Computers,
Год журнала:
2025,
Номер
14(2), С. 58 - 58
Опубликована: Фев. 10, 2025
The
Internet
of
Things
(IoT)
ecosystem
is
rapidly
expanding.
It
driven
by
continuous
innovation
but
accompanied
increasingly
sophisticated
cybersecurity
threats.
Protecting
IoT
devices
from
these
emerging
vulnerabilities
has
become
a
critical
priority.
This
study
addresses
the
limitations
existing
threat
detection
methods,
which
often
struggle
with
dynamic
nature
environments
and
growing
complexity
cyberattacks.
To
overcome
challenges,
novel
hybrid
architecture
combining
Convolutional
Neural
Networks
(CNN),
Bidirectional
Long
Short-Term
Memory
(BiLSTM),
Deep
(DNN)
proposed
for
accurate
efficient
detection.
model’s
performance
evaluated
using
IoT-23
Edge-IIoTset
datasets,
encompass
over
ten
distinct
attack
types.
framework
achieves
remarkable
99%
accuracy
on
both
outperforming
state-of-the-art
solutions.
Advanced
optimization
techniques,
including
model
pruning
quantization,
are
applied
to
enhance
deployment
efficiency
in
resource-constrained
environments.
results
highlight
robustness
its
adaptability
diverse
scenarios,
address
key
prior
approaches.
research
provides
robust
solution
detection,
establishing
foundation
advancing
security
addressing
evolving
landscape
cyber
threats
while
driving
future
innovations
field.
Engineering Technology & Applied Science Research,
Год журнала:
2025,
Номер
15(1), С. 19232 - 19245
Опубликована: Фев. 2, 2025
The
proliferation
of
Distributed
Denial
Service
(DDoS)
attacks
poses
a
significant
threat
to
network
accessibility
and
performance.
Traditional
feature
selection
methods
struggle
with
the
complexity
traffic
data,
leading
poor
detection
To
address
this
issue,
Genetic
Algorithm
Wrapper
Feature
Selection
(GAWFS)
is
proposed,
integrating
Chi-squared
(GA)
approaches
correlation
method
select
most
correlated
features.
GAWFS
effectively
reduces
dimensions,
eliminates
redundancy,
identifies
crucial
features
for
classification.
Detection
accuracy
further
improved
by
employing
stacking
ensemble
model,
combining
Multi-Layer
Perceptron
(MLP)
Support
Vector
Machine
(SVM)
as
base
models,
Random
Forest
(RF)
metamodel.
proposed
classifier
achieves
impressive
accuracies
99.86%
training
data
98.89%
test
representing
improvements
approximately
5%
40%,
respectively,
over
previous
studies.
time
was
also
reduced
2,593
s,
substantial
improvement
29.92%.
Validation
on
various
benchmark
datasets
confirmed
efficacy
approach,
underscoring
importance
enhanced
model
against
DDoS
attacks.
IEEE Access,
Год журнала:
2023,
Номер
11, С. 92041 - 92054
Опубликована: Янв. 1, 2023
The
traditional
support
vector
machine
(SVM)
requires
manual
feature
extraction
to
improve
classification
performance
and
relies
on
the
expressive
power
of
manually
extracted
features.
However,
this
characteristic
poses
limitations
in
complex
Industrial
Internet
Things
(IIoT)
environments.
Traditional
may
fail
capture
all
relevant
information,
thereby
restricting
application
effectiveness
SVM
IIoT
settings.
CNN-RNN,
as
a
deep
learning
network
capable
simultaneously
extracting
spatial
temporal
features,
can
alleviate
researchers'
burden.
In
paper,
we
propose
novel
intrusion
detection
system
(IDS)
framework
based
anomalies,
called
CRSF.
framework's
pre-training
part
employs
dimension
transformation
function
process
input
data
into
two-dimensional
images.
Two-dimensional
convolutional
kernels
are
then
employed
extract
sequences
passed
an
RNN
richer
After
sufficient
pre-training,
is
used
classifier
map
from
space
high-dimensional
learn
nonlinear
decision
boundaries,
enabling
accurately
differentiate
representations
different
classes.
