Wrapper Based Linear Discriminant Analysis (LDA) for Intrusion Detection in IIoT

The internet has become a part of every human life. Also, various devices that are connected through the internet are increasing. Nowadays, the Industrial Internet of things (IIoT) is an evolutionary technology interconnecting various industries in digital platforms to facilitate their development. Moreover, IIoT is being used in various industrial fields such as logistics, manufacturing, metals and mining, gas and oil, transportation, aviation, and energy utilities. It is mandatory that various industrial fields require highly reliable security and preventive measures against cyber-attacks. Intrusion detection is defined as the detection in the network of security threats targeting privacy information and sensitive data. Intrusion Detection Systems (IDS) have taken an important role in providing security in the field of computer networks. Prevention of intrusion is completely based on the detection functions of the IDS. When an IIoT network expands, it generates a huge volume of data that needs an IDS to detect intrusions and prevent network attacks. Many research works have been done for preventing network attacks. Every day, the challenges and risks associated with intrusion prevention are increasing while their solutions are not properly defined. In this regard, this paper proposes a training process and a wrapper-based feature selection With Direct Linear Discriminant Analysis LDA (WDLDA). The implemented WDLDA results in a rate of detection accuracy (DRA) of 97% and a false positive rate (FPR) of 11% using the Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) dataset.     

Coot Optimization with Deep Learning-Based False Data Injection Attack Recognition

The recent developments in smart cities pose major security issues for the Internet of Things (IoT) devices. These security issues directly result from inappropriate security management protocols and their implementation by IoT gadget developers. Cyber-attackers take advantage of such gadgets’ vulnerabilities through various attacks such as injection and Distributed Denial of Service (DDoS) attacks. In this background, Intrusion Detection (ID) is the only way to identify the attacks and mitigate their damage. The recent advancements in Machine Learning (ML) and Deep Learning (DL) models are useful in effectively classifying cyber-attacks. The current research paper introduces a new Coot Optimization Algorithm with a Deep Learning-based False Data Injection Attack Recognition (COADL-FDIAR) model for the IoT environment. The presented COADL-FDIAR technique aims to identify false data injection attacks in the IoT environment. To accomplish this, the COADL-FDIAR model initially pre-processes the input data and selects the features with the help of the Chi-square test. To detect and classify false data injection attacks, the Stacked Long Short-Term Memory (SLSTM) model is exploited in this study. Finally, the COA algorithm effectively adjusts the SLTSM model’s hyperparameters effectively and accomplishes a superior recognition efficiency. The proposed COADL-FDIAR model was experimentally validated using a standard dataset, and the outcomes were scrutinized under distinct aspects. The comparative analysis results assured the superior performance of the proposed COADL-FDIAR model over other recent approaches with a maximum accuracy of 98.84%.     

Modified Buffalo Optimization with Big Data Analytics Assisted Intrusion Detection Model

Lately, the Internet of Things (IoT) application requires millions of structured and unstructured data since it has numerous problems, such as data organization, production, and capturing. To address these shortcomings, big data analytics is the most superior technology that has to be adapted. Even though big data and IoT could make human life more convenient, those benefits come at the expense of security. To manage these kinds of threats, the intrusion detection system has been extensively applied to identify malicious network traffic, particularly once the preventive technique fails at the level of endpoint IoT devices. As cyberattacks targeting IoT have gradually become stealthy and more sophisticated, intrusion detection systems (IDS) must continually emerge to manage evolving security threats. This study devises Big Data Analytics with the Internet of Things Assisted Intrusion Detection using Modified Buffalo Optimization Algorithm with Deep Learning (IDMBOA-DL) algorithm. In the presented IDMBOA-DL model, the Hadoop MapReduce tool is exploited for managing big data. The MBOA algorithm is applied to derive an optimal subset of features from picking an optimum set of feature subsets. Finally, the sine cosine algorithm (SCA) with convolutional autoencoder (CAE) mechanism is utilized to recognize and classify the intrusions in the IoT network. A wide range of simulations was conducted to demonstrate the enhanced results of the IDMBOA-DL algorithm. The comparison outcomes emphasized the better performance of the IDMBOA-DL model over other approaches.     

