SMWE-GFPNNet: A high-precision and robust method for forest fire smoke detection

Knowledge-Based Systems, Год журнала: 2024, Номер 289, С. 111528 - 111528

Опубликована: Фев. 15, 2024

Язык: Английский

---

A Stacking Ensemble Model with Enhanced Feature Selection for Distributed Denial-of-Service Detection in Software-Defined Networks

Engineering Technology & Applied Science Research, Год журнала: 2025, Номер 15(1), С. 19232 - 19245

Опубликована: Фев. 2, 2025

The proliferation of Distributed Denial Service (DDoS) attacks poses a significant threat to network accessibility and performance. Traditional feature selection methods struggle with the complexity traffic data, leading poor detection To address this issue, Genetic Algorithm Wrapper Feature Selection (GAWFS) is proposed, integrating Chi-squared (GA) approaches correlation method select most correlated features. GAWFS effectively reduces dimensions, eliminates redundancy, identifies crucial features for classification. Detection accuracy further improved by employing stacking ensemble model, combining Multi-Layer Perceptron (MLP) Support Vector Machine (SVM) as base models, Random Forest (RF) metamodel. proposed classifier achieves impressive accuracies 99.86% training data 98.89% test representing improvements approximately 5% 40%, respectively, over previous studies. time was also reduced 2,593 s, substantial improvement 29.92%. Validation on various benchmark datasets confirmed efficacy approach, underscoring importance enhanced model against DDoS attacks.

Язык: Английский

---

Online ensemble learning-based anomaly detection for IoT systems

Applied Soft Computing, Год журнала: 2025, Номер unknown, С. 112931 - 112931

Опубликована: Март 1, 2025

Язык: Английский

---

CRSF: An Intrusion Detection Framework for Industrial Internet of Things Based on Pretrained CNN2D-RNN and SVM

IEEE Access, Год журнала: 2023, Номер 11, С. 92041 - 92054

Опубликована: Янв. 1, 2023

The traditional support vector machine (SVM) requires manual feature extraction to improve classification performance and relies on the expressive power of manually extracted features. However, this characteristic poses limitations in complex Industrial Internet Things (IIoT) environments. Traditional may fail capture all relevant information, thereby restricting application effectiveness SVM IIoT settings. CNN-RNN, as a deep learning network capable simultaneously extracting spatial temporal features, can alleviate researchers' burden. In paper, we propose novel intrusion detection system (IDS) framework based anomalies, called CRSF. framework's pre-training part employs dimension transformation function process input data into two-dimensional images. Two-dimensional convolutional kernels are then employed extract sequences passed an RNN richer After sufficient pre-training, is used classifier map from space high-dimensional learn nonlinear decision boundaries, enabling accurately differentiate representations different classes. Simulation experiments TON_IoT-Datasets demonstrate CRSF detection. When using "linear" kernel SVM, achieves accuracy, F1-score, AUC 0.9959, 0.9977, respectively, indicating its capability superiority

Язык: Английский

---

Network intrusion detection: An optimized deep learning approach using big data analytics

Expert Systems with Applications, Год журнала: 2024, Номер 251, С. 123919 - 123919

Опубликована: Апрель 5, 2024

Язык: Английский

---

Security Information Event Management data acquisition and analysis methods with machine learning principles

Results in Engineering, Год журнала: 2024, Номер 22, С. 102254 - 102254

Опубликована: Май 14, 2024

In the face of increasing global disruptions, cybersecurity field is confronting rising threats posed by offensive groups and individual hackers. Traditional security measures often fall short in detecting mitigating these sophisticated attacks, necessitating advanced intrusion detection methods. The goal our study to develop robust network methods using machine learning techniques. addition, we evaluate effectiveness various models intrusions. Model performances are optimized through hyperparameter tuning feature selection. A range classification clustering have been employed. Data from SIEM systems capturing real-time statistics cloud-hosted Windows virtual machines has gathered augmented with web attack logs CICIDS2017, each comprising approximately fifteen thousand rows. Hyperparameter tuning, data normalization, standardization selection techniques for model optimization used study. research showcases potential enhancing capabilities. findings underscore Random Forest Classifier (0.97) highlight importance utilizing diverse datasets This offers valuable insights sets a foundation future advancements strategies systems.

