Hybrid CNN–BiLSTM–DNN Approach for Detecting Cybersecurity Threats in IoT Networks DOI Creative Commons

Bright Agbor Agbor,

Bliss Utibe-Abasi Stephen, Philip Asuquo

и другие.

Computers, Год журнала: 2025, Номер 14(2), С. 58 - 58

Опубликована: Фев. 10, 2025

The Internet of Things (IoT) ecosystem is rapidly expanding. It driven by continuous innovation but accompanied increasingly sophisticated cybersecurity threats. Protecting IoT devices from these emerging vulnerabilities has become a critical priority. This study addresses the limitations existing threat detection methods, which often struggle with dynamic nature environments and growing complexity cyberattacks. To overcome challenges, novel hybrid architecture combining Convolutional Neural Networks (CNN), Bidirectional Long Short-Term Memory (BiLSTM), Deep (DNN) proposed for accurate efficient detection. model’s performance evaluated using IoT-23 Edge-IIoTset datasets, encompass over ten distinct attack types. framework achieves remarkable 99% accuracy on both outperforming state-of-the-art solutions. Advanced optimization techniques, including model pruning quantization, are applied to enhance deployment efficiency in resource-constrained environments. results highlight robustness its adaptability diverse scenarios, address key prior approaches. research provides robust solution detection, establishing foundation advancing security addressing evolving landscape cyber threats while driving future innovations field.

Язык: Английский

SMWE-GFPNNet: A high-precision and robust method for forest fire smoke detection DOI
Rui Li, Yaowen Hu, Lin Li

и другие.

Knowledge-Based Systems, Год журнала: 2024, Номер 289, С. 111528 - 111528

Опубликована: Фев. 15, 2024

Язык: Английский

Процитировано

17

A Stacking Ensemble Model with Enhanced Feature Selection for Distributed Denial-of-Service Detection in Software-Defined Networks DOI Open Access
Tariq Emad Ali, Yung-Wey Chong,

Selvakumar Manickam

и другие.

Engineering Technology & Applied Science Research, Год журнала: 2025, Номер 15(1), С. 19232 - 19245

Опубликована: Фев. 2, 2025

The proliferation of Distributed Denial Service (DDoS) attacks poses a significant threat to network accessibility and performance. Traditional feature selection methods struggle with the complexity traffic data, leading poor detection To address this issue, Genetic Algorithm Wrapper Feature Selection (GAWFS) is proposed, integrating Chi-squared (GA) approaches correlation method select most correlated features. GAWFS effectively reduces dimensions, eliminates redundancy, identifies crucial features for classification. Detection accuracy further improved by employing stacking ensemble model, combining Multi-Layer Perceptron (MLP) Support Vector Machine (SVM) as base models, Random Forest (RF) metamodel. proposed classifier achieves impressive accuracies 99.86% training data 98.89% test representing improvements approximately 5% 40%, respectively, over previous studies. time was also reduced 2,593 s, substantial improvement 29.92%. Validation on various benchmark datasets confirmed efficacy approach, underscoring importance enhanced model against DDoS attacks.

Язык: Английский

Процитировано

2

Online ensemble learning-based anomaly detection for IoT systems DOI
Y.-T. Wu, Lan Liu, Yong‐Jie Yu

и другие.

Applied Soft Computing, Год журнала: 2025, Номер unknown, С. 112931 - 112931

Опубликована: Март 1, 2025

Язык: Английский

Процитировано

2

CRSF: An Intrusion Detection Framework for Industrial Internet of Things Based on Pretrained CNN2D-RNN and SVM DOI Creative Commons

Shiming Li,

Guangzhao Chai, Yuhe Wang

и другие.

