The increasing adoption of Industrial Internet of Things(IIoT)systems in smart manufacturing is leading to raise cyberattack numbers and pressing the requirement for intrusion detection systems(IDS)to be effective.How...The increasing adoption of Industrial Internet of Things(IIoT)systems in smart manufacturing is leading to raise cyberattack numbers and pressing the requirement for intrusion detection systems(IDS)to be effective.However,existing datasets for IDS training often lack relevance to modern IIoT environments,limiting their applicability for research and development.To address the latter gap,this paper introduces the HiTar-2024 dataset specifically designed for IIoT systems.As a consequence,that can be used by an IDS to detect imminent threats.Likewise,HiTar-2024 was generated using the AREZZO simulator,which replicates realistic smart manufacturing scenarios.The generated dataset includes five distinct classes:Normal,Probing,Remote to Local(R2L),User to Root(U2R),and Denial of Service(DoS).Furthermore,comprehensive experiments with popular Machine Learning(ML)models using various classifiers,including BayesNet,Logistic,IBK,Multiclass,PART,and J48 demonstrate high accuracy,precision,recall,and F1-scores,exceeding 0.99 across all ML metrics.The latter result is reached thanks to the rigorous applied process to achieve this quite good result,including data pre-processing,features extraction,fixing the class imbalance problem,and using a test option for model robustness.This comprehensive approach emphasizes meticulous dataset construction through a complete dataset generation process,a careful labelling algorithm,and a sophisticated evaluation method,providing valuable insights to reinforce IIoT system security.Finally,the HiTar-2024 dataset is compared with other similar datasets in the literature,considering several factors such as data format,feature extraction tools,number of features,attack categories,number of instances,and ML metrics.展开更多
Intrusion detection systems play a vital role in cyberspace security.In this study,a network intrusion detection method based on the feature selection algorithm(FSA)and a deep learning model is developed using a fusio...Intrusion detection systems play a vital role in cyberspace security.In this study,a network intrusion detection method based on the feature selection algorithm(FSA)and a deep learning model is developed using a fusion of a recursive feature elimination(RFE)algorithm and a bidirectional gated recurrent unit(BGRU).Particularly,the RFE algorithm is employed to select features from high-dimensional data to reduce weak correlations between features and remove redundant features in the numerical feature space.Then,a neural network that combines the BGRU and multilayer perceptron(MLP)is adopted to extract deep intrusion behavior features.Finally,a support vector machine(SVM)classifier is used to classify intrusion behaviors.The proposed model is verified by experiments on the NSL-KDD dataset.The results indicate that the proposed model achieves a 90.25%accuracy and a 97.51%detection rate in binary classification and outperforms other machine learning and deep learning models in intrusion classification.The proposed method can provide new insight into network intrusion detection.展开更多
The era of big data brings new challenges for information network systems(INS),simultaneously offering unprecedented opportunities for advancing intelligent intrusion detection systems.In this work,we propose a data-d...The era of big data brings new challenges for information network systems(INS),simultaneously offering unprecedented opportunities for advancing intelligent intrusion detection systems.In this work,we propose a data-driven intrusion detection system for Distributed Denial of Service(DDoS)attack detection.The system focuses on intrusion detection from a big data perceptive.As intelligent information processing methods,big data and artificial intelligence have been widely used in information systems.The INS system is an important information system in cyberspace.In advanced INS systems,the network architectures have become more complex.And the smart devices in INS systems collect a large scale of network data.How to improve the performance of a complex intrusion detection system with big data and artificial intelligence is a big challenge.To address the problem,we design a novel intrusion detection system(IDS)from a big data perspective.The IDS system uses tensors to represent large-scale and complex multi-source network data in a unified tensor.Then,a novel tensor decomposition(TD)method is developed to complete big data mining.The TD method seamlessly collaborates with the XGBoost(eXtreme Gradient Boosting)method to complete the intrusion detection.To verify the proposed IDS system,a series of experiments is conducted on two real network datasets.The results revealed that the proposed IDS system attained an impressive accuracy rate over 98%.Additionally,by altering the scale of the datasets,the proposed IDS system still maintains excellent detection performance,which demonstrates the proposed IDS system’s robustness.展开更多
Network intrusion detection systems(IDS)are a prevalent method for safeguarding network traffic against attacks.However,existing IDS primarily depend on machine learning(ML)models,which are vulnerable to evasion throu...Network intrusion detection systems(IDS)are a prevalent method for safeguarding network traffic against attacks.However,existing IDS primarily depend on machine learning(ML)models,which are vulnerable to evasion through adversarial examples.In recent years,the Wasserstein Generative Adversarial Network(WGAN),based on Wasserstein distance,has been extensively utilized to generate adversarial examples.Nevertheless,several challenges persist:(1)WGAN experiences the mode collapse problem when generating multi-category network traffic data,leading to subpar quality and insufficient diversity in the generated data;(2)Due to unstable training processes,the authenticity of the data produced by WGAN is often low.This study improves WGAN to address these issues and proposes a new adversarial sample generation algorithm called Distortion Enhanced Multi-Generator Generative Adversarial Network(DEMGAN).DEMGAN effectively evades ML-based IDS by proficiently obfuscating network traffic data samples.We assess the efficacy of our attack method against five ML-based IDS using two public datasets.The results demonstrate that our method can successfully bypass IDS,achieving average evasion rates of 97.42%and 87.51%,respectively.Furthermore,empirical findings indicate that retraining the IDS with the generated adversarial samples significantly bolsters the system’s capability to detect adversarial samples,resulting in an average recognition rate increase of 86.78%.This approach not only enhances the performance of the IDS but also strengthens the network’s resilience against potential threats,thereby optimizing network security measures.展开更多
