Article
Computer Science, Hardware & Architecture
Laurens D'hooge, Miel Verkerken, Tim Wauters, Bruno Volckaert, Filip De Turck
Summary: The intrusion detection field is increasingly adopting newer datasets with substantial increases in both height and width, geared towards evaluation by machine learning methods. The feature sets are primarily statistics derived from packets or flows, leading to significant bloat in the datasets due to overinclusiveness. The proposed hybrid feature selection mechanism aims to identify dominant feature sets hierarchically using statistical testing, resulting in improved effective and efficient use of the datasets.
Article
Computer Science, Information Systems
Antoni Jaszcz, Dawid Polap
Summary: This paper presents a framework called AIMM (Artificial Intelligence Merged Methods) for fast detection and defense against DDoS attacks. The framework consists of three modules: data preprocessing, classification, and decision-making, using various AI methods for decision-making. By analyzing the TCP/UDP information reaching the target server and employing a quick decision-making method, the framework achieves high accuracy in attack detection.
JOURNAL OF KING SAUD UNIVERSITY-COMPUTER AND INFORMATION SCIENCES
(2022)
Article
Computer Science, Information Systems
Abdullah I. A. Alzahrani, Amal Al-Rasheed, Amel Ksibi, Manel Ayadi, Mashael M. M. Asiri, Mohammed Zakariah
Summary: The translation discusses the importance of securing sensitive data in Internet of Things devices. It introduces a new intrusion detection model deployed at fog nodes to detect undesired traffic towards IoT devices. The Tab transformer model is proposed and shows high accuracy in classifying normal and abnormal traffic data as well as predicting multiple class attacks.
Article
Computer Science, Hardware & Architecture
Raj Kumar Batchu, Hari Seetha
Summary: In this paper, a novel efficient model is developed to detect DDOS attacks by addressing the issues of irrelevant features, lack of transparency, and class imbalance. The model improves the detection efficiency by performing data preprocessing, oversampling, feature selection, and dynamic ensemble selection. The results show that the model outperforms existing approaches and achieves high accuracy in the balanced data scenario.
Article
Computer Science, Information Systems
Devrim Akgun, Selman Hizal, Unal Cavusoglu
Summary: In this study, an intrusion detection system using preprocessing procedures and a deep learning model for detecting DDoS attacks was proposed. Various models based on deep neural networks (DNN), convolutional neural networks (CNN), and long short term memory (LSTM) were evaluated in terms of detection performance and real-time performance. The suggested CNN-based inception-like model achieved the best results in binary and multiclass accuracy. The proposed IDS system with preprocessing methods outperformed state-of-the-art studies.
COMPUTERS & SECURITY
(2022)
Article
Computer Science, Hardware & Architecture
Heather Lawrence, Uchenna Ezeobi, Orly Tauil, Jacob Nosal, Owen Redwood, Yanyan Zhuang, Gedare Bloom
Summary: This article introduces the CUPID dataset, which aims to address the limitations of existing datasets in network intrusion detection research. The CUPID dataset includes human-generated traffic with accurate labels, providing a valuable resource for training and testing machine learning algorithms used in network intrusion detection systems.
JOURNAL OF SYSTEMS ARCHITECTURE
(2022)
Article
Chemistry, Multidisciplinary
Daniyal Alghazzawi, Omaimah Bamasag, Hayat Ullah, Muhammad Zubair Asghar
Summary: DDoS attacks pose a serious risk to computer networks and systems, but using machine learning/deep learning for detection can be helpful. Existing research has utilized ML classifiers and conventional methods to predict DDoS attacks, but accuracy remains a challenge.
APPLIED SCIENCES-BASEL
(2021)
Article
Computer Science, Hardware & Architecture
Raj Kumar Batchu, Hari Seetha
Summary: In the digital era, the increased usage of network-connected devices has led to a rise in cyberattacks, with DDoS attacks becoming more complex to detect. By developing a new automatic detection methodology and utilizing approaches like reducing feature space and hyperparameter tuning, the GB model achieved a high accuracy of 99.97% on the CICDDoS2019 dataset.
