Article
Computer Science, Information Systems
Lianming Zhang, Xiaowei Xie, Kai Xiao, Wenji Bai, Kui Liu, Pingping Dong
Summary: In this paper, a novel network model named the mutual adversarial network (MAN) is proposed for network intrusion detection. It utilizes mutual adversarial training to learn the data distribution of normal traffic samples and identifies anomalies based on residual values. The high anomaly suppression (HAS) determination mechanism is devised to suppress the effect of noisy data. The proposed MANomaly framework combines MAN with the HAS determination mechanism for semi-supervised reconstruction anomaly detection. Experimental results demonstrate excellent performance using only a small portion of normal training data.
INFORMATION SCIENCES
(2022)
Article
Multidisciplinary Sciences
Yasmeen Alslman, Mouhammd Alkasassbeh, Mohammad Almseidin
Summary: With the increase in cyber security attacks, organizations tend to use an intrusion detection system (IDS) based on machine learning. This paper proposes a new defense approach based on denoising auto-encoder (DAE) to protect IDS from adversarial attacks. Experimental results show that the proposed defense mechanism effectively mitigates adversarial attacks.
ARABIAN JOURNAL FOR SCIENCE AND ENGINEERING
(2023)
Article
Computer Science, Artificial Intelligence
Yong Chen, Xu Wang, Peng Hu, Dezhong Peng
Summary: In this paper, a novel attack method called MagicGAN is proposed to enhance the transferability of adversarial samples and generate high-quality distributions close to adversarial data. The effectiveness and superiority of the proposed method are extensively validated across multiple datasets.
KNOWLEDGE-BASED SYSTEMS
(2022)
Article
Multidisciplinary Sciences
Ebtihaj Alshahrani, Daniyal Alghazzawi, Reem Alotaibi, Osama Rabie
Summary: The research conducted experiments on adversarial machine learning, indicating that evasion attacks had a significant impact on the accuracy of machine learning-based network intrusion detection systems.
Article
Engineering, Electrical & Electronic
Rituraj Singh, Anikeit Sethi, Krishanu Saini, Sumeet Saurav, Aruna Tiwari, Sanjay Singh
Summary: The most crucial and difficult challenge in intelligent video surveillance is to identify anomalies in a video. This study proposes a method using augmented latent discriminator GAN for video anomaly detection, which significantly improves the anomaly discrimination capability.
SIGNAL IMAGE AND VIDEO PROCESSING
(2023)
Article
Automation & Control Systems
Arun Kumar Ramamoorthy, K. Karuppasamy
Summary: The study develops a novel hybrid model that combines fuzzy genetic algorithms with increment import vector machines (FGA-I2VM), which achieves high detecting accuracy and low false alarm rates in handling large amounts of network data. Pre-processing and feature selection are crucial steps in the model. Using FGA for training and optimization, combined with information gain, improves the speed and accuracy of the model.
INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL
(2022)
Article
Computer Science, Hardware & Architecture
Tzong-Jye Liu
Summary: This paper studies adversarial attacks on network intrusion detection systems (IDSs) based on deep or machine learning algorithms. It proposes the concept of flow containers to model packets in a flow and introduces a generative adversarial network framework with dual adversarial training to produce adversarial flow containers. The experiments on different datasets show that the proposed adversarial examples have the highest evasion rates among all tested classifiers.
Article
Automation & Control Systems
Seonghoon Jeong, Huy Kang Kim, Mee Lan Han, Byung Il Kwak
Summary: This article proposes AERO, an automotive Ethernet real-time observer, for protecting in-vehicle networks. AERO can analyze automotive Ethernet traffic and detect anomalies, achieving high detection performance for different types of attacks.
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS
(2023)
Article
Computer Science, Information Systems
C. H. Sekhar, K. Venkata Rao, M. H. M. Krishna Prasad
Summary: With the rapid development of network technology, network security has become a major concern. Intrusion detection systems play a crucial role in preventing unwanted traffic entering networks and computer systems. However, the existing models for detecting DDoS attacks do not address the misclassification of data during transmission. Therefore, a novel classification method has been proposed, called DDoS attack Over Flash Crowd Using Cross GAN (XGAN), which enhances the detection accuracy by utilizing wrapper-based feature selection ensemble and a Cross Generative Adversarial Network (XGAN) to mimic both flash crowd and DDoS attacks.
