Article
Computer Science, Hardware & Architecture
Eirik Molde Barli, Anis Yazidi, Enrique Herrera Viedma, Harek Haugerud
Summary: This paper explores the potential of using Variational Autoencoders in an intelligent security solution to differentiate between normal and malicious traffic, proposing two methods to combat DoS and DDoS attacks. Test results show that the classifier-based method is slightly superior to the anomaly-based method.
Article
Computer Science, Information Systems
Umar Islam, Abdullah Al-Atawi, Hathal Salamah Alwageed, Muhammad Ahsan, Fuad A. Awwad, Mohamed R. Abonazel
Summary: M-DoS attacks aim to exhaust system memory resources and render it unavailable to legitimate users, particularly in cloud computing environments. Detecting and mitigating such attacks in real-time is challenging due to the difficulty in distinguishing them from legitimate traffic. Signature-based and anomaly-based detection schemes have been proposed for this purpose.
Article
Chemistry, Analytical
Ammar Haydari, Yasin Yilmaz
Summary: In this paper, a novel machine learning approach for intrusion detection and mitigation in vehicular ad-hoc networks (VANET) is proposed. The proposed method utilizes centralized communications through roadside units (RSU) to combat false data injection attacks and distributed denial-of-service (DDoS) attacks. Performance evaluation using a traffic simulator and real traffic dataset demonstrates the superior detection and localization performance of the proposed methods.
Review
Energy & Fuels
Shahid Tufail, Imtiaz Parvez, Shanzeh Batool, Arif Sarwat
Summary: The transition to smart grids is facing challenges in terms of cybersecurity protection due to the vast network coverage and the vulnerability of all levels to cyberattacks. It is crucial to implement security measures at multiple levels to safeguard the integrity and availability of smart grid networks.
Article
Computer Science, Theory & Methods
Tohid Jafarian, Mohammad Masdari, Ali Ghaffari, Kambiz Majidzadeh
Summary: The paper proposes a novel multi-stage modular approach for detecting and mitigating security anomalies in the SDN environment. Experimental results demonstrate that the proposed method outperforms other methods in terms of improving accuracy and detection rate, and reducing classification error and false alarm rate.
Article
Engineering, Multidisciplinary
Rochak Swami, Mayank Dave, Virender Ranga
Summary: Software-defined networking (SDN) is a networking paradigm that focuses on decoupling control logic from the data plane, bringing programmability and flexibility to network management. SDN faces security issues such as control plane exhaustion and switch buffer overflow. This paper presents a defense solution implemented in the SDN controller to detect and mitigate spoofed flooding DDoS attacks using statistical measures and existing SDN capabilities.
DEFENCE TECHNOLOGY
(2023)
Article
Computer Science, Information Systems
Sungho Park, Youngjun Kim, Hyungoo Choi, Yeunwoong Kyung, Jinwoo Park
Summary: HTTP DDoS flooding attack exhausts connection resources of a targeted web server by sending massive amounts of HTTP request packets using botnets, significantly degrading service quality and utilizing network resources unnecessarily. The proposed SDN defense method effectively protects the web server against HTTP DDoS flooding attacks.
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS
(2021)
Article
Computer Science, Hardware & Architecture
Bushra Alhijawi, Sufyan Almajali, Hany Elgala, Haythem Bany Salameh, Moussa Ayyash
Summary: This article reviews and classifies the research efforts on Software-Defined Networking (SDN) and Denial of Service (DoS) attacks. It presents solutions to cope with DoS attacks on SDN and SDN-based solutions to tackle DoS attacks on networks, and provides a detailed comparison among these approaches.
COMPUTERS & ELECTRICAL ENGINEERING
(2022)
Article
Computer Science, Hardware & Architecture
Keval Doshi, Yasin Yilmaz, Suleyman Uludag
Summary: Vulnerabilities in IoT devices pose a dangerous threat to Internet services and cyber-physical systems connected to the Internet. A novel anomaly-based Intrusion Detection System (IDS) is proposed to detect and mitigate emerging DDoS attacks, including the stealthy Mongolian DDoS attack characterized by its widely distributed nature and small attack size per source. The proposed IDS demonstrates capability in detecting and mitigating stealthy DDoS attacks even with very low attack size per source through numerical and testbed experiments.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
(2021)
Article
Automation & Control Systems
Yasin Yilmaz, Suleyman Uludag
Summary: The ongoing changes, updates, and upgrades of the Smart Grid infrastructure are creating new cyber-security challenges, and this paper proposes a mitigation approach called MIAMI-DIL to address these challenges by using an online and nonparametric anomaly detection algorithm to detect and isolate attacks in a timely manner. This approach can effectively protect the Smart Grid system from potential cyber-attacks and ensure its resilience.
