feature Reduction(FR)and Machine Learning(ML)techniques on NIDS datasets.However,these datasets are different in feature sets,attack types,and network design.Therefore,this paper aims to discover whether these techniques can be generalised across various datasets.Six ML models are utilised:a Deep Feed Forward(DFF),Convolutional Neural Network(CNN),Recurrent Neural Network(RNN),Decision Tree(DT),Logistic Regression(LR),and Naive Bayes(NB).The accuracy of three Feature Extraction(FE)algorithms is detected;Principal Component Analysis(PCA),Auto-encoder(AE),and Linear Discriminant Analysis(LDA),are evaluated using three benchmark datasets:UNSW-NB15,ToN-IoT and CSE-CIC-IDS2018.Although PCA and AE algorithms have been widely used,the determination of their optimal number of extracted dimensions has been overlooked.The results indicate that no clear FE method or ML model can achieve the best scores for all datasets.The optimal number of extracted dimensions has been identified for each dataset,and LDA degrades the performance of the ML models on two datasets.The variance is used to analyse the extracted dimensions of LDA and PCA.Finally,this paper concludes that the choice of datasets significantly alters the performance of the applied techniques.We believe that a universal(benchmark)feature set is needed to facilitate further advancement and progress of research in this field.

Network Intrusion Traffic Detection Based on Feature Extraction

With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(IDS).However,both unsupervised and semisupervised anomalous traffic detection methods suffer from the drawback of ignoring potential correlations between features,resulting in an analysis that is not an optimal set.Therefore,in order to extract more representative traffic features as well as to improve the accuracy of traffic identification,this paper proposes a feature dimensionality reduction method combining principal component analysis and Hotelling’s T^(2) and a multilayer convolutional bidirectional long short-term memory(MSC_BiLSTM)classifier model for network traffic intrusion detection.This method reduces the parameters and redundancy of the model by feature extraction and extracts the dependent features between the data by a bidirectional long short-term memory(BiLSTM)network,which fully considers the influence between the before and after features.The network traffic is first characteristically downscaled by principal component analysis(PCA),and then the downscaled principal components are used as input to Hotelling’s T^(2) to compare the differences between groups.For datasets with outliers,Hotelling’s T^(2) can help identify the groups where the outliers are located and quantitatively measure the extent of the outliers.Finally,a multilayer convolutional neural network and a BiLSTM network are used to extract the spatial and temporal features of network traffic data.The empirical consequences exhibit that the suggested approach in this manuscript attains superior outcomes in precision,recall and F1-score juxtaposed with the prevailing techniques.The results show that the intrusion detection accuracy,precision,and F1-score of the proposed MSC_BiLSTM model for the CIC-IDS 2017 dataset are 98.71%,95.97%,and 90.22%.

Igneous intrusion contact metamorphic system and its reservoir characteristics:A case study of Paleogene Shahejie Formation in Nanpu sag of Bohai Bay Basin,China

Taking the Paleogene Shahejie Formation in Nanpu sag of Bohai Bay Basin as an example,this study comprehensively utilizes seismic,mud logging,well logging,physical property analysis and core thin section data to investigate the metamorphic reservoir formed by contact metamorphism after igneous rock intrusion.(1)A geological model of the igneous intrusion contact met amorphic system is proposed,which can be divided into five structural layers vertically:the intrusion,upper metamorphic aureole,lower metamorphic aureole,normal sedimentary layers on the roof and floor.(2)The intrusion is characterized by xenoliths indicating intrusive facies at the top,regular changes in rock texture and mineral crystallization from the center to the edge on a microscopic scale,and low-angle oblique penetrations of the intrusion through sedimentary strata on a macroscopic scale.The metamorphic aureole has characteristics such as sedimentary rocks as the host rock,typical palimpsest textures developed,various low-temperature thermal metamorphic minerals developed,and medium-low grade thermal metamorphic rocks as the lithology.(3)The reservoir in contact metamorphic aureole has two types of reservoir spaces:matrix pores and fractures.The matrix pores are secondary"intergranular pores"distributed around metamorphic minerals after thermal metamorphic transformation in metasandstones.The fractures are mainly structural fractures and intrusive compressive fractures in metamudstones.The reservoirs generally have three spatial distribution characteristics:layered,porphyritic and hydrocarbon impregnation along fracture.(4)The distribution of reservoirs in the metamorphic aureole is mainly controlled by the intensity of thermal baking.Furthermore,the distribution of favorable reservoirs is controlled by the coupling of favorable lithofacies and thermal contact metamorphism,intrusive compression and hydrothermal dissolution.The proposal and application of the geological model of the intrusion contact metamorphic system are expected to promote the discovery of exploration targets of contact metamorphic rock in Nanpu sag,and provide a reference for the study and exploration of deep contact metamorphic rock reservoirs in the Bohai Bay Basin.

