Article
Computer Science, Information Systems
Sohrab Mokhtari, Alireza Abbaspour, Kang K. Yen, Arman Sargolzaei
Summary: The study proposed a novel solution called MIDS based on measurement data in the SCADA system, to detect abnormal activities in industrial control systems effectively even if attackers try to conceal them in the system's control layer. The supervised machine learning model, tested on a HIL testbed with various machine learning algorithms, demonstrated that random forest performed better in detecting anomalies.
Review
Computer Science, Information Systems
Shaashwat Agrawal, Sagnik Sarkar, Ons Aouedi, Gokul Yenduri, Kandaraj Piamrat, Mamoun Alazab, Sweta Bhattacharya, Praveen Kumar Reddy Maddikunta, Thippa Reddy Gadekallu
Summary: The rapid development of the Internet and smart devices has led to a surge in network traffic, making the infrastructure more complex and heterogeneous. The predominant usage of mobile phones, wearable devices, and autonomous vehicles generates a huge amount of data every day. Intrusion detection systems play a significant role in ensuring the security and privacy of these devices. Machine Learning and Deep Learning with Intrusion Detection Systems have gained momentum due to their high classification accuracy. However, the need to store and communicate data to a centralized server potentially compromises privacy and security. On the other hand, Federated Learning provides a privacy-preserving decentralized learning technique that trains models locally and transfers parameters to the centralized server. This paper aims to provide a comprehensive review of the use of Federated Learning in intrusion detection systems, discussing various types of IDS, relevant ML approaches, and associated issues. The paper also presents a detailed overview of the implementation of Federated Learning in anomaly detection and identifies the challenges and potential solutions for future research.
COMPUTER COMMUNICATIONS
(2022)
Review
Computer Science, Information Systems
Ayesha S. Dina, D. Manivannan
Summary: Intrusions in computer networks have been on the rise in the past decade, leading researchers to propose signature-based and anomaly-based intrusion detection methods, with Machine Learning techniques playing a key role. This paper provides a comprehensive critical survey of ML-based intrusion detection approaches in the literature over the last ten years, highlighting some open issues for future research.
INTERNET OF THINGS
(2021)
Article
Chemistry, Analytical
Saeid Sheikhi, Panos Kostakos
Summary: In this paper, a new intrusion detection model is proposed that utilizes a genetic algorithm and optimization algorithms for training and testing on the NSL-KDD dataset. The results demonstrate improved detection capability and accuracy compared to other techniques.
Article
Chemistry, Analytical
Shumon Alam, Yasin Alam, Suxia Cui, Cajetan Akujuobi
Summary: Cybersecurity is a critical issue in today's internet world. Classical security systems are unable to detect sophisticated zero-day attacks, making machine learning-based solutions more attractive. However, meaningful and realistic network datasets are necessary to develop an ML-based anomaly detection system. Existing public network datasets have limitations in terms of data creation process and lack of diverse attack scenarios. This work has created realistic network datasets with various attack scenarios and diverse background traffic, and compared the performance of different ML algorithms in detecting anomaly traffic. The CNN-Pseudo-AE algorithm shows promising performance compared to classical supervised algorithms.
Article
Chemistry, Multidisciplinary
Helmut Neuschmied, Martin Winter, Branka Stojanovic, Katharina Hofer-Schmitz, Josip Bozic, Ulrike Kleb
Summary: In the face of emerging technological achievements, cyber security remains a significant issue. This paper focuses on the detection of advanced-persistent-threat (APT) attacks in network systems using machine-learning algorithms such as autoencoders. Experimental evaluation shows promising results, indicating the plausibility of features and the performance of applied algorithms. Suggestions for improvements in the anomaly detector are provided.