With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have a...With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats.Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors.To overcome these challenges,this paper presents a novel algorithmic framework,SD-5G,designed for high-precision intrusion detection in 5G environments.SD-5G adopts a three-stage architecture comprising traffic feature extraction,elastic representation,and adaptive classification.Specifically,an enhanced Concrete Autoencoder(CAE)is employed to reconstruct and compress high-dimensional network traffic features,producing compact and expressive representations suitable for large-scale 5G deployments.To further improve accuracy in ambiguous traffic classification,a Residual Convolutional Long Short-Term Memory model with an attention mechanism(ResCLA)is introduced,enabling multi-level modeling of spatial–temporal dependencies and effective detection of subtle anomalies.Extensive experiments on benchmark datasets—including 5G-NIDD,CIC-IDS2017,ToN-IoT,and BoT-IoT—demonstrate that SD-5G consistently achieves F1 scores exceeding 99.19%across diverse network environments,indicating strong generalization and real-time deployment capabilities.Overall,SD-5G achieves a balance between detection accuracy and deployment efficiency,offering a scalable,flexible,and effective solution for intrusion detection in 5G and next-generation networks.展开更多
The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during the...The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during these situations.Also,the security issues in the Internet of Medical Things(IoMT)used in these service,make the situation even more critical because cyberattacks on the medical devices might cause treatment delays or clinical failures.Hence,services in the healthcare ecosystem need rapid,uninterrupted,and secure facilities.The solution provided in this research addresses security concerns and services availability for patients with critical health in remote areas.This research aims to develop an intelligent Software Defined Networks(SDNs)enabled secure framework for IoT healthcare ecosystem.We propose a hybrid of machine learning and deep learning techniques(DNN+SVM)to identify network intrusions in the sensor-based healthcare data.In addition,this system can efficiently monitor connected devices and suspicious behaviours.Finally,we evaluate the performance of our proposed framework using various performance metrics based on the healthcare application scenarios.the experimental results show that the proposed approach effectively detects and mitigates attacks in the SDN-enabled IoT networks and performs better that other state-of-art-approaches.展开更多
This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intr...This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.展开更多
Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,hi...Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.展开更多
The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Gener...The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.展开更多
The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accide...The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accident prevention,cost reduction,and enhanced traffic regularity.Despite these benefits,IoV technology is susceptible to cyber-attacks,which can exploit vulnerabilities in the vehicle network,leading to perturbations,disturbances,non-recognition of traffic signs,accidents,and vehicle immobilization.This paper reviews the state-of-the-art achievements and developments in applying Deep Transfer Learning(DTL)models for Intrusion Detection Systems in the Internet of Vehicles(IDS-IoV)based on anomaly detection.IDS-IoV leverages anomaly detection through machine learning and DTL techniques to mitigate the risks posed by cyber-attacks.These systems can autonomously create specific models based on network data to differentiate between regular traffic and cyber-attacks.Among these techniques,transfer learning models are particularly promising due to their efficacy with tagged data,reduced training time,lower memory usage,and decreased computational complexity.We evaluate DTL models against criteria including the ability to transfer knowledge,detection rate,accurate analysis of complex data,and stability.This review highlights the significant progress made in the field,showcasing how DTL models enhance the performance and reliability of IDS-IoV systems.By examining recent advancements,we provide insights into how DTL can effectively address cyber-attack challenges in IoV environments,ensuring safer and more efficient transportation networks.展开更多
With the rapid advent of information technology and social networking,the multiplication of connected devices further exposes users to the vulnerability of their personal data.This growing interconnectedness increases...With the rapid advent of information technology and social networking,the multiplication of connected devices further exposes users to the vulnerability of their personal data.This growing interconnectedness increases the risk of online attacks,underlining the daily challenge of cybersecurity in the face of increasingly sophisticated attacks.Flaws in automatic software updates and the limited responsiveness of devices underline the need for an innovative approach to detecting intrusions and securing systems.Early detection of intrusions within companies is essential to anticipate threats and respond rapidly to incidents.Researchers recommend the use of several tools and methods to counter malicious activity.This article introduces our innovative development of an automated model called Snort Support Vector Machine(SSVM)based on a hierarchical strategy organized in distinct layers.This model,automated by the joint use of Python and Shell,merges the efficiency of these languages to guarantee autonomous and resilient operation.After examining several intrusion detection and prevention systems,the first layer implements a selected system as the initial basis.The second layer uses machine learning to fill in the gaps in the initial system.Finally,the third layer applies a global evaluation methodology,taking into account execution time,energy consumption,and physical resources in order to orchestrate the entire evaluation process.The approach we propose appears to improve on other conventional intrusion detection systems by making the detection process more efficient.It does this by reducing false positives and false negatives compared with existing models.展开更多
