Biblio

Found 482 results

Filters: Keyword is Intrusion detection  [Clear All Filters]
2023-08-03
Thai, Ho Huy, Hieu, Nguyen Duc, Van Tho, Nguyen, Hoang, Hien Do, Duy, Phan The, Pham, Van-Hau.  2022.  Adversarial AutoEncoder and Generative Adversarial Networks for Semi-Supervised Learning Intrusion Detection System. 2022 RIVF International Conference on Computing and Communication Technologies (RIVF). :584–589.
As one of the defensive solutions against cyberattacks, an Intrusion Detection System (IDS) plays an important role in observing the network state and alerting suspicious actions that can break down the system. There are many attempts of adopting Machine Learning (ML) in IDS to achieve high performance in intrusion detection. However, all of them necessitate a large amount of labeled data. In addition, labeling attack data is a time-consuming and expensive human-labor operation, it makes existing ML methods difficult to deploy in a new system or yields lower results due to a lack of labels on pre-trained data. To address these issues, we propose a semi-supervised IDS model that leverages Generative Adversarial Networks (GANs) and Adversarial AutoEncoder (AAE), called a semi-supervised adversarial autoencoder (SAAE). Our SAAE experimental results on two public datasets for benchmarking ML-based IDS, including NF-CSE-CIC-IDS2018 and NF-UNSW-NB15, demonstrate the effectiveness of AAE and GAN in case of using only a small number of labeled data. In particular, our approach outperforms other ML methods with the highest detection rates in spite of the scarcity of labeled data for model training, even with only 1% labeled data.
ISSN: 2162-786X
2023-04-14
Qian, Jun, Gan, Zijie, Zhang, Jie, Bhunia, Suman.  2022.  Analyzing SocialArks Data Leak - A Brute Force Web Login Attack. 2022 4th International Conference on Computer Communication and the Internet (ICCCI). :21–27.
In this work, we discuss data breaches based on the “2012 SocialArks data breach” case study. Data leakage refers to the security violations of unauthorized individuals copying, transmitting, viewing, stealing, or using sensitive, protected, or confidential data. Data leakage is becoming more and more serious, for those traditional information security protection methods like anti-virus software, intrusion detection, and firewalls have been becoming more and more challenging to deal with independently. Nevertheless, fortunately, new IT technologies are rapidly changing and challenging traditional security laws and provide new opportunities to develop the information security market. The SocialArks data breach was caused by a misconfiguration of ElasticSearch Database owned by SocialArks, owned by “Tencent.” The attack methodology is classic, and five common Elasticsearch mistakes discussed the possibilities of those leakages. The defense solution focuses on how to optimize the Elasticsearch server. Furthermore, the ElasticSearch database’s open-source identity also causes many ethical problems, which means that anyone can download and install it for free, and they can install it almost anywhere. Some companies download it and install it on their internal servers, while others download and install it in the cloud (on any provider they want). There are also cloud service companies that provide hosted versions of Elasticsearch, which means they host and manage Elasticsearch clusters for their customers, such as Company Tencent.
2023-08-18
Li, Shijie, Liu, Junjiao, Pan, Zhiwen, Lv, Shichao, Si, Shuaizong, Sun, Limin.  2022.  Anomaly Detection based on Robust Spatial-temporal Modeling for Industrial Control Systems. 2022 IEEE 19th International Conference on Mobile Ad Hoc and Smart Systems (MASS). :355—363.
