A Deep Learning-Based Framework for Feature Extraction and Classification of Intrusion Detection in Networks

An intrusion detection system, often known as an IDS, is extremely important for preventing attacks on a network, violating network policies, and gaining unauthorized access to a network. The effectiveness of IDS is highly dependent on data preprocessing techniques and classification models used to enhance accuracy and reduce model training and testing time. For the purpose of anomaly identification, researchers have developed several machine learning and deep learning-based algorithms; nonetheless, accurate anomaly detection with low test and train times remains a challenge. Using a hybrid feature selection approach and a deep neural network- (DNN-) based classifier, the authors of this research suggest an enhanced intrusion detection system (IDS). In order to construct a subset of reduced and optimal features that may be used for classification, a hybrid feature selection model that consists of three methods, namely, chi square, ANOVA, and principal component analysis (PCA), is applied. These methods are referred to as “the big three.” On the NSL-KDD dataset, the suggested model receives training and is then evaluated. The proposed method was successful in achieving the following results: a reduction of input data by 40%, an average accuracy of 99.73%, a precision score of 99.75%, an F1 score of 99.72%, and an average training and testing time of 138% and 2.7 seconds, respectively. The findings of the experiments demonstrate that the proposed model is superior to the performance of the other comparison approaches.publishedVersio

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach

Cyber-Physical Systems and Smart Cities in India: Opportunities, Issues, and Challenges

A large section of the population around the globe is migrating towards urban settlements. Nations are working toward smart city projects to provide a better wellbeing for the inhabitants. Cyber-physical systems are at the core of the smart city setups. They are used in almost every system component within a smart city ecosystem. This paper attempts to discuss the key components and issues involved in transforming conventional cities into smart cities with a special focus on cyber-physical systems in the Indian context. The paper primarily focuses on the infrastructural facilities and technical knowhow to smartly convert classical cities that were built haphazardly due to overpopulation and ill planning into smart cities. It further discusses cyber-physical systems as a core component of smart city setups, highlighting the related security issues. The opportunities for businesses, governments, inhabitants, and other stakeholders in a smart city ecosystem in the Indian context are also discussed. Finally, it highlights the issues and challenges concerning technical, financial, and other social and infrastructural bottlenecks in the way of realizing smart city concepts along with future research directions

Spectrum Coexistence Mechanisms for Mobile Networks in Unlicensed Frequency Bands

Mobile network operators have historically experienced increasing traffic loads at a steady pace, which has always strained the available network capacity and claimed constantly for new methods to increase the network capacity. A key solution proposed to increase the available spectrum is the exploitation of the unlicensed spectrum in the 5 GHz bands, predominantly occupied by Wi-Fi technology. However, an uncontrolled deployment of mobile networks in unlicensed bands could potentially lead to a resource starvation prob lem for Wi-Fi networks and therefore degrade their performance significantly. To address this issue, the 3rd Generation Partnership Project (3GPP) standardised the Long Term Evolution Unlicensed (LTE-U) and Licensed Assisted Access (LAA) technologies. The main philosophy of these technologies is to allow mobile operators to benefit from the vast amount of available spectrum in unlicensed bands without degrading the performance of Wi-Fi networks, thus enabling a fair coexistence. However, the proposed coexistence mechanisms have been proven to provide very limited guarantees of fairness, if any at all. This thesis proposes several improvements to the 3GPP coexistence mechanisms to en able a truly fair coexistence between mobile and Wi-Fi networks in unlicensed bands. In particular, various methods are proposed to adjust the transmission duty cycle in LTE-U and to adapt/select both the waiting and transmission times for LAA. The main novelty of this work is that the proposed methods exploit the knowledge of the existing Wi-Fi activity statistics to tune the operating parameters of the coexistence protocol (duty cycle, contention window size and its adaptation, transmission opportunity times, etc.), optimise the fairness of spectrum coexistence and the performance of mobile networks. This research shows that, by means of a smart exploitation of the knowledge of the Wi-Fi activity statistics, it is possible to guarantee a truly fair coexistence between mobile and Wi-Fi systems in unlicensed bands. Compared to the 3GPP coexistence mechanisms, the proposed methods can attain a significantly better throughput performance for the mobile network while guaranteeing a fair coexistence with the Wi-Fi network. In some cases, the proposed methods are able not only to avoid degradation to the Wi-Fi network but even improve its performance (compared to a coexistence scenario between Wi-Fi networks only) as a result of the smart coexistence mechanisms proposed in this thesis. The proposed methods are evaluated for the 4G LTE standard but are similarly applicable to other more recent mobile technologies such as the Fifth Generation New Radio in Unlicensed bands (5G NR-U)

Network Threat Detection Using Machine/Deep Learning in SDN-Based Platforms: A Comprehensive Analysis of State-of-the-Art Solutions, Discussion, Challenges, and Future Research Direction