JOURNAL OF THE FRANKLIN INSTITUTE-ENGINEERING AND APPLIED MATHEMATICS
(2021)
Article
Automation & Control Systems
Tianyang Cai, Tao Jia, Sridhar Adepu, Yuqi Li, Zheng Yang
Summary: With the widespread innovation of IoT, SDN, and cloud computing, cyber-physical systems (CPSs) have been developed to facilitate daily life and economy. However, the shutdown of critical CPSs and the increasing threat of DDoS attacks pose serious consequences. This article presents an adaptive DDoS attack mitigation scheme called ADAM, which combines information entropy and unsupervised anomaly detection methods to accurately detect and mitigate DDoS attacks. Experimental results show that ADAM has a high accuracy in mitigating DDoS attacks and reduces the false-positive rate compared to similar work.
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS
(2023)
Article
Computer Science, Hardware & Architecture
P. V. Shalini, V. Radha, Sriram G. Sanjeevi
Summary: SDN separates the data plane from the control plane, enabling centralized control and faster data transmission. However, it faces challenges in network security, especially in the detection of DDoS attacks.
Article
Chemistry, Analytical
Francisco Lopes de Caldas Filho, Samuel Carlos Meneses Soares, Elder Oroski, Robson de Oliveira Albuquerque, Rafael Zerbini Alves da Mata, Fabio Lucio Lopes de Mendonca, Rafael Timoteo de Sousa Jr
Summary: This study focuses on mitigating DDoS attacks in corporate local networks by developing a model that operates closer to the attack source. The model utilizes Host Intrusion Detection Systems (HIDS) to identify anomalous behaviors in IoT devices and employs network-based intrusion detection approaches through a Network Intrusion Detection System (NIDS) for comprehensive attack identification. The proposed model integrates NIDS with federated learning, allowing devices to locally analyze their data and contribute to the detection of anomalous traffic.
Article
Computer Science, Artificial Intelligence
Gustavo Frigo Scaranti, Luiz Fernando Carvalho, Sylvio Barbon, Jaime Lloret, Mario Lemes Proenca
Summary: SDN simplifies network management but is vulnerable to flooding attacks. Our proposed IDS based on online clustering detects evolving attacks in SDN networks without the need for labeling or prior knowledge, achieving high accuracy rates.
EXPERT SYSTEMS WITH APPLICATIONS
(2022)
Article
Chemistry, Multidisciplinary
Hani Elubeyd, Derya Yiltas-Kaplan
Summary: This paper proposes a hybrid deep learning algorithm for detecting and defending against DoS/DDoS attacks in software-defined networks (SDNs). The algorithm combines three types of deep learning algorithms and achieved high accuracy rates in both reference-based analysis and practical experiments. The research contributes to the field of network security, particularly in the area of SDN, and has the potential to enhance the security of SDNs and prevent DoS/DDoS attacks.