专家系统与神经网络在入侵检测中的应用

针对由于网络服务不断扩大造成的入侵行为日益复杂多样的情况,对专家系统和神经网络技术在入侵检测中的运用进行了研究,主要讨论了专家系统和神经网络技术在入侵监测的规则管理和入侵行为分类方面的应用,同时给出了入侵检测实践。结果证明,专家系统和神经网络技术的结合能够提高入侵监测系统发现入侵的实时性和检测入侵的正确性。     

Diabetic Retinopathy Diagnosis Using Interval Neutrosophic Segmentation with Deep Learning Model

In recent times, Internet of Things (IoT) and Deep Learning (DL) models have revolutionized the diagnostic procedures of Diabetic Retinopathy (DR) in its early stages that can save the patient from vision loss. At the same time, the recent advancements made in Machine Learning (ML) and DL models help in developing Computer Aided Diagnosis (CAD) models for DR recognition and grading. In this background, the current research works designs and develops an IoT-enabled Effective Neutrosophic based Segmentation with Optimal Deep Belief Network (ODBN) model i.e., NS-ODBN model for diagnosis of DR. The presented model involves Interval Neutrosophic Set (INS) technique to distinguish the diseased areas in fundus image. In addition, three feature extraction techniques such as histogram features, texture features, and wavelet features are used in this study. Besides, Optimal Deep Belief Network (ODBN) model is utilized as a classification model for DR. ODBN model involves Shuffled Shepherd Optimization (SSO) algorithm to regulate the hyperparameters of DBN technique in an optimal manner. The utilization of SSO algorithm in DBN model helps in increasing the detection performance of the model significantly. The presented technique was experimentally evaluated using benchmark DR dataset and the results were validated under different evaluation metrics. The resultant values infer that the proposed INS-ODBN technique is a promising candidate than other existing techniques.     

A survey of intrusion detection techniques in Cloud

In this paper, we survey different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. Proposals incorporating Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in Cloud are examined. We recommend IDS/IPS positioning in Cloud environment to achieve desired security in the next generation networks.     

一个快速的关联模式并行挖掘算法

由于目前大多数入侵侦测系统均基于专家知识的手工译码而构建,其更新十分缓慢和昂贵。显然从审计数据挖掘得出的频繁模式可以作为可靠的入侵侦测模型。因此,针对这一问题,提出一个快速有效的并行算法,该算法提取用来描述每一网络连接特征的扩充集合,并获知准确捕获入侵行为和正常活动的频繁模式,从而使得模型构建和不断更新简单易行。     

Optimal Deep Hybrid Boltzmann Machine Based Arabic Corpus Classification Model

Natural Language Processing (NLP) for the Arabic language has gained much significance in recent years. The most commonly-utilized NLP task is the ‘Text Classification’ process. Its main intention is to apply the Machine Learning (ML) approaches for automatically classifying the textual files into one or more pre-defined categories. In ML approaches, the first and foremost crucial step is identifying an appropriate large dataset to test and train the method. One of the trending ML techniques, i.e., Deep Learning (DL) technique needs huge volumes of different types of datasets for training to yield the best outcomes. The current study designs a new Dice Optimization with a Deep Hybrid Boltzmann Machine-based Arabic Corpus Classification (DODHBM-ACC) model in this background. The presented DODHBM-ACC model primarily relies upon different stages of pre-processing and the word2vec word embedding process. For Arabic text classification, the DHBM technique is utilized. This technique is a hybrid version of the Deep Boltzmann Machine (DBM) and Deep Belief Network (DBN). It has the advantage of learning the decisive intention of the classification process. To adjust the hyperparameters of the DHBM technique, the Dice Optimization Algorithm (DOA) is exploited in this study. The experimental analysis was conducted to establish the superior performance of the proposed DODHBM-ACC model. The outcomes inferred the better performance of the proposed DODHBM-ACC model over other recent approaches.     

Feature Selection with Deep Reinforcement Learning for Intrusion Detection System

An intrusion detection system (IDS) becomes an important tool for ensuring security in the network. In recent times, machine learning (ML) and deep learning (DL) models can be applied for the identification of intrusions over the network effectively. To resolve the security issues, this paper presents a new Binary Butterfly Optimization algorithm based on Feature Selection with DRL technique, called BBOFS-DRL for intrusion detection. The proposed BBOFSDRL model mainly accomplishes the recognition of intrusions in the network. To attain this, the BBOFS-DRL model initially designs the BBOFS algorithm based on the traditional butterfly optimization algorithm (BOA) to elect feature subsets. Besides, DRL model is employed for the proper identification and classification of intrusions that exist in the network. Furthermore, beetle antenna search (BAS) technique is applied to tune the DRL parameters for enhanced intrusion detection efficiency. For ensuring the superior intrusion detection outcomes of the BBOFS-DRL model, a wide-ranging experimental analysis is performed against benchmark dataset. The simulation results reported the supremacy of the BBOFS-DRL model over its recent state of art approaches.     

