With the continuous development of transportation electrification,the cybersecurity of energy infrastructure has become increasingly prominent.Explicitly,EVs resemble a significant tool to carryout cyberattacks since ...With the continuous development of transportation electrification,the cybersecurity of energy infrastructure has become increasingly prominent.Explicitly,EVs resemble a significant tool to carryout cyberattacks since EVs are not only seen as dynamic loads but also as mobile energy sources that establish two-way communications with several players in the grid.This taxonomy aims to provide a comprehensive overview of cyberattacks against EVs from four distinct perspectives.The first is the research domains of EVs application,which investigates the different fields of research related to the development and application of EVs and how they are susceptible to cyber threats.The second is the CIAbased attacks,which examines the threats to the confidentiality,integrity,and availability of EVs'sensitive information and critical systems.The third taxonomy discusses the countermeasures and defensive mechanisms to secure the EVs against cyberattacks,including preventive measures,detection algorithms,response strategy,and recovery techniques.The fourth taxonomy is the verification and validation methodologies,which explores the software tools and hardware testbeds used to test and evaluate the security of EVs against cyber threats.Finally,this taxonomy presents an understanding of the current state of cyberattacks against EVs and serves as a valuable resource for researchers and practitioners in the fields of cybersecurity and electric mobility.展开更多
The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by phy...The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.展开更多
The explosive expansion of the Internet of Things(IoT)systems has increased the imperative to have strong and robust solutions to cyber Security,especially to curtail Distributed Denial of Service(DDoS)attacks,which c...The explosive expansion of the Internet of Things(IoT)systems has increased the imperative to have strong and robust solutions to cyber Security,especially to curtail Distributed Denial of Service(DDoS)attacks,which can cripple critical infrastructure.The proposed framework presented in the current paper is a new hybrid scheme that induces deep learning-based traffic classification and blockchain-enabledmitigation tomake intelligent,decentralized,and real-time DDoS countermeasures in an IoT network.The proposed model fuses the extracted deep features with statistical features and trains them by using traditional machine-learning algorithms,which makes them more accurate in detection than statistical features alone,based on the Convolutional Neural Network(CNN)architecture,which can extract deep features.A permissioned blockchain will be included to record the threat cases immutably and automatically execute mitigation measures through smart contracts to provide transparency and resilience.When tested on two test sets,BoT-IoT and IoT-23,the framework obtains a maximum F1-score at 97.5 percent and only a 1.8 percent false positive rate,which compares favorably to other solutions regarding effectiveness and the amount of time required to respond.Our findings support the feasibility of our method as an extensible and secure paradigm of nextgeneration IoT security,which has constrictive utility in mission-critical or resource-constrained settings.The work is a substantial milestone in autonomous and trustful mitigation against DDoS attacks through intelligent learning and decentralized enforcement.展开更多
To warn the cascading failures caused by cyberattacks(CFCAs)in real time and reduce their damage on cyber-physical power systems(CPPSs),a novel early warning method based on attack gains and cost principle(AGCP)is pro...To warn the cascading failures caused by cyberattacks(CFCAs)in real time and reduce their damage on cyber-physical power systems(CPPSs),a novel early warning method based on attack gains and cost principle(AGCP)is proposed.Firstly,according to the CFCA characteristics,the leading role of attackers in the whole evolutionary process is discussed.The breaking out of a CFCA is deduced based on the AGCP from the view of attackers,and the priority order of all CFCAs is then provided.Then,the method to calculate the probability of CFCAs is proposed,and an early warning model for CFCA is designed.Finally,to verify the effectiveness of this method,a variety of CFCAs are simulated in a local CPPS model based on the IEEE 39-bus system.The experimental results demonstrate that this method can be used as a reliable assistant analysis technology to facilitate early warning of CFCAs.展开更多
With the wide integration of various distributed communication and control techniques,the cyber-physical microgrids face critical challenges raised by the emerging cyberattacks.This paper proposes a three-stage defens...With the wide integration of various distributed communication and control techniques,the cyber-physical microgrids face critical challenges raised by the emerging cyberattacks.This paper proposes a three-stage defensive framework for distributed microgrids against denial of service(DoS)and false data injection(FDI)attacks,including resilient control,communication network reconfiguration,and switching of local control.The resilient control in the first stage is capable of tackling simultaneous DoS and FDI attacks when the connectivity of communication network could be maintained under cyberattacks.The communication network reconfiguration method in the second stage and the subsequent switching of local control in the third stage based on the software-defined network(SDN)layer aim to cope with the network partitions caused by cyberattacks.The proposed defensive framework could effectively mitigate the impacts of a wide range of simultaneous DoS and FDI attacks in microgrids without requiring the specific assumptions of attacks and prompt detections,which would not incorporate additional cyberattack risks.Extensive case studies using a 13-bus microgrid system are conducted to validate the effectiveness of the proposed three-stage defensive framework against the simultaneous DoS and FDI attacks.展开更多
In order to ensure the safety of connected and automated vehicles(CAVs)threatened by cyberattack in the confluence area and mitigate the adverse impact of cyberattack propagation,a framework is built to depict the imp...In order to ensure the safety of connected and automated vehicles(CAVs)threatened by cyberattack in the confluence area and mitigate the adverse impact of cyberattack propagation,a framework is built to depict the impact of cyberattacks on traffic operation.Based on this framework,corresponding propagation suppression strategies are proposed for different types of cyberattacks in different periods.Under centralized control,game theory is used to solve the confluence sequence corresponding to the strategies.The results show that the proposed method can effectively inhibit the spread of cyberattacks on the premise of security.The initial control effect is the best.Compared with uncontrolled condition,in the 100 timesteps,11 susceptible vehicles are finally added,and the second is the immunity period,in which 10 susceptible vehicles were protected from cyberattack.Outbreak and latency control strategies also protect some vehicles.Under the control strategy of each stage,the peak value of infected vehicles and the duration of cyberattack are improved compared with the uncontrolled strategy.In addition,the traffic efficiency in the confluence area is also improved.This method can also be extended to such road types as diverging section,weaving section and intersection,so as to reduce the impact of cyberattacks on road network scale.展开更多
