Machine Learning Security Defense Algorithms Based on Metadata Correlation Features

With the popularization of the Internet and the development of technology,cyber threats are increasing day by day.Threats such as malware,hacking,and data breaches have had a serious impact on cybersecurity.The network security environment in the era of big data presents the characteristics of large amounts of data,high diversity,and high real-time requirements.Traditional security defense methods and tools have been unable to cope with the complex and changing network security threats.This paper proposes a machine-learning security defense algorithm based on metadata association features.Emphasize control over unauthorized users through privacy,integrity,and availability.The user model is established and the mapping between the user model and the metadata of the data source is generated.By analyzing the user model and its corresponding mapping relationship,the query of the user model can be decomposed into the query of various heterogeneous data sources,and the integration of heterogeneous data sources based on the metadata association characteristics can be realized.Define and classify customer information,automatically identify and perceive sensitive data,build a behavior audit and analysis platform,analyze user behavior trajectories,and complete the construction of a machine learning customer information security defense system.The experimental results show that when the data volume is 5×103 bit,the data storage integrity of the proposed method is 92%.The data accuracy is 98%,and the success rate of data intrusion is only 2.6%.It can be concluded that the data storage method in this paper is safe,the data accuracy is always at a high level,and the data disaster recovery performance is good.This method can effectively resist data intrusion and has high air traffic control security.It can not only detect all viruses in user data storage,but also realize integrated virus processing,and further optimize the security defense effect of user big data.

The Effects of Job Security, Features, Personal Values, and Recognition on Organizational Involvement

As extrinsic rewards become very limited under organizational retrenchments, organizations should rely heavily on other types of rewards, such as intrinsic rewards, to improve the performance of those employees who have been overwhelmed with a perception of job insecurity. This paper examines the impact of such perception, along with many other positive influencers such as enhancement in job features, recognition, and the personal values of those employees on the organizational involvement. The data analyzed were based on a sample of 34 employee respondents from a project based engineering and service company （identified as ABC Company in this paper） operating in the Middle East. The adopted research approach is basically a quantitative approach. The correlation and regression analysis tools have been used to explore this relationship. The results of this study suggest a generally unnoticed and disregarded resource that has the prime effect on improving and enhancing the organizational involvement, which is the recognition those employees receive from the management. This research suggests that recognition, as the top influencer, has a strong impact on organizational involvement/psychological attachment for the employees. The other factors that have proved to have the second degree influence on organizational involvement are enhancement in job features, increase in the job security level, and personal values.

New NATO: Special Features and Impact on European Security

The North Atlantic Treaty Organization(NATO) has made two major strate-gic readjustments in the post-Cold War years to shake off the awkward posi-tion when its raison d’etre was called into doubt. At the 1991 Rome Summit, an"All-dimensional defense strategy" was put forth with conflict prevention andcrisis management as its core mission. Preparations for the second strategic read-justment began in 1997 and the concept of a 21st century-oriented new strategywas declared at the Washington Summit last April.

Proposed Biometric Security System Based on Deep Learning and Chaos Algorithms

Nowadays,there is tremendous growth in biometric authentication and cybersecurity applications.Thus,the efficient way of storing and securing personal biometric patterns is mandatory in most governmental and private sectors.Therefore,designing and implementing robust security algorithms for users’biometrics is still a hot research area to be investigated.This work presents a powerful biometric security system(BSS)to protect different biometric modalities such as faces,iris,and fingerprints.The proposed BSSmodel is based on hybridizing auto-encoder(AE)network and a chaos-based ciphering algorithm to cipher the details of the stored biometric patterns and ensures their secrecy.The employed AE network is unsupervised deep learning(DL)structure used in the proposed BSS model to extract main biometric features.These obtained features are utilized to generate two random chaos matrices.The first random chaos matrix is used to permute the pixels of biometric images.In contrast,the second random matrix is used to further cipher and confuse the resulting permuted biometric pixels using a two-dimensional(2D)chaotic logisticmap(CLM)algorithm.To assess the efficiency of the proposed BSS,(1)different standardized color and grayscale images of the examined fingerprint,faces,and iris biometrics were used(2)comprehensive security and recognition evaluation metrics were measured.The assessment results have proven the authentication and robustness superiority of the proposed BSSmodel compared to other existing BSSmodels.For example,the proposed BSS succeeds in getting a high area under the receiver operating characteristic(AROC)value that reached 99.97%and low rates of 0.00137,0.00148,and 3516 CMC,2023,vol.74,no.20.00157 for equal error rate(EER),false reject rate(FRR),and a false accept rate(FAR),respectively.

