An Intelligent Hybrid Mutual Authentication Scheme for Industrial Internet of Thing Networks

Internet of Things (IoT) network used for industrial management is vulnerable to different security threats due to its unstructured deployment, and dynamic communication behavior. In literature various mechanisms addressed the security issue of Industrial IoT networks, but proper maintenance of the performance reliability is among the common challenges. In this paper, we proposed an intelligent mutual authentication scheme leveraging authentication aware node (AAN) and base station (BS) to identify routing attacks in Industrial IoT networks. The AAN and BS uses the communication parameter such as a route request (RREQ), node-ID, received signal strength (RSS), and round-trip time (RTT) information to identify malicious devices and routes in the deployed network. The feasibility of the proposed model is validated in the simulation environment, where OMNeT++ was used as a simulation tool. We compare the results of the proposed model with existing field-proven schemes in terms of routing attacks detection, communication cost, latency, computational cost, and throughput. The results show that our proposed scheme surpasses the previous schemes regarding these performance parameters with the attack detection rate of 97.7 %.     

Network Intrusion Detection Based on Feature Selection and Hybrid Metaheuristic Optimization

Applications of internet-of-things (IoT) are increasingly being used in many facets of our daily life, which results in an enormous volume of data. Cloud computing and fog computing, two of the most common technologies used in IoT applications, have led to major security concerns. Cyberattacks are on the rise as a result of the usage of these technologies since present security measures are insufficient. Several artificial intelligence (AI) based security solutions, such as intrusion detection systems (IDS), have been proposed in recent years. Intelligent technologies that require data preprocessing and machine learning algorithm-performance augmentation require the use of feature selection (FS) techniques to increase classification accuracy by minimizing the number of features selected. On the other hand, metaheuristic optimization algorithms have been widely used in feature selection in recent decades. In this paper, we proposed a hybrid optimization algorithm for feature selection in IDS. The proposed algorithm is based on grey wolf (GW), and dipper throated optimization (DTO) algorithms and is referred to as GWDTO. The proposed algorithm has a better balance between the exploration and exploitation steps of the optimization process and thus could achieve better performance. On the employed IoT-IDS dataset, the performance of the proposed GWDTO algorithm was assessed using a set of evaluation metrics and compared to other optimization approaches in the literature to validate its superiority. In addition, a statistical analysis is performed to assess the stability and effectiveness of the proposed approach. Experimental results confirmed the superiority of the proposed approach in boosting the classification accuracy of the intrusion in IoT-based networks.     

Malicious Traffic Detection in IoT and Local Networks Using Stacked Ensemble Classifier

Malicious traffic detection over the internet is one of the challenging areas for researchers to protect network infrastructures from any malicious activity. Several shortcomings of a network system can be leveraged by an attacker to get unauthorized access through malicious traffic. Safeguard from such attacks requires an efficient automatic system that can detect malicious traffic timely and avoid system damage. Currently, many automated systems can detect malicious activity, however, the efficacy and accuracy need further improvement to detect malicious traffic from multi-domain systems. The present study focuses on the detection of malicious traffic with high accuracy using machine learning techniques. The proposed approach used two datasets UNSW-NB15 and IoTID20 which contain the data for IoT-based traffic and local network traffic, respectively. Both datasets were combined to increase the capability of the proposed approach in detecting malicious traffic from local and IoT networks, with high accuracy. Horizontally merging both datasets requires an equal number of features which was achieved by reducing feature count to 30 for each dataset by leveraging principal component analysis (PCA). The proposed model incorporates stacked ensemble model extra boosting forest (EBF) which is a combination of tree-based models such as extra tree classifier, gradient boosting classifier, and random forest using a stacked ensemble approach. Empirical results show that EBF performed significantly better and achieved the highest accuracy score of 0.985 and 0.984 on the multi-domain dataset for two and four classes, respectively.     