APPLIED SCIENCES-BASEL
(2023)
Article
Computer Science, Information Systems
Kashan Ahmed, Syed Khaldoon Khurshid, Sadaf Hina
Summary: This paper mainly introduces the construction of the cyber threat intelligence knowledge graph and the information extraction technique. By using joint extraction technique, it solves the problem of traditional techniques becoming ineffective due to the increasing size of CTI data. Experimental results show that this technique outperforms state-of-the-art models in knowledge triple extraction on CTI data and improves the F1 score.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Xinlong He, Yang Xu, Sicong Zhang, Weida Xu, Jiale Yan
Summary: This paper proposes a new membership inference attack method in federated learning, which utilizes data poisoning and sequence prediction confidence. The attack is effective and results in minimal overall model performance degradation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Tieming Chen, Huan Zeng, Mingqi Lv, Tiantian Zhu
Summary: In this paper, the authors propose a deep learning based dynamic malware detection method called CTIMD, which integrates threat knowledge from CTIs into the learning process of API call sequences with runtime parameters. Experimental results show that CTIMD outperforms existing methods in terms of performance.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wonwoo Choi, Minjae Seo, Seongman Lee, Brent Byunghoon Kang
Summary: This paper proposes SUM, a backward-edge control flow protection scheme for ARM Cortex-M processors. It combines MPU and the overlooked hardware feature FaultMask to achieve efficient and robust protection. The empirical evaluation shows minimal runtime overhead for the proposed solution.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Liliana Ribeiro, Ines Sousa Guedes, Carla Sofia Cardoso
Summary: Phishing susceptibility is influenced by individual and contextual factors. The study found that individuals who perceive themselves as capable of detecting phishing and those who use online services more frequently are more susceptible to phishing. However, technology competencies and other individual variables do not predict phishing susceptibility.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Wenjie Wang, Yuanhai Shao, Yiju Wang
Summary: In this paper, we investigate the adversarial perturbations of twin support vector machines (TWSVMs) and propose an optimization framework, which provides explicit solutions to increase the interpretability of the conclusion and convenience for calculation.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Snofy D. Dunston, V. Mary Anita Rajam
Summary: This paper proposes a novel adversarial attack technique that can synthesize adversarial images to mislead deep learning models, and also studies interpretability plots. The research findings show that the proposed attack technique influences the interpretability plots, regardless of the success of the attack.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Junchen Li, Guang Cheng, Zongyao Chen, Peng Zhao
Summary: Protocol Reverse Engineering (PRE) is a direct approach for analyzing unknown traffic. This paper proposes a method for clustering unknown traffic based on private protocol labels, and the experimental results demonstrate its advantages on real-world network traffic.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Rafal Kozik, Massimo Ficco, Aleksandra Pawlicka, Marek Pawlicki, Francesco Palmieri, Michal Choras
Summary: The inclusion of Explainability of Artificial Intelligence (xAI) has become a mandatory requirement for designing and implementing reliable, interpretable, and ethical AI solutions. However, it has been shown that xAI can enable successful adversarial attacks in the domain of fake news detection, leading to a decrease in AI security. This paper presents an attack scheme that uses an explainable solution to reshape the structure of the original message, allowing the adversary to manipulate the model's prediction while keeping the message's meaning intact.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Benyuan Yang, Lili Luo, Zhimeng Wang
Summary: Interoperation is widely used in practical industrial applications, but merging local access control policies may lead to security violations. Dealing with these issues in a multidomain environment is critical, but finding the maximum secure interoperation among individual systems poses a challenge due to the large number of entities and access involved.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Binghui Zou, Chunjie Cao, Longjuan Wang, Sizheng Fu, Tonghua Qiao, Jingzhang Sun
Summary: The ongoing struggle between security researchers and malware has led to the exploration of using convolutional neural networks and capsule networks for classification and identification of malware. However, training these networks requires a significant amount of data and parameters, and the research on capsule networks is still in its early stages, posing challenges.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Hongsong Chen, Xingyu Li, Wenmao Liu
Summary: Multivariate time-series anomaly detection is crucial for maintaining normal operation of physical equipment. Recent advances have been made in this field, but two challenges have limited the model's ability to generalize. To address these challenges, a multivariate time-series anomaly detection model consisting of a characterization network and a forecasting network is proposed. Experimental results demonstrate that this method outperforms baseline methods in terms of detection performance and robustness.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Roberto Doriguzzi-Corin, Domenico Siracusa
Summary: This paper discusses the application of federated learning in the field of cybersecurity and proposes an adaptive mechanism-based federated learning solution for DDoS attack detection in dynamic cybersecurity scenarios. Through experiments, it is demonstrated that the proposed solution outperforms state-of-the-art federated learning algorithms in terms of convergence time and accuracy.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Antonio Giovanni Schiavone
Summary: The usage of HTTPS protocol is crucial for secure communication with websites, ensuring the confidentiality, integrity, and authenticity of online data transmissions. The Municipality2HTTPS research project analyzed the implementation of HTTPS in Italian municipalities' websites and identified areas for improvement.
COMPUTERS & SECURITY
(2024)
Article
Computer Science, Information Systems
Domna Bilika, Nikoletta Michopoulou, Efthimios Alepis, Constantinos Patsakis
Summary: Voice Assistants (VAs) are widely used in smart devices, but are vulnerable to attacks, as shown by experiments with popular VAs revealing successful attack rates exceeding 30% and statistical variations among vendors, calling for additional countermeasures to protect user information.
COMPUTERS & SECURITY
(2024)