MULTIMEDIA TOOLS AND APPLICATIONS
(2023)
Article
Engineering, Electrical & Electronic
Haodong Lu, Miao Du, Kai Qian, Xiaoming He, Kun Wang
Summary: This paper proposes a framework for detecting anomalies in industrial robotic sensors, and improves the detection accuracy by using an improved GANs to generate fake anomaly samples. The effectiveness of the framework is demonstrated through extensive experiments.
IEEE SENSORS JOURNAL
(2022)
Article
Computer Science, Theory & Methods
Matheus P. Novaes, Luiz F. Carvalho, Jaime Lloret, Mario Lemes Proenca
Summary: SDN is an emerging architecture for future networks, but centralized control logic can be vulnerable to DDoS attacks. This study proposes a detection and defense system based on Adversarial training in SDN, effectively detecting and mitigating DDoS attacks.
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE
(2021)
Article
Computer Science, Information Systems
Irfan Ali Kandhro, Sultan M. M. Alanazi, Fayyaz Ali, Asadullah Kehar, Kanwal Fatima, Mueen Uddin, Shankar Karuppayah
Summary: Computer viruses, malicious attacks, and other hostiles can harm computer networks. Intrusion detection is crucial for network security and as an active defense technology. Traditional systems face challenges such as poor accuracy, ineffective detection, high false positives, and an inability to handle new intrusions. To address these issues, we propose a deep learning-based method to detect vulnerabilities and breaches in cyber-physical systems.
Article
Computer Science, Hardware & Architecture
Pynbianglut Hadem, Dilip Kumar Saikia, Soumen Moulik
Summary: This paper introduces a SDN-based IDS system with SVM and Selective Logging for efficient intrusion detection and IP traceback. By detecting anomalous traffic in real time at the controller and selectively logging packets, the system achieves high detection accuracy and significant savings in terms of memory resources.
Article
Chemistry, Multidisciplinary
Liyan Xu, Kang Xu, Yinchuan Qin, Yixuan Li, Xingting Huang, Zhicheng Lin, Ning Ye, Xuechun Ji
Summary: This paper proposes a new method, Transformer-based GAN for Anomaly Detection of Time Series Data (TGAN-AD), which calculates anomaly scores through the generator and discriminator. Comprehensive experiments on three public datasets demonstrate that TGAN-AD outperforms existing techniques in anomaly detection, achieving the highest Recall and F1 values. The experiments also confirm the high efficiency of the model and the feasibility of optimizing hyperparameters.
APPLIED SCIENCES-BASEL
(2022)
Article
Telecommunications
Mahmoud Said El Sayed, Nhien-An Le-Khac, Marianne A. Azer, Anca D. Jurcut
Summary: Software Defined Networking (SDN) is an emerging network platform that enables centralised network management. However, it also brings new security concerns, such as Distributed Denial of Service (DDoS) attacks. This paper proposes using feature selection methods and deep learning techniques to tackle DDoS attacks in SDN networks.
IEEE TRANSACTIONS ON COGNITIVE COMMUNICATIONS AND NETWORKING
(2022)
Article
Computer Science, Information Systems
Phan The Duy, Hien Do Hoang, Do Thi Thu Hien, Anh Gia-Tuan Nguyen, Van-Hau Pham
Summary: Software-Defined Network (SDN) is a network architecture that separates the control plane and data plane, providing orchestration features. While it brings benefits, SDN is vulnerable to attacks. To address this, we introduce B-DAC, a blockchain-based framework for decentralized authentication and fine-grained access control to protect network resources.
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
(2022)
Article
Computer Science, Information Systems
Phan The Duy, Nghi Hoang Khoa, Do Thi Thu Hien, Hien Do Hoang, Van-Hau Pham
Summary: Software Defined Networking (SDN) is used as the key technology to program and coordinate security policies in security operations centers (SOCs) for diverse networks. However, machine learning-based intrusion detection systems (ML-IDS) associated with SDN are susceptible to adversarial attacks due to the lack of diverse malicious records in the training dataset. This study explores the use of Wasserstein Generative Adversarial Networks (WGAN-GP), WGAN-GP with the two timescale update rule (WGAN-GP TTUR), and AdvGAN to generate perturbed attack samples for bypassing attack detectors and improving the resilience of ML-based IDSs in SDN.
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Phan The Duy, Nguyen Huu Quyen, Nghi Hoang Khoa, Tuan-Dung Tran, Van-Hau Pham
Summary: In the development of the Industrial Internet of Things (IIoT), cyber threats and attacks have become major concerns. Lack of threat intelligence sharing due to privacy and transparency issues hinders the uncovering of malicious actors. This paper proposes a blockchain and federated learning-based framework, FedChain-Hunter, to address these challenges and ensure security, reliability, and privacy.