Anomaly Detection for Internet of Things Cyberattacks

The Internet of Things (IoT) has been deployed in diverse critical sectors with the aim of improving quality of service and facilitating human lives. The IoT revolution has redefined digital services in different domains by improving efficiency, productivity, and cost-effectiveness. Many service providers have adapted IoT systems or plan to integrate them as integral parts of their systems’ operation; however, IoT security issues remain a significant challenge. To minimize the risk of cyberattacks on IoT networks, anomaly detection based on machine learning can be an effective security solution to overcome a wide range of IoT cyberattacks. Although various detection techniques have been proposed in the literature, existing detection methods address limited cyberattacks and utilize outdated datasets for evaluations. In this paper, we propose an intelligent, effective, and lightweight detection approach to detect several IoT attacks. Our proposed model includes a collaborative feature selection method that selects the best distinctive features and eliminates unnecessary features to build an effective and efficient detection model. In the detection phase, we also proposed an ensemble of learning techniques to improve classification for predicting several different types of IoT attacks. The experimental results show that our proposed method can effectively and efficiently predict several IoT attacks with a higher accuracy rate of 99.984%, a precision rate of 99.982%, a recall rate of 99.984%, and an F1-score of 99.983%.     

LOA-RPL: Novel Energy-Efficient Routing Protocol for the Internet of Things Using Lion Optimization Algorithm to Maximize Network Lifetime

Energy conservation is a significant task in the Internet of Things (IoT) because IoT involves highly resource-constrained devices. Clustering is an effective technique for saving energy by reducing duplicate data. In a clustering protocol, the selection of a cluster head (CH) plays a key role in prolonging the lifetime of a network. However, most cluster-based protocols, including routing protocols for low-power and lossy networks (RPLs), have used fuzzy logic and probabilistic approaches to select the CH node. Consequently, early battery depletion is produced near the sink. To overcome this issue, a lion optimization algorithm (LOA) for selecting CH in RPL is proposed in this study. LOA-RPL comprises three processes: cluster formation, CH selection, and route establishment. A cluster is formed using the Euclidean distance. CH selection is performed using LOA. Route establishment is implemented using residual energy information. An extensive simulation is conducted in the network simulator ns-3 on various parameters, such as network lifetime, power consumption, packet delivery ratio (PDR), and throughput. The performance of LOA-RPL is also compared with those of RPL, fuzzy rule-based energy-efficient clustering and immune-inspired routing (FEEC-IIR), and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm (RISA-RPL). The performance evaluation metrics used in this study are network lifetime, power consumption, PDR, and throughput. The proposed LOA-RPL increases network lifetime by 20% and PDR by 5%–10% compared with RPL, FEEC-IIR, and RISA-RPL. LOA-RPL is also highly energy-efficient compared with other similar routing protocols.     

Continuous Mobile User Authentication Using a Hybrid CNN-Bi-LSTM Approach

Internet of Things (IoT) devices incorporate a large amount of data in several fields, including those of medicine, business, and engineering. User authentication is paramount in the IoT era to assure connected devices’ security. However, traditional authentication methods and conventional biometrics-based authentication approaches such as face recognition, fingerprints, and password are vulnerable to various attacks, including smudge attacks, heat attacks, and shoulder surfing attacks. Behavioral biometrics is introduced by the powerful sensing capabilities of IoT devices such as smart wearables and smartphones, enabling continuous authentication. Artificial Intelligence (AI)-based approaches introduce a bright future in refining large amounts of homogeneous biometric data to provide innovative user authentication solutions. This paper presents a new continuous passive authentication approach capable of learning the signatures of IoT users utilizing smartphone sensors such as a gyroscope, magnetometer, and accelerometer to recognize users by their physical activities. This approach integrates the convolutional neural network (CNN) and recurrent neural network (RNN) models to learn signatures of human activities from different users. A series of experiments are conducted using the MotionSense dataset to validate the effectiveness of the proposed method. Our technique offers a competitive verification accuracy equal to 98.4%. We compared the proposed method with several conventional machine learning and CNN models and found that our proposed model achieves higher identification accuracy than the recently developed verification systems. The high accuracy achieved by the proposed method proves its effectiveness in recognizing IoT users passively through their physical activity patterns.     