Industrial Control Systems (ICS) are increasingly facing the threat of False Data Injection (FDI) attacks. As an emerging intrusion detection scheme for ICS, process-based Intrusion Detection Systems (IDS) can effectively detect the anomalies caused by FDI attacks. Specifically, such IDS establishes anomaly detection model which can describe the normal pattern of industrial processes, then perform real-time anomaly detection on industrial process data. However, this method suffers low detection accuracy due to the complexity and instability of industrial processes. That is, the process data inherently contains sophisticated nonlinear spatial-temporal correlations which are hard to be explicitly described by anomaly detection model. In addition, the noise and disturbance in process data prevent the IDS from distinguishing the real anomaly events. In this paper, we propose an Anomaly Detection approach based on Robust Spatial-temporal Modeling (AD-RoSM). Concretely, to explicitly describe the spatial-temporal correlations within the process data, a neural based state estimation model is proposed by utilizing 1D CNN for temporal modeling and multi-head self attention mechanism for spatial modeling. To perform robust anomaly detection in the presence of noise and disturbance, a composite anomaly discrimination model is designed so that the outputs of the state estimation model can be analyzed with a combination of threshold strategy and entropy-based strategy. We conducted extensive experiments on two benchmark ICS security datasets to demonstrate the effectiveness of our approach.
2023-02-17
Ruwin R. Ratnayake, R.M., Abeysiriwardhena, G.D.N.D.K., Perera, G.A.J., Senarathne, Amila, Ponnamperuma, R., Ganegoda, B.A..  2022.  ARGUS – An Adaptive Smart Home Security Solution. 2022 4th International Conference on Advancements in Computing (ICAC). :459–464.
Smart Security Solutions are in high demand with the ever-increasing vulnerabilities within the IT domain. Adjusting to a Work-From-Home (WFH) culture has become mandatory by maintaining required core security principles. Therefore, implementing and maintaining a secure Smart Home System has become even more challenging. ARGUS provides an overall network security coverage for both incoming and outgoing traffic, a firewall and an adaptive bandwidth management system and a sophisticated CCTV surveillance capability. ARGUS is such a system that is implemented into an existing router incorporating cloud and Machine Learning (ML) technology to ensure seamless connectivity across multiple devices, including IoT devices at a low migration cost for the customer. The aggregation of the above features makes ARGUS an ideal solution for existing Smart Home System service providers and users where hardware and infrastructure is also allocated. ARGUS was tested on a small-scale smart home environment with a Raspberry Pi 4 Model B controller. Its intrusion detection system identified an intrusion with 96% accuracy while the physical surveillance system predicts the user with 81% accuracy.
2023-05-19
Wang, Jichang, Zhang, Liancheng, Li, Zehua, Guo, Yi, Cheng, Lanxin, Du, Wenwen.  2022.  CC-Guard: An IPv6 Covert Channel Detection Method Based on Field Matching. 2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys). :1416—1421.
As the IPv6 protocol has been rapidly developed and applied, the security of IPv6 networks has become the focus of academic and industrial attention. Despite the fact that the IPv6 protocol is designed with security in mind, due to insufficient defense measures of current firewalls and intrusion detection systems for IPv6 networks, the construction of covert channels using fields not defined or reserved in IPv6 protocols may compromise the information systems. By discussing the possibility of constructing storage covert channels within IPv6 protocol fields, 10 types of IPv6 covert channels are constructed with undefined and reserved fields, including the flow label field, the traffic class field of IPv6 header, the reserved fields of IPv6 extension headers and the code field of ICMPv6 header. An IPv6 covert channel detection method based on field matching (CC-Guard) is proposed, and a typical IPv6 network environment is built for testing. In comparison with existing detection tools, the experimental results show that the CC-Guard not only can detect more covert channels consisting of IPv6 extension headers and ICMPv6 headers, but also achieves real-time detection with a lower detection overhead.
2023-01-05
Singh, Pushpa Bharti, Tomar, Parul, Kathuria, Madhumita.  2022.  Comparative Study of Machine Learning Techniques for Intrusion Detection Systems. 2022 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COM-IT-CON). 1:274—283.