Simulation
experiments
TON_IoT-Datasets
demonstrate
CRSF
detection.
When
using
"linear"
kernel
SVM,
achieves
accuracy,
F1-score,
AUC
0.9959,
0.9977,
respectively,
indicating
its
capability
superiority
Results in Engineering,
Год журнала:
2024,
Номер
22, С. 102254 - 102254
Опубликована: Май 14, 2024
In
the
face
of
increasing
global
disruptions,
cybersecurity
field
is
confronting
rising
threats
posed
by
offensive
groups
and
individual
hackers.
Traditional
security
measures
often
fall
short
in
detecting
mitigating
these
sophisticated
attacks,
necessitating
advanced
intrusion
detection
methods.
The
goal
our
study
to
develop
robust
network
methods
using
machine
learning
techniques.
addition,
we
evaluate
effectiveness
various
models
intrusions.
Model
performances
are
optimized
through
hyperparameter
tuning
feature
selection.
A
range
classification
clustering
have
been
employed.
Data
from
SIEM
systems
capturing
real-time
statistics
cloud-hosted
Windows
virtual
machines
has
gathered
augmented
with
web
attack
logs
CICIDS2017,
each
comprising
approximately
fifteen
thousand
rows.
Hyperparameter
tuning,
data
normalization,
standardization
selection
techniques
for
model
optimization
used
study.
research
showcases
potential
enhancing
capabilities.
findings
underscore
Random
Forest
Classifier
(0.97)
highlight
importance
utilizing
diverse
datasets
This
offers
valuable
insights
sets
a
foundation
future
advancements
strategies
systems.
Heliyon,
Год журнала:
2024,
Номер
10(8), С. e29410 - e29410
Опубликована: Апрель 1, 2024
Currently,
the
Internet
of
Things
(IoT)
generates
a
huge
amount
traffic
data
in
communication
and
information
technology.
The
diversification
integration
IoT
applications
terminals
make
vulnerable
to
intrusion
attacks.
Therefore,
it
is
necessary
develop
an
efficient
Intrusion
Detection
System
(IDS)
that
guarantees
reliability,
integrity,
security
systems.
detection
considered
challenging
task
because
inappropriate
features
existing
input
slow
training
process.
In
order
address
these
issues,
effective
meta
heuristic
based
feature
selection
deep
learning
techniques
are
developed
for
enhancing
IDS.
Osprey
Optimization
Algorithm
(OOA)
proposed
selecting
highly
informative
from
which
leads
differentiation
among
normal
attack
network.
Moreover,
traditional
sigmoid
tangent
activation
functions
replaced
with
Exponential
Linear
Unit
(ELU)
function
propose
modified
Bi-directional
Long
Short
Term
Memory
(Bi-LSTM).
Bi-LSTM
used
classifying
types
ELU
makes
gradients
extremely
large
during
back-propagation
faster
learning.
This
research
analysed
three
different
datasets
such
as
N-BaIoT,
Canadian
Institute
Cybersecurity
Dataset
2017
(CICIDS-2017),
ToN-IoT
datasets.
empirical
investigation
states
framework
obtains
impressive
accuracy
99.98
%,
99.97
%
99.88
on
CICIDS-2017,
datasets,
respectively.
Compared
peer
frameworks,
this
high
better
interpretability
reduced
processing
time.
IEEE Access,
Год журнала:
2024,
Номер
12, С. 63584 - 63597
Опубликована: Янв. 1, 2024
The
Internet
of
Things
(IoT)
represents
a
swiftly
expanding
sector
that
is
pivotal
in
driving
the
innovation
today's
smart
services.
However,
inherent
resource-constrained
nature
IoT
nodes
poses
significant
challenges
embedding
advanced
algorithms
for
cybersecurity,
leading
to
an
escalation
cyberattacks
against
these
nodes.
Contemporary
research
Intrusion
Detection
Systems
(IDS)
predominantly
focuses
on
enhancing
IDS
performance
through
sophisticated
algorithms,
often
overlooking
their
practical
applicability.
This
paper
introduces
Deep-IDS,
innovative
and
practically
deployable
Deep
Learning
(DL)-based
IDS.