The extensive utilization of the Internet in everyday life can be attributed to the substantial accessibility of online services and the growing significance of the data transmitted via the Internet.Regrettably,this d...The extensive utilization of the Internet in everyday life can be attributed to the substantial accessibility of online services and the growing significance of the data transmitted via the Internet.Regrettably,this development has expanded the potential targets that hackers might exploit.Without adequate safeguards,data transmitted on the internet is significantly more susceptible to unauthorized access,theft,or alteration.The identification of unauthorised access attempts is a critical component of cybersecurity as it aids in the detection and prevention of malicious attacks.This research paper introduces a novel intrusion detection framework that utilizes Recurrent Neural Networks(RNN)integrated with Long Short-Term Memory(LSTM)units.The proposed model can identify various types of cyberattacks,including conventional and distinctive forms.Recurrent networks,a specific kind of feedforward neural networks,possess an intrinsic memory component.Recurrent Neural Networks(RNNs)incorporating Long Short-Term Memory(LSTM)mechanisms have demonstrated greater capabilities in retaining and utilizing data dependencies over extended periods.Metrics such as data types,training duration,accuracy,number of false positives,and number of false negatives are among the parameters employed to assess the effectiveness of these models in identifying both common and unusual cyberattacks.RNNs are utilised in conjunction with LSTM to support human analysts in identifying possible intrusion events,hence enhancing their decision-making capabilities.A potential solution to address the limitations of Shallow learning is the introduction of the Eccentric Intrusion Detection Model.This model utilises Recurrent Neural Networks,specifically exploiting LSTM techniques.The proposed model achieves detection accuracy(99.5%),generalisation(99%),and false-positive rate(0.72%),the parameters findings reveal that it is superior to state-of-the-art techniques.展开更多
The rapid growth and pervasive presence of the Internet of Things(IoT)have led to an unparalleled increase in IoT devices,thereby intensifying worries over IoT security.Deep learning(DL)-based intrusion detection(ID)h...The rapid growth and pervasive presence of the Internet of Things(IoT)have led to an unparalleled increase in IoT devices,thereby intensifying worries over IoT security.Deep learning(DL)-based intrusion detection(ID)has emerged as a vital method for protecting IoT environments.To rectify the deficiencies of current detection methodologies,we proposed and developed an IoT cyberattacks detection system(IoT-CDS)based on DL models for detecting bot attacks in IoT networks.The DL models—long short-term memory(LSTM),gated recurrent units(GRUs),and convolutional neural network-LSTM(CNN-LSTM)were suggested to detect and classify IoT attacks.The BoT-IoT dataset was used to examine the proposed IoT-CDS system,and the dataset includes six attacks with normal packets.The experiments conducted on the BoT-IoT network dataset reveal that the LSTM model attained an impressive accuracy rate of 99.99%.Compared with other internal and external methods using the same dataset,it is observed that the LSTM model achieved higher accuracy rates.LSTMs are more efficient than GRUs and CNN-LSTMs in real-time performance and resource efficiency for cyberattack detection.This method,without feature selection,demonstrates advantages in training time and detection accuracy.Consequently,the proposed approach can be extended to improve the security of various IoT applications,representing a significant contribution to IoT security.展开更多
More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.T...More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.This paper examines a cyber-attack prediction system combining feature selection(FS)and ML.Our technique’s foundation was based on Correlation Analysis(CA),Mutual Information(MI),and recursive feature reduction with cross-validation.To optimize the IDS performance,the security features must be carefully selected from multiple-dimensional datasets,and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets.Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT.We evaluated prediction using seven ML methods:Decision Tree(DT),Random Forest(RF),Logistic Regression(LR),Naive Bayes(NB),K-Nearest Neighbors(KNN),Support Vector Machines(SVM),and Multilayer Perceptron(MLP)classifiers.The DT,RF,NB,and MLP classifiers helped our model surpass the competition on both datasets.Therefore,the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with ...Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with the issue. This paper’s primary goal is to examine how African nations are utilizing artificial intelligence to defend their infrastructure against cyberattacks. Artificial intelligence (AI) systems will make decisions that impact Africa’s future. The lack of technical expertise, the labor pool, financial resources, data limitations, uncertainty, lack of structured data, absence of government policies, ethics, user attitudes, insufficient investment in research and development, and the requirement for more adaptable and dynamic regulatory systems all pose obstacles to the adoption of AI technologies in Africa. The paper discusses how African countries are adopting artificial intelligence solutions for cybersecurity. And it shows the impact of AI to identify shadow data, monitor for abnormalities in data access and alert cyber security professionals about potential threats by anyone accessing the data or sensitive information saving valuable time in detecting and remediating issues in real-time. The study finds that 69.16% of African companies are implementing information security strategies and of these, 45% said they use technologies based on AI algorithms. This study finds that a large number of African businesses use tools that can track and analyze user behaviour in designated areas and spot anomalies, such as new users, strange IP addresses and login activity, changes to permissions on files, folders, and other resources, and the copying or erasure of massive amounts of data. Thus, we discover that just 18.18% of the target has no national cybersecurity strategy or policy. The study proposes using big data security analytics to integrate AI. Adopting it would be beneficial for all African nations, as it provides a range of cyberattack defense techniques.展开更多
