Egyptian Informatics Journal, Год журнала: 2025, Номер 30, С. 100669 - 100669
Опубликована: Март 23, 2025
Язык: Английский
Knowledge-Based Systems, Год журнала: 2024, Номер 289, С. 111528 - 111528
Опубликована: Фев. 15, 2024
Язык: Английский
Процитировано
17
Results in Engineering, Год журнала: 2024, Номер 22, С. 102254 - 102254
Опубликована: Май 14, 2024
In the face of increasing global disruptions, cybersecurity field is confronting rising threats posed by offensive groups and individual hackers. Traditional security measures often fall short in detecting mitigating these sophisticated attacks, necessitating advanced intrusion detection methods. The goal our study to develop robust network methods using machine learning techniques. addition, we evaluate effectiveness various models intrusions. Model performances are optimized through hyperparameter tuning feature selection. A range classification clustering have been employed. Data from SIEM systems capturing real-time statistics cloud-hosted Windows virtual machines has gathered augmented with web attack logs CICIDS2017, each comprising approximately fifteen thousand rows. Hyperparameter tuning, data normalization, standardization selection techniques for model optimization used study. research showcases potential enhancing capabilities. findings underscore Random Forest Classifier (0.97) highlight importance utilizing diverse datasets This offers valuable insights sets a foundation future advancements strategies systems.
Язык: Английский
Процитировано
9
Engineering Technology & Applied Science Research, Год журнала: 2025, Номер 15(1), С. 19232 - 19245
Опубликована: Фев. 2, 2025
The proliferation of Distributed Denial Service (DDoS) attacks poses a significant threat to network accessibility and performance. Traditional feature selection methods struggle with the complexity traffic data, leading poor detection To address this issue, Genetic Algorithm Wrapper Feature Selection (GAWFS) is proposed, integrating Chi-squared (GA) approaches correlation method select most correlated features. GAWFS effectively reduces dimensions, eliminates redundancy, identifies crucial features for classification. Detection accuracy further improved by employing stacking ensemble model, combining Multi-Layer Perceptron (MLP) Support Vector Machine (SVM) as base models, Random Forest (RF) metamodel. proposed classifier achieves impressive accuracies 99.86% training data 98.89% test representing improvements approximately 5% 40%, respectively, over previous studies. time was also reduced 2,593 s, substantial improvement 29.92%. Validation on various benchmark datasets confirmed efficacy approach, underscoring importance enhanced model against DDoS attacks.
Язык: Английский
Процитировано
2
Applied Soft Computing, Год журнала: 2025, Номер unknown, С. 112931 - 112931
Опубликована: Март 1, 2025
Язык: Английский
Процитировано
2
Computers, Год журнала: 2025, Номер 14(2), С. 58 - 58
Опубликована: Фев. 10, 2025
The Internet of Things (IoT) ecosystem is rapidly expanding. It driven by continuous innovation but accompanied increasingly sophisticated cybersecurity threats. Protecting IoT devices from these emerging vulnerabilities has become a critical priority. This study addresses the limitations existing threat detection methods, which often struggle with dynamic nature environments and growing complexity cyberattacks. To overcome challenges, novel hybrid architecture combining Convolutional Neural Networks (CNN), Bidirectional Long Short-Term Memory (BiLSTM), Deep (DNN) proposed for accurate efficient detection. model’s performance evaluated using IoT-23 Edge-IIoTset datasets, encompass over ten distinct attack types. framework achieves remarkable 99% accuracy on both outperforming state-of-the-art solutions. Advanced optimization techniques, including model pruning quantization, are applied to enhance deployment efficiency in resource-constrained environments. results highlight robustness its adaptability diverse scenarios, address key prior approaches. research provides robust solution detection, establishing foundation advancing security addressing evolving landscape cyber threats while driving future innovations field.
