Article
Chemistry, Analytical
Maria Rodriguez, Alvaro Alesanco, Lorena Mehavilla, Jose Garcia
Summary: This study analyzes different machine learning techniques for flow-based intrusion detection and finds that tree-based methods, such as PART or J48, offer a faster and efficient alternative to the RF technique. The results obtained on the CICIDS2017 dataset show high classification performance with reduced execution times.
Article
Computer Science, Hardware & Architecture
Mohanad Sarhan, Siamak Layeghy, Marius Portmann
Summary: This paper proposes and evaluates standard NIDS feature sets based on the NetFlow network meta-data collection protocol and system to address the lack of standard feature sets in current NIDS datasets. The NetFlow-based NIDS feature set allows for a fair comparison of ML-based network traffic classifiers across different NIDS datasets, potentially bridging the gap between academic research and practical deployment of such systems.
MOBILE NETWORKS & APPLICATIONS
(2022)
Review
Computer Science, Information Systems
Huseyin Ahmetoglu, Resul Das
Summary: The development of network technologies and the increasing amount of data transferred on networks have led to a rise in cyber threats and attacks. Machine learning offers tools and techniques for automating the detection and analysis of these attacks. This study discusses the different machine learning approaches used to detect and analyze attacks, including anomaly detection, classification, and analysis. The study also examines the performance and results of different methods, as well as the datasets used in the research.
INTERNET OF THINGS
(2022)
Article
Computer Science, Information Systems
Kohei Miyamoto, Masazumi Iida, Chansu Han, Tao Ban, Takeshi Takahashi, Jun'ichi Takeuchi
Summary: This study proposes a session-level classification approach that consolidates packet-level classification outputs to identify anomalous sessions. Experimental results demonstrate the high performance and efficiency of this approach.
Article
Green & Sustainable Science & Technology
Imran, Faisal Jamil, Dohyeun Kim
Summary: The article discusses an intrusion detection system based on the ensemble of prediction and learning mechanisms to improve anomaly detection accuracy in a network intrusion environment. The learning mechanism is based on automated machine learning, and the prediction model is based on the Kalman filter. Through performance analysis of the UNSW-NB15 and CICIDS2017 datasets, the proposed model-based intrusion detection accuracy is 98.801 percent for the UNSW-NB15 dataset and 97.02 percent for the CICIDS2017 dataset, showing significant improvement in intrusion detection accuracy with the proposed ensemble model.
Article
Computer Science, Artificial Intelligence
Mohanad Sarhan, Siamak Layeghy, Marius Portmann
Summary: Machine Learning-based network intrusion detection systems have significant benefits for enhancing cybersecurity, but there are challenges in their development and evaluation, such as limited evaluation of ML models and lack of understanding of internal ML operations. This paper overcomes these challenges by evaluating the generalisability of a common feature set and using explainable AI methods to interpret ML models' classification decisions.
Article
Computer Science, Information Systems
Mohanad Sarhan, Siamak Layeghy, Nour Moustafa, Marius Portmann
Summary: In this paper, a collaborative cyber threat intelligence sharing scheme is proposed to design and evaluate a robust ML-based network intrusion detection system using heterogeneous network data samples from different organisations. The scheme utilizes a common format for network data traffic and a federated learning mechanism to protect sensitive users' information. The proposed framework is able to effectively classify various traffic types from multiple organisations without the need for inter-organisational data exchange.
JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT
(2023)
Article
Computer Science, Information Systems
Blue Lan, Ta-Chun Lo, Rico Wei, Heng-Yu Tang, Ce-Kuen Shieh
Summary: A quantitative logarithmic transformation-based intrusion detection system is proposed, which uses a statistical approach to analyze network behavior and can detect various malicious attacks without the need for time-consuming data collection and training process or GPU devices for real-time detection performance.
Article
Computer Science, Information Systems
N. G. Bhuvaneswari Amma
Summary: This paper proposes a method for detecting cyber attacks using deep learning techniques. By using the Vector Convolutional Deep Autonomous Learning (VCDAL) classifier, unknown attacks can be detected in real time, and significant results have been achieved in experiments.
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS
(2022)
Article
Multidisciplinary Sciences
Ebtihaj Alshahrani, Daniyal Alghazzawi, Reem Alotaibi, Osama Rabie
Summary: The research conducted experiments on adversarial machine learning, indicating that evasion attacks had a significant impact on the accuracy of machine learning-based network intrusion detection systems.
Article
Operations Research & Management Science
Marc Chale, Bruce Cox, Jeffery Weir, Nathaniel D. Bastian
Summary: Deep learning achieves high intrusion detection rates without feature engineering. However, existing adversarial machine learning methods fail to work well in the constrained cyber domain due to the production of non-functional network packets. This research develops a meta-heuristic based generative model to generate adversarial examples that maximize the classification loss of packet payloads, and shows that NIDS classifiers are vulnerable to adversarial attacks in the test network intrusion detection system classifiers.
OPTIMIZATION LETTERS
(2023)
Article
Computer Science, Theory & Methods
Hongling Jiang, Jinzhi Lin, Haiyan Kang
Summary: Due to the increasing reliance on machine learning models for network intrusion detectors in the Internet of Things (IoT), attacks against these detectors are also on the rise. Existing solutions for adversarial attacks against IoT networks are rare and have limitations. To address this problem, we propose an algorithm to generate adversarial samples and evaluate the performance of the IoT network intrusion detector. We also present a novel framework, FGMD (Feature Grouping and Multi-model fusion Detector), that can defend against adversarial attacks through feature grouping and multi model fusion. Experimental results demonstrate the effectiveness of FGMD against adversarial attacks.