When it comes to smart healthcare business systems,network-based intrusion detection systems are crucial for protecting the system and its networks from malicious network assaults.To protect IoMT devices and networks ...When it comes to smart healthcare business systems,network-based intrusion detection systems are crucial for protecting the system and its networks from malicious network assaults.To protect IoMT devices and networks in healthcare and medical settings,our proposed model serves as a powerful tool for monitoring IoMT networks.This study presents a robust methodology for intrusion detection in Internet of Medical Things(IoMT)environments,integrating data augmentation,feature selection,and ensemble learning to effectively handle IoMT data complexity.Following rigorous preprocessing,including feature extraction,correlation removal,and Recursive Feature Elimi-nation(RFE),selected features are standardized and reshaped for deep learning models.Augmentation using the BAT algorithm enhances dataset variability.Three deep learning models,Transformer-based neural networks,self-attention Deep Convolutional Neural Networks(DCNNs),and Long Short-Term Memory(LSTM)networks,are trained to capture diverse data aspects.Their predictions form a meta-feature set for a subsequent meta-learner,which combines model strengths.Conventional classifiers validate meta-learner features for broad algorithm suitability.This comprehensive method demonstrates high accuracy and robustness in IoMT intrusion detection.Evaluations were conducted using two datasets:the publicly available WUSTL-EHMS-2020 dataset,which contains two distinct categories,and the CICIoMT2024 dataset,encompassing sixteen categories.Experimental results showcase the method’s exceptional performance,achieving optimal scores of 100%on the WUSTL-EHMS-2020 dataset and 99%on the CICIoMT2024.展开更多
The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device has...The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device hascaught the attention of cyber hackers, as it provides them with expanded avenues to access valuable data. Thishas resulted in a myriad of security challenges, including information leakage, malware propagation, and financialloss, among others. Consequently, developing an intrusion detection system to identify both active and potentialintrusion traffic in IoT networks is of paramount importance. In this paper, we propose ResNeSt-biGRU, a practicalintrusion detection model that combines the strengths of ResNeSt, a variant of Residual Neural Network, andbidirectionalGated RecurrentUnitNetwork (biGRU).Our ResNeSt-biGRUframework diverges fromconventionalintrusion detection systems (IDS) by employing this dual-layeredmechanism that exploits the temporal continuityand spatial feature within network data streams, a methodological innovation that enhances detection accuracy.In conjunction with this, we introduce the PreIoT dataset, a compilation of prevalent IoT network behaviors, totrain and evaluate IDSmodels with a focus on identifying potential intrusion traffics. The effectiveness of proposedscheme is demonstrated through testing, wherein it achieved an average accuracy of 99.90% on theN-BaIoT datasetas well as on the PreIoT dataset and 94.45% on UNSW-NB15 dataset. The outcomes of this research reveal thepotential of ResNeSt-biGRU to bolster security measures, diminish intrusion-related vulnerabilities, and preservethe overall security of IoT ecosystems.展开更多
In the early days of IoT’s introduction, it was challenging to introduce encryption communication due to the lackof performance of each component, such as computing resources like CPUs and batteries, to encrypt and d...In the early days of IoT’s introduction, it was challenging to introduce encryption communication due to the lackof performance of each component, such as computing resources like CPUs and batteries, to encrypt and decryptdata. Because IoT is applied and utilized in many important fields, a cyberattack on IoT can result in astronomicalfinancial and human casualties. For this reason, the application of encrypted communication to IoT has beenrequired, and the application of encrypted communication to IoT has become possible due to improvements inthe computing performance of IoT devices and the development of lightweight cryptography. The applicationof encrypted communication in IoT has made it possible to use encrypted communication channels to launchcyberattacks. The approach of extracting evidence of an attack based on the primary information of a networkpacket is no longer valid because critical information, such as the payload in a network packet, is encrypted byencrypted communication. For this reason, technology that can detect cyberattacks over encrypted network trafficoccurring in IoT environments is required. Therefore, this research proposes an encrypted cyberattack detectionsystem for the IoT (ECDS-IoT) that derives valid features for cyberattack detection from the cryptographic networktraffic generated in the IoT environment and performs cyberattack detection based on the derived features. ECDS-IoT identifies identifiable information from encrypted traffic collected in IoT environments and extracts statistics-based features through statistical analysis of identifiable information. ECDS-IoT understands information aboutnormal data by learning only statistical features extracted from normal data. ECDS-IoT detects cyberattacks basedonly on the normal data information it has trained. To evaluate the cyberattack detection performance of theproposed ECDS-IoT in this research, ECDS-IoT used CICIoT2023, a dataset containing encrypted traffic generatedby normal and seven categories of cyberattacks in the IoT environment and experimented with cyberattackdetection on encrypted traffic using Autoencoder, RNN, GRU, LSTM, BiLSTM, and AE-LSTM algorithms. Asa result of evaluating the performance of cyberattack detection for encrypted traffic, ECDS-IoT achieved highperformance such as accuracy 0.99739, precision 0.99154, recall 1.0, F1 score 0.99575, and ROC_AUC 0.99822when using the AE-LSTM algorithm. As shown by the cyberattack detection results of ECDS-IoT, it is possibleto detect most cyberattacks through encrypted traffic. By applying ECDS-IoT to IoT, it can effectively detectcyberattacks concealed in encrypted traffic, promoting the efficient operation of IoT and preventing financial andhuman damage caused by cyberattacks.展开更多
This paper investigates the distributed fault-tolerant consensus tracking problem of nonlinear multi-agent systems with general incipient and abrupt time-varying actuator faults under cyber-attacks.First,a decentraliz...This paper investigates the distributed fault-tolerant consensus tracking problem of nonlinear multi-agent systems with general incipient and abrupt time-varying actuator faults under cyber-attacks.First,a decentralized unknown input observer is established to estimate relative states and actuator faults.Second,the estimated and output neighboring information is combined with distributed fault-tolerant consensus tracking controllers.Criteria of reaching leader-following exponential consensus tracking of multi-agent systems under both connectivity-maintained and connectivity-mixed attacks are derived with average dwelling time,attack frequency,and attack activation rate technique,respectively.Simulation example verifies the effectiveness of the fault-tolerant consensus tracking algorithm.展开更多