Being a part of today’s technical world, we are connected through a vast network. More we are addicted to these modernization techniques we need security. There must be reliability in a network security system so that it is capable of doing perfect monitoring of the whole network of an organization so that any unauthorized users or intruders wouldn’t be able to halt our security breaches. Firewalls are there for securing our internal network from unauthorized outsiders but still some time possibility of attacks is there as according to a survey 60% of attacks were internal to the network. So, the internal system needs the same higher level of security just like external. So, understanding the value of security measures with accuracy, efficiency, and speed we got to focus on implementing and comparing an improved intrusion detection system. A comprehensive literature review has been done and found that some feature selection techniques with standard scaling combined with Machine Learning Techniques can give better results over normal existing ML Techniques. In this survey paper with the help of the Uni-variate Feature selection method, the selection of 14 essential features out of 41 is performed which are used in comparative analysis. We implemented and compared both binary class classification and multi-class classification-based Intrusion Detection Systems (IDS) for two Supervised Machine Learning Techniques Support Vector Machine and Classification and Regression Techniques.
2023-05-30
Kharkwal, Ayushi, Mishra, Saumya, Paul, Aditi.  2022.  Cross-Layer DoS Attack Detection Technique for Internet of Things. 2022 7th International Conference on Communication and Electronics Systems (ICCES). :368—372.
Security of Internet of Things (IoT) is one of the most prevalent crucial challenges ever since. The diversified devices and their specification along with resource constrained protocols made it more complex to address over all security need of IoT. Denial of Service attacks, being the most powerful and frequent attacks on IoT have been considered so forth. However, the attack happens on multiple layers and thus a single detection technique for each layer is not sufficient and effective to combat these attacks. Current study focuses on cross layer intrusion detection system (IDS) for detection of multiple Denial of Service (DoS) attacks. Presently, two attacks at Transmission Control Protocol (TCP) and Routing Protocol are considered for Low power and Lossy Networks (RPL) and a neural network-based IDS approach has been proposed for the detection of such attacks. The attacks are simulated on NetSim and detection and the performance shows up to 80% detection probabilities.
2023-06-22
Ho, Samson, Reddy, Achyut, Venkatesan, Sridhar, Izmailov, Rauf, Chadha, Ritu, Oprea, Alina.  2022.  Data Sanitization Approach to Mitigate Clean-Label Attacks Against Malware Detection Systems. MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM). :993–998.
Machine learning (ML) models are increasingly being used in the development of Malware Detection Systems. Existing research in this area primarily focuses on developing new architectures and feature representation techniques to improve the accuracy of the model. However, recent studies have shown that existing state-of-the art techniques are vulnerable to adversarial machine learning (AML) attacks. Among those, data poisoning attacks have been identified as a top concern for ML practitioners. A recent study on clean-label poisoning attacks in which an adversary intentionally crafts training samples in order for the model to learn a backdoor watermark was shown to degrade the performance of state-of-the-art classifiers. Defenses against such poisoning attacks have been largely under-explored. We investigate a recently proposed clean-label poisoning attack and leverage an ensemble-based Nested Training technique to remove most of the poisoned samples from a poisoned training dataset. Our technique leverages the relatively large sensitivity of poisoned samples to feature noise that disproportionately affects the accuracy of a backdoored model. In particular, we show that for two state-of-the art architectures trained on the EMBER dataset affected by the clean-label attack, the Nested Training approach improves the accuracy of backdoor malware samples from 3.42% to 93.2%. We also show that samples produced by the clean-label attack often successfully evade malware classification even when the classifier is not poisoned during training. However, even in such scenarios, our Nested Training technique can mitigate the effect of such clean-label-based evasion attacks by recovering the model's accuracy of malware detection from 3.57% to 93.2%.
ISSN: 2155-7586
2022-12-09
Legashev, Leonid, Grishina, Luybov.  2022.  Development of an Intrusion Detection System Prototype in Mobile Ad Hoc Networks Based on Machine Learning Methods. 2022 International Russian Automation Conference (RusAutoCon). :171—175.