Optimal Deep Reinforcement Learning for Intrusion Detection in UAVs

In recent years, progressive developments have been observed in recent technologies and the production cost has been continuously decreasing. In such scenario, Internet of Things (IoT) network which is comprised of a set of Unmanned Aerial Vehicles (UAV), has received more attention from civilian to military applications. But network security poses a serious challenge to UAV networks whereas the intrusion detection system (IDS) is found to be an effective process to secure the UAV networks. Classical IDSs are not adequate to handle the latest computer networks that possess maximum bandwidth and data traffic. In order to improve the detection performance and reduce the false alarms generated by IDS, several researchers have employed Machine Learning (ML) and Deep Learning (DL) algorithms to address the intrusion detection problem. In this view, the current research article presents a deep reinforcement learning technique, optimized by Black Widow Optimization (DRL-BWO) algorithm, for UAV networks. In addition, DRL involves an improved reinforcement learning-based Deep Belief Network (DBN) for intrusion detection. For parameter optimization of DRL technique, BWO algorithm is applied. It helps in improving the intrusion detection performance of UAV networks. An extensive set of experimental analysis was performed to highlight the supremacy of the proposed model. From the simulation values, it is evident that the proposed method is appropriate as it attained high precision, recall, F-measure, and accuracy values such as 0.985, 0.993, 0.988, and 0.989 respectively.     

SIMAD: Secure Intelligent Method for IoT-Fog Environments Attacks Detection

The Internet of Thing IoT paradigm has emerged in numerous domains and it has achieved an exponential progress. Nevertheless, alongside this advancement, IoT networks are facing an ever-increasing rate of security risks because of the continuous and rapid changes in network environments. In order to overcome these security challenges, the fog system has delivered a powerful environment that provides additional resources for a more improved data security. However, because of the emerging of various breaches, several attacks are ceaselessly emerging in IoT and Fog environment. Consequently, the new emerging applications in IoT-Fog environment still require novel, distributed, and intelligent security models, controls, and decisions. In addition, the ever-evolving hacking techniques and methods and the expanded risks surfaces have demonstrated the importance of attacks detection systems. This proves that even advanced solutions face difficulties in discovering and recognizing these small variations of attacks. In fact, to address the above problems, Artificial Intelligence (AI) methods could be applied on the millions of terabytes of collected information to enhance and optimize the processes of IoT and fog systems. In this respect, this research is designed to adopt a new security scheme supported by an advanced machine learning algorithm to ensure an intelligent distributed attacks detection and a monitoring process that detects malicious attacks and updates threats signature databases in IoT-Fog environments. We evaluated the performance of our distributed approach with the application of certain machine learning mechanisms. The experiments show that the proposed scheme, applied with the Random Forest (RF) is more efficient and provides better accuracy (99.50%), better scalability, and lower false alert rates. In this regard, the distribution character of our method brings about faster detection and better learning.     

A Hybrid Approach for Network Intrusion Detection

Due to the widespread use of the internet and smart devices, various attacks like intrusion, zero-day, Malware, and security breaches are a constant threat to any organization's network infrastructure. Thus, a Network Intrusion Detection System (NIDS) is required to detect attacks in network traffic. This paper proposes a new hybrid method for intrusion detection and attack categorization. The proposed approach comprises three steps to address high false and low false-negative rates for intrusion detection and attack categorization. In the first step, the dataset is preprocessed through the data transformation technique and min-max method. Secondly, the random forest recursive feature elimination method is applied to identify optimal features that positively impact the model's performance. Next, we use various Support Vector Machine (SVM) types to detect intrusion and the Adaptive Neuro-Fuzzy System (ANFIS) to categorize probe, U2R, R2U, and DDOS attacks. The validation of the proposed method is calculated through Fine Gaussian SVM (FGSVM), which is 99.3% for the binary class. Mean Square Error (MSE) is reported as 0.084964 for training data, 0.0855203 for testing, and 0.084964 to validate multiclass categorization.     