With an increasing number of services connected to the internet,including cloud computing and Internet of Things(IoT)systems,the prevention of cyberattacks has become more challenging due to the high dimensionality of...With an increasing number of services connected to the internet,including cloud computing and Internet of Things(IoT)systems,the prevention of cyberattacks has become more challenging due to the high dimensionality of the network traffic data and access points.Recently,researchers have suggested deep learning(DL)algorithms to define intrusion features through training empirical data and learning anomaly patterns of attacks.However,due to the high dynamics and imbalanced nature of the data,the existing DL classifiers are not completely effective at distinguishing between abnormal and normal behavior line connections for modern networks.Therefore,it is important to design a self-adaptive model for an intrusion detection system(IDS)to improve the detection of attacks.Consequently,in this paper,a novel hybrid weighted deep belief network(HW-DBN)algorithm is proposed for building an efficient and reliable IDS(DeepIoT.IDS)model to detect existing and novel cyberattacks.The HW-DBN algorithm integrates an improved Gaussian–Bernoulli restricted Boltzmann machine(Deep GB-RBM)feature learning operator with a weighted deep neural networks(WDNN)classifier.The CICIDS2017 dataset is selected to evaluate the DeepIoT.IDS model as it contains multiple types of attacks,complex data patterns,noise values,and imbalanced classes.We have compared the performance of the DeepIoT.IDS model with three recent models.The results show the DeepIoT.IDS model outperforms the three other models by achieving a higher detection accuracy of 99.38%and 99.99%for web attack and bot attack scenarios,respectively.Furthermore,it can detect the occurrence of low-frequency attacks that are undetectable by other models.展开更多
Although cyber technologies benefit our society,there are also some related cybersecurity risks.For example,cybercriminals may exploit vulnerabilities in people,processes,and technologies during trying times,such as t...Although cyber technologies benefit our society,there are also some related cybersecurity risks.For example,cybercriminals may exploit vulnerabilities in people,processes,and technologies during trying times,such as the ongoing COVID-19 pandemic,to identify opportunities that target vulnerable individuals,organizations(e.g.,medical facilities),and systems.In this paper,we examine the various cyberthreats associated with the COVID-19 pandemic.We also determine the attack vectors and surfaces of cyberthreats.Finally,we will discuss and analyze the insights and suggestions generated by different cyberattacks against individuals,organizations,and systems.展开更多
Phishing is one of the simplest ways in cybercrime to hack the reliable data of users such as passwords,account identifiers,bank details,etc.In general,these kinds of cyberattacks are made at users through phone calls...Phishing is one of the simplest ways in cybercrime to hack the reliable data of users such as passwords,account identifiers,bank details,etc.In general,these kinds of cyberattacks are made at users through phone calls,emails,or instant messages.The anti-phishing techniques,currently under use,aremainly based on source code features that need to scrape the webpage content.In third party services,these techniques check the classification procedure of phishing Uniform Resource Locators(URLs).Even thoughMachine Learning(ML)techniques have been lately utilized in the identification of phishing,they still need to undergo feature engineering since the techniques are not well-versed in identifying phishing offenses.The tremendous growth and evolution of Deep Learning(DL)techniques paved the way for increasing the accuracy of classification process.In this background,the current research article presents a Hunger Search Optimization with Hybrid Deep Learning enabled Phishing Detection and Classification(HSOHDL-PDC)model.The presented HSOHDL-PDC model focuses on effective recognition and classification of phishing based on website URLs.In addition,SOHDL-PDC model uses character-level embedding instead of word-level embedding since the URLs generally utilize words with no importance.Moreover,a hybrid Convolutional Neural Network-Long Short Term Memory(HCNN-LSTM)technique is also applied for identification and classification of phishing.The hyperparameters involved in HCNN-LSTM model are optimized with the help of HSO algorithm which in turn produced improved outcomes.The performance of the proposed HSOHDL-PDC model was validated using different datasets and the outcomes confirmed the supremacy of the proposed model over other recent approaches.展开更多
Due to exponential increase in smart resource limited devices and high speed communication technologies,Internet of Things(IoT)have received significant attention in different application areas.However,IoT environment...Due to exponential increase in smart resource limited devices and high speed communication technologies,Internet of Things(IoT)have received significant attention in different application areas.However,IoT environment is highly susceptible to cyber-attacks because of memory,processing,and communication restrictions.Since traditional models are not adequate for accomplishing security in the IoT environment,the recent developments of deep learning(DL)models find beneficial.This study introduces novel hybrid metaheuristics feature selection with stacked deep learning enabled cyber-attack detection(HMFS-SDLCAD)model.The major intention of the HMFS-SDLCAD model is to recognize the occurrence of cyberattacks in the IoT environment.At the preliminary stage,data pre-processing is carried out to transform the input data into useful format.In addition,salp swarm optimization based on particle swarm optimization(SSOPSO)algorithm is used for feature selection process.Besides,stacked bidirectional gated recurrent unit(SBiGRU)model is utilized for the identification and classification of cyberattacks.Finally,whale optimization algorithm(WOA)is employed for optimal hyperparameter optimization process.The experimental analysis of the HMFS-SDLCAD model is validated using benchmark dataset and the results are assessed under several aspects.The simulation outcomes pointed out the improvements of the HMFS-SDLCAD model over recent approaches.展开更多
基金supported by the Deanship of Postgraduate Studies and Scientific Research at Majmaah University under Project(Grant No R-2024-1183)。
文摘With the continuous development of transportation electrification,the cybersecurity of energy infrastructure has become increasingly prominent.Explicitly,EVs resemble a significant tool to carryout cyberattacks since EVs are not only seen as dynamic loads but also as mobile energy sources that establish two-way communications with several players in the grid.This taxonomy aims to provide a comprehensive overview of cyberattacks against EVs from four distinct perspectives.The first is the research domains of EVs application,which investigates the different fields of research related to the development and application of EVs and how they are susceptible to cyber threats.The second is the CIAbased attacks,which examines the threats to the confidentiality,integrity,and availability of EVs'sensitive information and critical systems.The third taxonomy discusses the countermeasures and defensive mechanisms to secure the EVs against cyberattacks,including preventive measures,detection algorithms,response strategy,and recovery techniques.The fourth taxonomy is the verification and validation methodologies,which explores the software tools and hardware testbeds used to test and evaluate the security of EVs against cyber threats.Finally,this taxonomy presents an understanding of the current state of cyberattacks against EVs and serves as a valuable resource for researchers and practitioners in the fields of cybersecurity and electric mobility.
