Article
Chemistry, Multidisciplinary
Jonghoo Han, Wooguil Pak
Summary: This study analyzes the accurate intrusion detection performance by adjusting the amount of information used as features and suggests using the entire packet data for maximum detection rate. However, existing NIDSs are limited by the excessive number of features, leading to unrealistic training and slow classification speeds. The proposed NIDS utilizes hierarchical long short-term memory to effectively handle the entire packet information and achieve higher detection accuracy.
APPLIED SCIENCES-BASEL
(2023)
Article
Computer Science, Information Systems
Yanze Qu, Hailong Ma, Yiming Jiang, Youjun Bu
Summary: In this paper, a network intrusion detection method based on domain confusion is proposed to improve the migration performance of deep learning models. It utilizes a domain confusion network for feature transformation, mapping traffic data in different network environments to the same feature space. Experiment results demonstrate that the proposed method achieves comparable or even better detection performance compared to traditional models, and shows better migration performance in different network environments.
Article
Computer Science, Artificial Intelligence
Meryem Janati Idrissi, Hamza Alami, Abdelkader El Mahdaouy, Abdellah El Mekki, Soufiane Oualil, Zakaria Yartaoui, Ismail Berrada
Summary: With the increased adoption of computer networks and interconnected systems, cybersecurity has become a major concern for organizations of all sizes. Centralized machine learning-based Anomaly Detection (AD) methods have shown promise in improving Network Intrusion Detection Systems (NIDS), but new challenges such as privacy concerns and regulatory restrictions need to be addressed. Federated Learning (FL) offers a solution by allowing distributed clients to collaboratively train a shared model while preserving data privacy. In this paper, we propose Fed-ANIDS, a NIDS that uses AD and FL to address privacy concerns associated with centralized models. We evaluate Fed-ANIDS using various settings and datasets, demonstrating its effectiveness and ability to preserve data privacy.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Tianqi Yu, Jianling Hu, Jianfeng Yang
Summary: The Internet of Vehicles (IoV) enables intelligent services for intelligent connected vehicles (ICVs), but the increasing number of communication interfaces in ICVs poses challenges of network intrusions. The lack of security and privacy protection in in-vehicle communication protocols like CAN has made it necessary to propose an intrusion-detection method based on features extracted from the arbitration identifier (ID) field of CAN messages. The method extracts a frame of streaming CAN messages using a sliding window, defines the weighted self-information of the CAN message ID, and uses a lightweight one-class classifier (LOF) to detect malicious network intrusion attacks.
Article
Computer Science, Artificial Intelligence
Hesamodin Mohammadian, Ali A. Ghorbani, Arash Habibi Lashkari
Summary: Intrusion detection systems play a crucial role in defending networks against security threats. Deep neural networks have shown excellent performance in intrusion detection, but they are vulnerable to adversarial attacks. This paper proposes a new approach using Jacobian Saliency Map to generate adversarial examples for deep learning-based malicious network activity classification. The experiments demonstrate that the proposed method achieves better performance with fewer features compared to other attacks.
APPLIED SOFT COMPUTING
(2023)
Article
Computer Science, Artificial Intelligence
Jialiang Xie, Honghui Wang, Jonathan M. Garibaldi, Dongrui Wu
Summary: This article proposes a network intrusion-detection algorithm based on dynamic intuitionistic fuzzy sets, which can effectively detect and analyze abnormal network behavior. Experimental results show that the proposed algorithm outperforms other algorithms in terms of classification performance on classic network intrusion datasets.
IEEE TRANSACTIONS ON FUZZY SYSTEMS
(2022)
Article
Chemistry, Analytical
Sahba Baniasadi, Omid Rostami, Diego Martin, Mehrdad Kaveh
Summary: The Internet of Things (IoT) has become a crucial concept in our modern life. However, ensuring its security remains a significant challenge worldwide. This paper introduces a novel deep learning-based algorithm to improve the accuracy and performance of network intrusion detection, addressing the key issue in IoT security.
Article
Computer Science, Theory & Methods
Taehoon Kim, Wooguil Pak
Summary: This study proposes a machine-learning-based network intrusion detection system that achieves real-time intrusion detection and high scalability through deferred decision and cumulative feature packet integration classifiers.