A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a...A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.展开更多
In recent years,machine learning(ML)and deep learning(DL)have significantly advanced intrusion detection systems,effectively addressing potential malicious attacks across networks.This paper introduces a robust method...In recent years,machine learning(ML)and deep learning(DL)have significantly advanced intrusion detection systems,effectively addressing potential malicious attacks across networks.This paper introduces a robust method for detecting and categorizing attacks within the Internet of Things(IoT)environment,leveraging the NSL-KDD dataset.To achieve high accuracy,the authors used the feature extraction technique in combination with an autoencoder,integrated with a gated recurrent unit(GRU).Therefore,the accurate features are selected by using the cuckoo search algorithm integrated particle swarm optimization(PSO),and PSO has been employed for training the features.The final classification of features has been carried out by using the proposed RF-GNB random forest with the Gaussian Naïve Bayes classifier.The proposed model has been evaluated and its performance is verified with some of the standard metrics such as precision,accuracy rate,recall F1-score,etc.,and has been compared with different existing models.The generated results that detected approximately 99.87%of intrusions within the IoT environments,demonstrated the high performance of the proposed method.These results affirmed the efficacy of the proposed method in increasing the accuracy of intrusion detection within IoT network systems.展开更多
The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and th...The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and threats.Many interesting Intrusion Detection Systems(IDSs)are presented based on machine learning(ML)techniques to overcome this problem.Given the resource limitations of fog computing environments,a lightweight IDS is essential.This paper introduces a hybrid deep learning(DL)method that combines convolutional neural networks(CNN)and long short-term memory(LSTM)to build an energy-aware,anomaly-based IDS.We test this system on a recent dataset,focusing on reducing overhead while maintaining high accuracy and a low false alarm rate.We compare CICIoT2023,KDD-99 and NSL-KDD datasets to evaluate the performance of the proposed IDS model based on key metrics,including latency,energy consumption,false alarm rate and detection rate metrics.Our findings show an accuracy rate over 92%and a false alarm rate below 0.38%.These results demonstrate that our system provides strong security without excessive resource use.The practicality of deploying IDS with limited resources is demonstrated by the successful implementation of IDS functionality on a Raspberry Pi acting as a Fog node.The proposed lightweight model,with a maximum power consumption of 6.12 W,demonstrates its potential to operate effectively on energy-limited devices such as low-power fog nodes or edge devices.We prioritize energy efficiency whilemaintaining high accuracy,distinguishing our scheme fromexisting approaches.Extensive experiments demonstrate a significant reduction in false positives,ensuring accurate identification of genuine security threats while minimizing unnecessary alerts.展开更多
In recent years,developed Intrusion Detection Systems(IDSs)perform a vital function in improving security and anomaly detection.The effectiveness of deep learning-based methods has been proven in extracting better fea...In recent years,developed Intrusion Detection Systems(IDSs)perform a vital function in improving security and anomaly detection.The effectiveness of deep learning-based methods has been proven in extracting better features and more accurate classification than other methods.In this paper,a feature extraction with convolutional neural network on Internet of Things(IoT)called FECNNIoT is designed and implemented to better detect anomalies on the IoT.Also,a binary multi-objective enhance of the Gorilla troops optimizer called BMEGTO is developed for effective feature selection.Finally,the combination of FECNNIoT and BMEGTO and KNN algorithm-based classification technique has led to the presentation of a hybrid method called CNN-BMEGTO-KNN.In the next step,the proposed model is implemented on two benchmark data sets,NSL-KDD and TON-IoT and tested regarding the accuracy,precision,recall,and Fl-score criteria.The proposed CNN-BMEGTO-KNN model has reached 99.99%and 99.86%accuracy on TON-IoT and NSL-KDD datasets,respectively.In addition,the proposed BMEGTO method can identify about 27%and 25%of the effective features of the NSL-KDD and TON-IoT datasets,respectively.展开更多
Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weight...Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weighted association rules are used in this paper to mine intrustion models, which can increase the detection rate and decrease the false positive rate by some extent. Based on this, the structure of host-based IDS using weighted association rules is proposed.展开更多