文摘The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.
文摘The explosive expansion of the Internet of Things(IoT)systems has increased the imperative to have strong and robust solutions to cyber Security,especially to curtail Distributed Denial of Service(DDoS)attacks,which can cripple critical infrastructure.The proposed framework presented in the current paper is a new hybrid scheme that induces deep learning-based traffic classification and blockchain-enabledmitigation tomake intelligent,decentralized,and real-time DDoS countermeasures in an IoT network.The proposed model fuses the extracted deep features with statistical features and trains them by using traditional machine-learning algorithms,which makes them more accurate in detection than statistical features alone,based on the Convolutional Neural Network(CNN)architecture,which can extract deep features.A permissioned blockchain will be included to record the threat cases immutably and automatically execute mitigation measures through smart contracts to provide transparency and resilience.When tested on two test sets,BoT-IoT and IoT-23,the framework obtains a maximum F1-score at 97.5 percent and only a 1.8 percent false positive rate,which compares favorably to other solutions regarding effectiveness and the amount of time required to respond.Our findings support the feasibility of our method as an extensible and secure paradigm of nextgeneration IoT security,which has constrictive utility in mission-critical or resource-constrained settings.The work is a substantial milestone in autonomous and trustful mitigation against DDoS attacks through intelligent learning and decentralized enforcement.
基金supported by the National Key Research and Development Program of China(No.2017YFB0903000)National Natural Science Foundation of China(No.61471328)Natural Science Foundation of Tianjin City(No.15JCQNJC07000).
文摘To warn the cascading failures caused by cyberattacks(CFCAs)in real time and reduce their damage on cyber-physical power systems(CPPSs),a novel early warning method based on attack gains and cost principle(AGCP)is proposed.Firstly,according to the CFCA characteristics,the leading role of attackers in the whole evolutionary process is discussed.The breaking out of a CFCA is deduced based on the AGCP from the view of attackers,and the priority order of all CFCAs is then provided.Then,the method to calculate the probability of CFCAs is proposed,and an early warning model for CFCA is designed.Finally,to verify the effectiveness of this method,a variety of CFCAs are simulated in a local CPPS model based on the IEEE 39-bus system.The experimental results demonstrate that this method can be used as a reliable assistant analysis technology to facilitate early warning of CFCAs.
文摘With the wide integration of various distributed communication and control techniques,the cyber-physical microgrids face critical challenges raised by the emerging cyberattacks.This paper proposes a three-stage defensive framework for distributed microgrids against denial of service(DoS)and false data injection(FDI)attacks,including resilient control,communication network reconfiguration,and switching of local control.The resilient control in the first stage is capable of tackling simultaneous DoS and FDI attacks when the connectivity of communication network could be maintained under cyberattacks.The communication network reconfiguration method in the second stage and the subsequent switching of local control in the third stage based on the software-defined network(SDN)layer aim to cope with the network partitions caused by cyberattacks.The proposed defensive framework could effectively mitigate the impacts of a wide range of simultaneous DoS and FDI attacks in microgrids without requiring the specific assumptions of attacks and prompt detections,which would not incorporate additional cyberattack risks.Extensive case studies using a 13-bus microgrid system are conducted to validate the effectiveness of the proposed three-stage defensive framework against the simultaneous DoS and FDI attacks.
基金supported by Key Research and Development Program of Shaanxi (Grant No.2023-YBGY-118)Scientific Research Project of Department of Transport of Shaanxi Province (Grant No.22-13X)。
文摘In order to ensure the safety of connected and automated vehicles(CAVs)threatened by cyberattack in the confluence area and mitigate the adverse impact of cyberattack propagation,a framework is built to depict the impact of cyberattacks on traffic operation.Based on this framework,corresponding propagation suppression strategies are proposed for different types of cyberattacks in different periods.Under centralized control,game theory is used to solve the confluence sequence corresponding to the strategies.The results show that the proposed method can effectively inhibit the spread of cyberattacks on the premise of security.The initial control effect is the best.Compared with uncontrolled condition,in the 100 timesteps,11 susceptible vehicles are finally added,and the second is the immunity period,in which 10 susceptible vehicles were protected from cyberattack.Outbreak and latency control strategies also protect some vehicles.Under the control strategy of each stage,the peak value of infected vehicles and the duration of cyberattack are improved compared with the uncontrolled strategy.In addition,the traffic efficiency in the confluence area is also improved.This method can also be extended to such road types as diverging section,weaving section and intersection,so as to reduce the impact of cyberattacks on road network scale.
基金This work was supported partially by the MSIT(Ministry of Science and ICT),Korea,under the ITRC(Information Technology Research Center)Support Program(IITP-2024-2018-0-01431)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation).