Wireless ad hoc networks are characterized by dynamic topology and high node mobility. Network attacks on wireless ad hoc networks can significantly reduce performance metrics, such as the packet delivery ratio from the source to the destination node, overhead, throughput, etc. The article presents an experimental study of an intrusion detection system prototype in mobile ad hoc networks based on machine learning. The experiment is carried out in a MANET segment of 50 nodes, the detection and prevention of DDoS and cooperative blackhole attacks are investigated. The dependencies of features on the type of network traffic and the dependence of performance metrics on the speed of mobile nodes in the network are investigated. The conducted experimental studies show the effectiveness of an intrusion detection system prototype on simulated data.
2023-05-12
Verma, Kunaal, Girdhar, Mansi, Hafeez, Azeem, Awad, Selim S..  2022.  ECU Identification using Neural Network Classification and Hyperparameter Tuning. 2022 IEEE International Workshop on Information Forensics and Security (WIFS). :1–6.
Intrusion detection for Controller Area Network (CAN) protocol requires modern methods in order to compete with other electrical architectures. Fingerprint Intrusion Detection Systems (IDS) provide a promising new approach to solve this problem. By characterizing network traffic from known ECUs, hazardous messages can be discriminated. In this article, a modified version of Fingerprint IDS is employed utilizing both step response and spectral characterization of network traffic via neural network training. With the addition of feature set reduction and hyperparameter tuning, this method accomplishes a 99.4% detection rate of trusted ECU traffic.
ISSN: 2157-4774
2023-07-10
Gong, Taiyuan, Zhu, Li.  2022.  Edge Intelligence-based Obstacle Intrusion Detection in Railway Transportation. GLOBECOM 2022 - 2022 IEEE Global Communications Conference. :2981—2986.
Train operation is highly influenced by the rail track state and the surrounding environment. An abnormal obstacle on the rail track will pose a severe threat to the safe operation of urban rail transit. The existing general obstacle detection approaches do not consider the specific urban rail environment and requirements. In this paper, we propose an edge intelligence (EI)-based obstacle intrusion detection system to detect accurate obstacle intrusion in real-time. A two-stage lightweight deep learning model is designed to detect obstacle intrusion and obtain the distance from the train to the obstacle. Edge computing (EC) and 5G are used to conduct the detection model and improve the real-time detection performance. A multi-agent reinforcement learning-based offloading and service migration model is formulated to optimize the edge computing resource. Experimental results show that the two-stage intrusion detection model with the reinforcement learning (RL)-based edge resource optimization model can achieve higher detection accuracy and real-time performance compared to traditional methods.
2023-06-23
Angiulli, Fabrizio, Furfaro, Angelo, Saccá, Domenico, Sacco, Ludovica.  2022.  Evaluating Deep Packet Inspection in Large-scale Data Processing. 2022 9th International Conference on Future Internet of Things and Cloud (FiCloud). :16–23.
The Internet has evolved to the point that gigabytes and even terabytes of data are generated and processed on a daily basis. Such a stream of data is characterised by high volume, velocity and variety and is referred to as Big Data. Traditional data processing tools can no longer be used to process big data, because they were not designed to handle such a massive amount of data. This problem concerns also cyber security, where tools like intrusion detection systems employ classification algorithms to analyse the network traffic. Achieving a high accuracy attack detection becomes harder when the amount of data increases and the algorithms must be efficient enough to keep up with the throughput of a huge data stream. Due to the challenges posed by a big data environment, some monitoring systems have already shifted from deep packet inspection to flow-level inspection. The goal of this paper is to evaluate the applicability of an existing intrusion detection technique that performs deep packet inspection in a big data setting. We have conducted several experiments with Apache Spark to assess the performance of the technique when classifying anomalous packets, showing that it benefits from the use of Spark.
2023-07-21
Gao, Kai, Cheng, Xiangyu, Huang, Hao, Li, Xunhao, Yuan, Tingyu, Du, Ronghua.  2022.  False Data Injection Attack Detection in a Platoon of CACC in RSU. 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1324—1329.
