scholarly journals Leveraging Image Representation of Network Traffic Data and Transfer Learning in Botnet Detection

2018 ◽  
Vol 2 (4) ◽  
pp. 37 ◽  
Author(s):  
Shayan Taheri ◽  
Milad Salem ◽  
Jiann-Shiun Yuan
Keyword(s):  
Deep Learning ◽  
Transfer Learning ◽  
Network Traffic ◽  
Denial Of Service ◽  
Security And Privacy ◽  
Support Vector ◽  
The Internet ◽  
Traffic Data ◽  
Botnet Detection ◽  
Detection Techniques

The advancements in the Internet has enabled connecting more devices into this technology every day. The emergence of the Internet of Things has aggregated this growth. Lack of security in an IoT world makes these devices hot targets for cyber criminals to perform their malicious actions. One of these actions is the Botnet attack, which is one of the main destructive threats that has been evolving since 2003 into different forms. This attack is a serious threat to the security and privacy of information. Its scalability, structure, strength, and strategy are also under successive development, and that it has survived for decades. A bot is defined as a software application that executes a number of automated tasks (simple but structurally repetitive) over the Internet. Several bots make a botnet that infects a number of devices and communicates with their controller called the botmaster to get their instructions. A botnet executes tasks with a rate that would be impossible to be done by a human being. Nowadays, the activities of bots are concealed in between the normal web flows and occupy more than half of all web traffic. The largest use of bots is in web spidering (web crawler), in which an automated script fetches, analyzes, and files information from web servers. They also contribute to other attacks, such as distributed denial of service (DDoS), SPAM, identity theft, phishing, and espionage. A number of botnet detection techniques have been proposed, such as honeynet-based and Intrusion Detection System (IDS)-based. These techniques are not effective anymore due to the constant update of the bots and their evasion mechanisms. Recently, botnet detection techniques based upon machine/deep learning have been proposed that are more capable in comparison to their previously mentioned counterparts. In this work, we propose a deep learning-based engine for botnet detection to be utilized in the IoT and the wearable devices. In this system, the normal and botnet network traffic data are transformed into image before being given into a deep convolutional neural network, named DenseNet with and without considering transfer learning. The system is implemented using Python programming language and the CTU-13 Dataset is used for evaluation in one study. According to our simulation results, using transfer learning can improve the accuracy from 33.41% up to 99.98%. In addition, two other classifiers of Support Vector Machine (SVM) and logistic regression have been used. They showed an accuracy of 83.15% and 78.56%, respectively. In another study, we evaluate our system by an in-house live normal dataset and a solely botnet dataset. Similarly, the system performed very well in data classification in these studies. To examine the capability of our system for real-time applications, we measure the system training and testing times. According to our examination, it takes 0.004868 milliseconds to process each packet from the network traffic data during testing.

scholarly journals A STUDY ON ADVANCED BOTNETS DETECTION IN VARIOUS COMPUTING SYSTEMS USING MACHINE LEARNING TECHNIQUES

2020 ◽  
pp. 167-173
Author(s):  
K. Vamshi Krishna
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Emerging Technologies ◽  
Denial Of Service ◽  
Machine Learning Techniques ◽  
Botnet Detection ◽  
Detection Techniques ◽  
Learning Techniques ◽  
Network Equipment ◽  
Internet Network

Due to the rapid growth and use of Emerging technologies such as Artificial Intelligence, Machine Learning and Internet of Things, Information industry became so popular, meanwhile these Emerging technologies have brought lot of impact on human lives and internet network equipment has increased. This increment of internet network equipment may bring some serious security issues. A botnet is a number of Internet-connected devices, each of which is running one or more bots.The main aim of botnet is to infect connected devices and use their resource for automated tasks and generally they remain hidden. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. In this paper we are going to address the advanced Botnet detection techniques using Machine Learning. Traditional botnet detection uses manual analysis and blacklist, and the efficiency is very low. Applying machine learning to batch automatic detection of botnets can greatly improve the efficiency of detection. Using machine learning to detect botnets, we need to collect network traffic and extract traffic characteristics, and then use X-Means, SVM algorithm to detect botnets. According to the difference of detection features, botnet detection based on machine learning technology is divided into network traffic analysis and correlation analysis-based detection technology. KEYWORDS: Botnet, Study, Security, Internet-network, Machine Learning, Techniques.

