The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massi...The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massive increase in unprotected devices connecting to networks.Consequently,cyberattacks on IoT are becoming more common,particularly keylogging attacks,which are often caused by security vulnerabilities on IoT networks.This research focuses on the role of transfer learning and ensemble classifiers in enhancing the detection of keylogging attacks within small,imbalanced IoT datasets.The authors propose a model that combines transfer learning with ensemble classification methods,leading to improved detection accuracy.By leveraging the BoT-IoT and keylogger_detection datasets,they facilitate the transfer of knowledge across various domains.The results reveal that the integration of transfer learning and ensemble classifiers significantly improves detection capabilities,even in scenarios with limited data availability.The proposed TRANS-ENS model showcases exceptional accuracy and a minimal false positive rate,outperforming current deep learning approaches.The primary objectives include:(i)introducing an ensemble feature selection technique to identify common features across models,(ii)creating a pre-trained deep learning model through transfer learning for the detection of keylogging attacks,and(iii)developing a transfer learning-ensemble model dedicated to keylogging detection.Experimental findings indicate that the TRANS-ENS model achieves a detection accuracy of 96.06%and a false alarm rate of 0.12%,surpassing existing models such as CNN,RNN,and LSTM.展开更多
The Software-Defined Networking(SDN)technology improves network management over existing technology via centralized network control.The SDN provides a perfect platform for researchers to solve traditional network’s o...The Software-Defined Networking(SDN)technology improves network management over existing technology via centralized network control.The SDN provides a perfect platform for researchers to solve traditional network’s outstanding issues.However,despite the advantages of centralized control,concern about its security is rising.The more traditional network switched to SDN technology,the more attractive it becomes to malicious actors,especially the controller,because it is the network’s brain.A Distributed Denial of Service(DDoS)attack on the controller could cripple the entire network.For that reason,researchers are always looking for ways to detect DDoS attacks against the controller with higher accuracy and lower false-positive rate.This paper proposes an entropy-based approach to detect low-rate and high-rate DDoS attacks against the SDN controller,regardless of the number of attackers or targets.The proposed approach generalized the Rényi joint entropy for analyzing the network traffic flow to detect DDoS attack traffic flow of varying rates.Using two packet header features and generalized Rényi joint entropy,the proposed approach achieved a better detection rate than the EDDSC approach that uses Shannon entropy metrics.展开更多
The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,securit...The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,security,and network management.However,the SDN is vulnerable to security threats that target its controller,such as low-rate Distributed Denial of Service(DDoS)attacks,The low-rate DDoS attack is one of the most prevalent attacks that poses a severe threat to SDN network security because the controller is a vital architecture component.Therefore,there is an urgent need to propose a detection approach for this type of attack with a high detection rate and low false-positive rates.Thus,this paper proposes an approach to detect low-rate DDoS attacks on the SDN controller by adapting a dynamic threshold.The proposed approach has been evaluated using four simulation scenarios covering a combination of low-rate DDoS attacks against the SDN controller involving(i)a single host attack targeting a single victim;(ii)a single host attack targeting multiple victims;(iii)multiple hosts attack targeting a single victim;and(iv)multiple hosts attack targeting multiple victims.The proposed approach’s average detection rates are 96.65%,91.83%,96.17%,and 95.33%for the above scenarios,respectively;and its average false-positive rates are 3.33%,8.17%,3.83%,and 4.67%for similar scenarios,respectively.The comparison between the proposed approach and two existing approaches showed that it outperformed them in both categories.展开更多
The cyber-criminal compromises end-hosts(bots)to configure a network of bots(botnet).The cyber-criminals are also looking for an evolved architecture that makes their techniques more resilient and stealthier such as P...The cyber-criminal compromises end-hosts(bots)to configure a network of bots(botnet).The cyber-criminals are also looking for an evolved architecture that makes their techniques more resilient and stealthier such as Peer-to-Peer(P2P)networks.The P2P botnets leverage the privileges of the decentralized nature of P2P networks.Consequently,the P2P botnets exploit the resilience of this architecture to be arduous against take-down procedures.Some P2P botnets are smarter to be stealthy in their Commandand-Control mechanisms(C2)and elude the standard discovery mechanisms.Therefore,the other side of this cyberwar is the monitor.The P2P botnet monitoring is an exacting mission because the monitoring must care about many aspects simultaneously.Some aspects pertain to the existing monitoring approaches,some pertain to the nature of P2P networks,and some to counter the botnets,i.e.,the anti-monitoring mechanisms.All these challenges should be considered in P2P botnet monitoring.To begin with,this paper provides an anatomy of P2P botnets.Thereafter,this paper exhaustively reviews the existing monitoring approaches of P2P botnets and thoroughly discusses each to reveal its advantages and disadvantages.In addition,this paper groups the monitoring approaches into three groups:passive,active,and hybrid monitoring approaches.Furthermore,this paper also discusses the functional and non-functional requirements of advanced monitoring.In conclusion,this paper ends by epitomizing the challenges of various aspects and gives future avenues for better monitoring of P2P botnets.展开更多
