IDS for Industrial Applications: A Federated Learning Approach with Active Personalization

Internet of Things (IoT) is a concept adopted in nearly every aspect of human life, leading to an explosive utilization of intelligent devices. Notably, such solutions are especially integrated in the industrial sector, to allow the remote monitoring and control of critical infrastructure. Such global integration of IoT solutions has led to an expanded attack surface against IoT-enabled infrastructures. Artificial intelligence and machine learning have demonstrated their ability to resolve issues that would have been impossible or difficult to address otherwise; thus, such solutions are closely associated with securing IoT. Classical collaborative and distributed machine learning approaches are known to compromise sensitive information. In our paper, we demonstrate the creation of a network flow-based Intrusion Detection System (IDS) aiming to protecting critical infrastructures, stemming from the pairing of two machine learning techniques, namely, federated learning and active learning. The former is utilized for privately training models in federation, while the latter is a semi-supervised approach applied for global model adaptation to each of the participant’s traffic. Experimental results indicate that global models perform significantly better for each participant, when locally personalized with just a few active learning queries. Specifically, we demonstrate how the accuracy increase can reach 7.07% in only 10 queries.

Download Full-text

A Novel PCA-Firefly Based XGBoost Classification Model for Intrusion Detection in Networks Using GPU

Electronics ◽

10.3390/electronics9020219 ◽

2020 ◽

Vol 9 (2) ◽

pp. 219 ◽

Cited By ~ 37

Author(s):

Sweta Bhattacharya ◽

Siva Rama Krishnan S ◽

Praveen Kumar Reddy Maddikunta ◽

Rajesh Kaluri ◽

Saurabh Singh ◽

...

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Comprehensive Evaluation ◽

Detection System ◽

Human Life ◽

Principal Component ◽

Cyber Attacks ◽

Classification Model ◽

Learning Approaches ◽

Machine Learning Model

The enormous popularity of the internet across all spheres of human life has introduced various risks of malicious attacks in the network. The activities performed over the network could be effortlessly proliferated, which has led to the emergence of intrusion detection systems. The patterns of the attacks are also dynamic, which necessitates efficient classification and prediction of cyber attacks. In this paper we propose a hybrid principal component analysis (PCA)-firefly based machine learning model to classify intrusion detection system (IDS) datasets. The dataset used in the study is collected from Kaggle. The model first performs One-Hot encoding for the transformation of the IDS datasets. The hybrid PCA-firefly algorithm is then used for dimensionality reduction. The XGBoost algorithm is implemented on the reduced dataset for classification. A comprehensive evaluation of the model is conducted with the state of the art machine learning approaches to justify the superiority of our proposed approach. The experimental results confirm the fact that the proposed model performs better than the existing machine learning models.

Download Full-text

Analysis of Intrusion Detection and Classification using Machine Learning Approaches

SMART MOVES JOURNAL IJOSCIENCE ◽

10.24113/ijoscience.v3i10.13 ◽

2017 ◽

Vol 3 (10) ◽

Author(s):

Anjum Khan ◽

Anjana Nigam

Keyword(s):

Machine Learning ◽

Network Security ◽

Intrusion Detection ◽

Detection System ◽

Real Data ◽

Machine Learning Techniques ◽

Learning Approaches ◽

High Detection Rate ◽

Learning Techniques ◽

Result Analysis

As the network primarily based applications are growing quickly, the network security mechanisms need a lot of attention to enhance speed and preciseness. The ever evolving new intrusion types cause a significant threat to network security. Though varied network security tools are developed, however the quick growth of intrusive activities continues to be a significant issue. Intrusion detection systems (IDSs) are wont to detect intrusive activities on the network. Analysis showed that application of machine learning techniques in intrusion detection might reach high detection rate. Machine learning and classification algorithms facilitate to design “Intrusion Detection Models” which might classify the network traffic into intrusive or traditional traffic. This paper discusses some usually used machine learning techniques in Intrusion Detection System and conjointly reviews a number of the prevailing machine learning IDS proposed by researchers at different times. in this paper an experimental analysis is performed to demonstrate the performance analysis of some existing techniques in order that they will be used further in developing Hybrid Classifier for real data packets classification. The given result analysis shows that KNN, RF and SVM performs best for NSL-KDD dataset.

Download Full-text

Digital Transformation and Cybersecurity Challenges

Handbook of Research on Advancing Cybersecurity for Digital Transformation - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-6975-7.ch011 ◽

2021 ◽

pp. 203-226

Author(s):

Fatimah Al Obaidan ◽

Saqib Saeed

Keyword(s):

Machine Learning ◽

Communication Systems ◽

Human Life ◽

Malware Detection ◽

Digital Transformation ◽

Machine Learning Techniques ◽

Sensitive Information ◽

Static And Dynamic Analysis ◽

Learning Techniques

Digital transformation has revolutionized human life but also brought many cybersecurity challenges for users and enterprises. The major threats that affect computers and communication systems by damaging devices and stealing sensitive information are malicious attacks. Traditional anti-virus software fails to detect advanced kind of malware. Current research focuses on developing machine learning techniques for malware detection to respond in a timely manner. Many systems have been evolved and improved to distinguish the malware based on analysis behavior. The analysis behavior is considered a robust technique to detect, analyze, and classify malware, categorized into two models: a static and dynamic analysis. Both types of previous analysis have advantages and limitations. Therefore, the hybrid method combines the strength of static and dynamic analyses. This chapter conducted a systematic literature review (SLR) to summarize and analyze the quality of published studies in malware detection using machine learning techniques and hybrid analysis that range from 2016 to 2021.

