Learning-Based Artificial Algae Algorithm with Optimal Machine Learning Enabled Malware Detection

Malware is a ‘malicious software program that performs multiple cyberattacks on the Internet, involving fraud, scams, nation-state cyberwar, and cybercrime. Such malicious software programs come under different classifications, namely Trojans, viruses, spyware, worms, ransomware, Rootkit, botnet malware, etc. Ransomware is a kind of malware that holds the victim’s data hostage by encrypting the information on the user’s computer to make it inaccessible to users and only decrypting it; then, the user pays a ransom procedure of a sum of money. To prevent detection, various forms of ransomware utilize more than one mechanism in their attack flow in conjunction with Machine Learning (ML) algorithm. This study focuses on designing a Learning-Based Artificial Algae Algorithm with Optimal Machine Learning Enabled Malware Detection (LBAAA-OMLMD) approach in Computer Networks. The presented LBAAA-OMLMD model mainly aims to detect and classify the existence of ransomware and goodware in the network. To accomplish this, the LBAAA-OMLMD model initially derives a Learning-Based Artificial Algae Algorithm based Feature Selection (LBAAA-FS) model to reduce the curse of dimensionality problems. Besides, the Flower Pollination Algorithm (FPA) with Echo State Network (ESN) Classification model is applied. The FPA model helps to appropriately adjust the parameters related to the ESN model to accomplish enhanced classifier results. The experimental validation of the LBAAA-OMLMD model is tested using a benchmark dataset, and the outcomes are inspected in distinct measures. The comprehensive comparative examination demonstrated the betterment of the LBAAA-OMLMD model over recent algorithms.     

Optimal Deep Learning Based Ransomware Detection and Classification in the Internet of Things Environment

With the advent of the Internet of Things (IoT), several devices like sensors nowadays can interact and easily share information. But the IoT model is prone to security concerns as several attackers try to hit the network and make it vulnerable. In such scenarios, security concern is the most prominent. Different models were intended to address these security problems; still, several emergent variants of botnet attacks like Bashlite, Mirai, and Persirai use security breaches. The malware classification and detection in the IoT model is still a problem, as the adversary reliably generates a new variant of IoT malware and actively searches for compromise on the victim devices. This article develops a Sine Cosine Algorithm with Deep Learning based Ransomware Detection and Classification (SCADL-RWDC) method in an IoT environment. In the presented SCADL-RWDC technique, the major intention exists in recognizing and classifying ransomware attacks in the IoT platform. The SCADL-RWDC technique uses the SCA feature selection (SCA-FS) model to improve the detection rate. Besides, the SCADL-RWDC technique exploits the hybrid grey wolf optimizer (HGWO) with a gated recurrent unit (GRU) model for ransomware classification. A widespread experimental analysis is performed to exhibit the enhanced ransomware detection outcomes of the SCADL-RWDC technique. The comparison study reported the enhancement of the SCADL-RWDC technique over other models.     

基于深度学习的故障检测方法

针对传统故障诊断方法中特征提取技术难度大、故障样本获取困难等问题,在深度学习计算框架下提出了一种半监督训练的故障检测方法,利用深度信念网络中的受限波茨曼机堆栈结构实现了数据高层特征的自动提取,结合支持向量数据描述方法实现了异常数据检测,只需利用正常工况的数据样本进行网络训练和模型拟合,无需故障样本数据,也无需人工干预进行信号特征提取,即能实现对故障数据进行的实时检测和判别;经采用标准轴承实验数据的三组故障数据进行验证,故障识别率达到100%,具有很强的工程应用价值。     

Enhanced Gorilla Troops Optimizer with Deep Learning Enabled Cybersecurity Threat Detection

Recent developments in computer networks and Internet of Things (IoT) have enabled easy access to data. But the government and business sectors face several difficulties in resolving cybersecurity network issues, like novel attacks, hackers, internet criminals, and so on. Presently, malware attacks and software piracy pose serious risks in compromising the security of IoT. They can steal confidential data which results in financial and reputational losses. The advent of machine learning (ML) and deep learning (DL) models has been employed to accomplish security in the IoT cloud environment. This article presents an Enhanced Artificial Gorilla Troops Optimizer with Deep Learning Enabled Cybersecurity Threat Detection (EAGTODL-CTD) in IoT Cloud Networks. The presented EAGTODL-CTD model encompasses the identification of the threats in the IoT cloud environment. The proposed EAGTODL-CTD model mainly focuses on the conversion of input binary files to color images, where the malware can be detected using an image classification problem. The EAGTODL-CTD model pre-processes the input data to transform to a compatible format. For threat detection and classification, cascaded gated recurrent unit (CGRU) model is exploited to determine class labels. Finally, EAGTO approach is employed as a hyperparameter optimizer to tune the CGRU parameters, showing the novelty of our work. The performance evaluation of the EAGTODL-CTD model is assessed on a dataset comprising two class labels namely malignant and benign. The experimental values reported the supremacy of the EAGTODL-CTD model with increased accuracy of 99.47%.     