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
(2022)
Article
Computer Science, Hardware & Architecture
Soumyadeep Thakur, Anuran Chakraborty, Rajonya De, Neeraj Kumar, Ram Sarkar
Summary: This paper proposes a model that extracts useful features from given features and uses a deep learning algorithm to classify intrusions. Specific domains and generic network intrusions typically require different features for classification. The proposed method achieves new benchmark results on the CICIDS2017 dataset.
COMPUTERS & ELECTRICAL ENGINEERING
(2021)
Article
Engineering, Electrical & Electronic
Meenu Rani Dey, Moumita Patra, Prabhat Mishra
Summary: This paper proposes effective solutions for real-time detection and localization of DoS attacks in an LTE-based vehicular network, including an attack detection technique based on data packet counter and average Packet Delivery Ratio (PDR), an improved attack detection framework using machine learning algorithms, and localization methods based on Data Packet Counter (DPC), triangulation, and measurement report. Experimental results demonstrate that our proposed technique significantly outperforms state-of-the-art techniques.
IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
(2023)
Article
Optics
Estabraq Saleem Abduljabbar Alars, Sefer Kurnaz
Summary: The study aims to utilize fusion network traffic and host traffic features in wireless networks for network interruption detection, enabling the system to recognize disruptions and attacks in real-time for various applications. The system, built using the Python programming language, reduces complexity, improves performance, and ensures memory safety.
Article
Telecommunications
Ibrahim Aqeel, Ephraim Iorkyase, Hussein Zangoti, Christos Tachtatzis, Robert Atkinson, Ivan Andonovic
Summary: This paper evaluates the performance of LoRaWAN Received Signal Strength Indicator (RSSI)-based node localisation in a sandstorm environment. The authors utilize machine learning algorithms to create unique signatures representing different locations. The proposed method reduces node localisation complexity and improves performance compared to GPS-based approaches.
IET WIRELESS SENSOR SYSTEMS
(2023)
Article
Computer Science, Artificial Intelligence
Hanan Hindy, Christos Tachtatzis, Robert Atkinson, David Brosset, Miroslav Bures, Ivan Andonovic, Craig Michie, Xavier Bellekens
Summary: This paper investigates the use of supervised machine learning to enhance intrusion detection systems and proposes a complementary approach called one-shot learning, which identifies new attack classes using a limited number of examples. The experimental results confirm the adaptability of this method in handling unknown attacks and the trade-off between performance and the need for distinct class representations.
JOURNAL OF INTELLIGENT INFORMATION SYSTEMS
(2023)
Review
Engineering, Biomedical
Thomas H. Nown, Priti Upadhyay, Andrew Kerr, Ivan Andonovic, Christos Tachtatzis, Madeleine A. Grealy
Summary: Movement sonification is a valuable tool for rehabilitation and its use is supported by increasing evidence. However, creating such a system requires consideration of unique design choices, such as the dimension of movement to sonify, the section of anatomy to track, and the methodology of motion capture. This review analyzes existing real-time movement sonification systems to identify common design choices and trends, providing an overview of the field.
IEEE REVIEWS IN BIOMEDICAL ENGINEERING
(2023)
Article
Chemistry, Analytical
Chris Davison, Craig Michie, Christos Tachtatzis, Ivan Andonovic, Jenna Bowen, Carol-Anne Duthie
Summary: This study predicts the Feed Conversion Ratio (FCR) for individual animals by using estimates of individual animal feed intake made through time spent feeding measurements. Data of eating time for 80 beef animals over a 56-day period were collected to predict feed intake. A Support Vector Regression (SVR) model was trained to predict feed intake and animals were categorized into three groups based on estimated FCR values. The results demonstrate the feasibility of using "time spent eating" data to estimate feed intake and provide insights for optimizing production costs.
Article
Energy & Fuels
Ephraim Tersoo Iorkyase, Christos Tachtatzis, Robert Atkinson
Summary: This paper proposes an enhanced radiolocation technique to locate partial discharge (PD) by sensing the radio frequency spectrum and extracting PD location features. A fingerprint matching algorithm and Principal Component Analysis (PCA) are used to develop a PD localization model based on extracted signal features, which improves the accuracy of PD localization.
Article
Environmental Sciences
Mikolaj Czerkawski, Robert Atkinson, Craig Michie, Christos Tachtatzis
Summary: This work proposes an open-source simulation tool that can generate a diverse and unlimited number of high-quality simulated data, which can be used to adjust cloud appearance without any annotation cost. The performance of models trained on simulated data for cloud detection and removal approaches that of models trained on real data, demonstrating the quality and utility of the generated clouds.
Article
Computer Science, Information Systems
Melchizedek Alipio, Miroslav Bures
Summary: This study aims to develop a predictive model using machine learning techniques to monitor and maintain FTTH networks. The results show that the K-nearest neighbors model and the feedforward artificial neural network model are the most accurate classification models, effectively identifying and addressing anomalies affecting network services.
IEEE INTERNET OF THINGS JOURNAL
(2023)
Article
Computer Science, Information Systems
Matej Klima, Miroslav Bures, Bestoun S. Ahmed, Xavier Bellekens, Robert Atkinson, Christos Tachtatzis, Pavel Herout
Summary: Contemporary IoT systems face reliability issues due to limited and unstable network connectivity. A new specialized path-based technique is proposed to test IoT processes influenced by limited network connectivity. The technique employs two coverage criteria and two algorithms to generate test cases. Compared to standard path-based testing, the proposed approach achieves higher efficiency. To obtain the best test set, a portfolio strategy combining all algorithms is recommended.
INTERNET OF THINGS
(2023)