A revolution in network technology has been ushered in by software defined networking (SDN), which makes it possible to control the network from a central location and provides an overview of the network’s security. Despite this, SDN has a single point of failure that increases the risk of potential threats. Network intrusion detection systems (NIDS) prevent intrusions into a network and preserve the network’s integrity, availability, and confidentiality. Much work has been done on NIDS but there are still improvements needed in reducing false alarms and increasing threat detection accuracy. Recently advanced approaches such as deep learning (DL) and machine learning (ML) have been implemented in SDN-based NIDS to overcome the security issues within a network. In the first part of this survey paper, we offer an introduction to the NIDS theory, as well as recent research that has been conducted on the topic. After that, we conduct a thorough analysis of the most recent ML- and DL-based NIDS approaches to ensure reliable identification of potential security risks. Finally, we focus on the opportunities and difficulties that lie ahead for future research on SDN-based ML and DL for NIDS.publishedVersio

Revisiting the Feasibility of Public Key Cryptography in Light of IIoT Communications

Digital certificates are regarded as the most secure and scalable way of implementing authentication services in the Internet today. They are used by most popular security protocols, including Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The lifecycle management of digital certificates relies on centralized Certification Authority (CA)-based Public Key Infrastructures (PKIs). However, the implementation of PKIs and certificate lifecycle management procedures in Industrial Internet of Things (IIoT) environments presents some challenges, mainly due to the high resource consumption that they imply and the lack of trust in the centralized CAs. This paper identifies and describes the main challenges to implement certificate-based public key cryptography in IIoT environments and it surveys the alternative approaches proposed so far in the literature to address these challenges. Most proposals rely on the introduction of a Trusted Third Party to aid the IIoT devices in tasks that exceed their capacity. The proposed alternatives are complementary and their application depends on the specific challenge to solve, the application scenario, and the capacities of the involved IIoT devices. This paper revisits all these alternatives in light of industrial communication models, identifying their strengths and weaknesses, and providing an in-depth comparative analysis.This work was financially supported by the European commission through ECSEL-JU 2018 program under the COMP4DRONES project (grant agreement N∘ 826610), with national financing from France, Spain, Italy, Netherlands, Austria, Czech, Belgium and Latvia. It was also partially supported by the Ayudas Cervera para Centros Tecnológicos grant of the Spanish Centre for the Development of Industrial Technology (CDTI) under the project EGIDA (CER-20191012), and in part by the Department of Economic Development and Competitiveness of the Basque Government through the project TRUSTIND—Creating Trust in the Industrial Digital Transformation (KK-2020/00054)

HF-SCA: Hands-Free Strong Customer Authentication Based on a Memory-Guided Attention Mechanisms

Strong customer authentication (SCA) is a requirement of the European Union Revised Directive on Payment Services (PSD2) which ensures that electronic payments are performed with multifactor authentication. While increasing the security of electronic payments, the SCA impacted seriously on the shopping carts abandonment: an Italian bank computed that 22% of online purchases in the first semester of 2021 did not complete because of problems with the SCA. Luckily, the PSD2 allows the use of transaction risk analysis tool to exempt the SCA process. In this paper, we propose an unsupervised novel combination of existing machine learning techniques able to determine if a purchase is typical or not for a specific customer, so that in the case of a typical purchase the SCA could be exempted. We modified a well-known architecture (U-net) by replacing convolutional blocks with squeeze-and-excitation blocks. After that, a memory network was added in a latent space and an attention mechanism was introduced in the decoding side of the network. The proposed solution was able to detect nontypical purchases by creating temporal correlations between transactions. The network achieved 97.7% of AUC score over a well-known dataset retrieved online. By using this approach, we found that 98% of purchases could be executed by securely exempting the SCA, while shortening the customer’s journey and providing an elevated user experience. As an additional validation, we developed an Alexa skill for Amazon smart glasses which allows a user to shop and pay online by merely using vocal interaction, leaving the hands free to perform other activities, for example driving a car

Hydrogeological Risk Management in Smart Cities: A New Approach to Rainfall Classification Based on LTE Cell Selection Parameters

The sudden climate change, that has taken place in recent years, has generated calamitous phenomena linked to hydrogeological instability in many areas of the world. An accurate estimate of rainfall levels is fundamental in smart city application scenarios: it becomes essential to be able to warn of the imminent occurrence of a calamitous event and reduce the risk to human beings. Unfortunately, to date, traditional techniques for rainfall level estimation present numerous critical issues. This paper proposes a new approach to rainfall classification based on the LTE radio channel parameters adopted for the cell selection mechanism. In particular, this study highlights the correlation between the set of radio channel quality monitoring parameters and the relative rainfall intensity levels. Through a pattern recognition approach based on neural networks with Multi-Layer Perceptron (MLP), the proposed algorithm identifies five classes of rainfall levels with an average accuracy of 96 % and a F1 score of 93.6 %

Internet of Things and Sensors Networks in 5G Wireless Communications

The Internet of Things (IoT) has attracted much attention from society, industry and academia as a promising technology that can enhance day to day activities, and the creation of new business models, products and services, and serve as a broad source of research topics and ideas. A future digital society is envisioned, composed of numerous wireless connected sensors and devices. Driven by huge demand, the massive IoT (mIoT) or massive machine type communication (mMTC) has been identified as one of the three main communication scenarios for 5G. In addition to connectivity, computing and storage and data management are also long-standing issues for low-cost devices and sensors. The book is a collection of outstanding technical research and industrial papers covering new research results, with a wide range of features within the 5G-and-beyond framework. It provides a range of discussions of the major research challenges and achievements within this topic