A network-wide exact optimization approach for multiobjective routing with path protection in multiservice multiprotocol label switching networks

A multiobjective routing model for multiprotocol label switching networks with multiple service types and path protection is presented in this article. The routing problem is formulated as a biobjective integer program, where the considered objectives are formulated according to a network-wide optimization approach, i.e. the objective functions of the route optimization problem depend explicitly on all traffic flows in the network. A disjoint path pair is considered for each traffic trunk, which guarantees protection to the associated connection. A link-path formulation is proposed for the problem, in which a set of possible pairs of paths is devised in advance for each traffic trunk. An exact method (based on the classical constraint method for solving multiobjective problems) is developed for solving the formulated problem. An extensive experimental study, with results on network performance measures in various randomly generated networks, is also presented and discussed.     

Classification of Adversarial Attacks Using Ensemble Clustering Approach

As more business transactions and information services have been implemented via communication networks, both personal and organization assets encounter a higher risk of attacks. To safeguard these, a perimeter defence like NIDS (network-based intrusion detection system) can be effective for known intrusions. There has been a great deal of attention within the joint community of security and data science to improve machine-learning based NIDS such that it becomes more accurate for adversarial attacks, where obfuscation techniques are applied to disguise patterns of intrusive traffics. The current research focuses on non-payload connections at the TCP (transmission control protocol) stack level that is applicable to different network applications. In contrary to the wrapper method introduced with the benchmark dataset, three new filter models are proposed to transform the feature space without knowledge of class labels. These ECT (ensemble clustering based transformation) techniques, i.e., ECT-Subspace, ECT-Noise and ECT-Combined, are developed using the concept of ensemble clustering and three different ensemble generation strategies, i.e., random feature subspace, feature noise injection and their combinations. Based on the empirical study with published dataset and four classification algorithms, new models usually outperform that original wrapper and other filter alternatives found in the literature. This is similarly summarized from the first experiment with basic classification of legitimate and direct attacks, and the second that focuses on recognizing obfuscated intrusions. In addition, analysis of algorithmic parameters, i.e., ensemble size and level of noise, is provided as a guideline for a practical use.     

Deep Semisupervised Learning-Based Network Anomaly Detection in Heterogeneous Information Systems

The extensive proliferation of modern information services and ubiquitous digitization of society have raised cybersecurity challenges to new levels. With the massive number of connected devices, opportunities for potential network attacks are nearly unlimited. An additional problem is that many low-cost devices are not equipped with effective security protection so that they are easily hacked and applied within a network of bots (botnet) to perform distributed denial of service (DDoS) attacks. In this paper, we propose a novel intrusion detection system (IDS) based on deep learning that aims to identify suspicious behavior in modern heterogeneous information systems. The proposed approach is based on a deep recurrent autoencoder that learns time series of normal network behavior and detects notable network anomalies. An additional feature of the proposed IDS is that it is trained with an optimized dataset, where the number of features is reduced by 94% without classification accuracy loss. Thus, the proposed IDS remains stable in response to slight system perturbations, which do not represent network anomalies. The proposed approach is evaluated under different simulation scenarios and provides a 99% detection accuracy over known datasets while reducing the training time by an order of magnitude.     