Improving Knowledge Based Spam Detection Methods: The Effect of Malicious Related Features in Imbalance Data Distribution

Spam is no longer just commercial unsolicited email messages that waste our time, it consumes network traffic and mail servers’ storage. Furthermore, spam has become a major component of several attack vectors including attacks such as phishing, cross-site scripting, cross-site request forgery and malware infection. Statistics show that the amount of spam containing malicious contents increased compared to the one advertising legitimate products and services. In this paper, the issue of spam detection is investigated with the aim to develop an efficient method to identify spam email based on the analysis of the content of email messages. We identify a set of features that have a considerable number of malicious related features. Our goal is to study the effect of these features in helping the classical classifiers in identifying spam emails. To make the problem more challenging, we developed spam classification models based on imbalanced data where spam emails form the rare class with only 16.5% of the total emails. Different metrics were utilized in the evaluation of the developed models. Results show noticeable improvement of spam classification models when trained by dataset that includes malicious related features.

Feature Selection with Deep Reinforcement Learning for Intrusion Detection System

An intrusion detection system(IDS)becomes an important tool for ensuring security in the network.In recent times,machine learning(ML)and deep learning(DL)models can be applied for the identification of intrusions over the network effectively.To resolve the security issues,this paper presents a new Binary Butterfly Optimization algorithm based on Feature Selection with DRL technique,called BBOFS-DRL for intrusion detection.The proposed BBOFSDRL model mainly accomplishes the recognition of intrusions in the network.To attain this,the BBOFS-DRL model initially designs the BBOFS algorithm based on the traditional butterfly optimization algorithm(BOA)to elect feature subsets.Besides,DRL model is employed for the proper identification and classification of intrusions that exist in the network.Furthermore,beetle antenna search(BAS)technique is applied to tune the DRL parameters for enhanced intrusion detection efficiency.For ensuring the superior intrusion detection outcomes of the BBOFS-DRL model,a wide-ranging experimental analysis is performed against benchmark dataset.The simulation results reported the supremacy of the BBOFS-DRL model over its recent state of art approaches.

Metaheuristics with Machine Learning Enabled Information Security on Cloud Environment

The increasing quantity of sensitive and personal data being gathered by data controllers has raised the security needs in the cloud environment.Cloud computing(CC)is used for storing as well as processing data.Therefore,security becomes important as the CC handles massive quantity of outsourced,and unprotected sensitive data for public access.This study introduces a novel chaotic chimp optimization with machine learning enabled information security(CCOML-IS)technique on cloud environment.The proposed CCOML-IS technique aims to accomplish maximum security in the CC environment by the identification of intrusions or anomalies in the network.The proposed CCOML-IS technique primarily normalizes the networking data by the use of data conversion and min-max normalization.Followed by,the CCOML-IS technique derives a feature selection technique using chaotic chimp optimization algorithm(CCOA).In addition,kernel ridge regression(KRR)classifier is used for the detection of security issues in the network.The design of CCOA technique assists in choosing optimal features and thereby boost the classification performance.A wide set of experimentations were carried out on benchmark datasets and the results are assessed under several measures.The comparison study reported the enhanced outcomes of the CCOML-IS technique over the recent approaches interms of several measures.

Construction of Three-dimensional power security Defense System Based on T-S Model Fuzzy Neural Network

With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex network environment. Aiming at this situation, by using the method of T-S fuzzy neural network model to analyze the characteristics of the data transmission in network, it has obtained corresponding threat information. By processing these threat information, it completes the construction of three-dimensional power security defense system. The paper carries on the corresponding data training methods by using T-shirt model fuzzy neural network, which has certain reference significance for the data analysis of other similar fields. At the same time, the study of building on the three-dimensional power security defense system aims to provide a theoretical reference for solving the security defense of the current complex network environment.