Intelligent connected vehicle platoon technology can reduce traffic congestion and vehicle fuel. However, attacks on the data transmitted by the platoon are one of the primary challenges encountered by the platoon during its travels. The false data injection (FDI) attack can lead to road congestion and even vehicle collisions, which can impact the platoon. However, the complexity of the cellular - vehicle to everything (C-V2X) environment, the single source of the message and the poor data processing capability of the on board unit (OBU) make the traditional detection methods’ success rate and response time poor. This study proposes a platoon state information fusion method using the communication characteristics of the platoon in C-V2X and proposes a novel platoon intrusion detection model based on this fusion method combined with sequential importance sampling (SIS). The SIS is a measured strategy of Monte Carlo integration sampling. Specifically, the method takes the status information of the platoon members as the predicted value input. It uses the leader vehicle status information as the posterior probability of the observed value to the current moment of the platoon members. The posterior probabilities of the platoon members and the weights of the platoon members at the last moment are used as input to update the weights of the platoon members at the current moment and obtain the desired platoon status information at the present moment. Moreover, it compares the status information of the platoon members with the desired status information to detect attacks on the platoon. Finally, the effectiveness of the method is demonstrated by simulation.
2023-01-05
Jovanovic, Dijana, Marjanovic, Marina, Antonijevic, Milos, Zivkovic, Miodrag, Budimirovic, Nebojsa, Bacanin, Nebojsa.  2022.  Feature Selection by Improved Sand Cat Swarm Optimizer for Intrusion Detection. 2022 International Conference on Artificial Intelligence in Everything (AIE). :685–690.
The rapid growth of number of devices that are connected to internet of things (IoT) networks, increases the severity of security problems that need to be solved in order to provide safe environment for network data exchange. The discovery of new vulnerabilities is everyday challenge for security experts and many novel methods for detection and prevention of intrusions are being developed for dealing with this issue. To overcome these shortcomings, artificial intelligence (AI) can be used in development of advanced intrusion detection systems (IDS). This allows such system to adapt to emerging threats, react in real-time and adjust its behavior based on previous experiences. On the other hand, the traffic classification task becomes more difficult because of the large amount of data generated by network systems and high processing demands. For this reason, feature selection (FS) process is applied to reduce data complexity by removing less relevant data for the active classification task and therefore improving algorithm's accuracy. In this work, hybrid version of recently proposed sand cat swarm optimizer algorithm is proposed for feature selection with the goal of increasing performance of extreme learning machine classifier. The performance improvements are demonstrated by validating the proposed method on two well-known datasets - UNSW-NB15 and CICIDS-2017, and comparing the results with those reported for other cutting-edge algorithms that are dealing with the same problems and work in a similar configuration.
2023-01-13
Kapoor, Mehul, Kaur, Puneet Jai.  2022.  Hybridization of Deep Learning & Machine Learning For IoT Based Intrusion Classification. 2022 International Conference on Breakthrough in Heuristics And Reciprocation of Advanced Technologies (BHARAT). :138—143.
With the rise of IoT applications, about 20.4 billion devices will be online in 2020, and that number will rise to 75 billion a month by 2025. Different sensors in IoT devices let them get and process data remotely and in real time. Sensors give them information that helps them make smart decisions and manage IoT environments well. IoT Security is one of the most important things to think about when you're developing, implementing, and deploying IoT platforms. People who use the Internet of Things (IoT) say that it allows people to communicate, monitor, and control automated devices from afar. This paper shows how to use Deep learning and machine learning to make an IDS that can be used on IoT platforms as a service. In the proposed method, a cnn mapped the features, and a random forest classifies normal and attack classes. In the end, the proposed method made a big difference in all performance parameters. Its average performance metrics have gone up 5% to 6%.
2023-09-01
Hashim, Noor Hassanin, Sadkhan, Sattar B..  2022.  Information Theory Based Evaluation Method For Wireless IDS: Status, Open Problem And Future Trends. 2022 5th International Conference on Engineering Technology and its Applications (IICETA). :222—226.