Machine learning(ML)algorithms are often used to design effective intrusion detection(ID)systems for appropriate mitigation and effective detection of malicious cyber threats at the host and network levels.However,cyb...Machine learning(ML)algorithms are often used to design effective intrusion detection(ID)systems for appropriate mitigation and effective detection of malicious cyber threats at the host and network levels.However,cybersecurity attacks are still increasing.An ID system can play a vital role in detecting such threats.Existing ID systems are unable to detect malicious threats,primarily because they adopt approaches that are based on traditional ML techniques,which are less concerned with the accurate classication and feature selection.Thus,developing an accurate and intelligent ID system is a priority.The main objective of this study was to develop a hybrid intelligent intrusion detection system(HIIDS)to learn crucial features representation efciently and automatically from massive unlabeled raw network trafc data.Many ID datasets are publicly available to the cybersecurity research community.As such,we used a spark MLlib(machine learning library)-based robust classier,such as logistic regression(LR),extreme gradient boosting(XGB)was used for anomaly detection,and a state-of-the-art DL,such as a long short-term memory autoencoder(LSTMAE)for misuse attack was used to develop an efcient and HIIDS to detect and classify unpredictable attacks.Our approach utilized LSTM to detect temporal features and an AE to more efciently detect global features.Therefore,to evaluate the efcacy of our proposed approach,experiments were conducted on a publicly existing dataset,the contemporary real-life ISCX-UNB dataset.The simulation results demonstrate that our proposed spark MLlib and LSTMAE-based HIIDS signicantly outperformed existing ID approaches,achieving a high accuracy rate of up to 97.52%for the ISCX-UNB dataset respectively 10-fold crossvalidation test.It is quite promising to use our proposed HIIDS in real-world circumstances on a large-scale.展开更多
Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to prese...Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.展开更多
In recent years,cybersecurity has attracted significant interest due to the rapid growth of the Internet of Things(IoT)and the widespread development of computer infrastructure and systems.It is thus becoming particul...In recent years,cybersecurity has attracted significant interest due to the rapid growth of the Internet of Things(IoT)and the widespread development of computer infrastructure and systems.It is thus becoming particularly necessary to identify cyber-attacks or irregularities in the system and develop an efficient intrusion detection framework that is integral to security.Researchers have worked on developing intrusion detection models that depend on machine learning(ML)methods to address these security problems.An intelligent intrusion detection device powered by data can exploit artificial intelligence(AI),and especially ML,techniques.Accordingly,we propose in this article an intrusion detection model based on a Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System(RTS-DELM-CSIDS)security model.The proposed model initially determines the rating of security aspects contributing to their significance and then develops a comprehensive intrusion detection framework focused on the essential characteristics.Furthermore,we investigated the feasibility of our proposed RTS-DELM-CSIDS framework by performing dataset evaluations and calculating accuracy parameters to validate.The experimental findings demonstrate that the RTS-DELM-CSIDS framework outperforms conventional algorithms.Furthermore,the proposed approach has not only research significance but also practical significance.展开更多
The success of Internet of Things(IoT)deployment has emerged important smart applications.These applications are running independently on different platforms,almost everywhere in the world.Internet of Medical Things(I...The success of Internet of Things(IoT)deployment has emerged important smart applications.These applications are running independently on different platforms,almost everywhere in the world.Internet of Medical Things(IoMT),also referred as the healthcare Internet of Things,is the most widely deployed application against COVID-19 and offering extensive healthcare services that are connected to the healthcare information technologies systems.Indeed,with the impact of the COVID-19 pandemic,a large number of interconnected devices designed to create smart networks.These networks monitor patients from remote locations as well as tracking medication orders.However,IoT may be jeopardized by attacks such as TCP SYN flooding and sinkhole attacks.In this paper,we address the issue of detecting Denial of Service attacks performed by TCP SYN flooding attacker nodes.For this purpose,we develop a new algorithm for Intrusion Detection System(IDS)to detect malicious activities in the Internet of Medical Things.The proposed scheme minimizes as possible the number of attacks to ensure data security,and preserve confidentiality of gathered data.In order to check the viability of our approach,we evaluate analytically and via simulations the performance of our proposed solution under different probability of attacks.展开更多
文摘The increasing adoption of Industrial Internet of Things(IIoT)systems in smart manufacturing is leading to raise cyberattack numbers and pressing the requirement for intrusion detection systems(IDS)to be effective.However,existing datasets for IDS training often lack relevance to modern IIoT environments,limiting their applicability for research and development.To address the latter gap,this paper introduces the HiTar-2024 dataset specifically designed for IIoT systems.As a consequence,that can be used by an IDS to detect imminent threats.Likewise,HiTar-2024 was generated using the AREZZO simulator,which replicates realistic smart manufacturing scenarios.The generated dataset includes five distinct classes:Normal,Probing,Remote to Local(R2L),User to Root(U2R),and Denial of Service(DoS).Furthermore,comprehensive experiments with popular Machine Learning(ML)models using various classifiers,including BayesNet,Logistic,IBK,Multiclass,PART,and J48 demonstrate high accuracy,precision,recall,and F1-scores,exceeding 0.99 across all ML metrics.The latter result is reached thanks to the rigorous applied process to achieve this quite good result,including data pre-processing,features extraction,fixing the class imbalance problem,and using a test option for model robustness.This comprehensive approach emphasizes meticulous dataset construction through a complete dataset generation process,a careful labelling algorithm,and a sophisticated evaluation method,providing valuable insights to reinforce IIoT system security.Finally,the HiTar-2024 dataset is compared with other similar datasets in the literature,considering several factors such as data format,feature extraction tools,number of features,attack categories,number of instances,and ML metrics.
基金supported in part by the National Natural Science Foundation of China(No.62001333)the Scientific Research Project of Education Department of Hubei Province(No.D20221702).