Download Full-text

Electronic Credit Card Fraud Detection System by Collaboration of Machine Learning Models

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.l1028.10812s19 ◽

2019 ◽

Vol 8 (12S) ◽

pp. 92-94 ◽

Cited By ~ 1

Keyword(s):

Machine Learning ◽

Credit Card ◽

Detection System ◽

Industrial Sector ◽

Machine Learning Techniques ◽

Support Vector ◽

Identification System ◽

Financial Loss ◽

Learning Techniques ◽

Free Data

In the financial industrial sector the lightning growth and participation of internet-based transactional events give rise to malicious activities like a fraud that result in financial loss. The malicious activities have no continuous pattern their pattern, behavior, working always keep on changing with the increasing growth in technology. Every time a new technology comes in the market the hoaxer study about that technology and implement malicious activity through the learned technology and internet-based activities. The hoaxer analyzes the behavior patterns of consumers to execute the plan of fraud to cause loss to the consumer. So to overcome this problem of fraud, hoax, cheat in the financial sector a fraud identification system is needed to identify the cheating, fraud and alike activities in internet-based money transactions by employing machine learning techniques. This presented paper focuses on fraud activities that cannot be detected manually by carrying out research and examine the results of logistic regression, decision tree and support vector machine. A dataset of electronic payment card is taken from European electronic cardholders, the machine learning techniques are applied on the unstructured and process-free data.

Download Full-text

Detecting phishing websites using machine learning technique

PLoS ONE ◽

10.1371/journal.pone.0258361 ◽

2021 ◽

Vol 16 (10) ◽

pp. e0258361

Author(s):

Ashit Kumar Dutta

Keyword(s):

Machine Learning ◽

Detection System ◽

Cyber Attacks ◽

Sensitive Information ◽

Learning Approaches ◽

Security Technologies ◽

Online Purchases ◽

Intelligent Technique ◽

Cloud Technologies ◽

Phishing Detection

In recent years, advancements in Internet and cloud technologies have led to a significant increase in electronic trading in which consumers make online purchases and transactions. This growth leads to unauthorized access to users’ sensitive information and damages the resources of an enterprise. Phishing is one of the familiar attacks that trick users to access malicious content and gain their information. In terms of website interface and uniform resource locator (URL), most phishing webpages look identical to the actual webpages. Various strategies for detecting phishing websites, such as blacklist, heuristic, Etc., have been suggested. However, due to inefficient security technologies, there is an exponential increase in the number of victims. The anonymous and uncontrollable framework of the Internet is more vulnerable to phishing attacks. Existing research works show that the performance of the phishing detection system is limited. There is a demand for an intelligent technique to protect users from the cyber-attacks. In this study, the author proposed a URL detection technique based on machine learning approaches. A recurrent neural network method is employed to detect phishing URL. Researcher evaluated the proposed method with 7900 malicious and 5800 legitimate sites, respectively. The experiments’ outcome shows that the proposed method’s performance is better than the recent approaches in malicious URL detection.

Download Full-text

Anomaly Activities Detection System in Critical Water SCADA Infrastructure Using Machine Learning Techniques

Menoufia Journal of Electronic Engineering Research ◽

10.21608/mjeer.2019.69027 ◽

2019 ◽

Vol 28 (1) ◽

pp. 343-384 ◽

Cited By ~ 1

Author(s):

Gamal Eldin I. Selim ◽

EZZ El-Din Hemdan ◽

Ahmed M. Shehata ◽

Nawal A. El-Fishawy

Keyword(s):

Machine Learning ◽

Detection System ◽

Machine Learning Techniques ◽

Learning Techniques

Download Full-text

Virtual Private Network Flow Detection in Wireless Sensor Networks using Machine Learning Techniques

International Journal of Sensors Wireless Communications and Control ◽

10.2174/2210327910666210104160027 ◽

2021 ◽

Vol 10 ◽

Author(s):

S. Phani Praveen ◽

T. Bala Murali Krishna ◽

Sunil K. Chawla ◽

CH Anuradha

Keyword(s):

Machine Learning ◽

Traffic Flow ◽

Network Flow ◽

Virtual Private Network ◽

Machine Learning Techniques ◽

Protocol Security ◽

Learning Techniques ◽

Private Network ◽

Hyper Text Transfer Protocol ◽

Transfer Protocol

Background: Every organization generally uses a VPN service individually to leather the actual communication. Such communication is actually not allowed by organization monitoring network. But these institutes are not in a position to spend huge amount of funds on secure sockets layer to monitor traffic over their computer networks. Objective: Our work suggests simple technique to block or detect annoying VPN clients inside the network activities. This method does not requires the network to decrypt or even decode any network communication. Method: The proposed solution selects two machine learning techniques Feature Tree and K-means as classifiction techniques which work on time related features. First, the DNS mapping with the ordinary characteristic of the transmission control protocol / internet protocol computer network stack is identified and it is not to be considered as a normal traiffic flow if the domain name information is not available. The process also examines non-standard utilization of hyper text transfer protocol security and also conceal such communication from hyper text transfer protocol security dependent filters in firewall to detect as anomaly in largely. Results: we define the trafic flow as normal trafic flow and VPN traffic flow. These two flows are characterized by taking two machine learning techniques Feature Tree and K-means. We have executed each experment 4 times. As a result, eight types of regular traffics and eight types of VPN traffics were represented. Conclusion: Once trafic flow is identified, it is classified and studied by machine learning techniques. Using time related features, the traffic flow is defined as normal flow or VPN traffic flow.

Download Full-text