scholarly journals SMOTE-DRNN: A Deep Learning Algorithm for Botnet Detection in the Internet-of-Things Networks

Sensors ◽  
2021 ◽  
Vol 21 (9) ◽  
pp. 2985
Author(s):  
Segun I. Popoola ◽  
Bamidele Adebisi ◽  
Ruth Ande ◽  
Mohammad Hammoudeh ◽  
Kelvin Anoh ◽  
...  
Keyword(s):  
Deep Learning ◽  
Internet Of Things ◽  
Network Traffic ◽  
State Of The Art ◽  
Classification Performance ◽  
The Internet ◽  
Traffic Data ◽  
Distributed Resources ◽  
Deep Recurrent Neural Network ◽  
The Internet Of Things

Nowadays, hackers take illegal advantage of distributed resources in a network of computing devices (i.e., botnet) to launch cyberattacks against the Internet of Things (IoT). Recently, diverse Machine Learning (ML) and Deep Learning (DL) methods were proposed to detect botnet attacks in IoT networks. However, highly imbalanced network traffic data in the training set often degrade the classification performance of state-of-the-art ML and DL models, especially in classes with relatively few samples. In this paper, we propose an efficient DL-based botnet attack detection algorithm that can handle highly imbalanced network traffic data. Specifically, Synthetic Minority Oversampling Technique (SMOTE) generates additional minority samples to achieve class balance, while Deep Recurrent Neural Network (DRNN) learns hierarchical feature representations from the balanced network traffic data to perform discriminative classification. We develop DRNN and SMOTE-DRNN models with the Bot-IoT dataset, and the simulation results show that high-class imbalance in the training data adversely affects the precision, recall, F1 score, area under the receiver operating characteristic curve (AUC), geometric mean (GM) and Matthews correlation coefficient (MCC) of the DRNN model. On the other hand, the SMOTE-DRNN model achieved better classification performance with 99.50% precision, 99.75% recall, 99.62% F1 score, 99.87% AUC, 99.74% GM and 99.62% MCC. Additionally, the SMOTE-DRNN model outperformed state-of-the-art ML and DL models.

Smart paddy field monitoring system using deep learning and IoT

2021 ◽  
pp. 1063293X2198894
Author(s):  
Prabira Kumar Sethy ◽  
Santi Kumari Behera ◽  
Nithiyakanthan Kannan ◽  
Sridevi Narayanan ◽  
Chanki Pandey
Keyword(s):  
Feature Extraction ◽  
Deep Learning ◽  
Transfer Learning ◽  
Paddy Field ◽  
New Technology ◽  
Support Vector ◽  
Nitrogen Status ◽  
Deep Feature ◽  
Per Capita ◽  
Deep Feature Extraction

Paddy is an essential nutrient worldwide. Rice gives 21% of worldwide human per capita energy and 15% of per capita protein. Asia represented 60% of the worldwide populace, about 92% of the world’s rice creation, and 90% of worldwide rice utilization. With the increase in population, the demand for rice is increased. So, the productivity of farming is needed to be enhanced by introducing new technology. Deep learning and IoT are hot topics for research in various fields. This paper suggested a setup comprising deep learning and IoT for monitoring of paddy field remotely. The vgg16 pre-trained network is considered for the identification of paddy leaf diseases and nitrogen status estimation. Here, two strategies are carried out to identify images: transfer learning and deep feature extraction. The deep feature extraction approach is combined with a support vector machine (SVM) to classify images. The transfer learning approach of vgg16 for identifying four types of leaf diseases and prediction of nitrogen status results in 79.86% and 84.88% accuracy. Again, the deep features of Vgg16 and SVM results for identifying four types of leaf diseases and prediction of nitrogen status have achieved an accuracy of 97.31% and 99.02%, respectively. Besides, a framework is suggested for monitoring of paddy field remotely based on IoT and deep learning. The suggested prototype’s superiority is that it controls temperature and humidity like the state-of-the-art and can monitor the additional two aspects, such as detecting nitrogen status and diseases.

scholarly journals Real-Time Detection of Dictionary DGA Network Traffic Using Deep Learning

2021 ◽  
Vol 2 (2) ◽  
Author(s):  
Kate Highnam ◽  
Domenic Puzio ◽  
Song Luo ◽  
Nicholas R. Jennings
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Real Time ◽  
Network Traffic ◽  
Short Term Memory ◽  
Domain Names ◽  
Control Networks ◽  
Detection Techniques ◽  
Lstm Network ◽  
And Control