Article
Computer Science, Information Systems
Muhammad Nadeem, Ali Arshad, Saman Riaz, Shahab S. Band, Amir Mosavi
Summary: This article discusses the security issues of cloud computing and defense mechanisms, focusing on monitoring the attack rate of the network using an Intrusion Detection System, and providing various solutions to protect the cloud server from attacks.
Article
Computer Science, Information Systems
Abimbola O. Sangodoyin, Mobayode O. Akinsolu, Prashant Pillai, Vic Grout
Summary: Software-defined networks (SDNs) provide robust network architectures for Internet of Things (IoT) applications but are also attractive targets for cyber attackers. Vulnerable to Distributed Denial of Service (DDoS) flooding attacks, machine learning algorithms such as Quadratic Discriminant Analysis (QDA), Gaussian Naive Bayes (GNB), k-nearest neighbor (k-NN), and Classification and Regression Tree (CART) are investigated for detecting and classifying these attacks on SDNs, with CART showing the best overall performance.
Review
Automation & Control Systems
M. Di Mauro, G. Galatro, G. Fortino, A. Liotta
Summary: Machine Learning techniques are becoming increasingly important in network intrusion detection for uncovering hidden cyber-threats in abnormal flows. However, dealing with the vast diversity and number of features in data traffic is a challenging problem.
ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE
(2021)
Article
Multidisciplinary Sciences
Omar E. Elejla, Mohammed Anbar, Shady Hamouda, Bahari Belaton, Taief Alaa Al-Amiedy, Iznan H. Hasbullah
Summary: This study proposes a flow-based IDS that improves detection accuracy by adding new features to differentiate between normal and malicious traffic behavior, and shows promising results in experimental evaluations.
Article
Computer Science, Information Systems
Khalid A. Alissa, Hadil Shaiba, Abdulbaset Gaddah, Ayman Yafoz, Raed Alsini, Omar Alghushairy, Amira Sayed A. Aziz, Mesfer Al Duhayyim
Summary: Intrusion detection system (IDS) is crucial for network security, and designing an effective IDS requires identifying essential features and preprocessing network traffic data. This paper proposes a Feature Subset Selection Hybrid Deep Belief Network based Cybersecurity Intrusion Detection (FSHDBN-CID) model. The FSHDBN-CID model focuses on intrusion recognition for network security, with different levels of data preprocessing and feature selection using the jaya optimization algorithm (JOA). It utilizes the HDBN model for classification, and can be enhanced with the chicken swarm optimization (CSO) technique. Experimental results show that the FSHDBN-CID model outperforms other models with an accuracy of 99.57%.
Article
Computer Science, Hardware & Architecture
Minzhao Lyu, Hassan Habibi Gharakheili, Vijay Sivaraman
Summary: Network attacks on enterprises are diverse and widespread, making it difficult to detect and handle them effectively. Existing practical solutions like firewalls are limited in their ability to monitor and detect distributed sources and flows of network attacks. In this paper, we propose PEDDA, a progressive multi-stage inference method that leverages programmable networks to detect distributed attacks. Our method applies inference stages with different granularities to partition and analyze packet streams based on the evolution of attacks. We prototype a proof-of-concept system consisting of three inference stages and evaluate its efficacy using real traffic traces from a large enterprise network injected with DDoS attacks.
Article
Chemistry, Multidisciplinary
Ruikui Ma, Qiuqian Wang, Xiangxi Bu, Xuebin Chen
Summary: With the rapid development of the Internet of Things (IoT), network traffic is increasing exponentially due to a vast number of connected devices. This has led to a rise in Distributed Denial of Service (DDoS) attacks, which are becoming larger in scale and easier to launch. To address this, a distributed DDoS attack detection algorithm using feature selection and random forest is proposed in this paper. The algorithm is deployed on SDN edge switches for fast and accurate detection of DDoS attacks, leveraging the residual computing power of the switches. Experimental results demonstrate that the proposed solution outperforms other methods in terms of accuracy, precision, recall, and F-value, with a prediction time of only 0.4 seconds.