Fusion of Feature Ranking Methods for an Effective Intrusion Detection System

Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to protect the network from vulnerabilities and attacks.Although extensive research was reported in IDS,detecting novel intrusions with optimal features and reducing false alarm rates are still challenging.Therefore,we developed a novel fusion-based feature importance method to reduce the high dimensional feature space,which helps to identify attacks accurately with less false alarm rate.Initially,to improve training data quality,various preprocessing techniques are utilized.The Adaptive Synthetic oversampling technique generates synthetic samples for minority classes.In the proposed fusion-based feature importance,we use different approaches from the filter,wrapper,and embedded methods like mutual information,random forest importance,permutation importance,Shapley Additive exPlanations(SHAP)-based feature importance,and statistical feature importance methods like the difference of mean and median and standard deviation to rank each feature according to its rank.Then by simple plurality voting,the most optimal features are retrieved.Then the optimal features are fed to various models like Extra Tree(ET),Logistic Regression(LR),Support vector Machine(SVM),Decision Tree(DT),and Extreme Gradient Boosting Machine(XGBM).Then the hyperparameters of classification models are tuned with Halving Random Search cross-validation to enhance the performance.The experiments were carried out on the original imbalanced data and balanced data.The outcomes demonstrate that the balanced data scenario knocked out the imbalanced data.Finally,the experimental analysis proved that our proposed fusionbased feature importance performed well with XGBM giving an accuracy of 99.86%,99.68%,and 92.4%,with 9,7 and 8 features by training time of 1.5,4.5 and 5.5 s on Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD),Canadian Institute for Cybersecurity(CIC-IDS 2017),and UNSW-NB15,datasets respectively.In addition,the suggested technique has been examined and contrasted with the state of art methods on three datasets.

Hybrid Metaheuristics Feature Selection with Stacked Deep Learning-Enabled Cyber-Attack Detection Model

Due to exponential increase in smart resource limited devices and high speed communication technologies,Internet of Things(IoT)have received significant attention in different application areas.However,IoT environment is highly susceptible to cyber-attacks because of memory,processing,and communication restrictions.Since traditional models are not adequate for accomplishing security in the IoT environment,the recent developments of deep learning(DL)models find beneficial.This study introduces novel hybrid metaheuristics feature selection with stacked deep learning enabled cyber-attack detection(HMFS-SDLCAD)model.The major intention of the HMFS-SDLCAD model is to recognize the occurrence of cyberattacks in the IoT environment.At the preliminary stage,data pre-processing is carried out to transform the input data into useful format.In addition,salp swarm optimization based on particle swarm optimization(SSOPSO)algorithm is used for feature selection process.Besides,stacked bidirectional gated recurrent unit(SBiGRU)model is utilized for the identification and classification of cyberattacks.Finally,whale optimization algorithm(WOA)is employed for optimal hyperparameter optimization process.The experimental analysis of the HMFS-SDLCAD model is validated using benchmark dataset and the results are assessed under several aspects.The simulation outcomes pointed out the improvements of the HMFS-SDLCAD model over recent approaches.

基于深度置信网络的电网安全稳定控制系统故障诊断方法

安全稳定控制系统(安控系统)控制节点多、控制链条长,若因故障导致拒动或者误动,将给电网的运行造成严重危害。安控系统的故障诊断是电力系统安全稳定运行的基础。现有安控系统的故障诊断主要依赖于技术人员依据通信报文辅助判别异常原因,难以对安控系统各个环节故障进行实时诊断。为此,分析了安控系统故障的存在环节和产生原因,提取了安控系统故障特征量;建立了基于深度置信网络的安控系统故障诊断模型,提出了安控系统故障诊断方法;最后选取安控系统运行故障样本,验证了故障诊断方法的正确性。

基于特征约束和自适应损失平衡的机器遗忘方法

随着数字化进程的加速推进,数据要素已成为现代社会运转的核心驱动力.由于深度学习模型训练需要大量数据作为输入,其数据隐私保护问题也愈发重要.机器遗忘技术使模型能够删除特定数据的影响,同时保持对剩余数据的泛化性能,为深度学习模型中的数据要素安全保护提供了有效的解决方案.现有的机器遗忘方法主要分为精确遗忘和近似遗忘2类,但前者需要干预模型原始训练流程,后者则在遗忘效果和模型泛化能力之间难以找到平衡点.为此,提出了一种基于特征约束和自适应损失平衡的近似遗忘框架.首先,对于“遗忘”过程,使用同样未经过遗忘样本训练的随机模型作为教师来引导遗忘模型的特征输出,实现模型对数据要素在特征层面的遗忘.然后,采用少量剩余数据进行微调训练,来“恢复”模型对于其他数据的泛化性能.将上述机器遗忘框架视为一个多任务优化问题,在“遗忘”和“恢复”2个任务中引入自适应损失平衡,实现任务的稳步训练.以卷积神经网络模型为例,在3个公开数据集上对比了UNSIR等多种基线方法,实验结果表明,该方法构建的遗忘模型不仅保障了机器遗忘效果,在剩余数据的准确率、时间开销、预测结果分布等指标上优于同类方法,更加有效地保护了模型的泛化性能.