IEEE Access, Год журнала: 2023, Номер 11, С. 92041 - 92054

Опубликована: Янв. 1, 2023

The traditional support vector machine (SVM) requires manual feature extraction to improve classification performance and relies on the expressive power of manually extracted features. However, this characteristic poses limitations in complex Industrial Internet Things (IIoT) environments. Traditional may fail capture all relevant information, thereby restricting application effectiveness SVM IIoT settings. CNN-RNN, as a deep learning network capable simultaneously extracting spatial temporal features, can alleviate researchers' burden. In paper, we propose novel intrusion detection system (IDS) framework based anomalies, called CRSF. framework's pre-training part employs dimension transformation function process input data into two-dimensional images. Two-dimensional convolutional kernels are then employed extract sequences passed an RNN richer After sufficient pre-training, is used classifier map from space high-dimensional learn nonlinear decision boundaries, enabling accurately differentiate representations different classes. Simulation experiments TON_IoT-Datasets demonstrate CRSF detection. When using "linear" kernel SVM, achieves accuracy, F1-score, AUC 0.9959, 0.9977, respectively, indicating its capability superiority

Язык: Английский

Процитировано

21

Network intrusion detection: An optimized deep learning approach using big data analytics DOI

D. Suja Mary,

L. Jaya Singh Dhas,

A. Deepa

и другие.

Expert Systems with Applications, Год журнала: 2024, Номер 251, С. 123919 - 123919

Опубликована: Апрель 5, 2024

Язык: Английский

Процитировано

9

Security Information Event Management data acquisition and analysis methods with machine learning principles DOI Creative Commons

Noyan Tendikov,

Leila Rzayeva, Bilal Saoud

и другие.

Results in Engineering, Год журнала: 2024, Номер 22, С. 102254 - 102254

Опубликована: Май 14, 2024

In the face of increasing global disruptions, cybersecurity field is confronting rising threats posed by offensive groups and individual hackers. Traditional security measures often fall short in detecting mitigating these sophisticated attacks, necessitating advanced intrusion detection methods. The goal our study to develop robust network methods using machine learning techniques. addition, we evaluate effectiveness various models intrusions. Model performances are optimized through hyperparameter tuning feature selection. A range classification clustering have been employed. Data from SIEM systems capturing real-time statistics cloud-hosted Windows virtual machines has gathered augmented with web attack logs CICIDS2017, each comprising approximately fifteen thousand rows. Hyperparameter tuning, data normalization, standardization selection techniques for model optimization used study. research showcases potential enhancing capabilities. findings underscore Random Forest Classifier (0.97) highlight importance utilizing diverse datasets This offers valuable insights sets a foundation future advancements strategies systems.

Язык: Английский

Процитировано

9

OOA-modified Bi-LSTM network: An effective intrusion detection framework for IoT systems DOI Creative Commons

Siva Surya Narayana Chintapalli,

Satya Prakash Singh, Jaroslav Frnda

и другие.

Heliyon, Год журнала: 2024, Номер 10(8), С. e29410 - e29410

Опубликована: Апрель 1, 2024

Currently, the Internet of Things (IoT) generates a huge amount traffic data in communication and information technology. The diversification integration IoT applications terminals make vulnerable to intrusion attacks. Therefore, it is necessary develop an efficient Intrusion Detection System (IDS) that guarantees reliability, integrity, security systems. detection considered challenging task because inappropriate features existing input slow training process. In order address these issues, effective meta heuristic based feature selection deep learning techniques are developed for enhancing IDS. Osprey Optimization Algorithm (OOA) proposed selecting highly informative from which leads differentiation among normal attack network. Moreover, traditional sigmoid tangent activation functions replaced with Exponential Linear Unit (ELU) function propose modified Bi-directional Long Short Term Memory (Bi-LSTM). Bi-LSTM used classifying types ELU makes gradients extremely large during back-propagation faster learning. This research analysed three different datasets such as N-BaIoT, Canadian Institute Cybersecurity Dataset 2017 (CICIDS-2017), ToN-IoT datasets. empirical investigation states framework obtains impressive accuracy 99.98 %, 99.97 % 99.88 on CICIDS-2017, datasets, respectively. Compared peer frameworks, this high better interpretability reduced processing time.

Язык: Английский

Процитировано

8

Deep-IDS: A Real-Time Intrusion Detector for IoT Nodes Using Deep Learning DOI Creative Commons
Sandeepkumar Racherla, Prathyusha Sripathi, Nuruzzaman Faruqui

и другие.