Язык: Английский

---

OOA-modified Bi-LSTM network: An effective intrusion detection framework for IoT systems

Heliyon, Год журнала: 2024, Номер 10(8), С. e29410 - e29410

Опубликована: Апрель 1, 2024

Currently, the Internet of Things (IoT) generates a huge amount traffic data in communication and information technology. The diversification integration IoT applications terminals make vulnerable to intrusion attacks. Therefore, it is necessary develop an efficient Intrusion Detection System (IDS) that guarantees reliability, integrity, security systems. detection considered challenging task because inappropriate features existing input slow training process. In order address these issues, effective meta heuristic based feature selection deep learning techniques are developed for enhancing IDS. Osprey Optimization Algorithm (OOA) proposed selecting highly informative from which leads differentiation among normal attack network. Moreover, traditional sigmoid tangent activation functions replaced with Exponential Linear Unit (ELU) function propose modified Bi-directional Long Short Term Memory (Bi-LSTM). Bi-LSTM used classifying types ELU makes gradients extremely large during back-propagation faster learning. This research analysed three different datasets such as N-BaIoT, Canadian Institute Cybersecurity Dataset 2017 (CICIDS-2017), ToN-IoT datasets. empirical investigation states framework obtains impressive accuracy 99.98 %, 99.97 % 99.88 on CICIDS-2017, datasets, respectively. Compared peer frameworks, this high better interpretability reduced processing time.

Язык: Английский

---

Deep-IDS: A Real-Time Intrusion Detector for IoT Nodes Using Deep Learning

IEEE Access, Год журнала: 2024, Номер 12, С. 63584 - 63597

Опубликована: Янв. 1, 2024

The Internet of Things (IoT) represents a swiftly expanding sector that is pivotal in driving the innovation today's smart services. However, inherent resource-constrained nature IoT nodes poses significant challenges embedding advanced algorithms for cybersecurity, leading to an escalation cyberattacks against these nodes. Contemporary research Intrusion Detection Systems (IDS) predominantly focuses on enhancing IDS performance through sophisticated algorithms, often overlooking their practical applicability. This paper introduces Deep-IDS, innovative and practically deployable Deep Learning (DL)-based IDS. It employs Long-Short-Term-Memory (LSTM) network comprising 64 LSTM units trained CIC-IDS2017 dataset. Its streamlined architecture renders Deep-IDS ideal candidate edge-server deployment, acting as guardian between Denial Service (DoS), Distributed (DDoS), Brute Force (BRF), Man-in-the-Middle (MITM), Replay (RP) Attacks. A distinctive aspect this trade-off analysis intrusion detection rate false alarm rate, facilitating real-time Deep-IDS. system demonstrates exemplary 96.8% overall classification accuracy 97.67%. Furthermore, achieves precision, recall, F1-scores 97.67%, 98.17%, 97.91%, respectively. On average, requires 1.49 seconds identify mitigate attempts, effectively blocking malicious traffic sources. remarkable efficacy, swift response time, design, novel defense strategy not only secure but also interconnected sub-networks, thereby positioning IoT-enhanced computer networks.

Язык: Английский

---

Detecting lateral movement: A systematic survey

Heliyon, Год журнала: 2024, Номер 10(4), С. e26317 - e26317

Опубликована: Фев. 1, 2024

Within both the cyber kill chain and MITRE ATT&CK frameworks, Lateral Movement (LM) is defined as any activity that allows adversaries to progressively move deeper into a system in seek of high-value assets. Although this timely subject has been studied cybersecurity literature significant degree, so far, no work provides comprehensive survey regarding identification LM from mainly an Intrusion Detection System (IDS) viewpoint. To cover noticeable gap, systematic, holistic overview topic, not neglecting new communication paradigms, such Internet Things (IoT). The part, spanning time window eight years 53 articles, split three focus areas, namely, Endpoint Response (EDR) schemes, machine learning oriented solutions, graph-based strategies. On top that, we bring light interrelations, mapping progress field over time, offer key observations may propel research forward.

Язык: Английский

---

A multi-objectives framework for secure blockchain in fog–cloud network of vehicle-to-infrastructure applications

Knowledge-Based Systems, Год журнала: 2024, Номер 290, С. 111576 - 111576

Опубликована: Фев. 29, 2024

The Intelligent Transport System (ITS) is an emerging paradigm that offers numerous services at the infrastructure level for vehicle applications. Vehicle-to-infrastructure (V2I) advanced form of ITS where diverse are deployed on roadside unit. V2I consists distributed computing nodes transport applications parallel processed. Many research challenges exist in presented paradigms regarding security, cyber-attacks, and application processing among heterogeneous nodes. These Sybil attacks, their attempts cause a lack security degrade performance paradigms. This paper presents new secure blockchain framework handles as mentioned earlier. formulates this complex problem combinatorial problem, encompassing concave convex problems. function minimizes given constraints, such time risk, improves accuracy. Therefore, time, energy, malware detection accuracy, deadlines, require optimization considered problem. Combining jointly non-dominated sorting genetic algorithm (NSGA-II) long short-term memory (LSTM) schemes best way to meet problem's limitations. In study, designed dataset with known unknown malware. different kinds lists (e.g., cyber-attacks) characteristics, size code, comes from, attack which data, current status workload after being attacked by Our main idea present blockchain, NSGA-II, LSTM handle phishing, routing, Sybil, 51% cyber-attacks without compromising performance. Simulation results show study reduces delay risks vehicular

Язык: Английский

---