基于聚类的未标识数据的入侵检测

自动化入侵检测是入侵检测的重要研究方向。传统的入侵检测由于依赖标识数据进行训练,不能做到自动更新规则库和检测新的入侵。提出一种自动检测入侵的方法——基于聚类（Clustering）的未标识数据的检测。它不依赖分类标识数据进行训练,能检测到未知的入侵而保持着很低的误报率。     

利用脚本类入侵检测技术加固Web系统安全

入侵检测技术是继“防火墙”、“数据加密”等传统安全保护措施后新一代的安全保障技术。入侵检测系统,顾名思义,就是能够及时发现入侵行为的系统。它通过对网络中的若干关键点收集网络数据信息并对其进行分析,从中鉴别网络中违反安全策略的行为和被攻击的迹象。     

基于粗糙集数据挖掘和分类集成学习的网络入侵检测模型

基于多个特征或多个模型的集成（Ensemble）学习技术是智能网络入侵检测的重要研究方向，在现有研究基础上提出基于粗糙集分类、模型分发和攻击归类检测，并加以集成的学习式网络入侵检测模型，该模型不仅能提高网络入侵检测系统检测率，同时还结合了粗糙集能处理不确定信息、生成规则具有高解释性、特征排序在获得检测规则前完成等优点。     

Blockchain with Explainable Artificial Intelligence Driven Intrusion Detection for Clustered IoT Driven Ubiquitous Computing System

In the Internet of Things (IoT) based system, the multi-level client’s requirements can be fulfilled by incorporating communication technologies with distributed homogeneous networks called ubiquitous computing systems (UCS). The UCS necessitates heterogeneity, management level, and data transmission for distributed users. Simultaneously, security remains a major issue in the IoT-driven UCS. Besides, energy-limited IoT devices need an effective clustering strategy for optimal energy utilization. The recent developments of explainable artificial intelligence (XAI) concepts can be employed to effectively design intrusion detection systems (IDS) for accomplishing security in UCS. In this view, this study designs a novel Blockchain with Explainable Artificial Intelligence Driven Intrusion Detection for IoT Driven Ubiquitous Computing System (BXAI-IDCUCS) model. The major intention of the BXAI-IDCUCS model is to accomplish energy efficacy and security in the IoT environment. The BXAI-IDCUCS model initially clusters the IoT nodes using an energy-aware duck swarm optimization (EADSO) algorithm to accomplish this. Besides, deep neural network (DNN) is employed for detecting and classifying intrusions in the IoT network. Lastly, blockchain technology is exploited for secure inter-cluster data transmission processes. To ensure the productive performance of the BXAI-IDCUCS model, a comprehensive experimentation study is applied, and the outcomes are assessed under different aspects. The comparison study emphasized the superiority of the BXAI-IDCUCS model over the current state-of-the-art approaches with a packet delivery ratio of 99.29%, a packet loss rate of 0.71%, a throughput of 92.95 Mbps, energy consumption of 0.0891 mJ, a lifetime of 3529 rounds, and accuracy of 99.38%.     

Human perspective to anomaly detection for cybersecurity

Traditionally signature-based network Intrusion Detection Systems (IDS) rely on inputs from domain experts and can only identify the attacks if they occur as individual event. IDS generate large number of alerts and it becomes very difficult for human users to go through each message. Previous researches have proposed analytics based approaches to analyze IDS alert patterns based on anomaly detection models, multi-steps models or probabilistic approaches. However, due to the complexities of network intrusions, it is impossible to develop all possible attack patterns or to avoid false positives. With the advance in technologies and popularity of networks in our daily life, it is becoming more and more difficult to detect network intrusions. However, no matter how rapid the technologies change, the human behaviors behind the cyber attacks stay relatively constant. This provides us an opportunity to develop an improved system to detect the unusual cyber attacks. In this paper, we developed four network intrusion models based on consideration of human factors. We then tested these models on ITOC Cyber Defense Competition (CDX) 2009 data. Our results are encouraging. These Models are not only able to recognize most network attacks identified by SNORT log alerts, they are also able to distinguish the non-attack network traffic that was potentially missed by SNORT as indicated by ground truth validation of the data.     

