Biblio

The integration of IDS and Internet of Things (IoT) with deep learning plays a significant role in safety. Security has a strong role to play. Application of the IoT network decreases the time complexity and resources. In the traditional intrusion detection systems (IDS), this research work implements the cutting-edge methodologies in the IoT environment. This research is based on analysis, conception, testing and execution. Detection of intrusions can be performed by using the advanced deep learning system and multiagent. The NSL-KDD dataset is used to test the IoT system. The IoT system is used to test the IoT system. In order to detect attacks from intruders of transport layer, efficiency result rely on advanced deep learning idea. In order to increase the system performance, multi -agent algorithms could be employed to train communications agencies and to optimize the feedback training process. Advanced deep learning techniques such as CNN will be researched to boost system performance. The testing part an IoT includes data simulator which will be used to generate in continuous of research work finding with deep learning algorithms of suitable IDS in IoT network environment of current scenario without time complexity.

The annotated dataset is the foundation for Supervised Natural Language Processing. However, the cost of obtaining dataset is high. In recent years, the Few-Shot Learning has gradually attracted the attention of researchers. From the definition, in this paper, we conclude the difference in Few-Shot Learning between Natural Language Processing and Computer Vision. On that basis, the current Few-Shot Learning on Natural Language Processing is summarized, including Transfer Learning, Meta Learning and Knowledge Distillation. Furthermore, we conclude the solutions to Few-Shot Learning in Natural Language Processing, such as the method based on Distant Supervision, Meta Learning and Knowledge Distillation. Finally, we present the challenges facing Few-Shot Learning in Natural Language Processing.

Maintenance of Crop health is essential for the successful farming for both yield and product quality. Pest and disease in crops are serious problem to be monitored. pest and disease occur in different stages or phases of crop development. Due to introduction of genetically modified seeds the natural resistance of crops to prevent them from pest and disease is less. Major crop loss is due to pest and disease attack in crops. It damages the leaves, buds, flowers and fruits of the crops. Affected areas and damage levels of pest and diseases attacks are growing rapidly based on global climate change. Weather Conditions plays a major role in pest and disease attacks in crops. Naked eye inspection of pest and disease is complex and difficult for wide range of field. And at the same time taking lab samples to detect disease is also inefficient and time-consuming process. Early identification of diseases is important to take necessary actions for preventing crop loss and to avoid disease spreads. So, Timely and effective monitoring of crop health is important. Several technologies have been developed to detect pest and disease in crops. In this paper we discuss the various technologies implemented by using AI and Deep Learning for pest and disease detection. And also, briefly discusses their Advantages and limitations on using certain technology for monitoring of crops.

Federated learning (FL) has nourished a promising scheme to solve the data silo, which enables multiple clients to construct a joint model without centralizing data. The critical concerns for flourishing FL applications are that build a security and privacy-preserving learning environment. It is thus highly necessary to comprehensively identify and classify potential threats to utilize FL under security guarantees. This paper starts from the perspective of launched attacks with different computing participants to construct the unique threats classification, highlighting the significant attacks, e.g., poisoning attacks, inference attacks, and generative adversarial networks (GAN) attacks. Our study shows that existing FL protocols do not always provide sufficient security, containing various attacks from both clients and servers. GAN attacks lead to larger significant threats among the kinds of threats given the invisible of the attack process. Moreover, we summarize a detailed review of several defense mechanisms and approaches to resist privacy risks and security breaches. Then advantages and weaknesses are generalized, respectively. Finally, we conclude the paper to prospect the challenges and some potential research directions.

As malware detection algorithms and methods become more sophisticated, malware authors adopt equally sophisticated evasion mechanisms to defeat them. Anecdotal evidence claims Living-Off-The-Land (LotL) techniques are one of the major evasion techniques used in many malware attacks. These techniques leverage binaries already present in the system to conduct malicious actions. We present the first large-scale systematic investigation of the use of these techniques by malware on Windows systems.In this paper, we analyse how common the use of these native system binaries is across several malware datasets, containing a total of 31,805,549 samples. We identify an average 9.41% prevalence. Our results show that the use of LotL techniques is prolific, particularly in Advanced Persistent Threat (APT) malware samples where the prevalence is 26.26%, over twice that of commodity malware.To illustrate the evasive potential of LotL techniques, we test the usage of LotL techniques against several fully patched Windows systems in a local sandboxed environment and show that there is a generalised detection gap in 10 of the most popular anti-virus products.