基于改进的深度信念网络的入侵检测方法

针对传统入侵检测方法很难快速准确地从海量无标签网络数据中提取特征信息以识别异常入侵,提出了基于改进的深度信念网络的softmax分类（IDBN-SC）入侵检测方法。利用改进的DBN对原始网络数据进行无监督特征学习,引入自适应学习速率减少训练网络模型所需要的时间;采用softmax分类器对获得的降维数据进行网络攻击类型识别。在NSL-KDD数据集上进行测试,相比其他入侵检测方法,实验结果表明IDBN-SC方法不仅识别准确率平均提高3.02%,而且其softmax分类器训练时间平均缩短5.58 s。     

Intrusion Detection System for Big Data Analytics in IoT Environment

In the digital area, Internet of Things (IoT) and connected objects generate a huge quantity of data traffic which feeds big data analytic models to discover hidden patterns and detect abnormal traffic. Though IoT networks are popular and widely employed in real world applications, security in IoT networks remains a challenging problem. Conventional intrusion detection systems (IDS) cannot be employed in IoT networks owing to the limitations in resources and complexity. Therefore, this paper concentrates on the design of intelligent metaheuristic optimization based feature selection with deep learning (IMFSDL) based classification model, called IMFSDL-IDS for IoT networks. The proposed IMFSDL-IDS model involves data collection as the primary process utilizing the IoT devices and is preprocessed in two stages: data transformation and data normalization. To manage big data, Hadoop ecosystem is employed. Besides, the IMFSDL-IDS model includes a hill climbing with moth flame optimization (HCMFO) for feature subset selection to reduce the complexity and increase the overall detection efficiency. Moreover, the beetle antenna search (BAS) with variational autoencoder (VAE), called BAS-VAE technique is applied for the detection of intrusions in the feature reduced data. The BAS algorithm is integrated into the VAE to properly tune the parameters involved in it and thereby raises the classification performance. To validate the intrusion detection performance of the IMFSDL-IDS system, a set of experimentations were carried out on the standard IDS dataset and the results are investigated under distinct aspects. The resultant experimental values pointed out the betterment of the IMFSDL-IDS model over the compared models with the maximum accuracy 95.25% and 97.39% on the applied NSL-KDD and UNSW-NB15 dataset correspondingly.     

Hierarchical Data Aggregation with Data Offloading Scheme for Fog Enabled IoT Environment

Fog computing is a promising technology that has been emerged to handle the growth of smart devices as well as the popularity of latency-sensitive and location-awareness Internet of Things (IoT) services. After the emergence of IoT-based services, the industry of internet-based devices has grown. The number of these devices has raised from millions to billions, and it is expected to increase further in the near future. Thus, additional challenges will be added to the traditional centralized cloud-based architecture as it will not be able to handle that growth and to support all connected devices in real-time without affecting the user experience. Conventional data aggregation models for Fog enabled IoT environments possess high computational complexity and communication cost. Therefore, in order to resolve the issues and improve the lifetime of the network, this study develops an effective hierarchical data aggregation with chaotic barnacles mating optimizer (HDAG-CBMO) technique. The HDAG-CBMO technique derives a fitness function from many relational matrices, like residual energy, average distance to neighbors, and centroid degree of target area. Besides, a chaotic theory based population initialization technique is derived for the optimal initial position of barnacles. Moreover, a learning based data offloading method has been developed for reducing the response time to IoT user requests. A wide range of simulation analyses demonstrated that the HDAG-CBMO technique has resulted in balanced energy utilization and prolonged lifetime of the Fog assisted IoT networks.     