Metallogenic characteristics of Shitoukengde intrusion and its implications for Ni-Co-(Cu)sulfide mineralization in East Kunlun

Xiarihamu deposit is the only super-large Ni-Co deposit found in East Kunlun orogenic belt(EKOB)until present.Shitoukengde(STKD)intrusion is considered to have the potential to become a large Ni-Co deposit in East Kunlun.In order to discuss the metallogenic potential,this study present petrographical,geochemical data,and zircon U-Pb dating for the STKD intrusion.The STKD intrusion is hosted within mafic-ultramafic rocks which contain peridotite,pyroxenite and gabbro,and mainly intruded into the marble of the Paleoproterozoic Jinshuikou Group.Harzburgite and orthopyroxenite are the main country rocks for the Cu-Ni sulfide mineralization.Combine with the positiveε_(Hf)(t)values(+1.1 to+8.6)of zircons,the enrichment of LILEs,depletion of HFSEs,and lower Ce/Pb ratios of whole rocks indicate that the parental magma was originated from the depleted asthenospheric mantle and experienced 5%–15%crustal contamination.Troctolite formed during the Early Devonian and it has weighted mean^(206)Pb/^(238)U age of 412 Ma.Regional background information has indicated that the post-collisional extension setting has already existed during the Early Devonian,leading to the formation of STKD intrusion and Cu-Ni sulfide mineralization.STKD intrusion may have the potential to be one economic Cu-Ni sulfide deposit but seems unlikely to be a super-large one.

Network Security Enhanced with Deep Neural Network-Based Intrusion Detection System

This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.

Trusted Encrypted Traffic Intrusion Detection Method Based on Federated Learning and Autoencoder

With the rapid development of the Internet,network security and data privacy are increasingly valued.Although classical Network Intrusion Detection System(NIDS)based on Deep Learning(DL)models can provide good detection accuracy,but collecting samples for centralized training brings the huge risk of data privacy leakage.Furthermore,the training of supervised deep learning models requires a large number of labeled samples,which is usually cumbersome.The“black-box”problem also makes the DL models of NIDS untrustworthy.In this paper,we propose a trusted Federated Learning(FL)Traffic IDS method called FL-TIDS to address the above-mentioned problems.In FL-TIDS,we design an unsupervised intrusion detection model based on autoencoders that alleviates the reliance on marked samples.At the same time,we use FL for model training to protect data privacy.In addition,we design an improved SHAP interpretable method based on chi-square test to perform interpretable analysis of the trained model.We conducted several experiments to evaluate the proposed FL-TIDS.We first determine experimentally the structure and the number of neurons of the unsupervised AE model.Secondly,we evaluated the proposed method using the UNSW-NB15 and CICIDS2017 datasets.The exper-imental results show that the unsupervised AE model has better performance than the other 7 intrusion detection models in terms of precision,recall and f1-score.Then,federated learning is used to train the intrusion detection model.The experimental results indicate that the model is more accurate than the local learning model.Finally,we use an improved SHAP explainability method based on Chi-square test to analyze the explainability.The analysis results show that the identification characteristics of the model are consistent with the attack characteristics,and the model is reliable.