文摘Intrusion detection systems play a vital role in cyberspace security.In this study,a network intrusion detection method based on the feature selection algorithm(FSA)and a deep learning model is developed using a fusion of a recursive feature elimination(RFE)algorithm and a bidirectional gated recurrent unit(BGRU).Particularly,the RFE algorithm is employed to select features from high-dimensional data to reduce weak correlations between features and remove redundant features in the numerical feature space.Then,a neural network that combines the BGRU and multilayer perceptron(MLP)is adopted to extract deep intrusion behavior features.Finally,a support vector machine(SVM)classifier is used to classify intrusion behaviors.The proposed model is verified by experiments on the NSL-KDD dataset.The results indicate that the proposed model achieves a 90.25%accuracy and a 97.51%detection rate in binary classification and outperforms other machine learning and deep learning models in intrusion classification.The proposed method can provide new insight into network intrusion detection.
基金supported in part by the National Nature Science Foundation of China under Project 62166047in part by the Yunnan International Joint Laboratory of Natural Rubber Intelligent Monitor and Digital Applications under Grant 202403AP140001in part by the Xingdian Talent Support Program under Grant YNWR-QNBJ-2019-270.
文摘The era of big data brings new challenges for information network systems(INS),simultaneously offering unprecedented opportunities for advancing intelligent intrusion detection systems.In this work,we propose a data-driven intrusion detection system for Distributed Denial of Service(DDoS)attack detection.The system focuses on intrusion detection from a big data perceptive.As intelligent information processing methods,big data and artificial intelligence have been widely used in information systems.The INS system is an important information system in cyberspace.In advanced INS systems,the network architectures have become more complex.And the smart devices in INS systems collect a large scale of network data.How to improve the performance of a complex intrusion detection system with big data and artificial intelligence is a big challenge.To address the problem,we design a novel intrusion detection system(IDS)from a big data perspective.The IDS system uses tensors to represent large-scale and complex multi-source network data in a unified tensor.Then,a novel tensor decomposition(TD)method is developed to complete big data mining.The TD method seamlessly collaborates with the XGBoost(eXtreme Gradient Boosting)method to complete the intrusion detection.To verify the proposed IDS system,a series of experiments is conducted on two real network datasets.The results revealed that the proposed IDS system attained an impressive accuracy rate over 98%.Additionally,by altering the scale of the datasets,the proposed IDS system still maintains excellent detection performance,which demonstrates the proposed IDS system’s robustness.
基金supported by the National Defense Basic Scientific Research Programof China under grant No.JCKY2023602C026.
文摘Network intrusion detection systems(IDS)are a prevalent method for safeguarding network traffic against attacks.However,existing IDS primarily depend on machine learning(ML)models,which are vulnerable to evasion through adversarial examples.In recent years,the Wasserstein Generative Adversarial Network(WGAN),based on Wasserstein distance,has been extensively utilized to generate adversarial examples.Nevertheless,several challenges persist:(1)WGAN experiences the mode collapse problem when generating multi-category network traffic data,leading to subpar quality and insufficient diversity in the generated data;(2)Due to unstable training processes,the authenticity of the data produced by WGAN is often low.This study improves WGAN to address these issues and proposes a new adversarial sample generation algorithm called Distortion Enhanced Multi-Generator Generative Adversarial Network(DEMGAN).DEMGAN effectively evades ML-based IDS by proficiently obfuscating network traffic data samples.We assess the efficacy of our attack method against five ML-based IDS using two public datasets.The results demonstrate that our method can successfully bypass IDS,achieving average evasion rates of 97.42%and 87.51%,respectively.Furthermore,empirical findings indicate that retraining the IDS with the generated adversarial samples significantly bolsters the system’s capability to detect adversarial samples,resulting in an average recognition rate increase of 86.78%.This approach not only enhances the performance of the IDS but also strengthens the network’s resilience against potential threats,thereby optimizing network security measures.
文摘With the rapid advancement of mobile communication networks,key technologies such as Multi-access Edge Computing(MEC)and Network Function Virtualization(NFV)have enhanced the quality of service for 5G users but have also significantly increased the complexity of network threats.Traditional static defense mechanisms are inadequate for addressing the dynamic and heterogeneous nature of modern attack vectors.To overcome these challenges,this paper presents a novel algorithmic framework,SD-5G,designed for high-precision intrusion detection in 5G environments.SD-5G adopts a three-stage architecture comprising traffic feature extraction,elastic representation,and adaptive classification.Specifically,an enhanced Concrete Autoencoder(CAE)is employed to reconstruct and compress high-dimensional network traffic features,producing compact and expressive representations suitable for large-scale 5G deployments.To further improve accuracy in ambiguous traffic classification,a Residual Convolutional Long Short-Term Memory model with an attention mechanism(ResCLA)is introduced,enabling multi-level modeling of spatial–temporal dependencies and effective detection of subtle anomalies.Extensive experiments on benchmark datasets—including 5G-NIDD,CIC-IDS2017,ToN-IoT,and BoT-IoT—demonstrate that SD-5G consistently achieves F1 scores exceeding 99.19%across diverse network environments,indicating strong generalization and real-time deployment capabilities.Overall,SD-5G achieves a balance between detection accuracy and deployment efficiency,offering a scalable,flexible,and effective solution for intrusion detection in 5G and next-generation networks.