The interest in selecting an appropriate cloud data center is exponentially increasing due to the popularity and continuous growth of the cloud computing sector.Cloud data center selection challenges are compounded by...The interest in selecting an appropriate cloud data center is exponentially increasing due to the popularity and continuous growth of the cloud computing sector.Cloud data center selection challenges are compounded by ever-increasing users’requests and the number of data centers required to execute these requests.Cloud service broker policy defines cloud data center’s selection,which is a case of an NP-hard problem that needs a precise solution for an efficient and superior solution.Differential evolution algorithm is a metaheuristic algorithm characterized by its speed and robustness,and it is well suited for selecting an appropriate cloud data center.This paper presents a modified differential evolution algorithm-based cloud service broker policy for the most appropriate data center selection in the cloud computing environment.The differential evolution algorithm is modified using the proposed new mutation technique ensuring enhanced performance and providing an appropriate selection of data centers.The proposed policy’s superiority in selecting the most suitable data center is evaluated using the CloudAnalyst simulator.The results are compared with the state-of-arts cloud service broker policies.展开更多
Nowadays,high-resolution images pose several challenges in the context of image encryption.The encryption of huge images’file sizes requires high computational resources.Traditional encryption techniques like,Data En...Nowadays,high-resolution images pose several challenges in the context of image encryption.The encryption of huge images’file sizes requires high computational resources.Traditional encryption techniques like,Data Encryption Standard(DES),and Advanced Encryption Standard(AES)are not only inefficient,but also less secure.Due to characteristics of chaos theory,such as periodicity,sensitivity to initial conditions and control parameters,and unpredictability.Hence,the characteristics of deoxyribonucleic acid(DNA),such as vast parallelism and large storage capacity,make it a promising field.This paper presents an efficient color image encryption method utilizing DNA encoding with two types of hyper-chaotic maps.The proposed encryption method comprises three steps.The first step initializes the conditions for generating Lorenz and Rossler hyper-chaotic maps using a plain image Secure Hash Algorithm(SHA-256/384).The second step performs a confusion procedure by scrambling the three components of the image(red,green,and blue)using Lorenz hyper-chaotic sequences.Finally,the third step combines three approaches to encrypt the scrambled components for diffusion:DNA encoding/decoding,addition operation between components,and XORing with Rossler hyper-chaotic sequences.The simulation results indicate that the suggested encryption algorithm satisfies the requirements of security.The entropy value of confusion and diffusion is 7.997,the key space is 2200,and the correlation coefficient is nearly zero.The efficacy of the proposed method has been verified through numerous evaluations,and the results show its resistance and effectiveness against several attacks,like statistical and brute-force attacks.Finally,the devised algorithm vanquishes other relevant color image encryption algorithms.展开更多
The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(...The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.展开更多
In light of the coronavirus disease 2019(COVID-19)outbreak caused by the novel coronavirus,companies and institutions have instructed their employees to work from home as a precautionary measure to reduce the risk of ...In light of the coronavirus disease 2019(COVID-19)outbreak caused by the novel coronavirus,companies and institutions have instructed their employees to work from home as a precautionary measure to reduce the risk of contagion.Employees,however,have been exposed to different security risks because of working from home.Moreover,the rapid global spread of COVID-19 has increased the volume of data generated from various sources.Working from home depends mainly on cloud computing(CC)applications that help employees to efficiently accomplish their tasks.The cloud computing environment(CCE)is an unsung hero in the COVID-19 pandemic crisis.It consists of the fast-paced practices for services that reflect the trend of rapidly deployable applications for maintaining data.Despite the increase in the use of CC applications,there is an ongoing research challenge in the domains of CCE concerning data,guaranteeing security,and the availability of CC applications.This paper,to the best of our knowledge,is the first paper that thoroughly explains the impact of the COVID-19 pandemic on CCE.Additionally,this paper also highlights the security risks of working from home during the COVID-19 pandemic.展开更多