基于改进多因子优化蝙蝠算法的网络入侵检测方法

针对高维网络数据存在大量冗余和不相关的特征导致入侵检测准确率低的问题,提出了一种改进的多因子优化蝙蝠算法(IMFBA)用于数据特征选择,筛选出具有最大信息量的特征子集,提高网络入侵检测精度。首先,在多因子优化框架下设计全局特征选择任务和局部特征选择任务,并通过基于蝙蝠算法所设计的选型交配和垂直文化传播算子实现不同任务间的信息共享,从而帮助全局特征选择任务更快锁定最优解空间,提高算法收敛速度和稳定性。其次,通过将反向学习策略和差分进化引入蝙蝠算法,重新设计算法初始解选择阶段及个体更新过程,弥补其缺少突变机制的不足,增强解的多样性,帮助算法摆脱局部最优。最后,提出一种自适应参数调整策略,根据潜在最优解质量决定其指导个体更新的权重,避免在多任务特征选择过程中出现知识负迁移现象,实现全局搜索与局部开发之间的平衡。实验结果表明:IMFBA所选特征子集对网络入侵数据集KDD CUP 99和NSL-KDD分类结果的准确率分别为95.37%和85.14%,相较于完整特征集提升了3.01百分点和9.78百分点。IMFBA算法能选择更高质量特征子集并提升网络入侵检测准确率。

基于击键特征的身份认证系统设计与实现

随着互联网技术的飞速发展,个人信息安全越来越被重视。基于用户名与口令的传统身份认证方式存在口令被泄密的风险,以人脸识别与指纹识别为主的生物特征识别技术因高昂的设备与复杂的算法使其通用性大受影响,采用生物行为特征对用户身份进行识别已成为研究热点。为此,设计一种口令与击键特征相结合的双因素认证方案,通过采集输入口令以及输入口令时的个人击键行为特征,结合新维信息优先思想,利用统计学算法与曼哈顿算法对采集到的用户击键行为特征数据进行分析与建模,并与当前用户的击键行为特征进行相似度匹配,从而对用户身份进行认证。基于该方案设计的系统不仅具有界面友好、操作方便、安全性高等特性,而且能自动显示每个用户的击键特征曲线,可作为重要信息系统的第一道安全闸门。

基于学习的源代码漏洞检测研究与进展

源代码漏洞自动检测是源代码漏洞修复的前提和基础,对于保障软件安全具有重要意义.传统的方法通常是基于安全专家人工制定的规则检测漏洞,但是人工制定规则的难度较大,且可检测的漏洞类型依赖于安全专家预定义的规则.近年来,人工智能技术的快速发展为实现基于学习的源代码漏洞自动检测提供了机遇.基于学习的漏洞检测方法是指使用基于机器学习或深度学习技术来进行漏洞检测的方法,其中基于深度学习的漏洞检测方法由于能够自动提取代码中漏洞相关的语法和语义特征,避免特征工程,在漏洞检测领域表现出了巨大的潜力,并成为近年来的研究热点.本文主要回顾和总结了现有的基于学习的源代码漏洞检测技术,对其研究和进展进行了系统的分析和综述,重点对漏洞数据挖掘与数据集构建、面向漏洞检测任务的程序表示方法、基于机器学习和深度学习的源代码漏洞检测方法、源代码漏洞检测的可解释方法、细粒度的源代码漏洞检测方法等五个方面的研究工作进行了系统的分析和总结.在此基础上,给出了一种结合层次化语义感知、多粒度漏洞分类和辅助漏洞理解的漏洞检测参考框架.最后对基于学习的源代码漏洞检测技术的未来研究方向进行了展望.

