1,259 research outputs found
Cloud-based Near Real-Time Multiclass Interruption Recognition and Classification using Ensemble and Deep Learning
Due to speedy development in internet facilities, detecting intrusions in a real-time cloud environment is challenging via traditional methods. In this case, advanced machine or deep learning methods can be efficiently used in anomaly or intrusion detection. Thus, the present study focuses on designing and developing the intrusion detection scheme using an ensemble learning-based random forest method and deep convolutional neural networks in a near real-time cloud atmosphere. The proposed models were tested on CSE-CICIDS2018 datasets in Python (Anaconda 3) environment. The proposed models achieved 97.73 and 99.91 per cent accuracy using random forest and deep convolutional neural networks, respectively. The developed models can be effectively utilised in real-time cloud datasets to detect intrusions
Deep Neural Networks based Meta-Learning for Network Intrusion Detection
The digitization of different components of industry and inter-connectivity
among indigenous networks have increased the risk of network attacks. Designing
an intrusion detection system to ensure security of the industrial ecosystem is
difficult as network traffic encompasses various attack types, including new
and evolving ones with minor changes. The data used to construct a predictive
model for computer networks has a skewed class distribution and limited
representation of attack types, which differ from real network traffic. These
limitations result in dataset shift, negatively impacting the machine learning
models' predictive abilities and reducing the detection rate against novel
attacks. To address the challenges, we propose a novel deep neural network
based Meta-Learning framework; INformation FUsion and Stacking Ensemble
(INFUSE) for network intrusion detection. First, a hybrid feature space is
created by integrating decision and feature spaces. Five different classifiers
are utilized to generate a pool of decision spaces. The feature space is then
enriched through a deep sparse autoencoder that learns the semantic
relationships between attacks. Finally, the deep Meta-Learner acts as an
ensemble combiner to analyze the hybrid feature space and make a final
decision. Our evaluation on stringent benchmark datasets and comparison to
existing techniques showed the effectiveness of INFUSE with an F-Score of 0.91,
Accuracy of 91.6%, and Recall of 0.94 on the Test+ dataset, and an F-Score of
0.91, Accuracy of 85.6%, and Recall of 0.87 on the stringent Test-21 dataset.
These promising results indicate the strong generalization capability and the
potential to detect network attacks.Comment: Pages: 15, Figures: 10 and Tables:
A toolbox for Artificial Intelligence Algorithms in Cyber Attacks Prevention and Detection
Dissertation presented as the partial requirement for obtaining a Master's degree in Information Management, specialization in Information Systems and Technologies ManagementThis Thesis provides a qualitative view on the usage of AI technology in cybersecurity strategy of businesses. It explores the field of AI technology today, and how it is a good technology to implement into Cyber Security. The Internet and Informational technology have transformed the world of today. There is no doubt that it has created huge opportunities for global economy and humanity. The fact that Businesses of today is thoroughly dependent on the Internet and Information Systems has also exposed new vulnerabilities in terms of cybercrimes performed by a diversity of hackers, criminals, terrorists, the state and the non-state actors. All Public, private companies and government agencies are vulnerable for cybercrimes, none is left fully protected. In the recent years AI and machine learning technology have become essential to information security, since these technologies can analyze swiftly millions of datasets and tracking down a wide range of cyber threats. Alongside With the increasingly growth of automation in businesses, is it realistic that cybersecurity can be removed from human interaction into fully independent AI Applications to cover the businesses Information System Architecture of businesses in the future? This is a very interesting field those resources really need to deep into to be able to fully take advantage of the fully potential of AI technology in the usage in the field of cybersecurity. This thesis will explore the usage of AI algorithms in the prevention and detection of cyberattack in businesses and how to optimize its use. This knowledge will be used to implement a framework and a corresponding hybrid toolbox application that its purpose is be to be useful in every business in terms of strengthening the cybersecurity environment
FedEdge AI-TC: A Semi-supervised Traffic Classification Method based on Trusted Federated Deep Learning for Mobile Edge Computing
As a typical entity of MEC (Mobile Edge Computing), 5G CPE (Customer Premise
Equipment)/HGU (Home Gateway Unit) has proven to be a promising alternative to
traditional Smart Home Gateway. Network TC (Traffic Classification) is a vital
service quality assurance and security management method for communication
networks, which has become a crucial functional entity in 5G CPE/HGU. In recent