From an information-theoretic standpoint, the intrusion detection process can be examined. Given the IDS output(alarm data), we should have less uncertainty regarding the input (event data). We propose the Capability of Intrusion Detection (CID) measure, which is simply the ratio of mutual information between IDS input and output, and the input of entropy. CID has the desirable properties of (1) naturally accounting for all important aspects of detection capability, such as true positive rate, false positive rate, positive predictive value, negative predictive value, and base rate, (2) objectively providing an intrinsic measure of intrusion detection capability, and (3) being sensitive to IDS operation parameters. When finetuning an IDS, we believe that CID is the best performance metric to use. In terms of the IDS’ inherent ability to classify input data, the so obtained operation point is the best that it can achieve.
2023-05-12
Derhab, Abdelwahid.  2022.  Keynote Speaker 6: Intrusion detection systems using machine learning for the security of autonomous vehicles. 2022 15th International Conference on Security of Information and Networks (SIN). :1–1.
The emergence of smart cars has revolutionized the automotive industry. Today's vehicles are equipped with different types of electronic control units (ECUs) that enable autonomous functionalities like self-driving, self-parking, lane keeping, and collision avoidance. The ECUs are connected to each other through an in-vehicle network, named Controller Area Network. In this talk, we will present the different cyber attacks that target autonomous vehicles and explain how an intrusion detection system (IDS) using machine learning can play a role in securing the Controller Area Network. We will also discuss the main research contributions for the security of autonomous vehicles. Specifically, we will describe our IDS, named Histogram-based Intrusion Detection and Filtering framework. Next, we will talk about the machine learning explainability issue that limits the acceptability of machine learning in autonomous vehicles, and how it can be addressed using our novel intrusion detection system based on rule extraction methods from Deep Neural Networks.
2023-08-16
Priya, D Divya, Kiran, Ajmeera, Purushotham, P.  2022.  Lightweight Intrusion Detection System(L-IDS) for the Internet of Things. 2022 International Conference on Advancements in Smart, Secure and Intelligent Computing (ASSIC). :1—4.
Internet of Things devices collect and share data (IoT). Internet connections and emerging technologies like IoT offer privacy and security challenges, and this trend is anticipated to develop quickly. Internet of Things intrusions are everywhere. Businesses are investing more to detect these threats. Institutes choose accurate testing and verification procedures. In recent years, IoT utilisation has increasingly risen in healthcare. Where IoT applications gained popular among technologists. IoT devices' energy limits and scalability raise privacy and security problems. Experts struggle to make IoT devices more safe and private. This paper provides a machine-learning-based IDS for IoT network threats (ML-IDS). This study aims to implement ML-supervised IDS for IoT. We're going with a centralised, lightweight IDS. Here, we compare seven popular categorization techniques on three data sets. The decision tree algorithm shows the best intrusion detection results.
2023-05-12
Matsubayashi, Masaru, Koyama, Takuma, Tanaka, Masashi, Okano, Yasushi, Miyajima, Asami.  2022.  Message Source Identification in Controller Area Network by Utilizing Diagnostic Communications and an Intrusion Detection System. 2022 IEEE 96th Vehicular Technology Conference (VTC2022-Fall). :1–6.
International regulations specified in WP.29 and international standards specified in ISO/SAE 21434 require security operations such as cyberattack detection and incident responses to protect vehicles from cyberattacks. To meet these requirements, many vehicle manufacturers are planning to install Intrusion Detection Systems (IDSs) in the Controller Area Network (CAN), which is a primary component of in-vehicle networks, in the coming years. Besides, many vehicle manufacturers and information security companies are developing technologies to identify attack paths related to IDS alerts to respond to cyberattacks appropriately and quickly. To develop the IDSs and the technologies to identify attack paths, it is essential to grasp normal communications performed on in-vehicle networks. Thus, our study aims to develop a technology that can easily grasp normal communications performed on in-vehicle networks. In this paper, we propose the first message source identification method that easily identifies CAN-IDs used by each Electronic Control Unit (ECU) connected to the CAN for message transmissions. We realize the proposed method by utilizing diagnostic communications and an IDS installed in the CAN (CAN-IDS). We evaluate the proposed method using an ECU installed in an actual vehicle and four kinds of simulated CAN-IDSs based on typical existing intrusion detection methods for the CAN. The evaluation results show that the proposed method can identify the CAN-ID used by the ECU for CAN message transmissions if a suitable simulated CAN-IDS for the proposed method is connected to the vehicle.