APPLIED SCIENCES-BASEL
(2023)
Article
Computer Science, Information Systems
Yiqin Lu, Weiyue Su, Jiancheng Qin
MOBILE INFORMATION SYSTEMS
(2016)
Article
Engineering, Electrical & Electronic
Yiqin Lu, Jing Zhai, Ronghuan Zhu, Jiancheng Qin
JOURNAL OF SENSORS
(2016)
Article
Computer Science, Information Systems
Yiqin Lu, Meng Wang, Pengsen Huang
SECURITY AND COMMUNICATION NETWORKS
(2017)
Article
Engineering, Electrical & Electronic
Qin Jiancheng, Lu Yiqin, Zhong Yu
JOURNAL OF SENSORS
(2017)
Article
Engineering, Electrical & Electronic
Qin Jiancheng, Lu Yiqin, Zhong Yu
JOURNAL OF SENSORS
(2018)
Article
Engineering, Electrical & Electronic
Jiancheng Qin, Yiqin Lu, Yu Zhong
JOURNAL OF SENSORS
(2020)
Article
Computer Science, Information Systems
Meng Wang, Yiqin Lu, Jiancheng Qin
Summary: This paper proposes a defense method based on sFlow and improved SOM model in SDN, including macro-detection and micro-detection, to effectively identify and defend against DDoS attacks through a response strategy based on the global view.
Article
Computer Science, Information Systems
Zhongshu Mao, Yiqin Lu, Zhe Cheng, Xiong Shen, Yang Zhang, Jiancheng Qin
Summary: This study proposes a future momentum and future transformation (FMFT) method to enhance the transferability of adversarial examples under the black-box attack setting. The FMFT method incorporates future momentum (FM) and future transformation (FT), where FM updates adversarial examples with future N-th step momentum and FT utilizes input transformations to obtain a more robust gradient and reduce computation overhead. The study also introduces a new input transformation called random block scaling. Empirical evaluations on the ImageNet dataset demonstrate the superiority of the FMFT method.
COMPUTERS & SECURITY
(2023)
Article
Telecommunications
Zhuoxing Chen, Yiqin Lu, Haihan Wang, Jiancheng Qin, Meng Wang
Summary: Time-Sensitive Networking (TSN) is crucial for deterministic communications in time-critical traffic in real-time scenarios. This letter proposes and studies the neglected flow ordering problem in TSN, which offers a new perspective to improve the scheduling of large-scale TSN. The problem is formulated, its theoretical basis is investigated, and its NP-hardness is proved. Additionally, a hybrid search algorithm is proposed to provide an optimized scheduling order. Simulation results demonstrate the significant impact of the flow ordering problem on TSN scheduling and the effectiveness of the algorithm.
IEEE COMMUNICATIONS LETTERS
(2023)
Article
Computer Science, Information Systems
Zhuoxing Chen, Yiqin Lu, Jiancheng Qin, Zhe Cheng
Summary: CMD is an active defense theory that can effectively defend against security threats in cyberspace. However, the scheduling strategy algorithm needs improvement in real-time security, reliability, and universality to further develop and deploy CMD.
