Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smar...Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.展开更多
The Industrial Internet of Things(IIoT),combined with the Cyber-Physical Systems(CPS),is transforming industrial automation but also poses great cybersecurity threats because of the complexity and connectivity of the ...The Industrial Internet of Things(IIoT),combined with the Cyber-Physical Systems(CPS),is transforming industrial automation but also poses great cybersecurity threats because of the complexity and connectivity of the systems.There is a lack of explainability,challenges with imbalanced attack classes,and limited consideration of practical edge–cloud deployment strategies in prior works.In the proposed study,we suggest an Impact-Aware Taxonomy-Driven Machine Learning Framework with Edge Deployment and SHapley Additive exPlanations(SHAP)-based Explainable AI(XAI)to attack detection and classification in IIoT-CPS settings.It includes not only unsupervised clustering(K-Means and DBSCAN)to extract latent traffic patterns but also supervised classification based on taxonomy to classify 33 different kinds of attacks into seven high-level categories:Flood Attacks,Botnet/Mirai,Reconnaissance,Spoofing/Man-In-The-Middle(MITM),Injection Attacks,Backdoors/Exploits,and Benign.The three machine learning algorithms,Random Forest,XGBoost,and Multi-Layer Perceptron(MLP),were trained on a realworld dataset of more than 1 million network traffic records,with overall accuracy of 99.4%(RF),99.5%(XGBoost),and 99.1%(MLP).Rare types of attacks,such as injection attacks and backdoors,were examined even in the case of extreme imbalance between the classes.SHAP-based XAI was performed on every model to help gain transparency and trust in the model and identify important features that drive the classification decisions,such as inter-arrival time,TCP flags,and protocol type.A workable edge-computing implementation strategy is proposed,whereby lightweight computing is performed at the edge devices and heavy,computation-intensive analytics is performed at the cloud.This framework is highly accurate,interpretable,and has real-time application,hence a robust and scalable solution to securing IIoT-CPS infrastructure against dynamic cyber-attacks.展开更多
Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC ha...Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC has become a transformative paradigm for addressing these challenges,particularly in intrusion detection and anomaly mitigation.The widespread connectivity of IoT edge networks has exposed them to various security threats,necessitating robust strategies to detect malicious activities.This research presents a privacy-preserving federated anomaly detection framework combined with Bayesian game theory(BGT)and double deep Q-learning(DDQL).The proposed framework integrates BGT to model attacker and defender interactions for dynamic threat level adaptation and resource availability.It also models a strategic layout between attackers and defenders that takes into account uncertainty.DDQL is incorporated to optimize decision-making and aids in learning optimal defense policies at the edge,thereby ensuring policy and decision optimization.Federated learning(FL)enables decentralized and unshared anomaly detection for sensitive data between devices.Data collection has been performed from various sensors in a real-time EC-IoT network to identify irregularities that occurred due to different attacks.The results reveal that the proposed model achieves high detection accuracy of up to 98%while maintaining low resource consumption.This study demonstrates the synergy between game theory and FL to strengthen anomaly detection in EC-IoT networks.展开更多
基金the International Scientific Complex“Astana”was funded by the Committee of Science of the Ministry of Science and Higher Education of the Republic of Kazakhstan(Grant No.AP19680345).
文摘Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.
基金funded by the Committee of Science of the Ministry of Science and Higher Education of the Republic of Kazakhstan(Grant No.AP23489127)。
文摘The Industrial Internet of Things(IIoT),combined with the Cyber-Physical Systems(CPS),is transforming industrial automation but also poses great cybersecurity threats because of the complexity and connectivity of the systems.There is a lack of explainability,challenges with imbalanced attack classes,and limited consideration of practical edge–cloud deployment strategies in prior works.In the proposed study,we suggest an Impact-Aware Taxonomy-Driven Machine Learning Framework with Edge Deployment and SHapley Additive exPlanations(SHAP)-based Explainable AI(XAI)to attack detection and classification in IIoT-CPS settings.It includes not only unsupervised clustering(K-Means and DBSCAN)to extract latent traffic patterns but also supervised classification based on taxonomy to classify 33 different kinds of attacks into seven high-level categories:Flood Attacks,Botnet/Mirai,Reconnaissance,Spoofing/Man-In-The-Middle(MITM),Injection Attacks,Backdoors/Exploits,and Benign.The three machine learning algorithms,Random Forest,XGBoost,and Multi-Layer Perceptron(MLP),were trained on a realworld dataset of more than 1 million network traffic records,with overall accuracy of 99.4%(RF),99.5%(XGBoost),and 99.1%(MLP).Rare types of attacks,such as injection attacks and backdoors,were examined even in the case of extreme imbalance between the classes.SHAP-based XAI was performed on every model to help gain transparency and trust in the model and identify important features that drive the classification decisions,such as inter-arrival time,TCP flags,and protocol type.A workable edge-computing implementation strategy is proposed,whereby lightweight computing is performed at the edge devices and heavy,computation-intensive analytics is performed at the cloud.This framework is highly accurate,interpretable,and has real-time application,hence a robust and scalable solution to securing IIoT-CPS infrastructure against dynamic cyber-attacks.
基金The authors extend their appreciation to the Deanship of Research and Graduate Studies at King Khalid University for funding this work through the Large Group Project under grant number(RGP2/337/46)The research team thanks the Deanship of Graduate Studies and Scientific Research at Najran University for supporting the research project through the Nama’a program,with the project code NU/GP/SERC/13/352-4.
文摘Edge computing(EC)combined with the Internet of Things(IoT)provides a scalable and efficient solution for smart homes.Therapid proliferation of IoT devices poses real-time data processing and security challenges.EC has become a transformative paradigm for addressing these challenges,particularly in intrusion detection and anomaly mitigation.The widespread connectivity of IoT edge networks has exposed them to various security threats,necessitating robust strategies to detect malicious activities.This research presents a privacy-preserving federated anomaly detection framework combined with Bayesian game theory(BGT)and double deep Q-learning(DDQL).The proposed framework integrates BGT to model attacker and defender interactions for dynamic threat level adaptation and resource availability.It also models a strategic layout between attackers and defenders that takes into account uncertainty.DDQL is incorporated to optimize decision-making and aids in learning optimal defense policies at the edge,thereby ensuring policy and decision optimization.Federated learning(FL)enables decentralized and unshared anomaly detection for sensitive data between devices.Data collection has been performed from various sensors in a real-time EC-IoT network to identify irregularities that occurred due to different attacks.The results reveal that the proposed model achieves high detection accuracy of up to 98%while maintaining low resource consumption.This study demonstrates the synergy between game theory and FL to strengthen anomaly detection in EC-IoT networks.
