scholarly journals Top-Down Machine Learning-Based Architecture for Cyberattacks Identification and Classification in IoT Communication Networks

2022 ◽  
Vol 4 ◽  
Author(s):  
Qasem Abu Al-Haija
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Communication Networks ◽  
High Performance ◽  
Real Life ◽  
Sensitive Information ◽  
Learning Technology ◽  
Cyber Attack ◽  
Top Down ◽  
Real Time System

With the prompt revolution and emergence of smart, self-reliant, and low-power devices, Internet of Things (IoT) has inconceivably expanded and impacted almost every real-life application. Nowadays, for example, machines and devices are now fully reliant on computer control and, instead, they have their own programmable interfaces, such as cars, unmanned aerial vehicles (UAVs), and medical devices. With this increased use of IoT, attack capabilities have increased in response, which became imperative that new methods for securing these systems be developed to detect attacks launched against IoT devices and gateways. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. In this research, we present new efficient and generic top-down architecture for intrusion detection, and classification in IoT networks using non-traditional machine learning is proposed in this article. The proposed architecture can be customized and used for intrusion detection/classification incorporating any IoT cyber-attack datasets, such as CICIDS Dataset, MQTT dataset, and others. Specifically, the proposed system is composed of three subsystems: feature engineering (FE) subsystem, feature learning (FL) subsystem, and detection and classification (DC) subsystem. All subsystems have been thoroughly described and analyzed in this article. Accordingly, the proposed architecture employs deep learning models to enable the detection of slightly mutated attacks of IoT networking with high detection/classification accuracy for the IoT traffic obtained from either real-time system or a pre-collected dataset. Since this work employs the system engineering (SE) techniques, the machine learning technology, the cybersecurity of IoT systems field, and the collective corporation of the three fields have successfully yielded a systematic engineered system that can be implemented with high-performance trajectories.

scholarly journals Hybrid Machine Learning: A Tool to Detect Phishing Attacks in Communication Networks

2021 ◽  
Vol 15 (3) ◽  
pp. 374-389
Author(s):  
Ademola Philip Abidoye ◽  
Boniface Kabaso
Keyword(s):  
Machine Learning ◽  
Communication Networks ◽  
Credit Card ◽  
Personal Information ◽  
False Positive Rate ◽  
False Negative ◽  
False Negative Rate ◽  
Machine Learning Techniques ◽  
Sensitive Information ◽  
Cyber Attack

Phishing is a cyber-attack that uses disguised email as a weapon and has been on the rise in recent times.  Innocent Internet user if peradventure clicking on a fraudulent link may cause him to fall victim of divulging his personal information such as credit card pin, login credentials, banking information and other sensitive information. There are many ways in which the attackers can trick victims to reveal their personal information. In this article, we select important phishing URLs features that can be used by attacker to trick Internet users into taking the attacker’s desired action. We use two machine learning techniques to accurately classify our data sets. We compare the performance of other related techniques with our scheme. The results of the experiments show that the approach is highly effective in detecting phishing URLs and attained an accuracy of 97.8% with 1.06% false positive rate, 0.5% false negative rate, and an error rate of 0.3%. The proposed scheme performs better compared to other selected related work. This shows that our approach can be used for real-time application in detecting phishing URLs.

scholarly journals An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽  
2021 ◽  
Vol 21 (2) ◽  
pp. 656
Author(s):  
Xavier Larriva-Novo ◽  
Víctor A. Villagrá ◽  
Mario Vega-Barbas ◽  
Diego Rivera ◽  
Mario Sanz Rodrigo
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
High Performance ◽  
Learning Algorithm ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Statistical Characteristics ◽  
Detection Techniques ◽  
Traffic Characteristics ◽  
Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

scholarly journals Comparative Study between Big Data Analysis Techniques in Intrusion Detection

2018 ◽  
Vol 3 (1) ◽  
pp. 1 ◽  
Author(s):  
Mounir Hafsa ◽  
Farah Jemili
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Large Scale ◽  
Fault Tolerant ◽  
Time Frame ◽  
Cyber Attacks ◽  
Sensitive Information ◽  
Cyber Attack ◽  
Processing Power ◽  
Damage Costs