ISSN: 2577-2465
2022-12-09
Sepehrzadeh, Hamed.  2022.  Security Evaluation of Cyber-Physical Systems with Redundant Components. 2022 CPSSI 4th International Symposium on Real-Time and Embedded Systems and Technologies (RTEST). :1—7.
The emergence of CPSs leads to modernization of critical infrastructures and improving flexibility and efficiency from one point of view. However, from another point of view, this modernization has subjected them to cyber threats. This paper provides a modeling approach for evaluating the security of CPSs. The main idea behind the presented model is to study the attacker and the system behaviors in the penetration and attack phases with exploiting some defensive countermeasures such as redundant components and attack detection strategies. By using the proposed approach, we can investigate how redundancy factor of sensors, controllers and actuators and intrusion detection systems can improve the system security and delay the system security failure.
2023-04-28
Shakhov, Vladimir.  2022.  Sequential Statistical Analysis-Based Method for Attacks Detection in Cognitive Radio Networks. 2022 27th Asia Pacific Conference on Communications (APCC). :663–666.
This Cognitive radio networks are vulnerable to specific intrusions due to the unique cognitive characteristics of these networks. This DoS attacks are known as the Primary User Emulation Attack and the Spectrum Sensing Data Falsification. If the intruder behavior is not statistically identical to the behavior of the primary users, intrusion detection techniques based on observing the energy of the received signals can be used. Both machine learning-based intrusion detection and sequential statistical analysis can be effectively applied. However, in some cases, statistical sequential analysis has some advantages in dealing with such challenges. This paper discusses aspects of using statistical sequential analysis methods to detect attacks in Cognitive radio networks.
2023-02-17
Alimi, Oyeniyi Akeem, Ouahada, Khmaies, Abu-Mahfouz, Adnan M., Rimer, Suvendi, Alimi, Kuburat Oyeranti Adefemi.  2022.  Supervised learning based intrusion detection for SCADA systems. 2022 IEEE Nigeria 4th International Conference on Disruptive Technologies for Sustainable Development (NIGERCON). :1–5.
Supervisory control and data acquisition (SCADA) systems play pivotal role in the operation of modern critical infrastructures (CIs). Technological advancements, innovations, economic trends, etc. have continued to improve SCADA systems effectiveness and overall CIs’ throughput. However, the trends have also continued to expose SCADA systems to security menaces. Intrusions and attacks on SCADA systems can cause service disruptions, equipment damage or/and even fatalities. The use of conventional intrusion detection models have shown trends of ineffectiveness due to the complexity and sophistication of modern day SCADA attacks and intrusions. Also, SCADA characteristics and requirement necessitate exceptional security considerations with regards to intrusive events’ mitigations. This paper explores the viability of supervised learning algorithms in detecting intrusions specific to SCADA systems and their communication protocols. Specifically, we examine four supervised learning algorithms: Random Forest, Naïve Bayes, J48 Decision Tree and Sequential Minimal Optimization-Support Vector Machines (SMO-SVM) for evaluating SCADA datasets. Two SCADA datasets were used for evaluating the performances of our approach. To improve the classification performances, feature selection using principal component analysis was used to preprocess the datasets. Using prominent classification metrics, the SVM-SMO presented the best overall results with regards to the two datasets. In summary, results showed that supervised learning algorithms were able to classify intrusions targeted against SCADA systems with satisfactory performances.