Machine Learning Based Cybersecurity Threat Detection for Secure IoT Assisted Cloud Environment

The Internet of Things (IoT) is determine enormous economic openings for industries and allow stimulating innovation which obtain between domains in childcare for eldercare, in health service to energy, and in developed to transport. Cybersecurity develops a difficult problem in IoT platform whereas the presence of cyber-attack requires that solved. The progress of automatic devices for cyber-attack classifier and detection employing Artificial Intelligence (AI) and Machine Learning (ML) devices are crucial fact to realize security in IoT platform. It can be required for minimizing the issues of security based on IoT devices efficiently. Thus, this research proposal establishes novel mayfly optimized with Regularized Extreme Learning Machine technique called as MFO-RELM model for Cybersecurity Threat classification and detection from the cloud and IoT environments. The proposed MFO-RELM model provides the effective detection of cybersecurity threat which occur in the cloud and IoT platforms. To accomplish this, the MFO-RELM technique pre-processed the actual cloud and IoT data as to meaningful format. Besides, the proposed models will receive the pre-processing data and carry out the classifier method. For boosting the efficiency of the proposed models, the MFO technique was utilized to it. The experiential outcome of the proposed technique was tested utilizing the standard CICIDS 2017 dataset, and the outcomes are examined under distinct aspects.     

Artificial Fish Swarm Optimization with Deep Learning Enabled Opinion Mining Approach

Sentiment analysis or opinion mining (OM) concepts become familiar due to advances in networking technologies and social media. Recently, massive amount of text has been generated over Internet daily which makes the pattern recognition and decision making process difficult. Since OM find useful in business sectors to improve the quality of the product as well as services, machine learning (ML) and deep learning (DL) models can be considered into account. Besides, the hyperparameters involved in the DL models necessitate proper adjustment process to boost the classification process. Therefore, in this paper, a new Artificial Fish Swarm Optimization with Bidirectional Long Short Term Memory (AFSO-BLSTM) model has been developed for OM process. The major intention of the AFSO-BLSTM model is to effectively mine the opinions present in the textual data. In addition, the AFSO-BLSTM model undergoes pre-processing and TF-IFD based feature extraction process. Besides, BLSTM model is employed for the effectual detection and classification of opinions. Finally, the AFSO algorithm is utilized for effective hyperparameter adjustment process of the BLSTM model, shows the novelty of the work. A complete simulation study of the AFSO-BLSTM model is validated using benchmark dataset and the obtained experimental values revealed the high potential of the AFSO-BLSTM model on mining opinions.     

A Lightweight Deep Autoencoder Scheme for Cyberattack Detection in the Internet of Things

The Internet of things (IoT) is an emerging paradigm that integrates devices and services to collect real-time data from surroundings and process the information at a very high speed to make a decision. Despite several advantages, the resource-constrained and heterogeneous nature of IoT networks makes them a favorite target for cybercriminals. A single successful attempt of network intrusion can compromise the complete IoT network which can lead to unauthorized access to the valuable information of consumers and industries. To overcome the security challenges of IoT networks, this article proposes a lightweight deep autoencoder (DAE) based cyberattack detection framework. The proposed approach learns the normal and anomalous data patterns to identify the various types of network intrusions. The most significant feature of the proposed technique is its lower complexity which is attained by reducing the number of operations. To optimally train the proposed DAE, a range of hyperparameters was determined through extensive experiments that ensure higher attack detection accuracy. The efficacy of the suggested framework is evaluated via two standard and open-source datasets. The proposed DAE achieved the accuracies of 98.86%, and 98.26% for NSL-KDD, 99.32%, and 98.79% for the UNSW-NB15 dataset in binary class and multi-class scenarios. The performance of the suggested attack detection framework is also compared with several state-of-the-art intrusion detection schemes. Experimental outcomes proved the promising performance of the proposed scheme for cyberattack detection in IoT networks.     

物联网环境下的差异网络数据库异常数据检测

当前的物联网环境下,各个智能网络的数据库的使用没有统一标准,不同生产商的数据库中的异常数据标准也不同,这就使得传统的以模式识别为基础的网络数据库异常检测方法在进行异常阀值设置时,无法形成统一标准,数据库数据量庞大且存在无序性,无法保证检测的准确性和检测效率;提出基于混沌特征分析算法的物联网环境下的差异网络数据库异常数据检测方法;依据混沌特征分析相关理论构建物联网环境下的差异网络数据库模型,构建一种异常数据的偏差函数,对不同数据库下的异常数据进行偏差统计,通过对偏差函数的统计结果进行最小值求解,根据求解描述最小化的阀值请求,实现物联网环境下的差异网络数据库异常数据的检测;实验结果表明,利用改进算法进行异常数据检测,能够提高检测的有效性与准确性。     