Cybersecurity ventures expect that cyber-attack damage costs will rise to $11.5 billion in 2019 and that a business will fall victim to a cyber-attack every 14 seconds. Notice here that the time frame for such an event is seconds. With petabytes of data generated each day, this is a challenging task for traditional intrusion detection systems (IDSs). Protecting sensitive information is a major concern for both businesses and governments. Therefore, the need for a real-time, large-scale and effective IDS is a must. In this work, we present a cloud-based, fault tolerant, scalable and distributed IDS that uses Apache Spark Structured Streaming and its Machine Learning library (MLlib) to detect intrusions in real-time. To demonstrate the efficacy and effectivity of this system, we implement the proposed system within Microsoft Azure Cloud, as it provides both processing power and storage capabilities. A decision tree algorithm is used to predict the nature of incoming data. For this task, the use of the MAWILab dataset as a data source will give better insights about the system capabilities against cyber-attacks. The experimental results showed a 99.95% accuracy and more than 55,175 events per second were processed by the proposed system on a small cluster.

scholarly journals Detection of Phishing Websites using an Efficient Feature-Based Machine Learning Framework

2020 ◽  
Vol 9 (3) ◽  
pp. 2857-2862
Keyword(s):  
Machine Learning ◽  
Personal Information ◽  
Machine Learning Algorithms ◽  
Sensitive Information ◽  
Cyber Attack ◽  
Learning Framework ◽  
Internet Users ◽  
User Data ◽  
Feature Based ◽  
Classification Prediction

Phishing is a cyber-attack which is socially engineered to trick naive online users into revealing sensitive information such as user data, login credentials, social security number, banking information etc. Attackers fool the Internet users by posing as a legitimate webpage to retrieve personal information. This can also be done by sending emails posing as reputable companies or businesses. Phishing exploits several vulnerabilities effectively and there is no one solution which protects users from all vulnerabilities. A classification/prediction model is designed based on heuristic features that are extracted from website domain, URL, web protocol, source code to eliminate the drawbacks of existing anti-phishing techniques. In the model we combine some existing solutions such as blacklisting and whitelisting, heuristics and visual-based similarity which provides higher level security. We use the model with different Machine Learning Algorithms, namely Logistic Regression, Decision Trees, K-Nearest Neighbours and Random Forests, and compare the results to find the most efficient machine learning framework.

scholarly journals The Proposition and Evaluation of the RoEduNet-SIMARGL2021 Network Intrusion Detection Dataset

Sensors ◽  
2021 ◽  
Vol 21 (13) ◽  
pp. 4319
Author(s):  
Maria-Elena Mihailescu ◽  
Darius Mihai ◽  
Mihai Carabas ◽  
Mikołaj Komisarek ◽  
Marek Pawlicki ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cross Validation ◽  
Real Life ◽  
Arms Race ◽  
Detection Methods ◽  
Network Intrusion Detection ◽  
Network Intrusion ◽  
Academic Network ◽  
The Stability

Cybersecurity is an arms race, with both the security and the adversaries attempting to outsmart one another, coming up with new attacks, new ways to defend against those attacks, and again with new ways to circumvent those defences. This situation creates a constant need for novel, realistic cybersecurity datasets. This paper introduces the effects of using machine-learning-based intrusion detection methods in network traffic coming from a real-life architecture. The main contribution of this work is a dataset coming from a real-world, academic network. Real-life traffic was collected and, after performing a series of attacks, a dataset was assembled. The dataset contains 44 network features and an unbalanced distribution of classes. In this work, the capability of the dataset for formulating machine-learning-based models was experimentally evaluated. To investigate the stability of the obtained models, cross-validation was performed, and an array of detection metrics were reported. The gathered dataset is part of an effort to bring security against novel cyberthreats and was completed in the SIMARGL project.

Online Music Style Recognition via Mobile Computing

2022 ◽  
Vol 13 (2) ◽  
pp. 0-0
Keyword(s):  
Machine Learning ◽  
Real Life ◽  
Recognition System ◽  
Waveform Analysis ◽  
Support Vector ◽  
Learning Technology ◽  
Machine Model ◽  
Model Decomposition ◽  
Online Music ◽  
Music Information

Music is a widely used data format in the explosion of Internet information. Automatically identifying the style of online music in the Internet is an important and hot topic in the field of music information retrieval and music production. Recently, automatic music style recognition has been used in many real life scenes. Due to the emerging of machine learning, it provides a good foundation for automatic music style recognition. This paper adopts machine learning technology to establish an automatic music style recognition system. First, the online music is process by waveform analysis to remove the noises. Second, the denoised music signals are represented as sample entropy features by using empirical model decomposition. Lastly, the extracted features are used to learn a relative margin support vector machine model to predict future music style. The experimental results demonstrate the effectiveness of the proposed framework.