文摘The advent of pandemics such as COVID-19 significantly impacts human behaviour and lives every day.Therefore,it is essential to make medical services connected to internet,available in every remote location during these situations.Also,the security issues in the Internet of Medical Things(IoMT)used in these service,make the situation even more critical because cyberattacks on the medical devices might cause treatment delays or clinical failures.Hence,services in the healthcare ecosystem need rapid,uninterrupted,and secure facilities.The solution provided in this research addresses security concerns and services availability for patients with critical health in remote areas.This research aims to develop an intelligent Software Defined Networks(SDNs)enabled secure framework for IoT healthcare ecosystem.We propose a hybrid of machine learning and deep learning techniques(DNN+SVM)to identify network intrusions in the sensor-based healthcare data.In addition,this system can efficiently monitor connected devices and suspicious behaviours.Finally,we evaluate the performance of our proposed framework using various performance metrics based on the healthcare application scenarios.the experimental results show that the proposed approach effectively detects and mitigates attacks in the SDN-enabled IoT networks and performs better that other state-of-art-approaches.
基金Princess Nourah bint Abdulrahman University for funding this project through the Researchers Supporting Project(PNURSP2024R319)funded by the Prince Sultan University,Riyadh,Saudi Arabia.
文摘This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.
基金The authors would like to thank Princess Nourah bint Abdulrahman University for funding this project through the Researchers Supporting Project(PNURSP2023R319)this research was funded by the Prince Sultan University,Riyadh,Saudi Arabia.
文摘Intrusion detection systems(IDS)are essential in the field of cybersecurity because they protect networks from a wide range of online threats.The goal of this research is to meet the urgent need for small-footprint,highly-adaptable Network Intrusion Detection Systems(NIDS)that can identify anomalies.The NSL-KDD dataset is used in the study;it is a sizable collection comprising 43 variables with the label’s“attack”and“level.”It proposes a novel approach to intrusion detection based on the combination of channel attention and convolutional neural networks(CNN).Furthermore,this dataset makes it easier to conduct a thorough assessment of the suggested intrusion detection strategy.Furthermore,maintaining operating efficiency while improving detection accuracy is the primary goal of this work.Moreover,typical NIDS examines both risky and typical behavior using a variety of techniques.On the NSL-KDD dataset,our CNN-based approach achieves an astounding 99.728%accuracy rate when paired with channel attention.Compared to previous approaches such as ensemble learning,CNN,RBM(Boltzmann machine),ANN,hybrid auto-encoders with CNN,MCNN,and ANN,and adaptive algorithms,our solution significantly improves intrusion detection performance.Moreover,the results highlight the effectiveness of our suggested method in improving intrusion detection precision,signifying a noteworthy advancement in this field.Subsequent efforts will focus on strengthening and expanding our approach in order to counteract growing cyberthreats and adjust to changing network circumstances.
文摘The ever-growing network traffic threat landscape necessitates adopting accurate and robust intrusion detection systems(IDSs).IDSs have become a research hotspot and have seen remarkable performance improvements.Generative adversarial networks(GANs)have also garnered increasing research interest recently due to their remarkable ability to generate data.This paper investigates the application of(GANs)in(IDS)and explores their current use within this research field.We delve into the adoption of GANs within signature-based,anomaly-based,and hybrid IDSs,focusing on their objectives,methodologies,and advantages.Overall,GANs have been widely employed,mainly focused on solving the class imbalance issue by generating realistic attack samples.While GANs have shown significant potential in addressing the class imbalance issue,there are still open opportunities and challenges to be addressed.Little attention has been paid to their applicability in distributed and decentralized domains,such as IoT networks.Efficiency and scalability have been mostly overlooked,and thus,future works must aim at addressing these gaps.
基金This paper is financed by the European Union-NextGenerationEU,through the National Recovery and Resilience Plan of the Republic of Bulgaria,Project No.BG-RRP-2.004-0001-C01.
文摘The high performance of IoT technology in transportation networks has led to the increasing adoption of Internet of Vehicles(IoV)technology.The functional advantages of IoV include online communication services,accident prevention,cost reduction,and enhanced traffic regularity.Despite these benefits,IoV technology is susceptible to cyber-attacks,which can exploit vulnerabilities in the vehicle network,leading to perturbations,disturbances,non-recognition of traffic signs,accidents,and vehicle immobilization.This paper reviews the state-of-the-art achievements and developments in applying Deep Transfer Learning(DTL)models for Intrusion Detection Systems in the Internet of Vehicles(IDS-IoV)based on anomaly detection.IDS-IoV leverages anomaly detection through machine learning and DTL techniques to mitigate the risks posed by cyber-attacks.These systems can autonomously create specific models based on network data to differentiate between regular traffic and cyber-attacks.Among these techniques,transfer learning models are particularly promising due to their efficacy with tagged data,reduced training time,lower memory usage,and decreased computational complexity.We evaluate DTL models against criteria including the ability to transfer knowledge,detection rate,accurate analysis of complex data,and stability.This review highlights the significant progress made in the field,showcasing how DTL models enhance the performance and reliability of IDS-IoV systems.By examining recent advancements,we provide insights into how DTL can effectively address cyber-attack challenges in IoV environments,ensuring safer and more efficient transportation networks.