Язык: Английский
Процитировано
1
IEEE Access, Год журнала: 2023, Номер 11, С. 92041 - 92054
Опубликована: Янв. 1, 2023
The traditional support vector machine (SVM) requires manual feature extraction to improve classification performance and relies on the expressive power of manually extracted features. However, this characteristic poses limitations in complex Industrial Internet Things (IIoT) environments. Traditional may fail capture all relevant information, thereby restricting application effectiveness SVM IIoT settings. CNN-RNN, as a deep learning network capable simultaneously extracting spatial temporal features, can alleviate researchers' burden. In paper, we propose novel intrusion detection system (IDS) framework based anomalies, called CRSF. framework's pre-training part employs dimension transformation function process input data into two-dimensional images. Two-dimensional convolutional kernels are then employed extract sequences passed an RNN richer After sufficient pre-training, is used classifier map from space high-dimensional learn nonlinear decision boundaries, enabling accurately differentiate representations different classes. Simulation experiments TON_IoT-Datasets demonstrate CRSF detection. When using "linear" kernel SVM, achieves accuracy, F1-score, AUC 0.9959, 0.9977, respectively, indicating its capability superiority
Язык: Английский
Процитировано
20
Expert Systems with Applications, Год журнала: 2024, Номер 251, С. 123919 - 123919
Опубликована: Апрель 5, 2024
Язык: Английский
Процитировано
9
IEEE Access, Год журнала: 2024, Номер 12, С. 63584 - 63597
Опубликована: Янв. 1, 2024
The Internet of Things (IoT) represents a swiftly expanding sector that is pivotal in driving the innovation today's smart services. However, inherent resource-constrained nature IoT nodes poses significant challenges embedding advanced algorithms for cybersecurity, leading to an escalation cyberattacks against these nodes. Contemporary research Intrusion Detection Systems (IDS) predominantly focuses on enhancing IDS performance through sophisticated algorithms, often overlooking their practical applicability. This paper introduces Deep-IDS, innovative and practically deployable Deep Learning (DL)-based IDS. It employs Long-Short-Term-Memory (LSTM) network comprising 64 LSTM units trained CIC-IDS2017 dataset. Its streamlined architecture renders Deep-IDS ideal candidate edge-server deployment, acting as guardian between Denial Service (DoS), Distributed (DDoS), Brute Force (BRF), Man-in-the-Middle (MITM), Replay (RP) Attacks. A distinctive aspect this trade-off analysis intrusion detection rate false alarm rate, facilitating real-time Deep-IDS. system demonstrates exemplary 96.8% overall classification accuracy 97.67%. Furthermore, achieves precision, recall, F1-scores 97.67%, 98.17%, 97.91%, respectively. On average, requires 1.49 seconds identify mitigate attempts, effectively blocking malicious traffic sources. remarkable efficacy, swift response time, design, novel defense strategy not only secure but also interconnected sub-networks, thereby positioning IoT-enhanced computer networks.
Язык: Английский
Процитировано
8
Heliyon, Год журнала: 2024, Номер 10(4), С. e26317 - e26317
Опубликована: Фев. 1, 2024
Within both the cyber kill chain and MITRE ATT&CK frameworks, Lateral Movement (LM) is defined as any activity that allows adversaries to progressively move deeper into a system in seek of high-value assets. Although this timely subject has been studied cybersecurity literature significant degree, so far, no work provides comprehensive survey regarding identification LM from mainly an Intrusion Detection System (IDS) viewpoint. To cover noticeable gap, systematic, holistic overview topic, not neglecting new communication paradigms, such Internet Things (IoT). The part, spanning time window eight years 53 articles, split three focus areas, namely, Endpoint Response (EDR) schemes, machine learning oriented solutions, graph-based strategies. On top that, we bring light interrelations, mapping progress field over time, offer key observations may propel research forward.
Язык: Английский
Процитировано
7
Knowledge-Based Systems, Год журнала: 2024, Номер 290, С. 111576 - 111576
Опубликована: Фев. 29, 2024
The Intelligent Transport System (ITS) is an emerging paradigm that offers numerous services at the infrastructure level for vehicle applications. Vehicle-to-infrastructure (V2I) advanced form of ITS where diverse are deployed on roadside unit. V2I consists distributed computing nodes transport applications parallel processed. Many research challenges exist in presented paradigms regarding security, cyber-attacks, and application processing among heterogeneous nodes. These Sybil attacks, their attempts cause a lack security degrade performance paradigms. This paper presents new secure blockchain framework handles as mentioned earlier. formulates this complex problem combinatorial problem, encompassing concave convex problems. function minimizes given constraints, such time risk, improves accuracy. Therefore, time, energy, malware detection accuracy, deadlines, require optimization considered problem. Combining jointly non-dominated sorting genetic algorithm (NSGA-II) long short-term memory (LSTM) schemes best way to meet problem's limitations. In study, designed dataset with known unknown malware. different kinds lists (e.g., cyber-attacks) characteristics, size code, comes from, attack which data, current status workload after being attacked by Our main idea present blockchain, NSGA-II, LSTM handle phishing, routing, Sybil, 51% cyber-attacks without compromising performance. Simulation results show study reduces delay risks vehicular
Язык: Английский
Процитировано
7