The rapid advancement of IoT technologies has led to its flexible adoption in battle field networks, known as Internet of Battlefield Things (IoBT) networks. One important application of IoBT networks is the weather sensory network characterized with a variety of weather, land and environmental sensors. This data contains hidden trends and correlations, needed to provide situational awareness to soldiers and commanders. To interpret the incoming data in real-time, machine learning algorithms are required to automate strategic decision-making. Existing solutions are not well-equipped to provide the fine-grained feedback to military personnel and cannot facilitate a scalable, end-to-end platform for fast unlabeled data collection, cleaning, querying, analysis and threats identification. In this work, we present a scalable end-to-end IoBT data driven platform for SVAD (Storage, Visualization, Anomaly Detection) analysis of heterogeneous weather sensor data. Our SVAD platform includes extensive data cleaning techniques to denoise efficiently data to differentiate data from anomalies and noise data instances. We perform comparative analysis of unsupervised machine learning algorithms for multi-variant data analysis and experimental evaluation of different data ingestion pipelines to show the ability of the SVAD platform for (near) real-time processing. Our results indicate impending turbulent weather conditions that can be detected by early anomaly identification and detection techniques.

Vehicular Ad-Hoc Network (VANET) is a subcategory of Intelligent Transportation Systems (ITS) that allows vehicles to communicate with other vehicles and static roadside infrastructure. However, the integration of cyber and physical systems introduce many possible points of attack that make VANET vulnerable to cyber attacks. In this paper, we implemented a machine learning-based intrusion detection system that identifies False Data Injection (FDI) attacks on a vehicular network. A co-simulation framework between MATLAB and NS-3 is used to simulate the system. The intrusion detection system is installed in every vehicle and processes the information obtained from the packets sent by other vehicles. The packet is classified into either trusted or malicious using Support Vector Machines (SVM). The comparison of the performance of the system is evaluated in different scenarios using the following metrics: classification rate, attack detection rate, false positive rate, and detection speed. Simulation results show that the SVM-based IDS is able to provide high accuracy detection, low false positive rate, consequently improving the traffic congestion in the simulated highway.

Distributed Denial of Service (DDoS) attacks are widely used by malicious actors to disrupt network infrastructures/services. A common attack is TCP SYN Flood that attempts to exhaust memory and processing resources. Typical mitigation mechanisms, i.e. SYN cookies require significant processing resources and generate large rates of backscatter traffic to block them. In this paper, we propose a detection and mitigation schema that focuses on generating and optimizing signature-based rules. To that end, network traffic is monitored and appropriate packet-level data are processed to form signatures i.e. unique combinations of packet field values. These are fed to machine learning models that classify them to malicious/benign. Malicious signatures corresponding to specific destinations identify potential victims. TCP traffic to victims is redirected to high-performance programmable XDPenabled firewalls that filter off ending traffic according to signatures classified as malicious. To enhance mitigation performance malicious signatures are subjected to a reduction process, formulated as a multi-objective optimization problem. Minimization objectives are (i) the number of malicious signatures and (ii) collateral damage on benign traffic. We evaluate our approach in terms of detection accuracy and packet filtering performance employing traces from production environments and high rate generated attack traffic. We showcase that our approach achieves high detection accuracy, significantly reduces the number of filtering rules and outperforms the SYN cookies mechanism in high-speed traffic scenarios.

Industrial Control Systems (ICSs) are used in several domains such as Transportation, Manufacturing, Defense and Power Generation and Distribution. ICSs deal with complex physical systems in order to achieve an industrial purpose with operational safety. Security has not been taken into account by design in these systems that makes them vulnerable to cyberattacks.In this paper, we rely on existing public ICS datasets as well as on the existing literature of Machine Learning (ML) applications for anomaly detection in ICSs in order to improve detection scores. To perform this purpose, we propose a systematic framework, relying on established ML algorithms and suitable data preprocessing methods, which allows us to quickly get efficient, and surprisingly, better results than the literature. Finally, some recommendations for future public ICS dataset generations end this paper, which would be fruitful for improving future attack detection models and then protect new ICSs designed in the next future.