网络安全审计中特征数据关联方法的研究

文章提出了一种基于多特征要素的网络安全审计中的特征数据关联方法。该方法以国际移动设备识别码(International Mobile Equipment Identity,IMEI)、国际移动用户识别码(International Mobile Subscriber Identification,IMSI)、移动终端MAC(TERMINAL_MAC)地址三个特征要素为关联因子,通过持续更新完善特征信息串的方式,有效解决了在接入网络的移动终端MAC地址可能发生周期变化的情况下,构建移动终端用户唯一虚拟画像的问题。

安检图像小目标违禁品特征提取模块构建与应用

针对物流包裹安检图像中小目标违禁品易漏检问题,通过在感受野模块的多分支并行网络上引入卷积注意力模块,构建一种适用于小目标违禁品检测的特征提取模块。在此基础上,将构建的特征提取模块融入YOLOv5模型的主干部分,使得模型在违禁品检测的过程中聚焦于图像的重要特征。为了充分发挥所构建模块对于小目标物体的特征提取能力,采用空间深度转换模块替代原模型中的下采样模块,使得YOLOv5模型在特征提取的过程中能够尽可能地保留小目标物体的特征信息,提高对小目标违禁品的检测效果。

基于多模态生物特征识别的高校门禁系统设计与实现

为解决传统门禁系统对实体校园卡的过度依赖、数据应用能力差、无法形成精细化管理等问题,在已有门禁系统架构基础上,基于一卡通专网,采用分布式架构设计了一种基于多模态生物特征识别的高校智慧门禁系统。该系统集采集管理、生物数据库、算法服务、校门口出入管理、访客出入管理、公寓管理、设备管理和出入权限管理等功能于一体,实现了校园出入口的智慧化管理,提升了校园安全管理效率,为下一步的智慧校园建设奠定了应用基础。

Applying an Improved Dung Beetle Optimizer Algorithm to Network Traffic Identification

Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexity,leading to practical problems in traffic identification data analytics.Since the original Dung Beetle Optimizer(DBO)algorithm,Grey Wolf Optimization(GWO)algorithm,Whale Optimization Algorithm(WOA),and Particle Swarm Optimization(PSO)algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution,an Improved Dung Beetle Optimizer(IDBO)algorithm is proposed for network traffic identification.Firstly,the Sobol sequence is utilized to initialize the dung beetle population,laying the foundation for finding the global optimal solution.Next,an integration of levy flight and golden sine strategy is suggested to give dung beetles a greater probability of exploring unvisited areas,escaping from the local optimal solution,and converging more effectively towards a global optimal solution.Finally,an adaptive weight factor is utilized to enhance the search capabilities of the original DBO algorithm and accelerate convergence.With the improvements above,the proposed IDBO algorithm is then applied to traffic identification data analytics and feature selection,as so to find the optimal subset for K-Nearest Neighbor(KNN)classification.The simulation experiments use the CICIDS2017 dataset to verify the effectiveness of the proposed IDBO algorithm and compare it with the original DBO,GWO,WOA,and PSO algorithms.The experimental results show that,compared with other algorithms,the accuracy and recall are improved by 1.53%and 0.88%in binary classification,and the Distributed Denial of Service(DDoS)class identification is the most effective in multi-classification,with an improvement of 5.80%and 0.33%for accuracy and recall,respectively.Therefore,the proposed IDBO algorithm is effective in increasing the efficiency of traffic identification and solving the problem of the original DBO algorithm that converges slowly and falls into the local optimal solution when dealing with high-dimensional data analytics and feature selection for network traffic identification.

基于自组织特征映射模型(SOFM)网络的中国自然资源生态安全区划

自然资源生态安全是国家安全的重要组成部分,自然资源生态安全区划对保障区域可持续发展提供了重要途径。基于自然资源数据、生态环境数据和相关区划资料,从生态敏感性与生态服务重要性角度构建了自然资源生态安全评价指标体系,进而揭示了中国自然资源生态安全的空间格局;通过建立区划的原则和指标,按照一级区主要反映自然资源空间分布格局,二级区主要揭示自然资源生态安全水平的差异,采用SOFM网络制订了中国自然资源生态安全区划方案。结果显示:(1)中国自然资源生态安全水平整体偏低,以中警与重警状态区域为主,安全和较安全状态的区域仅占24.22%,其中低安全等级区多分布于400mm等降水量线以西的干旱、半干旱区,高安全等级区则集中分布于水热资源与生物资源较为丰富的东南部地区;(2)中国自然资源生态安全区划方案包括8个一级区与27个二级区,总结归纳各大区自然资源的特征和威胁生态安全的问题,并针对二级区自然资源生态安全状况提出了对策建议。研究结果可为分区、分类推进全国自然资源可持续利用和国土空间优化提供理论支持与决策依据。