文摘The extensive utilization of the Internet in everyday life can be attributed to the substantial accessibility of online services and the growing significance of the data transmitted via the Internet.Regrettably,this development has expanded the potential targets that hackers might exploit.Without adequate safeguards,data transmitted on the internet is significantly more susceptible to unauthorized access,theft,or alteration.The identification of unauthorised access attempts is a critical component of cybersecurity as it aids in the detection and prevention of malicious attacks.This research paper introduces a novel intrusion detection framework that utilizes Recurrent Neural Networks(RNN)integrated with Long Short-Term Memory(LSTM)units.The proposed model can identify various types of cyberattacks,including conventional and distinctive forms.Recurrent networks,a specific kind of feedforward neural networks,possess an intrinsic memory component.Recurrent Neural Networks(RNNs)incorporating Long Short-Term Memory(LSTM)mechanisms have demonstrated greater capabilities in retaining and utilizing data dependencies over extended periods.Metrics such as data types,training duration,accuracy,number of false positives,and number of false negatives are among the parameters employed to assess the effectiveness of these models in identifying both common and unusual cyberattacks.RNNs are utilised in conjunction with LSTM to support human analysts in identifying possible intrusion events,hence enhancing their decision-making capabilities.A potential solution to address the limitations of Shallow learning is the introduction of the Eccentric Intrusion Detection Model.This model utilises Recurrent Neural Networks,specifically exploiting LSTM techniques.The proposed model achieves detection accuracy(99.5%),generalisation(99%),and false-positive rate(0.72%),the parameters findings reveal that it is superior to state-of-the-art techniques.
文摘The rapid growth and pervasive presence of the Internet of Things(IoT)have led to an unparalleled increase in IoT devices,thereby intensifying worries over IoT security.Deep learning(DL)-based intrusion detection(ID)has emerged as a vital method for protecting IoT environments.To rectify the deficiencies of current detection methodologies,we proposed and developed an IoT cyberattacks detection system(IoT-CDS)based on DL models for detecting bot attacks in IoT networks.The DL models—long short-term memory(LSTM),gated recurrent units(GRUs),and convolutional neural network-LSTM(CNN-LSTM)were suggested to detect and classify IoT attacks.The BoT-IoT dataset was used to examine the proposed IoT-CDS system,and the dataset includes six attacks with normal packets.The experiments conducted on the BoT-IoT network dataset reveal that the LSTM model attained an impressive accuracy rate of 99.99%.Compared with other internal and external methods using the same dataset,it is observed that the LSTM model achieved higher accuracy rates.LSTMs are more efficient than GRUs and CNN-LSTMs in real-time performance and resource efficiency for cyberattack detection.This method,without feature selection,demonstrates advantages in training time and detection accuracy.Consequently,the proposed approach can be extended to improve the security of various IoT applications,representing a significant contribution to IoT security.
文摘More businesses are deploying powerful Intrusion Detection Systems(IDS)to secure their data and physical assets.Improved cyber-attack detection and prevention in these systems requires machine learning(ML)approaches.This paper examines a cyber-attack prediction system combining feature selection(FS)and ML.Our technique’s foundation was based on Correlation Analysis(CA),Mutual Information(MI),and recursive feature reduction with cross-validation.To optimize the IDS performance,the security features must be carefully selected from multiple-dimensional datasets,and our hybrid FS technique must be extended to validate our methodology using the improved UNSW-NB 15 and TON_IoT datasets.Our technique identified 22 key characteristics in UNSW-NB-15 and 8 in TON_IoT.We evaluated prediction using seven ML methods:Decision Tree(DT),Random Forest(RF),Logistic Regression(LR),Naive Bayes(NB),K-Nearest Neighbors(KNN),Support Vector Machines(SVM),and Multilayer Perceptron(MLP)classifiers.The DT,RF,NB,and MLP classifiers helped our model surpass the competition on both datasets.Therefore,the investigational outcomes of our hybrid model may help IDSs defend business assets from various cyberattack vectors.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘Legacy-based threat detection systems have not been able to keep up with the exponential growth in scope, frequency, and effect of cybersecurity threats. Artificial intelligence is being used as a result to help with the issue. This paper’s primary goal is to examine how African nations are utilizing artificial intelligence to defend their infrastructure against cyberattacks. Artificial intelligence (AI) systems will make decisions that impact Africa’s future. The lack of technical expertise, the labor pool, financial resources, data limitations, uncertainty, lack of structured data, absence of government policies, ethics, user attitudes, insufficient investment in research and development, and the requirement for more adaptable and dynamic regulatory systems all pose obstacles to the adoption of AI technologies in Africa. The paper discusses how African countries are adopting artificial intelligence solutions for cybersecurity. And it shows the impact of AI to identify shadow data, monitor for abnormalities in data access and alert cyber security professionals about potential threats by anyone accessing the data or sensitive information saving valuable time in detecting and remediating issues in real-time. The study finds that 69.16% of African companies are implementing information security strategies and of these, 45% said they use technologies based on AI algorithms. This study finds that a large number of African businesses use tools that can track and analyze user behaviour in designated areas and spot anomalies, such as new users, strange IP addresses and login activity, changes to permissions on files, folders, and other resources, and the copying or erasure of massive amounts of data. Thus, we discover that just 18.18% of the target has no national cybersecurity strategy or policy. The study proposes using big data security analytics to integrate AI. Adopting it would be beneficial for all African nations, as it provides a range of cyberattack defense techniques.
基金supported by the Deanship of Graduate Studies and Scientific Research at Jouf University under grant No.DGSSR-2023-02-02116.