Multi-Attack Intrusion Detection System for Software-Defined Internet of Things Network

Currently, the Internet of Things (IoT) is revolutionizing communication technology by facilitating the sharing of information between different physical devices connected to a network. To improve control, customization, flexibility, and reduce network maintenance costs, a new Software-Defined Network (SDN) technology must be used in this infrastructure. Despite the various advantages of combining SDN and IoT, this environment is more vulnerable to various attacks due to the centralization of control. Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service (DDoS) attacks, but they often lack mechanisms to mitigate their severity. This paper proposes a Multi-Attack Intrusion Detection System (MAIDS) for Software-Defined IoT Networks (SDN-IoT). The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms. First, a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets: the Network Security Laboratory Knowledge Discovery in Databases (NSL-KDD) and the Canadian Institute for Cybersecurity Intrusion Detection Systems (CICIDS2017), to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems. The algorithms evaluated include Extreme Gradient Boosting (XGBoost), K-Nearest Neighbor (KNN), Random Forest (RF), Support Vector Machine (SVM), and Logistic Regression (LR). Second, an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems (IDS) was developed to enable effective comparison between the datasets used in the development of the security scheme. The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system, with average accuracies of 99.88% and 99.89%, respectively. Furthermore, the proposed security scheme reduced the false alarm rate by 33.23%, which is a significant improvement over prevalent schemes. Finally, tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset, making it the best for IDS compared to the NSL-KDD dataset.     

Optimal Hybrid Deep Learning Enabled Attack Detection and Classification in IoT Environment

The Internet of Things (IoT) paradigm enables end users to access networking services amongst diverse kinds of electronic devices. IoT security mechanism is a technology that concentrates on safeguarding the devices and networks connected in the IoT environment. In recent years, False Data Injection Attacks (FDIAs) have gained considerable interest in the IoT environment. Cybercriminals compromise the devices connected to the network and inject the data. Such attacks on the IoT environment can result in a considerable loss and interrupt normal activities among the IoT network devices. The FDI attacks have been effectively overcome so far by conventional threat detection techniques. The current research article develops a Hybrid Deep Learning to Combat Sophisticated False Data Injection Attacks detection (HDL-FDIAD) for the IoT environment. The presented HDL-FDIAD model majorly recognizes the presence of FDI attacks in the IoT environment. The HDL-FDIAD model exploits the Equilibrium Optimizer-based Feature Selection (EO-FS) technique to select the optimal subset of the features. Moreover, the Long Short Term Memory with Recurrent Neural Network (LSTM-RNN) model is also utilized for the purpose of classification. At last, the Bayesian Optimization (BO) algorithm is employed as a hyperparameter optimizer in this study. To validate the enhanced performance of the HDL-FDIAD model, a wide range of simulations was conducted, and the results were investigated in detail. A comparative study was conducted between the proposed model and the existing models. The outcomes revealed that the proposed HDL-FDIAD model is superior to other models.     

An Efficient Internet Traffic Classification System Using Deep Learning for IoT

Internet of Things (IoT) defines a network of devices connected to the internet and sharing a massive amount of data between each other and a central location. These IoT devices are connected to a network therefore prone to attacks. Various management tasks and network operations such as security, intrusion detection, Quality-of-Service provisioning, performance monitoring, resource provisioning, and traffic engineering require traffic classification. Due to the ineffectiveness of traditional classification schemes, such as port-based and payload-based methods, researchers proposed machine learning-based traffic classification systems based on shallow neural networks. Furthermore, machine learning-based models incline to misclassify internet traffic due to improper feature selection. In this research, an efficient multilayer deep learning based classification system is presented to overcome these challenges that can classify internet traffic. To examine the performance of the proposed technique, Moore-dataset is used for training the classifier. The proposed scheme takes the pre-processed data and extracts the flow features using a deep neural network (DNN). In particular, the maximum entropy classifier is used to classify the internet traffic. The experimental results show that the proposed hybrid deep learning algorithm is effective and achieved high accuracy for internet traffic classification, i.e., 99.23%. Furthermore, the proposed algorithm achieved the highest accuracy compared to the support vector machine (SVM) based classification technique and k-nearest neighbours (KNNs) based classification technique.     