APPLIED SCIENCES-BASEL
(2022)
Article
Computer Science, Information Systems
Irfan Ali Kandhro, Sultan M. M. Alanazi, Fayyaz Ali, Asadullah Kehar, Kanwal Fatima, Mueen Uddin, Shankar Karuppayah
Summary: Computer viruses, malicious attacks, and other hostiles can harm computer networks. Intrusion detection is crucial for network security and as an active defense technology. Traditional systems face challenges such as poor accuracy, ineffective detection, high false positives, and an inability to handle new intrusions. To address these issues, we propose a deep learning-based method to detect vulnerabilities and breaches in cyber-physical systems.
Article
Computer Science, Information Systems
Laurens Le Jeune, Toon Goedeme, Nele Mentens
Summary: Network intrusion detection systems are essential for protecting advanced communication networks. Machine learning algorithms and two new evaluation metrics have been proposed to improve performance and reliability. A workflow for converting raw packet flows into machine learning features allows for quick comparison of algorithms across different datasets.
Article
Computer Science, Hardware & Architecture
Daniel Spiekermann, Joerg Keller
Summary: The vast number of network packets and high speed of transmissions in modern networks hinder the implementation of successful IT security mechanisms. Virtual networks create highly dynamic environments, complicating network forensic investigation. Machine learning offers faster and more precise techniques but faces challenges in highly dynamic virtual network environments.
Article
Mathematics
Oleg Gorokhov, Mikhail Petrovskiy, Igor Mashechkin, Maria Kazachuk
Summary: In this paper, a new robust approach based on a convolutional autoencoder using fuzzy clustering is proposed to address the cybersecurity and reliability issues in computer systems. Compared to existing methods, this approach is more efficient in feature extraction and handling outliers.
Article
Multidisciplinary Sciences
Adeel Abbas, Muazzam A. Khan, Shahid Latif, Maria Ajaz, Awais Aziz Shah, Jawad Ahmad
Summary: The IoT domain has evolved significantly in recent years, transforming human lives through automation of daily tasks. In response to the increasing cyber threats in IoT networks, there is a need to enhance intrusion detection systems. This study proposes an ensemble-based intrusion detection model leveraging machine learning techniques, which shows significant improvements in performance compared to existing models.
ARABIAN JOURNAL FOR SCIENCE AND ENGINEERING
(2022)
Article
Computer Science, Information Systems
Faris Alasmary, Sulaiman Alraddadi, Saad Al-Ahmadi, Jalal Al-Muhtadi
Summary: This paper presents a solution to protect IoT devices from DDoS attacks, consisting of an IoT node detector and a server detector. By utilizing ShieldRNN for training and prediction, an accurate server detector is developed and its superiority is demonstrated on the dataset.
Article
Computer Science, Artificial Intelligence
Sultan Zavrak, Murat Iskefiyeli
Summary: In this study, we propose and implement the SAnDet architecture, an anomaly-based intrusion detection system using SDN. We utilize replicator neural networks (RNN) and the LSTM-based encoder-decoder (EncDecAD) method to identify unknown attacks. Experimental results show that EncDecAD outperforms RNN and our approach offers several benefits.
NEURAL COMPUTING & APPLICATIONS
(2023)
Article
Computer Science, Artificial Intelligence
Yakubu Imrana, Yanping Xiang, Liaqat Ali, Zaharawu Abdul-Rauf
Summary: With the increase in computer networks and internet attacks, there is a growing concern among service providers, leading to the development of intrusion detection systems (IDSs); while previous IDSs have aided in detecting network attacks, they often have high false alarm rates and struggle to identify different attack types; as a solution, a BiDLSTM-based IDS is proposed, which outperforms traditional LSTM and other models in terms of accuracy and effectively addresses the challenges presented by U2R and R2L attacks.
EXPERT SYSTEMS WITH APPLICATIONS
(2021)
Review
Computer Science, Information Systems
Jan Lansky, Saqib Ali, Mokhtar Mohammadi, Mohammed Kamal Majeed, Sarkhel H. Taher Karim, Shima Rashidi, Mehdi Hosseinzadeh, Amir Masoud Rahmani
Summary: The article discusses the application of deep learning in intrusion detection systems to enhance their performance, including classification and implementation of different deep learning methods, as well as an introduction and analysis of relevant concepts and frameworks.