网络未知攻击检测的深度学习方法

为了实现入侵检测系统对未知攻击类型的检测,提出基于深度学习的网络异常检测方法。利用置信度神经网络,对已知类型流量和未知攻击流量进行自适应判别。基于深度神经网络,制定置信度估计方法评估模型分类结果,训练模型面向已知类型流量时输出高置信度值,识别到未知攻击流量时输出低置信度值,从而实现对未知攻击网络流量的检测,并设计自适应损失平衡策略和基于学习自动机的动态正则化策略优化异常检测模型。在网络异常检测UNSW-NB15和CICIDS 2017数据集上进行仿真实验,评估模型效果。结果表明,该方法实现了未知攻击流量的有效检测,并提高了已知类型流量的分类效果,从而增强了入侵检测系统的综合性能。     

Modified Garden Balsan Optimization Based Machine Learning for Intrusion Detection

The Internet of Things (IoT) environment plays a crucial role in the design of smart environments. Security and privacy are the major challenging problems that exist in the design of IoT-enabled real-time environments. Security susceptibilities in IoT-based systems pose security threats which affect smart environment applications. Intrusion detection systems (IDS) can be used for IoT environments to mitigate IoT-related security attacks which use few security vulnerabilities. This paper introduces a modified garden balsan optimization-based machine learning model for intrusion detection (MGBO-MLID) in the IoT cloud environment. The presented MGBO-MLID technique focuses on the identification and classification of intrusions in the IoT cloud atmosphere. Initially, the presented MGBO-MLID model applies min-max normalization that can be utilized for scaling the features in a uniform format. In addition, the MGBO-MLID model exploits the MGBO algorithm to choose the optimal subset of features. Moreover, the attention-based bidirectional long short-term (ABiLSTM) method can be utilized for the detection and classification of intrusions. At the final level, the Aquila optimization (AO) algorithm is applied as a hyperparameter optimizer to fine-tune the ABiLSTM methods. The experimental validation of the MGBO-MLID method is tested using a benchmark dataset. The extensive comparative study reported the betterment of the MGBO-MLID algorithm over recent approaches.     

Blockchain with Explainable Artificial Intelligence Driven Intrusion Detection for Clustered IoT Driven Ubiquitous Computing System

In the Internet of Things (IoT) based system, the multi-level client’s requirements can be fulfilled by incorporating communication technologies with distributed homogeneous networks called ubiquitous computing systems (UCS). The UCS necessitates heterogeneity, management level, and data transmission for distributed users. Simultaneously, security remains a major issue in the IoT-driven UCS. Besides, energy-limited IoT devices need an effective clustering strategy for optimal energy utilization. The recent developments of explainable artificial intelligence (XAI) concepts can be employed to effectively design intrusion detection systems (IDS) for accomplishing security in UCS. In this view, this study designs a novel Blockchain with Explainable Artificial Intelligence Driven Intrusion Detection for IoT Driven Ubiquitous Computing System (BXAI-IDCUCS) model. The major intention of the BXAI-IDCUCS model is to accomplish energy efficacy and security in the IoT environment. The BXAI-IDCUCS model initially clusters the IoT nodes using an energy-aware duck swarm optimization (EADSO) algorithm to accomplish this. Besides, deep neural network (DNN) is employed for detecting and classifying intrusions in the IoT network. Lastly, blockchain technology is exploited for secure inter-cluster data transmission processes. To ensure the productive performance of the BXAI-IDCUCS model, a comprehensive experimentation study is applied, and the outcomes are assessed under different aspects. The comparison study emphasized the superiority of the BXAI-IDCUCS model over the current state-of-the-art approaches with a packet delivery ratio of 99.29%, a packet loss rate of 0.71%, a throughput of 92.95 Mbps, energy consumption of 0.0891 mJ, a lifetime of 3529 rounds, and accuracy of 99.38%.     

基于深度学习的网络流量异常识别与检测

针对传统的工控网络流量数据在复杂网络环境下特征维度高,特征处理复杂度高,模型检测效率低等问题,本文使用了一种基于随机森林(random forest, RF)和长短期记忆网络(long short-term memory, LSTM)结合的流量异常识别与检测方法.首先使用随机森林算法计算流量特征的重要度评分,筛选出重要特征,剔除冗余特征,然后使用LSTM进行异常流量的识别与检测.为了评估模型的有效性与优越性,本文使用准确率、精确率、召回率和F1-score进行模型评价,并与传统的机器学习方法 Naive Bayes、QDA、KNN算法进行对比.实验结果表明,在公开数据集CIC-IDS-2017中,异常流量识别的总体准确率达99%.与传统的机器学习算法相比,该方法有效地提高了复杂网络环境下异常检测的准确性和效率,在工业控制网络安全和异常检测方面具有实际应用价值.     