文摘With the rapid advent of information technology and social networking,the multiplication of connected devices further exposes users to the vulnerability of their personal data.This growing interconnectedness increases the risk of online attacks,underlining the daily challenge of cybersecurity in the face of increasingly sophisticated attacks.Flaws in automatic software updates and the limited responsiveness of devices underline the need for an innovative approach to detecting intrusions and securing systems.Early detection of intrusions within companies is essential to anticipate threats and respond rapidly to incidents.Researchers recommend the use of several tools and methods to counter malicious activity.This article introduces our innovative development of an automated model called Snort Support Vector Machine(SSVM)based on a hierarchical strategy organized in distinct layers.This model,automated by the joint use of Python and Shell,merges the efficiency of these languages to guarantee autonomous and resilient operation.After examining several intrusion detection and prevention systems,the first layer implements a selected system as the initial basis.The second layer uses machine learning to fill in the gaps in the initial system.Finally,the third layer applies a global evaluation methodology,taking into account execution time,energy consumption,and physical resources in order to orchestrate the entire evaluation process.The approach we propose appears to improve on other conventional intrusion detection systems by making the detection process more efficient.It does this by reducing false positives and false negatives compared with existing models.
文摘A network intrusion detection system is critical for cyber security against llegitimate attacks.In terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,etc.In terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal traffic.It is challenging to identify a specific attack due to complex features and data imbalance issues.To address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced data.First,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,etc.Second,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic anchors.Third,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority attacks.Fourth,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network traffic.Finally,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep features.Detailed experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and NSL-KDD.An explainable AI approach is implemented to interpret the proposed method and develop a trustable model.
基金the Deanship of Scientific Research at Shaqra University for funding this research work through the project number(SU-ANN-2023051).
文摘In recent years,machine learning(ML)and deep learning(DL)have significantly advanced intrusion detection systems,effectively addressing potential malicious attacks across networks.This paper introduces a robust method for detecting and categorizing attacks within the Internet of Things(IoT)environment,leveraging the NSL-KDD dataset.To achieve high accuracy,the authors used the feature extraction technique in combination with an autoencoder,integrated with a gated recurrent unit(GRU).Therefore,the accurate features are selected by using the cuckoo search algorithm integrated particle swarm optimization(PSO),and PSO has been employed for training the features.The final classification of features has been carried out by using the proposed RF-GNB random forest with the Gaussian Naïve Bayes classifier.The proposed model has been evaluated and its performance is verified with some of the standard metrics such as precision,accuracy rate,recall F1-score,etc.,and has been compared with different existing models.The generated results that detected approximately 99.87%of intrusions within the IoT environments,demonstrated the high performance of the proposed method.These results affirmed the efficacy of the proposed method in increasing the accuracy of intrusion detection within IoT network systems.
基金supported by the interdisciplinary center of smart mobility and logistics at King Fahd University of Petroleum and Minerals(Grant number INML2400).
文摘The Internet of Things(IoT)links various devices to digital services and significantly improves the quality of our lives.However,as IoT connectivity is growing rapidly,so do the risks of network vulnerabilities and threats.Many interesting Intrusion Detection Systems(IDSs)are presented based on machine learning(ML)techniques to overcome this problem.Given the resource limitations of fog computing environments,a lightweight IDS is essential.This paper introduces a hybrid deep learning(DL)method that combines convolutional neural networks(CNN)and long short-term memory(LSTM)to build an energy-aware,anomaly-based IDS.We test this system on a recent dataset,focusing on reducing overhead while maintaining high accuracy and a low false alarm rate.We compare CICIoT2023,KDD-99 and NSL-KDD datasets to evaluate the performance of the proposed IDS model based on key metrics,including latency,energy consumption,false alarm rate and detection rate metrics.Our findings show an accuracy rate over 92%and a false alarm rate below 0.38%.These results demonstrate that our system provides strong security without excessive resource use.The practicality of deploying IDS with limited resources is demonstrated by the successful implementation of IDS functionality on a Raspberry Pi acting as a Fog node.The proposed lightweight model,with a maximum power consumption of 6.12 W,demonstrates its potential to operate effectively on energy-limited devices such as low-power fog nodes or edge devices.We prioritize energy efficiency whilemaintaining high accuracy,distinguishing our scheme fromexisting approaches.Extensive experiments demonstrate a significant reduction in false positives,ensuring accurate identification of genuine security threats while minimizing unnecessary alerts.
文摘In recent years,developed Intrusion Detection Systems(IDSs)perform a vital function in improving security and anomaly detection.The effectiveness of deep learning-based methods has been proven in extracting better features and more accurate classification than other methods.In this paper,a feature extraction with convolutional neural network on Internet of Things(IoT)called FECNNIoT is designed and implemented to better detect anomalies on the IoT.Also,a binary multi-objective enhance of the Gorilla troops optimizer called BMEGTO is developed for effective feature selection.Finally,the combination of FECNNIoT and BMEGTO and KNN algorithm-based classification technique has led to the presentation of a hybrid method called CNN-BMEGTO-KNN.In the next step,the proposed model is implemented on two benchmark data sets,NSL-KDD and TON-IoT and tested regarding the accuracy,precision,recall,and Fl-score criteria.The proposed CNN-BMEGTO-KNN model has reached 99.99%and 99.86%accuracy on TON-IoT and NSL-KDD datasets,respectively.In addition,the proposed BMEGTO method can identify about 27%and 25%of the effective features of the NSL-KDD and TON-IoT datasets,respectively.
