A Survey of Intrusion Detection Using Deep Learning in Internet of Things

The use of deep learning in various models is a powerful tool in detecting IoT attacks, identifying new types of intrusion to access a better secure network. Need to developing an intrusion detection system to detect and classify attacks in appropriate time and automated manner increases especially due to the use of IoT and the nature of its data that causes increasing in attacks. Malicious attacks are continuously changing, that cause new attacks. In this paper we present a survey about the detection of anomalies, thus intrusion detection by distinguishing between normal behavior and malicious behavior while analyzing network traffic to discover new attacks. This paper surveys previous researches by evaluating their performance through two categories of new datasets of real traffic are (CSE-CIC-IDS2018 dataset, Bot-IoT dataset). To evaluate the performance we show accuracy measurement for detect intrusion in different systems.

Quantum communication for sender anonymity based on single-particle with collective detection

Nowadays, identity protection has turned into a fundamental demand for online activities. Currently, the present quantum anonymous communication protocols mostly rely on multi-entanglement. In this paper, we propose an anonymous communication protocol for anonymous sender by using single-particle states. The protocol can be extended to a communication protocol where the sender and receiver are fully anonymous with the message kept secret. In terms of security, our protocol is designed to comply with the technique of collective detection. Compared to the step-by-step detection, collective detection, in which the participants perform detection only once, reduces the complexity of the protocol to some extent. Moreover, we analytically demonstrate the security of the protocol in the face of active attacks. Any active attack employed by an external or internal attacker cannot reveal any useful information about the sender’s identity. Meanwhile, any malicious behavior will be detected by honest participants.

Ironical edification

The paper deals with ironic edification – autosemantic utterances which contain critical evaluation of human shortcomings expressed in derisive assertion of absurd, or pretentious, or malicious behavior certain people manifest. They make a specific class of proverbs, aphorisms, and miniatures of modern network discourse. They are heterogeneous and vary from profound observations of human character up to banalities used to amuse a down-home partner, from witty phrases up to acid black humour. They are very common in everyday conversations and serve to help interlocutors express their understanding of hidden manipulations they are exposed to. Structurally they may be simple and composite, the former are integral sentences expressing a certain attitude to norms of behavior, the latter are judgments which consist of two parts, in the first part a certain positive norm of behavior is expressed, and in the second part it is denied. Their integral semantic content is a frame which expresses a concessive juxtaposition of values, pragmatically they promote important assumptions about realistic evaluation of human nature, and their most relevant syntactic feature is a ludic allusion to well-known texts or events.

Influence of Bottleneck Nodes on Malicious Packet Dropping Nodes Mitigation in Wireless Infrastructure-less Networks

Mobile ad hoc networks as an infrastructure free, and constrained resource environment network. The network aim is to establish internet connectivity everywhere regardless of location. The applications of network are healthcare, disaster relief and military, where reliable communication is major concern. Communication in the network is initiated by establishing the communication route between source and destination and sending the information through it. One of the characteristics of MANETs is a peer-to-peer network, where intermediate nodes have to cooperate for reliable communication by acting as routers. In literature number of routing protocols have been designed based on the MANET’s peer to peer characteristic. However, it may not be every time true that the intermediate nodes act as faithful routers, and they may untrustworthy either due to malicious behavior or bottleneck. Number of secure protocols have been designed to mitigate malicious behavior by neglecting the bottleneck. The paper aims to define the bottleneck, and its importance in communication. Finally, how bottleneck influence on the MANETs performance during malicious nodes mitigation

A Register Access Control Scheme for SNR System to Counter CPA Attack Based on Malicious User Blacklist

Standalone Name Resolution (SNR) is an essential component of many Information-Centric Networking (ICN) infrastructures that maps and stores the mappings of IDs and locators. The delivery of data can be realized only when the name resolution process is completed correctly. It also makes the SNR become the key target of network attackers. In this paper, our research focuses on the more covert and complex Content Pollution Attack (CPA). By continuously sending invalid content to the network at a low speed, attackers will consume a lot of the resources and time of the SNR system, resulting in a serious increase in the resolution delay of normal users and further cache pollution in ICN. It is difficult to be quickly detected because the characteristics of attack are inconspicuous. To address the challenge, a register access control scheme for an SNR system based on a malicious user blacklist query is proposed. A neighbor voting algorithm is designed to discover possible attacks in the network quickly and build a blacklist of malicious users reasonably. Users on the blacklist will be restricted from accessing the ICN network during the registration phase with the resolution system. Incentives and punishments for network users are introduced to automate responses about the potential malicious behavior reports. Our scheme is more efficient as users do not have to wait for an additional system component to perform operations. In addition, our algorithm can better solve the collusion problem in the voting process when compared with the others. We experimentally evaluate our protocol to demonstrate that the probability of successful collusion attack can be reduced to less than 0.1 when the attacker ratio is 0.5.