The novel coronavirus disease 2019(COVID-19)is a pandemic disease that is currently affecting over 200 countries around the world and impacting billions of people.The first step to mitigate and control its spread is t...The novel coronavirus disease 2019(COVID-19)is a pandemic disease that is currently affecting over 200 countries around the world and impacting billions of people.The first step to mitigate and control its spread is to identify and isolate the infected people.But,because of the lack of reverse transcription polymerase chain reaction(RT-CPR)tests,it is important to discover suspected COVID-19 cases as early as possible,such as by scan analysis and chest X-ray by radiologists.However,chest X-ray analysis is relatively time-consuming since it requires more than 15 minutes per case.In this paper,an automated novel detection model of COVID-19 cases is proposed to perform real-time detection of COVID-19 cases.The proposed model consists of three main stages:image segmentation using Harris Hawks optimizer,synthetic image augmentation using an enhanced Wasserstein And Auxiliary Classifier Generative Adversarial Network,and image classification using Conventional Neural Network.Raw chest X-ray images datasets are used to train and test the proposed model.Experiments demonstrate that the proposed model is very efficient in the automatic detection of COVID-19 positive cases.It achieved 99.4%accuracy,99.15%precision,99.35%recall,99.25%F-measure,and 98.5%specificity.展开更多
Intrusion detection systems that have emerged in recent decades can identify a variety of malicious attacks that target networks by employing several detection approaches.However,the current approaches have challenges...Intrusion detection systems that have emerged in recent decades can identify a variety of malicious attacks that target networks by employing several detection approaches.However,the current approaches have challenges in detecting intrusions,which may affect the performance of the overall detection system as well as network performance.For the time being,one of the most important creative technological advancements that plays a significant role in the professional world today is blockchain technology.Blockchain technology moves in the direction of persistent revolution and change.It is a chain of blocks that covers information and maintains trust between individuals no matter how far apart they are.Recently,blockchain was integrated into intrusion detection systems to enhance their overall performance.Blockchain has also been adopted in health-care,supply chain management,and the Internet of Things.Blockchain uses robust cryptography with private and public keys,and it has numerous properties that have leveraged security’s performance over peer-to-peer networks without the need for a third party.To explore and highlight the importance of integrating blockchain with intrusion detection systems,this paper provides a comprehensive background of intrusion detection systems and blockchain technology.Furthermore,a comprehensive review of emerging intrusion detection systems based on blockchain technology is presented.Finally,this paper suggests important future research directions and trending topics in intrusion detection systems based on blockchain technology.展开更多
基金the Deanship of Graduate Studies and Scientific Research at Najran University for supporting the research project through the Group Research,with the project code NU/GP/SERC/13/712。
文摘The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massive increase in unprotected devices connecting to networks.Consequently,cyberattacks on IoT are becoming more common,particularly keylogging attacks,which are often caused by security vulnerabilities on IoT networks.This research focuses on the role of transfer learning and ensemble classifiers in enhancing the detection of keylogging attacks within small,imbalanced IoT datasets.The authors propose a model that combines transfer learning with ensemble classification methods,leading to improved detection accuracy.By leveraging the BoT-IoT and keylogger_detection datasets,they facilitate the transfer of knowledge across various domains.The results reveal that the integration of transfer learning and ensemble classifiers significantly improves detection capabilities,even in scenarios with limited data availability.The proposed TRANS-ENS model showcases exceptional accuracy and a minimal false positive rate,outperforming current deep learning approaches.The primary objectives include:(i)introducing an ensemble feature selection technique to identify common features across models,(ii)creating a pre-trained deep learning model through transfer learning for the detection of keylogging attacks,and(iii)developing a transfer learning-ensemble model dedicated to keylogging detection.Experimental findings indicate that the TRANS-ENS model achieves a detection accuracy of 96.06%and a false alarm rate of 0.12%,surpassing existing models such as CNN,RNN,and LSTM.
基金This work was supported by Universiti Sains Malaysia under external grant(Grant Number 304/PNAV/650958/U154).
文摘The Software-Defined Networking(SDN)technology improves network management over existing technology via centralized network control.The SDN provides a perfect platform for researchers to solve traditional network’s outstanding issues.However,despite the advantages of centralized control,concern about its security is rising.The more traditional network switched to SDN technology,the more attractive it becomes to malicious actors,especially the controller,because it is the network’s brain.A Distributed Denial of Service(DDoS)attack on the controller could cripple the entire network.For that reason,researchers are always looking for ways to detect DDoS attacks against the controller with higher accuracy and lower false-positive rate.This paper proposes an entropy-based approach to detect low-rate and high-rate DDoS attacks against the SDN controller,regardless of the number of attackers or targets.The proposed approach generalized the Rényi joint entropy for analyzing the network traffic flow to detect DDoS attack traffic flow of varying rates.Using two packet header features and generalized Rényi joint entropy,the proposed approach achieved a better detection rate than the EDDSC approach that uses Shannon entropy metrics.
