MTCR-AE: A Multiscale Temporal Convolutional Recurrent Autoencoder for unsupervised malicious network traffic detection

Computer Networks, Journal Year: 2025, Volume and Issue: unknown, P. 111147 - 111147

Published: Feb. 1, 2025

Language: Английский

---

IDEAL: A malicious traffic detection framework with explanation-guided learning

Knowledge-Based Systems, Journal Year: 2025, Volume and Issue: unknown, P. 113419 - 113419

Published: April 1, 2025

Language: Английский

---

eBiTCN: Efficient bidirectional temporal convolution network for encrypted malicious network traffic detection

Journal of Computer Security, Journal Year: 2025, Volume and Issue: unknown

Published: April 13, 2025

The growing prevalence of encrypted malicious network traffic poses significant challenges for cybersecurity, as it conceals the content from traditional detection methods. Temporal convolutional networks (TCNs) present promising capabilities extracting complex temporal features and patterns dynamic flow data. However, unidirectional nature TCNs limits their effectiveness in capturing full context traffic, which often exhibits bidirectional dependencies. Consequently, a few studies have proposed TCN (BiTCN) architectures to address limitations. these methods that require amount parameters be learned, imposes high memory requirements on computational resources training such models. In this study, we introduce efficient (eBiTCN) model, an BiTCN requires fewer yet not at expense cost effective detection. eBiTCN framework combines processor, lightweight gating mechanism, attention, dropout, novel loss function, dense layers. Extensive experiments show outperforms eight state-of-the-art competing models terms efficacy, speed, scalability. model showcased robust performance detecting evolving attacks excelled across various real-world datasets. Its efficiency speed reduced usage translates lower infrastructure costs, making accessible choice deployment. These findings highlight eBiTCN’s practicality dependability addressing contemporary security needs.

Language: Английский

---

Research on node-improved energy dissipation wear model for fretting fatigue prediction in railway press-fit shaft

Wear, Journal Year: 2025, Volume and Issue: unknown, P. 206104 - 206104

Published: April 1, 2025

Language: Английский

---

NFHP-RN: A Method of Few-Shot Network Attack Detection Based on the Network Flow Holographic Picture-ResNet

Computer Modeling in Engineering & Sciences, Journal Year: 2024, Volume and Issue: 140(1), P. 929 - 955

Published: Jan. 1, 2024

Due to the rapid evolution of Advanced Persistent Threats (APTs) attacks, emergence new and rare attack samples, even those never seen before, make it challenging for traditional rule-based detection methods extract universal rules effective detection. With progress in techniques such as transfer learning meta-learning, few-shot network has progressed. However, challenges arise from inability time sequence flow features adapt fixed length input requirement deep learning, difficulties capturing rich information original case insufficient challenge high-level abstract representation. To address these challenges, a based on NFHP (Network Flow Holographic Picture)-RN (ResNet) is proposed. Specifically, leveraging inherent properties images translation invariance, rotation scale illumination traffic contextual relationships are intuitively represented NFHP. In addition, an improved RN model employed feature extraction, ensuring that extracted maintain detailed characteristics behavior, regardless changes background traffic. Finally, meta-learning self-attention mechanism constructed, achieving novel APT attacks through empirical generalization representations known-class behaviors. Experimental results demonstrate proposed method can learn across different detail granularities. Compared with state-of-the-art methods, achieves favorable accuracy, precision, recall, F1 scores identification unknown-class cross-validation multiple datasets.

Language: Английский

---

LightGuard: A Lightweight Malicious Traffic Detection Method for Internet of Things

IEEE Internet of Things Journal, Journal Year: 2024, Volume and Issue: 11(17), P. 28566 - 28577

Published: May 21, 2024

The rapid growth of Internet Things (IoT) devices has expanded the cyber attack surface, posing a challenge to IoT security. Some deep learning-based detection methods have been designed detect malicious attacks in by analyzing network traffic. However, algorithm computational complexity existing is usually high due having large number parameters and iterative training inference, making them difficult implement on gateways which limited storage resources. To this end, paper proposes lightweight traffic model for based residual block (LRB) modules, named LightGuard. Specifically, LRB module designs unique structure construction idea ShuffleNetV2, enables LightGuard achieve performance while reducing parameters, computations inference time model. In addition, replaces traditional convolution with convolutional called ghost generate feature maps at low cost without compromising performance. We evaluate effectiveness comparing it seven advanced baseline models four generic datasets. experimental results show that achieves more than 99.6% accuracy all datasets, exhibits significant advantages complexity.