Cyber attacks are a major concern for network administrators as the occurrences of such events are continuously increasing on the Internet. Software-defined networks (SDN) enable many management applications, but they may also become targets for attackers. Due to the separation of the data plane and the control plane, the controller appears as a new element in SDN networks, allowing centralized control of the network, becoming a strategic target in carrying out an attack. According to reports generated by security labs, the frequency of the distributed denial of service (DDoS) attacks has seen an increase in recent years, characterizing a major threat to the SDN. However, few research papers address the prevention of DDoS attacks on SDN. Therefore, this work presents a Systematic Mapping of Literature, aiming at identifying, classifying, and thus disseminating current research studies that propose techniques and methods for preventing DDoS attacks in SDN. When answering these questions, it was determined that the SDN controller was vulnerable to possible DDoS attacks. No prevention methods were found in the literature for the first phase of the attack (when attackers try to deceive users and infect the host). Therefore, the security of software-defined networks still needs improvement over DDoS attacks, despite the evident risk of an attack targeting the SDN controller.

Privacy and security are the key challenges of wearable IoTs. Smart wearables are becoming popular choice of people because of their indispensable application in the field of clinical medication and medical care, wellbeing the executives, working environments, training, and logical examination. Currently, IoT is facing several challenges, such as- user unawareness, lack of efficient security protocols, vulnerable wireless communication and device management, and improper device management. The paper investigates a efficient audit of safety and protection issues involved in wearable IoT devices with the following structure, as- (i) Background of IoT systems and applications (ii) Security and privacy issues in IoT (iii) Popular wearable IoTs in demand (iv) Highlight the existing IoT security and privacy solutions, and (v) Approaches to secure the futuristic IoT based environment. Finally, this study summarized with security vulnerabilities in IoT, Countermeasures and existing security and privacy solutions, and futuristic smart wearables.

Security has become a significant factor of Internet of Things (IoT) and Cyber Physical Systems (CPS) wherein the devices usually vary in computing power and intrinsic hardware features. It is necessary to use security-by-design method in the development of these systems. This paper focuses on the security design issue about this sort of heterogeneous embedded systems and proposes a systematic approach aiming to achieve optimal security design objective.

This book presents an in-depth overview of recent work related to the safety, security, and privacy of cyber-physical systems (CPSs). It brings together contributions from leading researchers in networked control systems and closely related fields to discuss overarching aspects of safety, security, and privacy; characterization of attacks; and solutions to detecting and mitigating such attacks.

The Internet-of-Things (IoT) paradigm at large continues to be compromised, hindering the privacy, dependability, security, and safety of our nations. While the operational security communities (i.e., CERTS, SOCs, CSIRT, etc.) continue to develop capabilities for monitoring cyberspace, tools which are IoT-centric remain at its infancy. To this end, we address this gap by innovating an actionable Cyber Threat Intelligence (CTI) feed related to Internet-scale infected IoT devices. The feed analyzes, in near real-time, 3.6TB of daily streaming passive measurements ( ≈ 1M pps) by applying a custom-developed learning methodology to distinguish between compromised IoT devices and non-IoT nodes, in addition to labeling the type and vendor. The feed is augmented with third party information to provide contextual information. We report on the operation, analysis, and shortcomings of the feed executed during an initial deployment period. We make the CTI feed available for ingestion through a public, authenticated API and a front-end platform.

We propose and demonstrate a set of microservice-based security components able to perform physical layer security assessment and mitigation in optical networks. Results illustrate the scalability of the attack detection mechanism and the agility in mitigating attacks.

Internet of Things (IoT) is penetrating into every aspect of our personal lives including our body, our home and our living environment which poses numerous security challenges. The number of heterogeneous connected devices is increasing exponentially in IoT, which in turn increases the attack surface of IoT. This forces the need for uniform, distributed security mechanism which can efficiently detect the attack at faster rate in highly scalable IoT environment. The proposed work satisfies this requirement by providing a security framework which combines Fog computing and Software Defined Networking (SDN). The experimental results depicts the effectiveness in protecting the IoT applications at faster rate

The growing adoption of IoT devices is creating a huge positive impact on human life. However, it is also making the network more vulnerable to security threats. One of the major threats is malicious traffic injection attack, where the hacked IoT devices overwhelm the application servers causing large-scale service disruption. To address such attacks, we propose a Software Defined Networking based predictive alarm manager solution for malicious traffic detection and mitigation at the IoT Gateway. Our experimental results with the proposed solution confirms the detection of malicious flows with nearly 95% precision on average and at its best with around 99% precision.