基金This work was supported by Universiti Sains Malaysia under external grant(Grant Number 304/PNAV/650958/U154).
文摘The emergence of a new network architecture,known as Software Defined Networking(SDN),in the last two decades has overcome some drawbacks of traditional networks in terms of performance,scalability,reliability,security,and network management.However,the SDN is vulnerable to security threats that target its controller,such as low-rate Distributed Denial of Service(DDoS)attacks,The low-rate DDoS attack is one of the most prevalent attacks that poses a severe threat to SDN network security because the controller is a vital architecture component.Therefore,there is an urgent need to propose a detection approach for this type of attack with a high detection rate and low false-positive rates.Thus,this paper proposes an approach to detect low-rate DDoS attacks on the SDN controller by adapting a dynamic threshold.The proposed approach has been evaluated using four simulation scenarios covering a combination of low-rate DDoS attacks against the SDN controller involving(i)a single host attack targeting a single victim;(ii)a single host attack targeting multiple victims;(iii)multiple hosts attack targeting a single victim;and(iv)multiple hosts attack targeting multiple victims.The proposed approach’s average detection rates are 96.65%,91.83%,96.17%,and 95.33%for the above scenarios,respectively;and its average false-positive rates are 3.33%,8.17%,3.83%,and 4.67%for similar scenarios,respectively.The comparison between the proposed approach and two existing approaches showed that it outperformed them in both categories.
基金This work was supported by the Ministry of Higher Education Malaysia’s Fundamental Research Grant Scheme under Grant FRGS/1/2021/ICT07/USM/03/1.
文摘The cyber-criminal compromises end-hosts(bots)to configure a network of bots(botnet).The cyber-criminals are also looking for an evolved architecture that makes their techniques more resilient and stealthier such as Peer-to-Peer(P2P)networks.The P2P botnets leverage the privileges of the decentralized nature of P2P networks.Consequently,the P2P botnets exploit the resilience of this architecture to be arduous against take-down procedures.Some P2P botnets are smarter to be stealthy in their Commandand-Control mechanisms(C2)and elude the standard discovery mechanisms.Therefore,the other side of this cyberwar is the monitor.The P2P botnet monitoring is an exacting mission because the monitoring must care about many aspects simultaneously.Some aspects pertain to the existing monitoring approaches,some pertain to the nature of P2P networks,and some to counter the botnets,i.e.,the anti-monitoring mechanisms.All these challenges should be considered in P2P botnet monitoring.To begin with,this paper provides an anatomy of P2P botnets.Thereafter,this paper exhaustively reviews the existing monitoring approaches of P2P botnets and thoroughly discusses each to reveal its advantages and disadvantages.In addition,this paper groups the monitoring approaches into three groups:passive,active,and hybrid monitoring approaches.Furthermore,this paper also discusses the functional and non-functional requirements of advanced monitoring.In conclusion,this paper ends by epitomizing the challenges of various aspects and gives future avenues for better monitoring of P2P botnets.
基金This work was supported by Universiti Sains Malaysia under external grant(Grant Number 304/PNAV/650958/U154).
文摘The interest in selecting an appropriate cloud data center is exponentially increasing due to the popularity and continuous growth of the cloud computing sector.Cloud data center selection challenges are compounded by ever-increasing users’requests and the number of data centers required to execute these requests.Cloud service broker policy defines cloud data center’s selection,which is a case of an NP-hard problem that needs a precise solution for an efficient and superior solution.Differential evolution algorithm is a metaheuristic algorithm characterized by its speed and robustness,and it is well suited for selecting an appropriate cloud data center.This paper presents a modified differential evolution algorithm-based cloud service broker policy for the most appropriate data center selection in the cloud computing environment.The differential evolution algorithm is modified using the proposed new mutation technique ensuring enhanced performance and providing an appropriate selection of data centers.The proposed policy’s superiority in selecting the most suitable data center is evaluated using the CloudAnalyst simulator.The results are compared with the state-of-arts cloud service broker policies.
基金This research is funded by Universiti SainsMalaysia(USM)via an external Grant Number(304/PNAV/650958/U154).