years, many researchers have applied Machine Learning or Deep Learning (DL) to
TC, namely AI-TC, to improve its performance. However, AI-TC faces challenges,
including data dependency, resource-intensive traffic labeling, and user
privacy concerns. The limited computing resources of 5G CPE further complicate
efficient classification. Moreover, the "black box" nature of AI-TC models
raises transparency and credibility issues. The paper proposes the FedEdge
AI-TC framework, leveraging Federated Learning (FL) for reliable Network TC in
5G CPE. FL ensures privacy by employing local training, model parameter
iteration, and centralized training. A semi-supervised TC algorithm based on
Variational Auto-Encoder (VAE) and convolutional neural network (CNN) reduces
data dependency while maintaining accuracy. To optimize model light-weight
deployment, the paper introduces XAI-Pruning, an AI model compression method
combined with DL model interpretability. Experimental evaluation demonstrates
FedEdge AI-TC's superiority over benchmarks in terms of accuracy and efficient
TC performance. The framework enhances user privacy and model credibility,
offering a comprehensive solution for dependable and transparent Network TC in
5G CPE, thus enhancing service quality and security.Comment: 13 pages, 13 figure
Generic Patterns for Intrusion Detection Systems in Service-Oriented Automotive and Medical Architectures
To implement new software functions and more flexible updates in the future as well as to provide cloud-based functionality, the service-oriented architecture (SOA) paradigm is increasingly being integrated into automotive electrical and electronic architecture (E/E architectures). In addition to the automotive industry, the medical industry is also researching SOA-based solutions to increase the interoperability of devices (vendor-independent). The resulting service-oriented communication is no longer fully specified during design time, which affects information security measures. In this paper, we compare different SOA protocols for the automotive and medical fields. Furthermore, we explain the underlying communication patterns and derive features for the development of an SOA-based Intrusion Detection System (IDS)
CASPER: Context-Aware IoT Anomaly Detection System for Industrial Robotic Arms
Industrial cyber-physical systems (ICPS) are widely employed in supervising and controlling critical infrastructures (CIs), with manufacturing systems that incorporate industrial robotic arms being a prominent example. The increasing adoption of ubiquitous computing technologies in these systems has led to benefits such as real-time monitoring, reduced maintenance costs, and high interconnectivity. This adoption has also brought cybersecurity vulnerabilities exploited by adversaries disrupting manufacturing processes via manipulating actuator behaviors. Previous incidents in the industrial cyber domain prove that adversaries launch sophisticated attacks rendering network-based anomaly detection mechanisms insufficient as the "physics" involved in the process is overlooked. To address this issue, we propose an IoT-based cyber-physical anomaly detection system that can detect motion-based behavioral changes in an industrial robotic arm. We apply both statistical and state-of-the-art machine learning (ML) methods to real-time Inertial Measurement Unit (IMU) data collected from an edge development board attached to an arm doing a pick-and-place operation. To generate anomalies, we modify the joint velocity of the arm. Our goal is to create an air-gapped secondary protection layer to detect "physical" anomalies without depending on the integrity of network data, thus augmenting overall anomaly detection capability. Our empirical results show that the proposed system, which utilizes 1D-CNNs, can successfully detect motion-based anomalies on a real-world industrial robotic arm. The significance of our work lies in its contribution to developing a comprehensive solution for ICPS security, which goes beyond conventional network-based methods
Past, Present, Future: A Comprehensive Exploration of AI Use Cases in the UMBRELLA IoT Testbed
UMBRELLA is a large-scale, open-access Internet of Things (IoT) ecosystem
incorporating over 200 multi-sensor multi-wireless nodes, 20 collaborative
robots, and edge-intelligence-enabled devices. This paper provides a guide to
the implemented and prospective artificial intelligence (AI) capabilities of
UMBRELLA in real-world IoT systems. Four existing UMBRELLA applications are
presented in detail: 1) An automated streetlight monitoring for detecting
issues and triggering maintenance alerts; 2) A Digital twin of building
environments providing enhanced air quality sensing with reduced cost; 3) A
large-scale Federated Learning framework for reducing communication overhead;
and 4) An intrusion detection for containerised applications identifying
malicious activities. Additionally, the potential of UMBRELLA is outlined for
future smart city and multi-robot crowdsensing applications enhanced by
semantic communications and multi-agent planning. Finally, to realise the above
use-cases we discuss the need for a tailored MLOps platform to automate
UMBRELLA model pipelines and establish trust.Comment: 6 pgaes, 4 figures. This work has been accepted by PerCom TrustSense
workshop 202
- …