基于DBN的多特征融合音乐情感分类方法

本文在音乐情感分类中的两个重要的环节：特征选择和分类器上进行了探索.在特征选择方面基于传统算法中单一特征无法全面表达音乐情感的问题,本文提出了多特征融合的方法,具体操作方式是用音色特征与韵律特征相结合作为音乐情感的符号表达;在分类器选择中,本文采用了在音频检索领域表现较好的深度置信网络进行音乐情感训练和分类.实验结果表明,该算法对音乐情感分类的表现较好,高于单一特征的分类方法和SVM分类的方法.     

Deep Forest-Based Fall Detection in Internet of Medical Things Environment

This article introduces a new medical internet of things (IoT) framework for intelligent fall detection system of senior people based on our proposed deep forest model. The cascade multi-layer structure of deep forest classifier allows to generate new features at each level with minimal hyperparameters compared to deep neural networks. Moreover, the optimal number of the deep forest layers is automatically estimated based on the early stopping criteria of validation accuracy value at each generated layer. The suggested forest classifier was successfully tested and evaluated using a public SmartFall dataset, which is acquired from three-axis accelerometer in a smartwatch. It includes 92781 training samples and 91025 testing samples with two labeled classes, namely non-fall and fall. Classification results of our deep forest classifier demonstrated a superior performance with the best accuracy score of 98.0% compared to three machine learning models, i.e., K-nearest neighbors, decision trees and traditional random forest, and two deep learning models, which are dense neural networks and convolutional neural networks. By considering security and privacy aspects in the future work, our proposed medical IoT framework for fall detection of old people is valid for real-time healthcare application deployment.     

Deep Learning Based Attack Detection for Cyber-Physical System Cybersecurity: A Survey

With the booming of cyber attacks and cyber criminals against cyber-physical systems(CPSs),detecting these attacks remains challenging.It might be the worst of times,but it might be the best of times because of opportunities brought by machine learning(ML),in particular deep learning(DL).In general,DL delivers superior performance to ML because of its layered setting and its effective algorithm for extract useful information from training data.DL models are adopted quickly to cyber attacks against CPS systems.In this survey,a holistic view of recently proposed DL solutions is provided to cyber attack detection in the CPS context.A six-step DL driven methodology is provided to summarize and analyze the surveyed literature for applying DL methods to detect cyber attacks against CPS systems.The methodology includes CPS scenario analysis,cyber attack identification,ML problem formulation,DL model customization,data acquisition for training,and performance evaluation.The reviewed works indicate great potential to detect cyber attacks against CPS through DL modules.Moreover,excellent performance is achieved partly because of several highquality datasets that are readily available for public use.Furthermore,challenges,opportunities,and research trends are pointed out for future research.     

RSS based multistage statistical method for attack detection and localization in IoT networks

Accurate and reliable positioning of nodes is a must for location-based services (LBS) in the Internet of things (IoT) networks. The LBS are ubiquitous and an easy target for non-cryptographic attacks that traditional security methods cannot address. In this work, we detect the Received Signal Strength (RSS) based attacks that affect the localization of smart devices in the IoT networks and report the attack tolerance of popular IoT protocols. A two-tier ratio metric method and Residue Under Curve (RUC) metric method is utilized to detect the malicious node in the IoT protocols. We propose to use a novel Geometric, and Arithmetic Mean (GM–AM) ratio as a feature to detect the RSS attacks where GM follows strictly Schur-Concavity property and AM follows non-strict concavity property. We evaluate the performance of the proposed method on real-world IoT testbeds with Wireless Fidelity (Wi-Fi), Zigbee, Bluetooth Low Energy (BLE), and Long-Range Wide-Area Network (LoRaWAN) protocols using the RSS values of these opportunistic signals. Also, the effect of RSS attacks on the localization for different protocols is investigated, and we report the method that provides the least localization error under these attacks.     

卷积深度置信网络的场景文本检测

自然场景中的文本检测对于视频、图像和图片等海量信息的检索管理具有重要意义.针对自然场景中的文本检测面临着图像背景复杂、分辨率低和分布随意的问题,提出一种场景文本检测的方法.该方法将最大稳定极值区域算法与卷积深度置信网络进行结合,把从最大稳定极值区域中提取出来的候选文本区域输入到卷积深度置信网络中进行特征提取,由Softmax分类器对提取的特征进行分类.该方法在ICDAR数据集和SVT数据集上进行实验,实验结果表明该方法有助于提高场景文本检测的精确率及召回率.