文摘When it comes to smart healthcare business systems,network-based intrusion detection systems are crucial for protecting the system and its networks from malicious network assaults.To protect IoMT devices and networks in healthcare and medical settings,our proposed model serves as a powerful tool for monitoring IoMT networks.This study presents a robust methodology for intrusion detection in Internet of Medical Things(IoMT)environments,integrating data augmentation,feature selection,and ensemble learning to effectively handle IoMT data complexity.Following rigorous preprocessing,including feature extraction,correlation removal,and Recursive Feature Elimi-nation(RFE),selected features are standardized and reshaped for deep learning models.Augmentation using the BAT algorithm enhances dataset variability.Three deep learning models,Transformer-based neural networks,self-attention Deep Convolutional Neural Networks(DCNNs),and Long Short-Term Memory(LSTM)networks,are trained to capture diverse data aspects.Their predictions form a meta-feature set for a subsequent meta-learner,which combines model strengths.Conventional classifiers validate meta-learner features for broad algorithm suitability.This comprehensive method demonstrates high accuracy and robustness in IoMT intrusion detection.Evaluations were conducted using two datasets:the publicly available WUSTL-EHMS-2020 dataset,which contains two distinct categories,and the CICIoMT2024 dataset,encompassing sixteen categories.Experimental results showcase the method’s exceptional performance,achieving optimal scores of 100%on the WUSTL-EHMS-2020 dataset and 99%on the CICIoMT2024.
基金the National Natural Science Foundation of China(No.61662004).
文摘The rapid expansion of Internet of Things (IoT) devices across various sectors is driven by steadily increasingdemands for interconnected and smart technologies. Nevertheless, the surge in the number of IoT device hascaught the attention of cyber hackers, as it provides them with expanded avenues to access valuable data. Thishas resulted in a myriad of security challenges, including information leakage, malware propagation, and financialloss, among others. Consequently, developing an intrusion detection system to identify both active and potentialintrusion traffic in IoT networks is of paramount importance. In this paper, we propose ResNeSt-biGRU, a practicalintrusion detection model that combines the strengths of ResNeSt, a variant of Residual Neural Network, andbidirectionalGated RecurrentUnitNetwork (biGRU).Our ResNeSt-biGRUframework diverges fromconventionalintrusion detection systems (IDS) by employing this dual-layeredmechanism that exploits the temporal continuityand spatial feature within network data streams, a methodological innovation that enhances detection accuracy.In conjunction with this, we introduce the PreIoT dataset, a compilation of prevalent IoT network behaviors, totrain and evaluate IDSmodels with a focus on identifying potential intrusion traffics. The effectiveness of proposedscheme is demonstrated through testing, wherein it achieved an average accuracy of 99.90% on theN-BaIoT datasetas well as on the PreIoT dataset and 94.45% on UNSW-NB15 dataset. The outcomes of this research reveal thepotential of ResNeSt-biGRU to bolster security measures, diminish intrusion-related vulnerabilities, and preservethe overall security of IoT ecosystems.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00493,5G Massive Next Generation Cyber Attack Deception Technology Development).
文摘In the early days of IoT’s introduction, it was challenging to introduce encryption communication due to the lackof performance of each component, such as computing resources like CPUs and batteries, to encrypt and decryptdata. Because IoT is applied and utilized in many important fields, a cyberattack on IoT can result in astronomicalfinancial and human casualties. For this reason, the application of encrypted communication to IoT has beenrequired, and the application of encrypted communication to IoT has become possible due to improvements inthe computing performance of IoT devices and the development of lightweight cryptography. The applicationof encrypted communication in IoT has made it possible to use encrypted communication channels to launchcyberattacks. The approach of extracting evidence of an attack based on the primary information of a networkpacket is no longer valid because critical information, such as the payload in a network packet, is encrypted byencrypted communication. For this reason, technology that can detect cyberattacks over encrypted network trafficoccurring in IoT environments is required. Therefore, this research proposes an encrypted cyberattack detectionsystem for the IoT (ECDS-IoT) that derives valid features for cyberattack detection from the cryptographic networktraffic generated in the IoT environment and performs cyberattack detection based on the derived features. ECDS-IoT identifies identifiable information from encrypted traffic collected in IoT environments and extracts statistics-based features through statistical analysis of identifiable information. ECDS-IoT understands information aboutnormal data by learning only statistical features extracted from normal data. ECDS-IoT detects cyberattacks basedonly on the normal data information it has trained. To evaluate the cyberattack detection performance of theproposed ECDS-IoT in this research, ECDS-IoT used CICIoT2023, a dataset containing encrypted traffic generatedby normal and seven categories of cyberattacks in the IoT environment and experimented with cyberattackdetection on encrypted traffic using Autoencoder, RNN, GRU, LSTM, BiLSTM, and AE-LSTM algorithms. Asa result of evaluating the performance of cyberattack detection for encrypted traffic, ECDS-IoT achieved highperformance such as accuracy 0.99739, precision 0.99154, recall 1.0, F1 score 0.99575, and ROC_AUC 0.99822when using the AE-LSTM algorithm. As shown by the cyberattack detection results of ECDS-IoT, it is possibleto detect most cyberattacks through encrypted traffic. By applying ECDS-IoT to IoT, it can effectively detectcyberattacks concealed in encrypted traffic, promoting the efficient operation of IoT and preventing financial andhuman damage caused by cyberattacks.
基金supported by the National Key R&D Program of China(2018AAA0102804)National Natural Science Foundation of China(62020106003,62103250,61773201)+1 种基金Fundamental Research Funds for the Central Universities(NC2020002,NP2020103)Shanghai Sailing Program(21YF1414000)。
文摘This paper investigates the distributed fault-tolerant consensus tracking problem of nonlinear multi-agent systems with general incipient and abrupt time-varying actuator faults under cyber-attacks.First,a decentralized unknown input observer is established to estimate relative states and actuator faults.Second,the estimated and output neighboring information is combined with distributed fault-tolerant consensus tracking controllers.Criteria of reaching leader-following exponential consensus tracking of multi-agent systems under both connectivity-maintained and connectivity-mixed attacks are derived with average dwelling time,attack frequency,and attack activation rate technique,respectively.Simulation example verifies the effectiveness of the fault-tolerant consensus tracking algorithm.