Cloud computing systems (CCSs) enable the sharing of physical computing resources through virtualisation, where a group of virtual machines (VMs) can share the same physical resources of a given machine. However, this sharing can lead to a so-called side-channel attack (SCA), widely recognised as a potential threat to CCSs. Specifically, malicious VMs can capture information from (target) VMs, i.e., those with sensitive information, by merely co-located with them on the same physical machine. As such, a VM allocation algorithm needs to be cognizant of this issue and attempts to allocate the malicious and target VMs onto different machines, i.e., the allocation algorithm needs to be security-aware. This paper investigates the allocation patterns of VM allocation algorithms that are more likely to lead to a secure allocation. A driving objective is to reduce the number of VM migrations during allocation. We also propose a graph-based secure VMs allocation algorithm (GbSRS) to minimise SCA threats. Our results show that algorithms following a stacking-based behaviour are more likely to produce secure VMs allocation than those following spreading or random behaviours.

This paper presents a secure reinforcement learning (RL) based control method for unknown linear time-invariant cyber-physical systems (CPSs) that are subjected to compositional attacks such as eavesdropping and covert attack. We consider the attack scenario where the attacker learns about the dynamic model during the exploration phase of the learning conducted by the designer to learn a linear quadratic regulator (LQR), and thereafter, use such information to conduct a covert attack on the dynamic system, which we refer to as doubly learning-based control and attack (DLCA) framework. We propose a dynamic camouflaging based attack-resilient reinforcement learning (ARRL) algorithm which can learn the desired optimal controller for the dynamic system, and at the same time, can inject sufficient misinformation in the estimation of system dynamics by the attacker. The algorithm is accompanied by theoretical guarantees and extensive numerical experiments on a consensus multi-agent system and on a benchmark power grid model.

Mobile payment protocols have attracted widespread attention over the past decade, due to advancements in digital technology. The use of these protocols in online industries can dramatically improve the quality of online services. However, the central issue of concern when utilizing these types of systems is their accountability, which ensures trust between the parties involved in payment transactions. It is, therefore, vital for researchers to investigate how to handle the accountability of mobile payment protocols. In this research, we introduce a secure mobile payment protocol to overcome this problem. Our payment protocol combines all the necessary security features, such as confidentiality, integrity, authentication, and authorization that are required to build trust among parties. In other words, is the properties of mutual authentication and non-repudiation are ensured, thus providing accountability. Our approach can resolve any conflicts that may arise in payment transactions between parties. To prove that the proposed protocol is correct and complete, we use the Scyther and AVISPA tools to verify our approach formally.

We also sought to shed light on a yet-unexamined attack vector as it translates to healthcare networks: supply chain attacks. Several high-profile breaches in recent years involved lapses in the supply chain. Furthermore, according to a health and human services public breach reporting tool, 30 percent of healthcare breaches in 2016 were due to business associates and third-party vendor breaches. To learn from these cases, we studied the different ways threat actors can take advantage of weaknesses in the supply chain to infiltrate healthcare networks.

With the development of IT technology and the generalization of the Internet of Things, smart grid systems combining IoT for efficient power grid construction are being widely deployed. As a form of development for this, edge computing and blockchain technology are being combined with the smart grid. Wang et al. proposed a user authentication scheme to strengthen security in this environment. In this paper, we describe the scheme proposed by Wang et al. and security faults. The first is that it is vulnerable to a side-channel attack, an impersonation attack, and a key material change attack. In addition, their scheme does not guarantee the anonymity of a participant in the smart grid system.

This paper argues that the security management of the robot supply chain would preferably focus on Sino-US relations and technical bottlenecks based on a comprehensive security analysis through open-source intelligence and data mining of associated discourses. Through the lens of the newsboy model and game theory, this study reconstructs the risk appraisal model of the robot supply chain and rebalances the process of the Sino-US competition game, leading to the prediction of China's strategic movements under the supply risks. Ultimately, this paper offers a threefold suggestion: increasing the overall revenue through cost control and scaled expansion, resilience enhancement and risk prevention, and outreach of a third party's cooperation for confrontation capabilities reinforcement.

Intellectual Property Rights (IPR) results from years of research and wisdom by property owners, and it plays an increasingly important role in promoting economic development, technological progress, and cultural prosperity. Thus, we need to strengthen the degree of protection of IPR. However, as internet technology continues to open up the market for IPR, the ease of network operation has led to infringement of IPR in some cases. Intellectual property infringement has occurred in some cases. Also, Internet development's concealed and rapid nature has led to the fact that IPR infringers cannot be easily detected. This paper addresses how to protect the rights and interests of IPR holders in the context of the rapid development of the internet. This paper explains the IPR and proposes an algorithm to enhance security for a better security model to protect IPR. This proposes optimization techniques to detect intruder attacks for securing IPR, by using support vector machines (SVM), it provides better results to secure public and private intellectual data by optimizing technologies.