ISSN: 2377-2697
2023-05-19
Hussaini, Adamu, Qian, Cheng, Liao, Weixian, Yu, Wei.  2022.  A Taxonomy of Security and Defense Mechanisms in Digital Twins-based Cyber-Physical Systems. 2022 IEEE International Conferences on Internet of Things (iThings) and IEEE Green Computing & Communications (GreenCom) and IEEE Cyber, Physical & Social Computing (CPSCom) and IEEE Smart Data (SmartData) and IEEE Congress on Cybermatics (Cybermatics). :597—604.
The (IoT) paradigm’s fundamental goal is to massively connect the “smart things” through standardized interfaces, providing a variety of smart services. Cyber-Physical Systems (CPS) include both physical and cyber components and can apply to various application domains (smart grid, smart transportation, smart manufacturing, etc.). The Digital Twin (DT) is a cyber clone of physical objects (things), which will be an essential component in CPS. This paper designs a systematic taxonomy to explore different attacks on DT-based CPS and how they affect the system from a four-layer architecture perspective. We present an attack space for DT-based CPS on four layers (i.e., object layer, communication layer, DT layer, and application layer), three attack objects (i.e., confidentiality, integrity, and availability), and attack types combined with strength and knowledge. Furthermore, some selected case studies are conducted to examine attacks on representative DT-based CPS (smart grid, smart transportation, and smart manufacturing). Finally, we propose a defense mechanism called Secured DT Development Life Cycle (SDTDLC) and point out the importance of leveraging other enabling techniques (intrusion detection, blockchain, modeling, simulation, and emulation) to secure DT-based CPS.
2023-05-12
Desta, Araya Kibrom, Ohira, Shuji, Arai, Ismail, Fujikawa, Kazutoshi.  2022.  U-CAN: A Convolutional Neural Network Based Intrusion Detection for Controller Area Networks. 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC). :1481–1488.
The Controller area network (CAN) is the most extensively used in-vehicle network. It is set to enable communication between a number of electronic control units (ECU) that are widely found in most modern vehicles. CAN is the de facto in-vehicle network standard due to its error avoidance techniques and similar features, but it is vulnerable to various attacks. In this research, we propose a CAN bus intrusion detection system (IDS) based on convolutional neural networks (CNN). U-CAN is a segmentation model that is trained by monitoring CAN traffic data that are preprocessed using hamming distance and saliency detection algorithm. The model is trained and tested using publicly available datasets of raw and reverse-engineered CAN frames. With an F\_1 Score of 0.997, U-CAN can detect DoS, Fuzzy, spoofing gear, and spoofing RPM attacks of the publicly available raw CAN frames. The model trained on reverse-engineered CAN signals that contain plateau attacks also results in a true positive rate and false-positive rate of 0.971 and 0.998, respectively.
ISSN: 0730-3157
2023-01-13
Krishna, P. Vamsi, Matta, Venkata Durga Rao.  2022.  A Unique Deep Intrusion Detection Approach (UDIDA) for Detecting the Complex Attacks. 2022 International Conference on Edge Computing and Applications (ICECAA). :557—560.
Intrusion Detection System (IDS) is one of the applications to detect intrusions in the network. IDS aims to detect any malicious activities that protect the computer networks from unknown persons or users called attackers. Network security is one of the significant tasks that should provide secure data transfer. Virtualization of networks becomes more complex for IoT technology. Deep Learning (DL) is most widely used by many networks to detect the complex patterns. This is very suitable approaches for detecting the malicious nodes or attacks. Software-Defined Network (SDN) is the default virtualization computer network. Attackers are developing new technology to attack the networks. Many authors are trying to develop new technologies to attack the networks. To overcome these attacks new protocols are required to prevent these attacks. In this paper, a unique deep intrusion detection approach (UDIDA) is developed to detect the attacks in SDN. Performance shows that the proposed approach is achieved more accuracy than existing approaches.