AbstractBotnets and malware continue to avoid detection by static rule engines when using domain generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses. Common DGA detection techniques fail to reliably detect DGA variants that combine random dictionary words to create domain names that closely mirror legitimate domains. To combat this, we created a novel hybrid neural network, Bilbo the “bagging” model, that analyses domains and scores the likelihood they are generated by such algorithms and therefore are potentially malicious. Bilbo is the first parallel usage of a convolutional neural network (CNN) and a long short-term memory (LSTM) network for DGA detection. Our unique architecture is found to be the most consistent in performance in terms of AUC, $$F_1$$ F 1 score, and accuracy when generalising across different dictionary DGA classification tasks compared to current state-of-the-art deep learning architectures. We validate using reverse-engineered dictionary DGA domains and detail our real-time implementation strategy for scoring real-world network logs within a large enterprise. In 4 h of actual network traffic, the model discovered at least five potential command-and-control networks that commercial vendor tools did not flag.

A Comparative Study of Alzheimer Detection Techniques

2021 ◽  
Vol 9 (8) ◽  
pp. 2877-2883
Author(s):  
Adwait Patil
Keyword(s):  
Machine Learning ◽  
Alzheimer’S Disease ◽  
Alzheimer's Disease ◽  
Deep Learning ◽  
Comparative Study ◽  
Fuzzy System ◽  
Early Stage ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Detection Techniques

Abstract: Alzheimer’s disease is one of the neurodegenerative disorders. It initially starts with innocuous symptoms but gradually becomes severe. This disease is so dangerous because there is no treatment, the disease is detected but typically at a later stage. So it is important to detect Alzheimer at an early stage to counter the disease and for a probable recovery for the patient. There are various approaches currently used to detect symptoms of Alzheimer’s disease (AD) at an early stage. The fuzzy system approach is not widely used as it heavily depends on expert knowledge but is quite efficient in detecting AD as it provides a mathematical foundation for interpreting the human cognitive processes. Another more accurate and widely accepted approach is the machine learning detection of AD stages which uses machine learning algorithms like Support Vector Machines (SVMs) , Decision Tree , Random Forests to detect the stage depending on the data provided. The final approach is the Deep Learning approach using multi-modal data that combines image , genetic data and patient data using deep models and then uses the concatenated data to detect the AD stage more efficiently; this method is obscure as it requires huge volumes of data. This paper elaborates on all the three approaches and provides a comparative study about them and which method is more efficient for AD detection. Keywords: Alzheimer’s Disease (AD), Fuzzy System , Machine Learning , Deep Learning , Multimodal data

scholarly journals A Stacked Deep Learning Approach for IoT Cyberattack Detection

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Bandar Alotaibi ◽  
Munif Alotaibi
Keyword(s):  
Deep Learning ◽  
Detection Method ◽  
Denial Of Service ◽  
Large Datasets ◽  
Learning Approach ◽  
Distributed Denial Of Service ◽  
Learning Method ◽  
Traffic Data ◽  
Security Breaches ◽  
Iot Devices

Internet of things (IoT) devices and applications are dramatically increasing worldwide, resulting in more cybersecurity challenges. Among these challenges are malicious activities that target IoT devices and cause serious damage, such as data leakage, phishing and spamming campaigns, distributed denial-of-service (DDoS) attacks, and security breaches. In this paper, a stacked deep learning method is proposed to detect malicious traffic data, particularly malicious attacks targeting IoT devices. The proposed stacked deep learning method is bundled with five pretrained residual networks (ResNets) to deeply learn the characteristics of the suspicious activities and distinguish them from normal traffic. Each pretrained ResNet model consists of 10 residual blocks. We used two large datasets to evaluate the performance of our detection method. We investigated two heterogeneous IoT environments to make our approach deployable in any IoT setting. Our proposed method has the ability to distinguish between benign and malicious traffic data and detect most IoT attacks. The experimental results show that our proposed stacked deep learning method can provide a higher detection rate in real time compared with existing classification techniques.

scholarly journals Adaptive Anomaly Detection Framework Model Objects in Cyberspace

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Hasan Alkahtani ◽  
Theyazn H. H. Aldhyani ◽  
Mohammed Al-Yaari
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Network Security ◽  
Anomaly Detection ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Ddos Attacks ◽  
Framework Model

Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.

scholarly journals Quantifying Seagrass Distribution in Coastal Water with Deep Learning Models

2020 ◽  
Vol 12 (10) ◽  
pp. 1581 ◽  
Author(s):  
Daniel Perez ◽  
Kazi Islam ◽  
Victoria Hill ◽  
Richard Zimmerman ◽  
Blake Schaeffer ◽  
...  
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Transfer Learning ◽  
Satellite Images ◽  
Support Vector ◽  
Learning Approach ◽  
Learning Models ◽  
Learning Techniques ◽  
The World ◽  
New Locations

Coastal ecosystems are critically affected by seagrass, both economically and ecologically. However, reliable seagrass distribution information is lacking in nearly all parts of the world because of the excessive costs associated with its assessment. In this paper, we develop two deep learning models for automatic seagrass distribution quantification based on 8-band satellite imagery. Specifically, we implemented a deep capsule network (DCN) and a deep convolutional neural network (CNN) to assess seagrass distribution through regression. The DCN model first determines whether seagrass is presented in the image through classification. Second, if seagrass is presented in the image, it quantifies the seagrass through regression. During training, the regression and classification modules are jointly optimized to achieve end-to-end learning. The CNN model is strictly trained for regression in seagrass and non-seagrass patches. In addition, we propose a transfer learning approach to transfer knowledge in the trained deep models at one location to perform seagrass quantification at a different location. We evaluate the proposed methods in three WorldView-2 satellite images taken from the coastal area in Florida. Experimental results show that the proposed deep DCN and CNN models performed similarly and achieved much better results than a linear regression model and a support vector machine. We also demonstrate that using transfer learning techniques for the quantification of seagrass significantly improved the results as compared to directly applying the deep models to new locations.

scholarly journals Intrusion Detection in IoT Networks Using Deep Learning Algorithm

Information ◽  
2020 ◽  
Vol 11 (5) ◽  
pp. 279 ◽  
Author(s):  
Bambang Susilo ◽  
Riri Fitri Sari
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Learning Strategies ◽  
Learning Algorithm ◽  
Human Life ◽  
Denial Of Service ◽  
The Internet ◽  
Dos Attacks ◽  
Deep Learning Algorithm ◽  
Iot Devices

The internet has become an inseparable part of human life, and the number of devices connected to the internet is increasing sharply. In particular, Internet of Things (IoT) devices have become a part of everyday human life. However, some challenges are increasing, and their solutions are not well defined. More and more challenges related to technology security concerning the IoT are arising. Many methods have been developed to secure IoT networks, but many more can still be developed. One proposed way to improve IoT security is to use machine learning. This research discusses several machine-learning and deep-learning strategies, as well as standard datasets for improving the security performance of the IoT. We developed an algorithm for detecting denial-of-service (DoS) attacks using a deep-learning algorithm. This research used the Python programming language with packages such as scikit-learn, Tensorflow, and Seaborn. We found that a deep-learning model could increase accuracy so that the mitigation of attacks that occur on an IoT network is as effective as possible.

Critical Issues in the Invasion of the Internet of Things (IoT)

2019 ◽  
pp. 174-196 ◽  
Author(s):  
Shravani Devarakonda ◽  
Malka N. Halgamuge ◽  
Azeem Mohammad
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
Security And Privacy ◽  
The Internet ◽  
Man In The Middle ◽  
Critical Issues ◽  
Service Attack ◽  
Active Attacks ◽  
Privacy Issues ◽  
The Internet Of Things

In this chapter, the authors collected data from issues related to threats in the applications of IoT-based technologies that describe the security and privacy issues from 30 peer reviewed publications from 2014 to 2017. Further, they analyzed each threat type and its percentages in each application of the internet of things. The results indicated that the applications of smart transportation (20%) face the highest amount of security and privacy issues followed by smart home (19%) and smart cities (18%) compared to the rest of the applications. Further, they determined that the biggest threats were denial of service attack (9%) followed by eavesdropping (5%), man in the middle (4%), and replay (4%). Denial of service attacks and man in the middle attack are active attacks that can severely damage human life whereas eavesdropping is a passive attack that steals information. This study has found that privacy issues have the biggest impacts on people. Therefore, researchers need to find possible solutions to these threats to improve the quality of IoT applications.

Sign in / Sign up

Export Citation Format

Share Document