文摘Nowadays,high-resolution images pose several challenges in the context of image encryption.The encryption of huge images’file sizes requires high computational resources.Traditional encryption techniques like,Data Encryption Standard(DES),and Advanced Encryption Standard(AES)are not only inefficient,but also less secure.Due to characteristics of chaos theory,such as periodicity,sensitivity to initial conditions and control parameters,and unpredictability.Hence,the characteristics of deoxyribonucleic acid(DNA),such as vast parallelism and large storage capacity,make it a promising field.This paper presents an efficient color image encryption method utilizing DNA encoding with two types of hyper-chaotic maps.The proposed encryption method comprises three steps.The first step initializes the conditions for generating Lorenz and Rossler hyper-chaotic maps using a plain image Secure Hash Algorithm(SHA-256/384).The second step performs a confusion procedure by scrambling the three components of the image(red,green,and blue)using Lorenz hyper-chaotic sequences.Finally,the third step combines three approaches to encrypt the scrambled components for diffusion:DNA encoding/decoding,addition operation between components,and XORing with Rossler hyper-chaotic sequences.The simulation results indicate that the suggested encryption algorithm satisfies the requirements of security.The entropy value of confusion and diffusion is 7.997,the key space is 2200,and the correlation coefficient is nearly zero.The efficacy of the proposed method has been verified through numerous evaluations,and the results show its resistance and effectiveness against several attacks,like statistical and brute-force attacks.Finally,the devised algorithm vanquishes other relevant color image encryption algorithms.
基金funded by the Deanship of Scientific Research at Najran University for this research through a Grant(NU/RG/SERC/12/50)under the Research Groups at Najran University,Saudi Arabia.
文摘The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.
文摘In light of the coronavirus disease 2019(COVID-19)outbreak caused by the novel coronavirus,companies and institutions have instructed their employees to work from home as a precautionary measure to reduce the risk of contagion.Employees,however,have been exposed to different security risks because of working from home.Moreover,the rapid global spread of COVID-19 has increased the volume of data generated from various sources.Working from home depends mainly on cloud computing(CC)applications that help employees to efficiently accomplish their tasks.The cloud computing environment(CCE)is an unsung hero in the COVID-19 pandemic crisis.It consists of the fast-paced practices for services that reflect the trend of rapidly deployable applications for maintaining data.Despite the increase in the use of CC applications,there is an ongoing research challenge in the domains of CCE concerning data,guaranteeing security,and the availability of CC applications.This paper,to the best of our knowledge,is the first paper that thoroughly explains the impact of the COVID-19 pandemic on CCE.Additionally,this paper also highlights the security risks of working from home during the COVID-19 pandemic.
文摘The novel coronavirus disease 2019(COVID-19)is a pandemic disease that is currently affecting over 200 countries around the world and impacting billions of people.The first step to mitigate and control its spread is to identify and isolate the infected people.But,because of the lack of reverse transcription polymerase chain reaction(RT-CPR)tests,it is important to discover suspected COVID-19 cases as early as possible,such as by scan analysis and chest X-ray by radiologists.However,chest X-ray analysis is relatively time-consuming since it requires more than 15 minutes per case.In this paper,an automated novel detection model of COVID-19 cases is proposed to perform real-time detection of COVID-19 cases.The proposed model consists of three main stages:image segmentation using Harris Hawks optimizer,synthetic image augmentation using an enhanced Wasserstein And Auxiliary Classifier Generative Adversarial Network,and image classification using Conventional Neural Network.Raw chest X-ray images datasets are used to train and test the proposed model.Experiments demonstrate that the proposed model is very efficient in the automatic detection of COVID-19 positive cases.It achieved 99.4%accuracy,99.15%precision,99.35%recall,99.25%F-measure,and 98.5%specificity.
基金This work was supported by Universiti Sains Malaysia under external grant(Grant number 304/PNAV/650958/U154).
文摘Intrusion detection systems that have emerged in recent decades can identify a variety of malicious attacks that target networks by employing several detection approaches.However,the current approaches have challenges in detecting intrusions,which may affect the performance of the overall detection system as well as network performance.For the time being,one of the most important creative technological advancements that plays a significant role in the professional world today is blockchain technology.Blockchain technology moves in the direction of persistent revolution and change.It is a chain of blocks that covers information and maintains trust between individuals no matter how far apart they are.Recently,blockchain was integrated into intrusion detection systems to enhance their overall performance.Blockchain has also been adopted in health-care,supply chain management,and the Internet of Things.Blockchain uses robust cryptography with private and public keys,and it has numerous properties that have leveraged security’s performance over peer-to-peer networks without the need for a third party.To explore and highlight the importance of integrating blockchain with intrusion detection systems,this paper provides a comprehensive background of intrusion detection systems and blockchain technology.Furthermore,a comprehensive review of emerging intrusion detection systems based on blockchain technology is presented.Finally,this paper suggests important future research directions and trending topics in intrusion detection systems based on blockchain technology.