INTERNET OF THINGS
(2023)
Proceedings Paper
Computer Science, Information Systems
Nguyen Huu Quyen, Phan The Duy, Nguyen Chi Vy, Do Thi Thu Hien, Van-Hau Pham
Summary: This paper introduces a federated IDS approach using Generative Adversarial Networks (GANs) and Reinforcement Learning (RL) to handle non-independent and identically distributed data in organizational networks. The imbalanced data classes are addressed through GAN-based data augmentation, while RL improves the client choosing process for federated IDS model training. Experimental results on the Kitsune dataset demonstrate that this approach facilitates collaboration between data holders to build more effective IDS systems with distinguished data distribution.
INFORMATION SECURITY PRACTICE AND EXPERIENCE, ISPEC 2022
(2022)
Proceedings Paper
Computer Science, Information Systems
Cao Phan Xuan Qui, Dang Hong Quang, Phan The Duy, Do Thi Thu Hien, Van-Hau Pham
Summary: A framework that generates data flow of cyberattacks capable of bypassing machine learning-based intrusion detection systems (ML-IDS) was proposed to improve the IDS's capability in detecting sophisticated attacks. By generating data flows to retrain ML-IDS, the framework enhances the robustness of IDS against attacks. Experimental results show that this method effectively improves the performance of IDS in detecting malicious attacks.
2021 RIVF INTERNATIONAL CONFERENCE ON COMPUTING AND COMMUNICATION TECHNOLOGIES (RIVF 2021)
(2021)
Proceedings Paper
Computer Science, Artificial Intelligence
Hien Do Hoang, Do Thi Thu Hien, Thach Canh Nhut, Phan Dang True Quyen, Phan The Duy, Van-Hau Pham
Summary: As the demand for personal healthcare record exchange between EMR systems and patients grows, efforts to improve quality, safety, privacy and efficiency in healthcare information delivery are notable. Issues such as fragmented communication and lack of interoperability in EMR systems pose challenges for healthcare professionals, hospitals, clinics, and patients. Blockchain technology can ensure trust, security, and privacy of individual data in the digital world.
2021 IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLIED NETWORK TECHNOLOGIES (ICMLANT II)
(2021)
Proceedings Paper
Computer Science, Artificial Intelligence
Trinh Nguyen Bac, Phan The Duy, Van-Hau Pham
Summary: In recent years, there has been a significant increase in phishing attacks on the Internet, with attackers using increasingly sophisticated techniques to bypass traditional defense solutions. Research has developed solutions and software products to enhance the ability to detect phishing attacks using machine learning and deep learning algorithms. A model based on generative adversarial network (GAN) was built to evade and bypass ML-based phishing detectors, demonstrating the effectiveness of GAN in creating new patterns that can deceive these detectors.
2021 IEEE INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLIED NETWORK TECHNOLOGIES (ICMLANT II)
(2021)
Proceedings Paper
Computer Science, Interdisciplinary Applications
Nghi Hoang Khoa, Phan The Duy, Hien Do Hoang, Do Thi Thu Hien, Van-Hau Pham
2020 RIVF INTERNATIONAL CONFERENCE ON COMPUTING & COMMUNICATION TECHNOLOGIES (RIVF 2020)
(2020)
Proceedings Paper
Computer Science, Theory & Methods
Phan The Duy, Hien Do Hoang, Do Thi Thu Hien, Nguyen Ba Khanh, Van-Hau Pham
PROCEEDINGS OF 2019 6TH NATIONAL FOUNDATION FOR SCIENCE AND TECHNOLOGY DEVELOPMENT (NAFOSTED) CONFERENCE ON INFORMATION AND COMPUTER SCIENCE (NICS)
(2019)
Proceedings Paper
Computer Science, Theory & Methods
Hien Do Hoang, Phan The Duy, Van-Hau Pham
SOICT 2019: PROCEEDINGS OF THE TENTH INTERNATIONAL SYMPOSIUM ON INFORMATION AND COMMUNICATION TECHNOLOGY
(2019)
Article
Computer Science, Information Systems
Kashan Ahmed, Syed Khaldoon Khurshid, Sadaf Hina
Summary: This paper mainly introduces the construction of the cyber threat intelligence knowledge graph and the information extraction technique. By using joint extraction technique, it solves the problem of traditional techniques becoming ineffective due to the increasing size of CTI data. Experimental results show that this technique outperforms state-of-the-art models in knowledge triple extraction on CTI data and improves the F1 score.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Xinlong He, Yang Xu, Sicong Zhang, Weida Xu, Jiale Yan
Summary: This paper proposes a new membership inference attack method in federated learning, which utilizes data poisoning and sequence prediction confidence. The attack is effective and results in minimal overall model performance degradation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wonwoo Choi, Minjae Seo, Seongman Lee, Brent Byunghoon Kang
Summary: This paper proposes SUM, a backward-edge control flow protection scheme for ARM Cortex-M processors. It combines MPU and the overlooked hardware feature FaultMask to achieve efficient and robust protection. The empirical evaluation shows minimal runtime overhead for the proposed solution.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Liliana Ribeiro, Ines Sousa Guedes, Carla Sofia Cardoso