Strengthening Network Security: Deep Learning Models for Intrusion Detectionwith Optimized Feature Subset and Effective Imbalance Handling

In recent years,frequent network attacks have highlighted the importance of efficient detection methods for ensuring cyberspace security.This paper presents a novel intrusion detection system consisting of a data prepro-cessing stage and a deep learning model for accurately identifying network attacks.We have proposed four deep neural network models,which are constructed using architectures such as Convolutional Neural Networks(CNN),Bi-directional Long Short-Term Memory(BiLSTM),Bidirectional Gate Recurrent Unit(BiGRU),and Attention mechanism.These models have been evaluated for their detection performance on the NSL-KDD dataset.To enhance the compatibility between the data and the models,we apply various preprocessing techniques and employ the particle swarm optimization algorithm to perform feature selection on the NSL-KDD dataset,resulting in an optimized feature subset.Moreover,we address class imbalance in the dataset using focal loss.Finally,we employ the BO-TPE algorithm to optimize the hyperparameters of the four models,maximizing their detection performance.The test results demonstrate that the proposed model is capable of extracting the spatiotemporal features of network traffic data effectively.In binary and multiclass experiments,it achieved accuracy rates of 0.999158 and 0.999091,respectively,surpassing other state-of-the-art methods.

A Robust Approach for Multi Classification-Based Intrusion Detection through Stacking Deep Learning Models

Intrusion detection is a predominant task that monitors and protects the network infrastructure.Therefore,many datasets have been published and investigated by researchers to analyze and understand the problem of intrusion prediction and detection.In particular,the Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD)is an extensively used benchmark dataset for evaluating intrusion detection systems(IDSs)as it incorporates various network traffic attacks.It is worth mentioning that a large number of studies have tackled the problem of intrusion detection using machine learning models,but the performance of these models often decreases when evaluated on new attacks.This has led to the utilization of deep learning techniques,which have showcased significant potential for processing large datasets and therefore improving detection accuracy.For that reason,this paper focuses on the role of stacking deep learning models,including convolution neural network(CNN)and deep neural network(DNN)for improving the intrusion detection rate of the NSL-KDD dataset.Each base model is trained on the NSL-KDD dataset to extract significant features.Once the base models have been trained,the stacking process proceeds to the second stage,where a simple meta-model has been trained on the predictions generated from the proposed base models.The combination of the predictions allows the meta-model to distinguish different classes of attacks and increase the detection rate.Our experimental evaluations using the NSL-KDD dataset have shown the efficacy of stacking deep learning models for intrusion detection.The performance of the ensemble of base models,combined with the meta-model,exceeds the performance of individual models.Our stacking model has attained an accuracy of 99%and an average F1-score of 93%for the multi-classification scenario.Besides,the training time of the proposed ensemble model is lower than the training time of benchmark techniques,demonstrating its efficiency and robustness.

Influence of typhoon MITAG on the Kuroshio intrusion in the Luzon Strait during early fall 2019

Typhoons in the western Pacific have a significant impact on the transport of heat,salt and particles through the Luzon Strait.However,there are very limited field observations of this impact because of extreme difficulties and even dangers for ship-based measurements during the rough weather.Here,we present the preliminary results from analyzing a dataset collected by a glider deployed west of the Luzon Strait a few days prior to the arrival of typhoon MITAG.The gilder data revealed an abnormally salinity(>34.8)subsurface water apparently sourced from Kuroshio intrusion during the typhoon.When typhoon MITAG traveled on the east of the Luzon Strait,the positive wind stress curl strengthened the cyclonic eddy and weakened the anti-cyclonic eddy.This led to a slowdown of Kuroshio and made its intrusion easier.The main axis of the Kuroshio at the northern part of the strait shifted westward after the typhoon and did not return to its original position until a week later.The Ekman transport from persistent northerly wind of typhoon MITAG was significant,but its importance in enhancing the Kuroshio intrusion is only secondary relative to the eddies variations.