文摘Association rules are useful for determining correlations between items. Applying association rules to intrusion detection system (IDS) can improve the detection rate, but false positive rate is also increased. Weighted association rules are used in this paper to mine intrustion models, which can increase the detection rate and decrease the false positive rate by some extent. Based on this, the structure of host-based IDS using weighted association rules is proposed.
基金supported by the MSIT(Ministry of Science,ICT),Korea,under the ITRC(Information Technology Research Center)support program(IITP-2020-2016-0-00465)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation)。
文摘Machine learning(ML)algorithms are often used to design effective intrusion detection(ID)systems for appropriate mitigation and effective detection of malicious cyber threats at the host and network levels.However,cybersecurity attacks are still increasing.An ID system can play a vital role in detecting such threats.Existing ID systems are unable to detect malicious threats,primarily because they adopt approaches that are based on traditional ML techniques,which are less concerned with the accurate classication and feature selection.Thus,developing an accurate and intelligent ID system is a priority.The main objective of this study was to develop a hybrid intelligent intrusion detection system(HIIDS)to learn crucial features representation efciently and automatically from massive unlabeled raw network trafc data.Many ID datasets are publicly available to the cybersecurity research community.As such,we used a spark MLlib(machine learning library)-based robust classier,such as logistic regression(LR),extreme gradient boosting(XGB)was used for anomaly detection,and a state-of-the-art DL,such as a long short-term memory autoencoder(LSTMAE)for misuse attack was used to develop an efcient and HIIDS to detect and classify unpredictable attacks.Our approach utilized LSTM to detect temporal features and an AE to more efciently detect global features.Therefore,to evaluate the efcacy of our proposed approach,experiments were conducted on a publicly existing dataset,the contemporary real-life ISCX-UNB dataset.The simulation results demonstrate that our proposed spark MLlib and LSTMAE-based HIIDS signicantly outperformed existing ID approaches,achieving a high accuracy rate of up to 97.52%for the ISCX-UNB dataset respectively 10-fold crossvalidation test.It is quite promising to use our proposed HIIDS in real-world circumstances on a large-scale.
基金supported by TATA Consultancy Servies(TCS)Research Fellowship Program,India
文摘Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.
基金the National Research Foundation of Korea(NRF)grant funded by the Korean government(MSIT)(Nos.2019R1A4A1023746,2019R1F1A1060799)and Strengthening R&D Capability Program of Sejong University.
文摘In recent years,cybersecurity has attracted significant interest due to the rapid growth of the Internet of Things(IoT)and the widespread development of computer infrastructure and systems.It is thus becoming particularly necessary to identify cyber-attacks or irregularities in the system and develop an efficient intrusion detection framework that is integral to security.Researchers have worked on developing intrusion detection models that depend on machine learning(ML)methods to address these security problems.An intelligent intrusion detection device powered by data can exploit artificial intelligence(AI),and especially ML,techniques.Accordingly,we propose in this article an intrusion detection model based on a Real-Time Sequential Deep Extreme Learning Machine Cybersecurity Intrusion Detection System(RTS-DELM-CSIDS)security model.The proposed model initially determines the rating of security aspects contributing to their significance and then develops a comprehensive intrusion detection framework focused on the essential characteristics.Furthermore,we investigated the feasibility of our proposed RTS-DELM-CSIDS framework by performing dataset evaluations and calculating accuracy parameters to validate.The experimental findings demonstrate that the RTS-DELM-CSIDS framework outperforms conventional algorithms.Furthermore,the proposed approach has not only research significance but also practical significance.
基金Funding for this study was received from the Deanship of Scientific Research(DSR)at Jouf University,Sakakah,Kingdom of Saudi Arabia under the Grant No:DSR-2021-02-0103.
文摘The success of Internet of Things(IoT)deployment has emerged important smart applications.These applications are running independently on different platforms,almost everywhere in the world.Internet of Medical Things(IoMT),also referred as the healthcare Internet of Things,is the most widely deployed application against COVID-19 and offering extensive healthcare services that are connected to the healthcare information technologies systems.Indeed,with the impact of the COVID-19 pandemic,a large number of interconnected devices designed to create smart networks.These networks monitor patients from remote locations as well as tracking medication orders.However,IoT may be jeopardized by attacks such as TCP SYN flooding and sinkhole attacks.In this paper,we address the issue of detecting Denial of Service attacks performed by TCP SYN flooding attacker nodes.For this purpose,we develop a new algorithm for Intrusion Detection System(IDS)to detect malicious activities in the Internet of Medical Things.The proposed scheme minimizes as possible the number of attacks to ensure data security,and preserve confidentiality of gathered data.In order to check the viability of our approach,we evaluate analytically and via simulations the performance of our proposed solution under different probability of attacks.