It
employs
Long-Short-Term-Memory
(LSTM)
network
comprising
64
LSTM
units
trained
CIC-IDS2017
dataset.
Its
streamlined
architecture
renders
Deep-IDS
ideal
candidate
edge-server
deployment,
acting
as
guardian
between
Denial
Service
(DoS),
Distributed
(DDoS),
Brute
Force
(BRF),
Man-in-the-Middle
(MITM),
Replay
(RP)
Attacks.
A
distinctive
aspect
this
trade-off
analysis
intrusion
detection
rate
false
alarm
rate,
facilitating
real-time
Deep-IDS.
system
demonstrates
exemplary
96.8%
overall
classification
accuracy
97.67%.
Furthermore,
achieves
precision,
recall,
F1-scores
97.67%,
98.17%,
97.91%,
respectively.
On
average,
requires
1.49
seconds
identify
mitigate
attempts,
effectively
blocking
malicious
traffic
sources.
remarkable
efficacy,
swift
response
time,
design,
novel
defense
strategy
not
only
secure
but
also
interconnected
sub-networks,
thereby
positioning
IoT-enhanced
computer
networks.
Heliyon,
Год журнала:
2024,
Номер
10(4), С. e26317 - e26317
Опубликована: Фев. 1, 2024
Within
both
the
cyber
kill
chain
and
MITRE
ATT&CK
frameworks,
Lateral
Movement
(LM)
is
defined
as
any
activity
that
allows
adversaries
to
progressively
move
deeper
into
a
system
in
seek
of
high-value
assets.
Although
this
timely
subject
has
been
studied
cybersecurity
literature
significant
degree,
so
far,
no
work
provides
comprehensive
survey
regarding
identification
LM
from
mainly
an
Intrusion
Detection
System
(IDS)
viewpoint.
To
cover
noticeable
gap,
systematic,
holistic
overview
topic,
not
neglecting
new
communication
paradigms,
such
Internet
Things
(IoT).
The
part,
spanning
time
window
eight
years
53
articles,
split
three
focus
areas,
namely,
Endpoint
Response
(EDR)
schemes,
machine
learning
oriented
solutions,
graph-based
strategies.
On
top
that,
we
bring
light
interrelations,
mapping
progress
field
over
time,
offer
key
observations
may
propel
research
forward.
Knowledge-Based Systems,
Год журнала:
2024,
Номер
290, С. 111576 - 111576
Опубликована: Фев. 29, 2024
The
Intelligent
Transport
System
(ITS)
is
an
emerging
paradigm
that
offers
numerous
services
at
the
infrastructure
level
for
vehicle
applications.
Vehicle-to-infrastructure
(V2I)
advanced
form
of
ITS
where
diverse
are
deployed
on
roadside
unit.
V2I
consists
distributed
computing
nodes
transport
applications
parallel
processed.
Many
research
challenges
exist
in
presented
paradigms
regarding
security,
cyber-attacks,
and
application
processing
among
heterogeneous
nodes.
These
Sybil
attacks,
their
attempts
cause
a
lack
security
degrade
performance
paradigms.
This
paper
presents
new
secure
blockchain
framework
handles
as
mentioned
earlier.
formulates
this
complex
problem
combinatorial
problem,
encompassing
concave
convex
problems.
function
minimizes
given
constraints,
such
time
risk,
improves
accuracy.
Therefore,
time,
energy,
malware
detection
accuracy,
deadlines,
require
optimization
considered
problem.
Combining
jointly
non-dominated
sorting
genetic
algorithm
(NSGA-II)
long
short-term
memory
(LSTM)
schemes
best
way
to
meet
problem's
limitations.
In
study,
designed
dataset
with
known
unknown
malware.
different
kinds
lists
(e.g.,
cyber-attacks)
characteristics,
size
code,
comes
from,
attack
which
data,
current
status
workload
after
being
attacked
by
Our
main
idea
present
blockchain,
NSGA-II,
LSTM
handle
phishing,
routing,
Sybil,
51%
cyber-attacks
without
compromising
performance.
Simulation
results
show
study
reduces
delay
risks
vehicular