An IoT Environment Based Framework for Intelligent Intrusion Detection

Software-defined networking (SDN) represents a paradigm shift in network traffic management. It distinguishes between the data and control planes. APIs are then used to communicate between these planes. The controller is central to the management of an SDN network and is subject to security concerns. This research shows how a deep learning algorithm can detect intrusions in SDN-based IoT networks. Overfitting, low accuracy, and efficient feature selection is all discussed. We propose a hybrid machine learning-based approach based on Random Forest and Long Short-Term Memory (LSTM). In this study, a new dataset based specifically on Software Defined Networks is used in SDN. To obtain the best and most relevant features, a feature selection technique is used. Several experiments have revealed that the proposed solution is a superior method for detecting flow-based anomalies. The performance of our proposed model is also measured in terms of accuracy, recall, and precision. F1 rating and detection time Furthermore, a lightweight model for training is proposed, which selects fewer features while maintaining the model’s performance. Experiments show that the adopted methodology outperforms existing models.     

HELP-WSN-A Novel Adaptive Multi-Tier Hybrid Intelligent Framework for QoS Aware WSN-IoT Networks

Wireless Sensor Network is considered as the intermediate layer in the paradigm of Internet of things (IoT) and its effectiveness depends on the mode of deployment without sacrificing the performance and energy efficiency. WSN provides ubiquitous access to location, the status of different entities of the environment and data acquisition for long term IoT monitoring. Achieving the high performance of the WSN-IoT network remains to be a real challenge since the deployment of these networks in the large area consumes more power which in turn degrades the performance of the networks. So, developing the robust and QoS (quality of services) aware energy-efficient routing protocol for WSN assisted IoT devices needs its brighter light of research to enhance the network lifetime. This paper proposed a Hybrid Energy Efficient Learning Protocol (HELP). The proposed protocol leverages the multi-tier adaptive framework to minimize energy consumption. HELP works in a two-tier mechanism in which it integrates the powerful Extreme Learning Machines for clustering framework and employs the zonal based optimization technique which works on hybrid Whale-dragonfly algorithms to achieve high QoS parameters. The proposed framework uses the sub-area division algorithm to divide the network area into different zones. Extreme learning machines (ELM) which are employed in this framework categories the Zone's Cluster Head (ZCH) based on distance and energy. After categorizing the zone's cluster head, the optimal routing path for an energy-efficient data transfer will be selected based on the new hybrid whale-swarm algorithms. The extensive simulations were carried out using OMNET++-Python user-defined plugins by injecting the dynamic mobility models in networks to make it a more realistic environment. Furthermore, the effectiveness of the proposed HELP is examined against the existing protocols such as LEACH, M-LEACH, SEP, EACRP and SEEP and results show the proposed framework has outperformed other techniques in terms of QoS parameters such as network lifetime, energy, latency.     

Intelligent Deep Learning Model for Privacy Preserving IIoT on 6G Environment

In recent times, Industrial Internet of Things (IIoT) experiences a high risk of cyber attacks which needs to be resolved. Blockchain technology can be incorporated into IIoT system to help the entrepreneurs realize Industry 4.0 by overcoming such cyber attacks. Although blockchain-based IIoT network renders a significant support and meet the service requirements of next generation network, the performance arrived at, in existing studies still needs improvement. In this scenario, the current research paper develops a new Privacy-Preserving Blockchain with Deep Learning model for Industrial IoT (PPBDL-IIoT) on 6G environment. The proposed PPBDL-IIoT technique aims at identifying the existence of intrusions in network. Further, PPBDL-IIoT technique also involves the design of Chaos Game Optimization (CGO) with Bidirectional Gated Recurrent Neural Network (BiGRNN) technique for both detection and classification of intrusions in the network. Besides, CGO technique is applied to fine tune the hyperparameters in BiGRNN model. CGO algorithm is applied to optimally adjust the learning rate, epoch count, and weight decay so as to considerably improve the intrusion detection performance of BiGRNN model. Moreover, Blockchain enabled Integrity Check (BEIC) scheme is also introduced to avoid the misrouting attacks that tamper the OpenFlow rules of SDN-based IIoT system. The performance of the proposed PPBDL-IIoT methodology was validated using Industrial Control System Cyber-attack (ICSCA) dataset and the outcomes were analysed under various measures. The experimental results highlight the supremacy of the presented PPBDL-IIoT technique than the recent state-of-the-art techniques with the higher accuracy of 91.50%.     