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
(2022)
Article
Computer Science, Information Systems
Farah Jemili
Summary: Intelligent intrusion detection system is a promising technique for securing computer networks due to the rapid evolution of attacks and network growth. Individual classification methods have proven to be inefficient in providing good detection rates and reducing false alarm rates. In this study, a hybrid approach based on the stacking scheme is proposed, which combines the strengths of neuro-fuzzy and genetic-fuzzy methods to maximize detection rates and reduce false alarm rates effectively.
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS
(2023)
Article
Computer Science, Hardware & Architecture
Ming Yan, Yewang Chen, Xiaoliang Hu, Dongdong Cheng, Yi Chen, Jixiang Du
Summary: Intrusion detection is crucial for cloud computing security, and using the improved DPeak algorithm can better handle data imbalance and anomalies, resulting in higher accuracy.
JOURNAL OF SYSTEMS ARCHITECTURE
(2021)
Article
Computer Science, Information Systems
Giovanni Apruzzese, Luca Pajola, Mauro Conti
Summary: Enhancing Network Intrusion Detection Systems (NIDS) with supervised Machine Learning (ML) is difficult due to the need for labeled data. We propose using existing labeled data for cross-evaluations of ML-NIDS to discover unknown qualities. We introduce the first cross-evaluation model and framework, demonstrating the potential and risks of cross-evaluations.
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT
(2022)
Article
Computer Science, Hardware & Architecture
Yingshu Wang, Jian Ding, Xiaomeng He, Qian Wei, Shu Yuan, Jun Zhang
Summary: To ensure the security of UAV networks, an intrusion detection method based on DDPM is proposed in this paper, which can identify normal and abnormal data packets to protect the network. By using an unsupervised reconstruction error method, a large amount of annotations is reduced. The experimental results show that the proposed method can effectively achieve network intrusion detection.
MOBILE NETWORKS & APPLICATIONS
(2023)
Article
Computer Science, Theory & Methods
Sampath Rajapaksha, Harsha Kalutarage, M. Omar Al-Kadri, Andrei Petrovski, Garikayi Madzudzo, Madeline Cheah
Summary: This article surveys AI-based in-vehicle intrusion detection systems (IDSs) from 2016 to 2022 (August) with a novel taxonomy. It reviews the detection techniques, attack types, features, and benchmark datasets. Furthermore, the article discusses the security of AI models, necessary steps to develop AI-based IDSs in the Controller Area Network (CAN) bus, identifies the limitations of existing proposals, and gives recommendations for future research directions.
ACM COMPUTING SURVEYS
(2023)
Article
Multidisciplinary Sciences
Ebtihaj Alshahrani, Daniyal Alghazzawi, Reem Alotaibi, Osama Rabie
Summary: The research conducted experiments on adversarial machine learning, indicating that evasion attacks had a significant impact on the accuracy of machine learning-based network intrusion detection systems.
Article
Computer Science, Information Systems
Alireza Dehlaghi-Ghadim, Mahshid Helali Moghadam, Ali Balador, Hans Hansson
Summary: Industrial Control Systems (ICS) have become increasingly vulnerable to cyberattacks due to their connection to the internet. Using Machine Learning (ML) for Intrusion Detection Systems (IDS) is a promising approach for ICS cyber protection, but the lack of suitable datasets for evaluating ML algorithms is a challenge. This paper introduces the 'ICS-Flow' dataset, which provides network data and process state variables logs for supervised and unsupervised ML-based IDS assessment. The dataset includes normal and anomalous network packets and flows captured from simulated ICS components and emulated networks, allowing for effective training of intrusion detection ML models.
Article
Multidisciplinary Sciences
Camila Pontes, Miguel Andrade, Jose Fiorote, Werner Treptow
Summary: The problem of finding the correct set of partners for a given pair of interacting protein families based on multi-sequence alignments has been a challenge, with a genetic algorithm and machine learning classification algorithm offering solutions with higher true positive rates.
SCIENTIFIC REPORTS
(2021)
Article
Engineering, Electrical & Electronic
Jonathan M. DeAlmeida, Luiz A. DaSilva, Cristiano B. Both, Celia G. Ralha, Marcelo A. Marotta
IEEE VEHICULAR TECHNOLOGY MAGAZINE
(2021)
Article
Biochemistry & Molecular Biology
Victoria Ruiz-Serra, Camila Pontes, Edoardo Milanetti, Andriy Kryshtafovych, Rosalba Lepore, Alfonso Valencia
Summary: The study evaluated the performance of groups in intramolecular residue-residue contact and distance predictions in the 14th round of the CASP experiment. The results showed that predictions by the tFold framework, TripletRes, and DeepPotential were the most accurate in both categories. Additionally, there was no discernible difference in contact prediction performance compared to CASP13, possibly due to the increased difficulty of the CASP14 FM targets.