scholarly journals Remedies for algorithmic tacit collusion

2020 ◽  
Author(s):  
Francisco Beneke ◽  
Mark-Oliver Mackenrodt
Keyword(s):  
Machine Learning ◽  
Real Life ◽  
Competition Law ◽  
Tacit Collusion ◽  
Learning Technology ◽  
Social Harm ◽  
Learning Methods ◽  
Machine Learning Methods ◽  
The Social ◽  
Use Efficiency

Abstract There is growing evidence that tacit collusion can be autonomously achieved by machine learning technology, at least in some real-life examples identified in the literature and experimental settings. Although more work needs to be done to assess the competitive risks of widespread adoption of autonomous pricing agents, this is still an appropriate time to examine which possible remedies can be used in case competition law shifts towards the prohibition of tacit collusion. This is because outlawing such conduct is pointless unless there are suitable remedies that can be used to address the social harm. This article explores how fines and structural and behavioural remedies can serve to discourage collusive results while preserving the incentives to use efficiency-enhancing algorithms. We find that this could be achieved if fines and remedies can target structural conditions that facilitate collusion. In addition, the problem of unfeasibility of injunctions to remedy traditional price coordination changes with the use of pricing software, which in theory can be programmed to avoid collusive outcomes. Finally, machine-learning methods can be used by the authorities themselves as a tool to test the effects of any given combination of remedies and to estimate a more accurate competitive benchmark for the calculation of the appropriate fine.

scholarly journals Detection of Cyber Attack in Networks using Machine Learning Techniques

2021 ◽  
Vol 9 (VII) ◽  
pp. 2401-2404
Author(s):  
Meghana M
Keyword(s):  
Machine Learning ◽  
Information Security ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Brute Force ◽  
Cyber Attack ◽  
Detection Systems ◽  
Learning Techniques

The use of recent innovations provides unimaginable blessings to individuals, organizations, and governments, be that because it might, messes some up against them. for example, the protection of serious information, security of place away data stages, accessibility of knowledge so forth. Digital concern, that created an excellent deal of problems individuals and institutions, has received A level that might undermine open and nation security by totally different gatherings, as an example, criminal association, good individuals and digital activists. the foremost common risk to a network’s security is an intrusion like brute force, denial of service or maybe an infiltration from inside a network. this can be wherever machine learning comes into play. Intrusion Detection Systems (IDS) has been created to take care of a strategic distance from digital assaults.

scholarly journals A Kohonen SOM Architecture for Intrusion Detection on In-Vehicle Communication Networks

2020 ◽  
Vol 10 (15) ◽  
pp. 5062
Author(s):  
Vita Santa Barletta ◽  
Danilo Caivano ◽  
Antonella Nannavecchia ◽  
Michele Scalera
Keyword(s):  
Intrusion Detection ◽  
Communication Networks ◽  
High Performance ◽  
Clustering Algorithm ◽  
Can Bus ◽  
Detection System ◽  
Complex Structure ◽  
Area Network ◽  
Self Organizing Map ◽  
Vehicle Communication

The diffusion of connected devices in modern vehicles involves a lack in security of the in-vehicle communication networks such as the controller area network (CAN) bus. The CAN bus protocol does not provide security systems to counter cyber and physical attacks. Thus, an intrusion-detection system to identify attacks and anomalies on the CAN bus is desirable. In the present work, we propose a distance-based intrusion-detection network aimed at identifying attack messages injected on a CAN bus using a Kohonen self-organizing map (SOM) network. It is a power classifier that can be trained both as supervised and unsupervised learning. SOM found broad application in security issues, but was never performed on in-vehicle communication networks. We performed two approaches, first using a supervised X–Y fused Kohonen network (XYF) and then combining the XYF network with a K-means clustering algorithm (XYF–K) in order to improve the efficiency of the network. The models were tested on an open source dataset concerning data messages sent on a CAN bus 2.0B and containing large traffic volume with a low number of features and more than 2000 different attack types, sent totally at random. Despite the complex structure of the CAN bus dataset, the proposed architectures showed a high performance in the accuracy of the detection of attack messages.

Sign in / Sign up

Export Citation Format

Share Document