An Effective Classifier Model for Imbalanced Network Attack Data

Recently, machine learning algorithms have been used in the detection and classification of network attacks. The performance of the algorithms has been evaluated by using benchmark network intrusion datasets such as DARPA98, KDD’99, NSL-KDD, UNSW-NB15, and Caida DDoS. However, these datasets have two major challenges: imbalanced data and high-dimensional data. Obtaining high accuracy for all attack types in the dataset allows for high accuracy in imbalanced datasets. On the other hand, having a large number of features increases the runtime load on the algorithms. A novel model is proposed in this paper to overcome these two concerns. The number of features in the model, which has been tested at CICIDS2017, is initially optimized by using genetic algorithms. This optimum feature set has been used to classify network attacks with six well-known classifiers according to high f1-score and g-mean value in minimum time. Afterwards, a multi-layer perceptron based ensemble learning approach has been applied to improve the models’ overall performance. The experimental results show that the suggested model is acceptable for feature selection as well as classifying network attacks in an imbalanced dataset, with a high f1-score (0.91) and g-mean (0.99) value. Furthermore, it has outperformed base classifier models and voting procedures.     

An Erebus Attack Detection Method Oriented to Blockchain Network Layer

Recently, the Erebus attack has proved to be a security threat to the blockchain network layer, and the existing research has faced challenges in detecting the Erebus attack on the blockchain network layer. The cloud-based active defense and one-sidedness detection strategies are the hindrances in detecting Erebus attacks. This study designs a detection approach by establishing a ReliefF_WMRmR-based two-stage feature selection algorithm and a deep learning-based multimodal classification detection model for Erebus attacks and responding to security threats to the blockchain network layer. The goal is to improve the performance of Erebus attack detection methods, by combining the traffic behavior with the routing status based on multimodal deep feature learning. The traffic behavior and routing status were first defined and used to describe the attack characteristics at diverse stages of s leak monitoring, hidden traffic overlay, and transaction identity forgery. The goal is to clarify how an Erebus attack affects the routing transfer and traffic state on the blockchain network layer. Consequently, detecting objects is expected to become more relevant and sensitive. A two-stage feature selection algorithm was designed based on ReliefF and weighted maximum relevance minimum redundancy (ReliefF_WMRmR) to alleviate the overfitting of the training model caused by redundant information and noise in multiple source features of the routing status and traffic behavior. The ReliefF algorithm was introduced to select strong correlations and highly informative features of the labeled data. According to WMRmR, a feature selection framework was defined to eliminate weakly correlated features, eliminate redundant information, and reduce the detection overhead of the model. A multimodal deep learning model was constructed based on the multilayer perceptron (MLP) to settle the high false alarm rates incurred by multisource data. Using this model, isolated inputs and deep learning were conducted on the selected routing status and traffic behavior. Redundant intermodal information was removed because of the complementarity of the multimodal network, which was followed by feature fusion and output feature representation to boost classification detection precision. The experimental results demonstrate that the proposed method can detect features, such as traffic data, at key link nodes and route messages in a real blockchain network environment. Additionally, the model can detect Erebus attacks effectively. This study provides novelty to the existing Erebus attack detection by increasing the accuracy detection by 1.05%, the recall rate by 2.01%, and the F1-score by 2.43%.