A Lightweight Intrusion Detection System Using Convolutional Neural Network and Long Short-Term Memory in Fog Computing

The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and threats.Many interesting Intrusion Detection Systems(IDSs)are presented based on machine learning(ML)techniques to overcome this problem.Given the resource limitations of fog computing environments,a lightweight IDS is essential.This paper introduces a hybrid deep learning(DL)method that combines convolutional neural networks(CNN)and long short-term memory(LSTM)to build an energy-aware,anomaly-based IDS.We test this system on a recent dataset,focusing on reducing overhead while maintaining high accuracy and a low false alarm rate.We compare CICIoT2023,KDD-99 and NSL-KDD datasets to evaluate the performance of the proposed IDS model based on key metrics,including latency,energy consumption,false alarm rate and detection rate metrics.Our findings show an accuracy rate over 92%and a false alarm rate below 0.38%.These results demonstrate that our system provides strong security without excessive resource use.The practicality of deploying IDS with limited resources is demonstrated by the successful implementation of IDS functionality on a Raspberry Pi acting as a Fog node.The proposed lightweight model,with a maximum power consumption of 6.12 W,demonstrates its potential to operate effectively on energy-limited devices such as low-power fog nodes or edge devices.We prioritize energy efficiency whilemaintaining high accuracy,distinguishing our scheme fromexisting approaches.Extensive experiments demonstrate a significant reduction in false positives,ensuring accurate identification of genuine security threats while minimizing unnecessary alerts.

CNN Channel Attention Intrusion Detection SystemUsing NSL-KDD Dataset

Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.

Intrusion Detection Model Using Chaotic MAP for Network Coding Enabled Mobile Small Cells

Wireless Network security management is difficult because of the ever-increasing number of wireless network malfunctions,vulnerabilities,and assaults.Complex security systems,such as Intrusion Detection Systems(IDS),are essential due to the limitations of simpler security measures,such as cryptography and firewalls.Due to their compact nature and low energy reserves,wireless networks present a significant challenge for security procedures.The features of small cells can cause threats to the network.Network Coding(NC)enabled small cells are vulnerable to various types of attacks.Avoiding attacks and performing secure“peer”to“peer”data transmission is a challenging task in small cells.Due to the low power and memory requirements of the proposed model,it is well suited to use with constrained small cells.An attacker cannot change the contents of data and generate a new Hashed Homomorphic Message Authentication Code(HHMAC)hash between transmissions since the HMAC function is generated using the shared secret.In this research,a chaotic sequence mapping based low overhead 1D Improved Logistic Map is used to secure“peer”to“peer”data transmission model using lightweight H-MAC(1D-LM-P2P-LHHMAC)is proposed with accurate intrusion detection.The proposed model is evaluated with the traditional models by considering various evaluation metrics like Vector Set Generation Accuracy Levels,Key Pair Generation Time Levels,Chaotic Map Accuracy Levels,Intrusion Detection Accuracy Levels,and the results represent that the proposed model performance in chaotic map accuracy level is 98%and intrusion detection is 98.2%.The proposed model is compared with the traditional models and the results represent that the proposed model secure data transmission levels are high.

A Review of Generative Adversarial Networks for Intrusion Detection Systems: Advances, Challenges, and Future Directions

The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.