基金This work was partially funded by the Industry Grant Scheme from Jaycorp Berhad in cooperation with UNITAR International University.The authors would like to thank INSFORNET,the Center for Advanced Computing Technology(C-ACT)at Universiti Teknikal Malaysia Melaka(UTeM),and the Center of Intelligent and Autonomous Systems(CIAS)at Universiti Tun Hussein Onn Malaysia(UTHM)for supporting this work.
文摘With an increasing number of services connected to the internet,including cloud computing and Internet of Things(IoT)systems,the prevention of cyberattacks has become more challenging due to the high dimensionality of the network traffic data and access points.Recently,researchers have suggested deep learning(DL)algorithms to define intrusion features through training empirical data and learning anomaly patterns of attacks.However,due to the high dynamics and imbalanced nature of the data,the existing DL classifiers are not completely effective at distinguishing between abnormal and normal behavior line connections for modern networks.Therefore,it is important to design a self-adaptive model for an intrusion detection system(IDS)to improve the detection of attacks.Consequently,in this paper,a novel hybrid weighted deep belief network(HW-DBN)algorithm is proposed for building an efficient and reliable IDS(DeepIoT.IDS)model to detect existing and novel cyberattacks.The HW-DBN algorithm integrates an improved Gaussian–Bernoulli restricted Boltzmann machine(Deep GB-RBM)feature learning operator with a weighted deep neural networks(WDNN)classifier.The CICIDS2017 dataset is selected to evaluate the DeepIoT.IDS model as it contains multiple types of attacks,complex data patterns,noise values,and imbalanced classes.We have compared the performance of the DeepIoT.IDS model with three recent models.The results show the DeepIoT.IDS model outperforms the three other models by achieving a higher detection accuracy of 99.38%and 99.99%for web attack and bot attack scenarios,respectively.Furthermore,it can detect the occurrence of low-frequency attacks that are undetectable by other models.
基金supported by the United Arab Emirates University Start-up Grant G00003261.
文摘Although cyber technologies benefit our society,there are also some related cybersecurity risks.For example,cybercriminals may exploit vulnerabilities in people,processes,and technologies during trying times,such as the ongoing COVID-19 pandemic,to identify opportunities that target vulnerable individuals,organizations(e.g.,medical facilities),and systems.In this paper,we examine the various cyberthreats associated with the COVID-19 pandemic.We also determine the attack vectors and surfaces of cyberthreats.Finally,we will discuss and analyze the insights and suggestions generated by different cyberattacks against individuals,organizations,and systems.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work through Large Groups Project under grant number(158/43)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R135)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.The authors would like to thank the Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:22UQU4340237DSR22.
文摘Phishing is one of the simplest ways in cybercrime to hack the reliable data of users such as passwords,account identifiers,bank details,etc.In general,these kinds of cyberattacks are made at users through phone calls,emails,or instant messages.The anti-phishing techniques,currently under use,aremainly based on source code features that need to scrape the webpage content.In third party services,these techniques check the classification procedure of phishing Uniform Resource Locators(URLs).Even thoughMachine Learning(ML)techniques have been lately utilized in the identification of phishing,they still need to undergo feature engineering since the techniques are not well-versed in identifying phishing offenses.The tremendous growth and evolution of Deep Learning(DL)techniques paved the way for increasing the accuracy of classification process.In this background,the current research article presents a Hunger Search Optimization with Hybrid Deep Learning enabled Phishing Detection and Classification(HSOHDL-PDC)model.The presented HSOHDL-PDC model focuses on effective recognition and classification of phishing based on website URLs.In addition,SOHDL-PDC model uses character-level embedding instead of word-level embedding since the URLs generally utilize words with no importance.Moreover,a hybrid Convolutional Neural Network-Long Short Term Memory(HCNN-LSTM)technique is also applied for identification and classification of phishing.The hyperparameters involved in HCNN-LSTM model are optimized with the help of HSO algorithm which in turn produced improved outcomes.The performance of the proposed HSOHDL-PDC model was validated using different datasets and the outcomes confirmed the supremacy of the proposed model over other recent approaches.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work through Large Groups Project under grant number(45/43)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R140)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.The authors would like to thank the Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:(22UQU4310373DSR16).
文摘Due to exponential increase in smart resource limited devices and high speed communication technologies,Internet of Things(IoT)have received significant attention in different application areas.However,IoT environment is highly susceptible to cyber-attacks because of memory,processing,and communication restrictions.Since traditional models are not adequate for accomplishing security in the IoT environment,the recent developments of deep learning(DL)models find beneficial.This study introduces novel hybrid metaheuristics feature selection with stacked deep learning enabled cyber-attack detection(HMFS-SDLCAD)model.The major intention of the HMFS-SDLCAD model is to recognize the occurrence of cyberattacks in the IoT environment.At the preliminary stage,data pre-processing is carried out to transform the input data into useful format.In addition,salp swarm optimization based on particle swarm optimization(SSOPSO)algorithm is used for feature selection process.Besides,stacked bidirectional gated recurrent unit(SBiGRU)model is utilized for the identification and classification of cyberattacks.Finally,whale optimization algorithm(WOA)is employed for optimal hyperparameter optimization process.The experimental analysis of the HMFS-SDLCAD model is validated using benchmark dataset and the results are assessed under several aspects.The simulation outcomes pointed out the improvements of the HMFS-SDLCAD model over recent approaches.