Article
Computer Science, Information Systems
Kashan Ahmed, Syed Khaldoon Khurshid, Sadaf Hina
Summary: This paper mainly introduces the construction of the cyber threat intelligence knowledge graph and the information extraction technique. By using joint extraction technique, it solves the problem of traditional techniques becoming ineffective due to the increasing size of CTI data. Experimental results show that this technique outperforms state-of-the-art models in knowledge triple extraction on CTI data and improves the F1 score.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Xinlong He, Yang Xu, Sicong Zhang, Weida Xu, Jiale Yan
Summary: This paper proposes a new membership inference attack method in federated learning, which utilizes data poisoning and sequence prediction confidence. The attack is effective and results in minimal overall model performance degradation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wonwoo Choi, Minjae Seo, Seongman Lee, Brent Byunghoon Kang
Summary: This paper proposes SUM, a backward-edge control flow protection scheme for ARM Cortex-M processors. It combines MPU and the overlooked hardware feature FaultMask to achieve efficient and robust protection. The empirical evaluation shows minimal runtime overhead for the proposed solution.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Liliana Ribeiro, Ines Sousa Guedes, Carla Sofia Cardoso
Summary: Phishing susceptibility is influenced by individual and contextual factors. The study found that individuals who perceive themselves as capable of detecting phishing and those who use online services more frequently are more susceptible to phishing. However, technology competencies and other individual variables do not predict phishing susceptibility.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wenjie Wang, Yuanhai Shao, Yiju Wang
Summary: In this paper, we investigate the adversarial perturbations of twin support vector machines (TWSVMs) and propose an optimization framework, which provides explicit solutions to increase the interpretability of the conclusion and convenience for calculation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Snofy D. Dunston, V. Mary Anita Rajam
Summary: This paper proposes a novel adversarial attack technique that can synthesize adversarial images to mislead deep learning models, and also studies interpretability plots. The research findings show that the proposed attack technique influences the interpretability plots, regardless of the success of the attack.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Junchen Li, Guang Cheng, Zongyao Chen, Peng Zhao
Summary: Protocol Reverse Engineering (PRE) is a direct approach for analyzing unknown traffic. This paper proposes a method for clustering unknown traffic based on private protocol labels, and the experimental results demonstrate its advantages on real-world network traffic.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Rafal Kozik, Massimo Ficco, Aleksandra Pawlicka, Marek Pawlicki, Francesco Palmieri, Michal Choras
Summary: The inclusion of Explainability of Artificial Intelligence (xAI) has become a mandatory requirement for designing and implementing reliable, interpretable, and ethical AI solutions. However, it has been shown that xAI can enable successful adversarial attacks in the domain of fake news detection, leading to a decrease in AI security. This paper presents an attack scheme that uses an explainable solution to reshape the structure of the original message, allowing the adversary to manipulate the model's prediction while keeping the message's meaning intact.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Benyuan Yang, Lili Luo, Zhimeng Wang
Summary: Interoperation is widely used in practical industrial applications, but merging local access control policies may lead to security violations. Dealing with these issues in a multidomain environment is critical, but finding the maximum secure interoperation among individual systems poses a challenge due to the large number of entities and access involved.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Binghui Zou, Chunjie Cao, Longjuan Wang, Sizheng Fu, Tonghua Qiao, Jingzhang Sun
Summary: The ongoing struggle between security researchers and malware has led to the exploration of using convolutional neural networks and capsule networks for classification and identification of malware. However, training these networks requires a significant amount of data and parameters, and the research on capsule networks is still in its early stages, posing challenges.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Hongsong Chen, Xingyu Li, Wenmao Liu
Summary: Multivariate time-series anomaly detection is crucial for maintaining normal operation of physical equipment. Recent advances have been made in this field, but two challenges have limited the model's ability to generalize. To address these challenges, a multivariate time-series anomaly detection model consisting of a characterization network and a forecasting network is proposed. Experimental results demonstrate that this method outperforms baseline methods in terms of detection performance and robustness.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Roberto Doriguzzi-Corin, Domenico Siracusa
Summary: This paper discusses the application of federated learning in the field of cybersecurity and proposes an adaptive mechanism-based federated learning solution for DDoS attack detection in dynamic cybersecurity scenarios. Through experiments, it is demonstrated that the proposed solution outperforms state-of-the-art federated learning algorithms in terms of convergence time and accuracy.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Antonio Giovanni Schiavone
Summary: The usage of HTTPS protocol is crucial for secure communication with websites, ensuring the confidentiality, integrity, and authenticity of online data transmissions. The Municipality2HTTPS research project analyzed the implementation of HTTPS in Italian municipalities' websites and identified areas for improvement.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Domna Bilika, Nikoletta Michopoulou, Efthimios Alepis, Constantinos Patsakis
Summary: Voice Assistants (VAs) are widely used in smart devices, but are vulnerable to attacks, as shown by experiments with popular VAs revealing successful attack rates exceeding 30% and statistical variations among vendors, calling for additional countermeasures to protect user information.
COMPUTERS & SECURITY
(2024)