A novel trust management model for edge computing

Edge computing is a distributed architecture that features decentralized processing of data near the source/devices, where data are being generated. These devices are known as Internet of Things (IoT) devices or edge devices. As we continue to rely on IoT devices, the amount of data generated by the IoT devices have increased significantly due to which it has become infeasible to transfer all the data over to the Cloud for processing. Since these devices contain insufficient storage and processing power, it gives rise to the edge computing paradigm. In edge computing data are processed by edge devices and only the required data are sent to the Cloud to increase robustness and decrease overall network overhead. IoT edge devices are inherently suffering from various security risks and attacks causing a lack of trust between devices. To reduce this malicious behavior, a lightweight trust management model is proposed that maintains the trust of a device and manages the service level trust along with quality of service (QoS). The model calculates the overall trust of the devices by using QoS parameters to evaluate the trust of devices through assigned weights. Trust management models using QoS parameters show improved results that can be helpful in identifying malicious edge nodes in edge computing networks and can be used for industrial purposes.

Malicious Network Behavior Detection Using Fusion of Packet Captures Files and Business Feature Data

Information and communication technologies have essential impacts on people’s life. The real time convenience of the internet greatly facilitates the information transmission and knowledge exchange of users. However, network intruders utilize some communication holes to complete malicious attacks. Some traditional machine learning (ML) methods based on business features and deep learning (DL) methods extracting features automatically are used to identify these malicious behaviors. However, these approaches tend to use only one type of data source, which can result in the loss of some features that can not be mined in the data. In order to address this problem and to improve the precision of malicious behavior detection, this paper proposed a one-dimensional (1D) convolution-based fusion model of packet capture files and business feature data for malicious network behavior detection. Fusion models improve the malicious behavior detection results compared with single ones in some available network traffic and Internet of things (IOT) datasets. The experiments also indicate that early data fusion, feature fusion and decision fusion are all effective in the model. Moreover, this paper also discusses the adaptability of one-dimensional convolution and two-dimensional (2D) convolution to network traffic data.

Attention-Based Fault-Tolerant Approach for Multi-Agent Reinforcement Learning Systems

The aim of multi-agent reinforcement learning systems is to provide interacting agents with the ability to collaboratively learn and adapt to the behavior of other agents. Typically, an agent receives its private observations providing a partial view of the true state of the environment. However, in realistic settings, the harsh environment might cause one or more agents to show arbitrarily faulty or malicious behavior, which may suffice to allow the current coordination mechanisms fail. In this paper, we study a practical scenario of multi-agent reinforcement learning systems considering the security issues in the presence of agents with arbitrarily faulty or malicious behavior. The previous state-of-the-art work that coped with extremely noisy environments was designed on the basis that the noise intensity in the environment was known in advance. However, when the noise intensity changes, the existing method has to adjust the configuration of the model to learn in new environments, which limits the practical applications. To overcome these difficulties, we present an Attention-based Fault-Tolerant (FT-Attn) model, which can select not only correct, but also relevant information for each agent at every time step in noisy environments. The multihead attention mechanism enables the agents to learn effective communication policies through experience concurrent with the action policies. Empirical results showed that FT-Attn beats previous state-of-the-art methods in some extremely noisy environments in both cooperative and competitive scenarios, much closer to the upper-bound performance. Furthermore, FT-Attn maintains a more general fault tolerance ability and does not rely on the prior knowledge about the noise intensity of the environment.

Secure Online Examination with Biometric Authentication and Blockchain-Based Framework

E-learning has been carried out all over the world and then online examinations have become an important means to check learning effect during the outbreak of COVID-19. Participant authenticity, data integrity, and access control are the assurance to online examination. The existing online examination schemes cannot provide the protection of biometric features and fine-grained access control. Particularly, they did not discuss how to resolve some disputes among students, teachers, and a platform in a fair and reasonable way. We propose a novel biometric authentication and blockchain-based online examination scheme. The examination data are encrypted to store in a distributed system, which can be obtained only if the user satisfies decryption policy. And the pieces of evidence are recorded in a blockchain network which is jointly established by some credible institutions. Unlike other examination authentication systems, face templates in our scheme are protected using a fuzzy vault and a cryptographic method. Furthermore, educational administrative department can determine who the real initiator of malicious behavior is when a dispute arises using a dispute determination protocol. Analysis shows that no central authority is required in our scheme; the collusion of multiple users cannot obtain more data; even if the authorities compromise, biometric features of each user will not be leaked. Therefore, in terms of privacy-preserving biometric templates, fine-grained access, and dispute resolution, it is superior to the existing schemes.