基于高速网络的入侵检测系统研究

目前基于网络的入侵检测系统已经无法适应高速增长的网络速度,因此研究在高速以太网上实现的网络入侵检测系统是十分必要的。介绍了两种基于高速网络的入侵检测系统。一种是基于FPGA的高速网络入侵检测系统,另一种是基于数据分流的高速网络入侵检测系统。     

IoT-Driven Optimal Lightweight RetinaNet-Based Object Detection for Visually Impaired People

Visual impairment is one of the major problems among people of all age groups across the globe. Visually Impaired Persons (VIPs) require help from others to carry out their day-to-day tasks. Since they experience several problems in their daily lives, technical intervention can help them resolve the challenges. In this background, an automatic object detection tool is the need of the hour to empower VIPs with safe navigation. The recent advances in the Internet of Things (IoT) and Deep Learning (DL) techniques make it possible. The current study proposes IoT-assisted Transient Search Optimization with a Lightweight RetinaNet-based object detection (TSOLWR-ODVIP) model to help VIPs. The primary aim of the presented TSOLWR-ODVIP technique is to identify different objects surrounding VIPs and to convey the information via audio message to them. For data acquisition, IoT devices are used in this study. Then, the Lightweight RetinaNet (LWR) model is applied to detect objects accurately. Next, the TSO algorithm is employed for fine-tuning the hyperparameters involved in the LWR model. Finally, the Long Short-Term Memory (LSTM) model is exploited for classifying objects. The performance of the proposed TSOLWR-ODVIP technique was evaluated using a set of objects, and the results were examined under distinct aspects. The comparison study outcomes confirmed that the TSOLWR-ODVIP model could effectually detect and classify the objects, enhancing the quality of life of VIPs.     

网络安全技术的研究

该文系统地介绍了网络安全的概念。对安全协议的基本原理,主要特点进行了较为深入的研究,并就网络的安全性问题剖析了三种安全协议:IPsec协议、SLL协议和SET协议。并讨论了计算机网络面临的各种安全威胁;内部网络的安全问题是每个建网单位面临的最大问题,可以认为防火墙技术是解决网络安全的一个主要手段,该文研究了防火墙的原理及其实现手段;作为一种主动的防御措施,入侵检测系统(IDS)作为网络系统安全的重要组成部分,得到了广泛的重视,IDS对计算机和网络资源上的恶意使用行为进行识别和响应,不仅检测来自外部的入侵行为,也监督内部用户的未授权活动:虚拟专用网(CVPN)技术的出现,为实现网络间的连接提供了快速安全但又相对便宜的手段,较深入地探讨了实现VPN的隧道技术,并对VPN的概念、功能、实现途径、基本构成、关键技术及发展前景等问题进行了全面论述。     

基于网络入侵分析

随着网络的高速发展,网络信息安全问题不断暴露出来。本文主要对入侵检测系统中的网络入侵检测系统(NIDS)的进行分析,对网络入侵的各模块都进行了分析,并分析了系统的优缺点和发展趋势。     

Evolutionary neural networks for anomaly detection based on the behavior of a program.

The process of learning the behavior of a given program by using machine-learning techniques (based on system-call audit data) is effective to detect intrusions. Rule learning, neural networks, statistics, and hidden Markov models (HMMs) are some of the kinds of representative methods for intrusion detection. Among them, neural networks are known for good performance in learning system-call sequences. In order to apply this knowledge to real-world problems successfully, it is important to determine the structures and weights of these call sequences. However, finding the appropriate structures requires very long time periods because there are no suitable analytical solutions. In this paper, a novel intrusion-detection technique based on evolutionary neural networks (ENNs) is proposed. One advantage of using ENNs is that it takes less time to obtain superior neural networks than when using conventional approaches. This is because they discover the structures and weights of the neural networks simultaneously. Experimental results with the 1999 Defense Advanced Research Projects Agency (DARPA) Intrusion Detection Evaluation (IDEVAL) data confirm that ENNs are promising tools for intrusion detection.     

数据挖掘技术在入侵检测系统中的应用

入侵检测系统是一种检测网络入侵行为的工具,然而现在的入侵检测系统内部的知识库中的入侵模式（正常模式和异常模式）往往不能很好地反应入侵行为的特征,所以有时候经常出现漏报或误报的情况,另外,系统提了的用户行为特征有时候也不能正确地反映用户的实际行为特征,针对这一情况,详细讨论了数据挖掘技术在入侵检测系统中的应用,提出了采用数据挖掘技术的入侵检测系统的结构模型。