PROTEINS-STRUCTURE FUNCTION AND BIOINFORMATICS
(2021)
Article
Computer Science, Information Systems
Jonathan M. DeAlmeida, Camila F. T. Pontes, Luiz A. DaSilva, Cristiano B. Both, Joao J. C. Gondim, Celia G. Ralha, Marcelo A. Marotta
Summary: Abnormal behavior in mobile cellular networks can lead to network faults and cell outages, causing operational cost increase and revenue loss for operators. Monitoring and quantifying abnormal behavior is important for self-healing control, infrastructure updates, and public policy creation. Using a unsupervised learning solution for anomaly detection in mobile networks can improve performance and consider diverse geographic traffic patterns often overlooked in existing literature.
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT
(2021)
Article
Computer Science, Information Systems
Emerson de O. Antunes, Marcos F. Caetano, Marcelo A. Marotta, Aleteia Araujo, Lucas Bondan, Rodolfo Meneguette, Geraldo P. Rocha Filho
Summary: This work proposes a solution to the maximal covering location problem for the Mobile Operations Coordination Center (CCOp Mv) in order to improve operational command support for the Brazilian Army. The proposed analytical modeling and optimization solutions, E-ALLOCATOR and M-ALLOCATOR, demonstrate efficiencies in terms of quality and resource savings. E-ALLOCATOR is suitable for low network workload, while M-ALLOCATOR is suitable for high workload scenarios, providing nearly optimal solutions within adequate computational time.
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT
(2022)
Article
Computer Science, Information Systems
Rafael Bruno Peccatiello, Joao Jose Costa Gondim, Luis Paulo Faina Garcia
Summary: An insider threat refers to individuals who have legitimate access to an organization's network and use it to harm the organization. Their actions can be intentional or unintentional, and they are usually motivated by personal discontent, financial issues, or coercion. Traditional security solutions are not effective against insider threats, leading researchers to propose the use of Machine Learning to address this issue. Batch learning and stream learning approaches have been used, with stream approaches being more comprehensive and feasible. This study proposes a framework that combines different data science techniques, such as semi-supervised and supervised machine learning, data stream analysis, and periodic retraining procedures. The ISOF algorithm achieved the best results in terms of recall for both the positive and negative class.
Proceedings Paper
Computer Science, Information Systems
Daniele A. G. Lopes, Marcelo A. Marotta, Marcelo Ladeira, Joao J. C. Gondim
Summary: This article explores the mechanism of botnet detection based on network flow behavior and proposes a new technique called EFC which uses inverse statistics to detect anomalies. The experimental results show that EFC is more stable compared to other traditional algorithms.
2022 17TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI)
(2022)
Proceedings Paper
Computer Science, Information Systems
Thiago Melo Stuckert do Amaral, Joao Jose Costa Gondim
Summary: The use of a Zero Trust architecture in a cyber supply chain can enhance security by revising trust in all relationships and assuming the presence of internal threats. This study contributes to the improvement of cyber supply chain security by proposing security controls organization, providing a control checklist, and suggesting ways to visualize the results.
2021 WORKSHOP ON COMMUNICATION NETWORKS AND POWER SYSTEMS (WCNPS)
(2021)
Proceedings Paper
Computer Science, Information Systems
Mateus B. S. Terra, Joao J. C. Gondim
Summary: With the expansion of the Internet, cyber threats have increased significantly, with Advanced Persistent Threats (APTs) and rootkits being among the main threats. Researchers have proposed the MADEX architecture and NERD, achieving good results in detecting rootkits obfuscating network traffic.
2021 WORKSHOP ON COMMUNICATION NETWORKS AND POWER SYSTEMS (WCNPS)
(2021)
Article
Biochemistry & Molecular Biology
Camila Pontes, Victoria Ruiz-Serra, Rosalba Lepore, Alfonso Valencia
Summary: The recent emergence of SARS-CoV-2 has led to a global public health crisis, and analysis of conservation patterns in the beta-CoV spike protein family can provide valuable insights into the specificity of the virus to different host cell receptors.
COMPUTATIONAL AND STRUCTURAL BIOTECHNOLOGY JOURNAL
(2021)