Summary: Phishing susceptibility is influenced by individual and contextual factors. The study found that individuals who perceive themselves as capable of detecting phishing and those who use online services more frequently are more susceptible to phishing. However, technology competencies and other individual variables do not predict phishing susceptibility.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wenjie Wang, Yuanhai Shao, Yiju Wang
Summary: In this paper, we investigate the adversarial perturbations of twin support vector machines (TWSVMs) and propose an optimization framework, which provides explicit solutions to increase the interpretability of the conclusion and convenience for calculation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Snofy D. Dunston, V. Mary Anita Rajam
Summary: This paper proposes a novel adversarial attack technique that can synthesize adversarial images to mislead deep learning models, and also studies interpretability plots. The research findings show that the proposed attack technique influences the interpretability plots, regardless of the success of the attack.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Junchen Li, Guang Cheng, Zongyao Chen, Peng Zhao
Summary: Protocol Reverse Engineering (PRE) is a direct approach for analyzing unknown traffic. This paper proposes a method for clustering unknown traffic based on private protocol labels, and the experimental results demonstrate its advantages on real-world network traffic.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Rafal Kozik, Massimo Ficco, Aleksandra Pawlicka, Marek Pawlicki, Francesco Palmieri, Michal Choras
Summary: The inclusion of Explainability of Artificial Intelligence (xAI) has become a mandatory requirement for designing and implementing reliable, interpretable, and ethical AI solutions. However, it has been shown that xAI can enable successful adversarial attacks in the domain of fake news detection, leading to a decrease in AI security. This paper presents an attack scheme that uses an explainable solution to reshape the structure of the original message, allowing the adversary to manipulate the model's prediction while keeping the message's meaning intact.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Benyuan Yang, Lili Luo, Zhimeng Wang
Summary: Interoperation is widely used in practical industrial applications, but merging local access control policies may lead to security violations. Dealing with these issues in a multidomain environment is critical, but finding the maximum secure interoperation among individual systems poses a challenge due to the large number of entities and access involved.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Binghui Zou, Chunjie Cao, Longjuan Wang, Sizheng Fu, Tonghua Qiao, Jingzhang Sun
Summary: The ongoing struggle between security researchers and malware has led to the exploration of using convolutional neural networks and capsule networks for classification and identification of malware. However, training these networks requires a significant amount of data and parameters, and the research on capsule networks is still in its early stages, posing challenges.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Hongsong Chen, Xingyu Li, Wenmao Liu
Summary: Multivariate time-series anomaly detection is crucial for maintaining normal operation of physical equipment. Recent advances have been made in this field, but two challenges have limited the model's ability to generalize. To address these challenges, a multivariate time-series anomaly detection model consisting of a characterization network and a forecasting network is proposed. Experimental results demonstrate that this method outperforms baseline methods in terms of detection performance and robustness.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Roberto Doriguzzi-Corin, Domenico Siracusa
Summary: This paper discusses the application of federated learning in the field of cybersecurity and proposes an adaptive mechanism-based federated learning solution for DDoS attack detection in dynamic cybersecurity scenarios. Through experiments, it is demonstrated that the proposed solution outperforms state-of-the-art federated learning algorithms in terms of convergence time and accuracy.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Antonio Giovanni Schiavone
Summary: The usage of HTTPS protocol is crucial for secure communication with websites, ensuring the confidentiality, integrity, and authenticity of online data transmissions. The Municipality2HTTPS research project analyzed the implementation of HTTPS in Italian municipalities' websites and identified areas for improvement.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Domna Bilika, Nikoletta Michopoulou, Efthimios Alepis, Constantinos Patsakis
Summary: Voice Assistants (VAs) are widely used in smart devices, but are vulnerable to attacks, as shown by experiments with popular VAs revealing successful attack rates exceeding 30% and statistical variations among vendors, calling for additional countermeasures to protect user information.
COMPUTERS & SECURITY
(2024)