Language: Английский

---

DTT: A Dual-domain Transformer model for Network Intrusion Detection

ICST Transactions on Scalable Information Systems, Journal Year: 2024, Volume and Issue: unknown

Published: May 6, 2024

With the rapid evolution of network technologies, attacks have become increasingly intricate and threatening. The escalating frequency intrusions has exerted a profound influence on both industrial settings everyday activities. This underscores urgent necessity for robust methods to detect malicious traffic. While intrusion detection techniques employing Temporal Convolutional Networks (TCN) Transformer architectures exhibited commendable classification efficacy, most are confined temporal domain. These frequently fall short encompassing entirety spectrum inherent in data, thereby resulting information loss. To mitigate this constraint, we present DTT, novel dual-domain model that amalgamates TCN architectures. DTT adeptly captures high-frequency low-frequency information, facilitating simultaneous extraction local global features. Specifically, introduce feature (DFE) block within model. effectively extracts features through distinct branches, ensuring comprehensive representation data. Moreover, an input encoding mechanism transform into format suitable training. Experiments conducted two datasets address concerns regarding data duplication diverse attack types, respectively. Comparative experiments with recent models unequivocally demonstrate superior performance proposed

Language: Английский

---

Abnormal Traffic Detection for Internet of Things Based on an Improved Residual Network

Computers, materials & continua/Computers, materials & continua (Print), Journal Year: 2024, Volume and Issue: 79(3), P. 4433 - 4448

Published: Jan. 1, 2024

Along with the progression of Internet Things (IoT) technology, network terminals are becoming continuously more intelligent.IoT has been widely applied in various scenarios, including urban infrastructure, transportation, industry, personal life, and other socio-economic fields.The introduction deep learning brought new security challenges, like an increment abnormal traffic, which threatens security.Insufficient feature extraction leads to less accurate classification results.In traffic detection, data is high-dimensional complex.This not only increases computational burden model training but also makes information difficult.To address these issues, this paper proposes MD-MRD-ResNeXt for detection.To fully utilize multi-scale a Multi-scale Dilated (MD) block introduced.This module can effectively understand process at scales uses dilated convolution technology significantly broaden model's receptive field.The proposed Max-feature-map Residual Dual-channel pooling (MRD) integrates maximum map residual block.This ensures focuses on key information, thereby optimizing efficiency reducing unnecessary redundancy.Experimental results show that compared latest methods, detection improves accuracy by about 2%.

Language: Английский

---

Neural Network Approach of Combating the Data Security Issues

Advances in information security, privacy, and ethics book series, Journal Year: 2024, Volume and Issue: unknown, P. 192 - 205

Published: May 31, 2024

One of the challenges world is facing cyber-attacks and threats such as data breaches, leaks, etc., in which sensitive, confidential or protected has been compromised. According to information accessed by CERT (Indian Computer Emergency Response Team), past five years, 47 incidents leak 142 breaches have occurred India. Henceforth, cyber-security emphasized more economies country, institutions, individual lives are highly interconnected growing complex, protection privacy confidentiality become crucial. Data analysis right implication handling security issues well addressed ML algorithms. Many research indicators exhibited comparison various models combat issues. In this chapter, a novel approach applying neural network for outperforms Self-Learning finds better pattern recognition learning performance would be independent any bias factors.

Language: Английский

---

Abnormal traffic detection for Internet of Things based on an improved Residual Network

Physical Communication, Journal Year: 2024, Volume and Issue: 66, P. 102406 - 102406

Published: June 12, 2024

Language: Английский

---