Anomaly-Based Intrusion DetectionModel Using Deep Learning for IoT Networks

The rapid growth of Internet of Things(IoT)devices has brought numerous benefits to the interconnected world.However,the ubiquitous nature of IoT networks exposes them to various security threats,including anomaly intrusion attacks.In addition,IoT devices generate a high volume of unstructured data.Traditional intrusion detection systems often struggle to cope with the unique characteristics of IoT networks,such as resource constraints and heterogeneous data sources.Given the unpredictable nature of network technologies and diverse intrusion methods,conventional machine-learning approaches seem to lack efficiency.Across numerous research domains,deep learning techniques have demonstrated their capability to precisely detect anomalies.This study designs and enhances a novel anomaly-based intrusion detection system(AIDS)for IoT networks.Firstly,a Sparse Autoencoder(SAE)is applied to reduce the high dimension and get a significant data representation by calculating the reconstructed error.Secondly,the Convolutional Neural Network(CNN)technique is employed to create a binary classification approach.The proposed SAE-CNN approach is validated using the Bot-IoT dataset.The proposed models exceed the performance of the existing deep learning approach in the literature with an accuracy of 99.9%,precision of 99.9%,recall of 100%,F1 of 99.9%,False Positive Rate(FPR)of 0.0003,and True Positive Rate(TPR)of 0.9992.In addition,alternative metrics,such as training and testing durations,indicated that SAE-CNN performs better.

Estimation of unfrozen water content of saturated sandstones using nuclear magnetic resonance, mercury intrusion porosimetry, and ultrasonic tests

The unfrozenwater content(UWC)is a crucial parameter that affects the strength and thermal properties of rocks in relation to engineering construction and geological disasters in cold regions.In this study,three different methods were employed to test and estimate the UWC of saturated sandstones,including nuclear magnetic resonance(NMR),mercury intrusion porosimetry(MIP),and ultrasonic methods.The NMR method enabled the direct measurement of the UWC of sandstones using the free induction decay(FID).The MIP method was used to analyze the pore structures of sandstones,with the UWC subsequently calculated based on pore ice crystallization.Therefore,the MIP test constituted an indirect measurement method.Furthermore,a correlation was established between the P-wave velocity and the UWC of these sandstones based on the mixture theory,which could be employed to estimate the UWC as an empirical method.All methods demonstrated that the UWC initially exhibited a rapid decrease from 0C to5C and then generally became constant beyond20C.However,these test methods had different characteristics.The NMR method was used to directly and accurately calculate the UWC in the laboratory.However,the cost and complexity of NMR equipment have precluded its use in the field.The UWC can be effectively estimated by the MIP test,but the estimation accuracy is influenced by the ice crystallization process and the pore size distribution.The P-wave velocity has been demonstrated to be a straightforward and practical empirical parameter and was utilized to estimate the UWC based on the mixture theory.This method may be more suitable in the field.All methods confirmed the existence of a hysteresis phenomenon in the freezing-thawing process.The average hysteresis coefficient was approximately 0.538,thus validating the GibbseThomson equation.This study not only presents alternative methodologies for estimating the UWC of saturated sandstones but also contribute to our understanding of the freezing-thawing process of pore water.

An Industrial Intrusion Detection Method Based on Hybrid Convolutional Neural Networks with Improved TCN

Network intrusion detection systems(NIDS)based on deep learning have continued to make significant advances.However,the following challenges remain:on the one hand,simply applying only Temporal Convolutional Networks(TCNs)can lead to models that ignore the impact of network traffic features at different scales on the detection performance.On the other hand,some intrusion detection methods considermulti-scale information of traffic data,but considering only forward network traffic information can lead to deficiencies in capturing multi-scale temporal features.To address both of these issues,we propose a hybrid Convolutional Neural Network that supports a multi-output strategy(BONUS)for industrial internet intrusion detection.First,we create a multiscale Temporal Convolutional Network by stacking TCN of different scales to capture the multiscale information of network traffic.Meanwhile,we propose a bi-directional structure and dynamically set the weights to fuse the forward and backward contextual information of network traffic at each scale to enhance the model’s performance in capturing the multi-scale temporal features of network traffic.In addition,we introduce a gated network for each of the two branches in the proposed method to assist the model in learning the feature representation of each branch.Extensive experiments reveal the effectiveness of the proposed approach on two publicly available traffic intrusion detection datasets named UNSW-NB15 and NSL-KDD with F1 score of 85.03% and 99.31%,respectively,which also validates the effectiveness of enhancing the model’s ability to capture multi-scale temporal features of traffic data on detection performance.