IEEE Access, Год журнала: 2024, Номер 12, С. 63584 - 63597

Опубликована: Янв. 1, 2024

The Internet of Things (IoT) represents a swiftly expanding sector that is pivotal in driving the innovation today's smart services. However, inherent resource-constrained nature IoT nodes poses significant challenges embedding advanced algorithms for cybersecurity, leading to an escalation cyberattacks against these nodes. Contemporary research Intrusion Detection Systems (IDS) predominantly focuses on enhancing IDS performance through sophisticated algorithms, often overlooking their practical applicability. This paper introduces Deep-IDS, innovative and practically deployable Deep Learning (DL)-based IDS. It employs Long-Short-Term-Memory (LSTM) network comprising 64 LSTM units trained CIC-IDS2017 dataset. Its streamlined architecture renders Deep-IDS ideal candidate edge-server deployment, acting as guardian between Denial Service (DoS), Distributed (DDoS), Brute Force (BRF), Man-in-the-Middle (MITM), Replay (RP) Attacks. A distinctive aspect this trade-off analysis intrusion detection rate false alarm rate, facilitating real-time Deep-IDS. system demonstrates exemplary 96.8% overall classification accuracy 97.67%. Furthermore, achieves precision, recall, F1-scores 97.67%, 98.17%, 97.91%, respectively. On average, requires 1.49 seconds identify mitigate attempts, effectively blocking malicious traffic sources. remarkable efficacy, swift response time, design, novel defense strategy not only secure but also interconnected sub-networks, thereby positioning IoT-enhanced computer networks.

Язык: Английский

Процитировано

8

Detecting lateral movement: A systematic survey DOI Creative Commons
Christos Smiliotopoulos, Georgios Kambourakis, Constantinos Kolias

и другие.

Heliyon, Год журнала: 2024, Номер 10(4), С. e26317 - e26317

Опубликована: Фев. 1, 2024

Within both the cyber kill chain and MITRE ATT&CK frameworks, Lateral Movement (LM) is defined as any activity that allows adversaries to progressively move deeper into a system in seek of high-value assets. Although this timely subject has been studied cybersecurity literature significant degree, so far, no work provides comprehensive survey regarding identification LM from mainly an Intrusion Detection System (IDS) viewpoint. To cover noticeable gap, systematic, holistic overview topic, not neglecting new communication paradigms, such Internet Things (IoT). The part, spanning time window eight years 53 articles, split three focus areas, namely, Endpoint Response (EDR) schemes, machine learning oriented solutions, graph-based strategies. On top that, we bring light interrelations, mapping progress field over time, offer key observations may propel research forward.

Язык: Английский

Процитировано

7

A multi-objectives framework for secure blockchain in fog–cloud network of vehicle-to-infrastructure applications DOI Creative Commons
Abdullah Lakhan, Mazin Abed Mohammed, Karrar Hameed Abdulkareem

и другие.

Knowledge-Based Systems, Год журнала: 2024, Номер 290, С. 111576 - 111576

Опубликована: Фев. 29, 2024

The Intelligent Transport System (ITS) is an emerging paradigm that offers numerous services at the infrastructure level for vehicle applications. Vehicle-to-infrastructure (V2I) advanced form of ITS where diverse are deployed on roadside unit. V2I consists distributed computing nodes transport applications parallel processed. Many research challenges exist in presented paradigms regarding security, cyber-attacks, and application processing among heterogeneous nodes. These Sybil attacks, their attempts cause a lack security degrade performance paradigms. This paper presents new secure blockchain framework handles as mentioned earlier. formulates this complex problem combinatorial problem, encompassing concave convex problems. function minimizes given constraints, such time risk, improves accuracy. Therefore, time, energy, malware detection accuracy, deadlines, require optimization considered problem. Combining jointly non-dominated sorting genetic algorithm (NSGA-II) long short-term memory (LSTM) schemes best way to meet problem's limitations. In study, designed dataset with known unknown malware. different kinds lists (e.g., cyber-attacks) characteristics, size code, comes from, attack which data, current status workload after being attacked by Our main idea present blockchain, NSGA-II, LSTM handle phishing, routing, Sybil, 51% cyber-attacks without compromising performance. Simulation results show study reduces delay risks vehicular

Язык: Английский

Процитировано

7