5 research outputs found
Reliable Machine Learning Model for IIoT Botnet Detection
Due to the growing number of Internet of Things (IoT) devices, network attacks like denial of service (DoS) and floods are rising for security and reliability issues. As a result of these attacks, IoT devices suffer from denial of service and network disruption. Researchers have implemented different techniques to identify attacks aimed at vulnerable Internet of Things (IoT) devices. In this study, we propose a novel features selection algorithm FGOA-kNN based on a hybrid filter and wrapper selection approaches to select the most relevant features. The novel approach integrated with clustering rank the features and then applies the Grasshopper algorithm (GOA) to minimize the top-ranked features. Moreover, a proposed algorithm, IHHO, selects and adapts the neural network’s hyper parameters to detect botnets efficiently. The proposed Harris Hawks algorithm is enhanced with three improvements to improve the global search process for optimal solutions. To tackle the problem of population diversity, a chaotic map function is utilized for initialization. The escape energy of hawks is updated with a new nonlinear formula to avoid the local minima and better balance between exploration and exploitation. Furthermore, the exploitation phase of HHO is enhanced using a new elite operator ROBL. The proposed model combines unsupervised, clustering, and supervised approaches to detect intrusion behaviors. The N-BaIoT dataset is utilized to validate the proposed model. Many recent techniques were used to assess and compare the proposed model’s performance. The result demonstrates that the proposed model is better than other variations at detecting multiclass botnet attacks
On digital forensic readiness in the cloud using a distributed agent-based solution : issues and challenges
The need to perform digital investigations has over the years led to the exponential growth of
the field of Digital Forensics (DF). However, quite a number of challenges face the act of
proving – for purposes of Digital Forensic Readiness (DFR) – that an electronic event has
occurred in cyberspace. The problem that this research addresses involves the challenges
faced when an Agent-Based Solution (ABS) is used in the cloud to extract Potential Digital
Evidence (PDE) for DFR purposes. Throughout the paper the authors have modified the
functionality of an initially malicious botnet to act as a distributed forensic agent to conduct
this process. The paper focuses on the general, technical and operational challenges that are
encountered when trying to achieve DFR in the cloud environment. The authors finally
propose a contribution by assessing the possible solutions from a general, technical and
operational point of view.National Research Foundation [grant number UID85794].http://www.tandfonline.com/loi/tajf202017-06-30hb2016Computer Scienc
Novel digital forensic readiness technique in the cloud environment
This paper examines the design and implementation of a feasible
technique for performing Digital Forensic Readiness (DFR) in cloud
computing environments. The approach employs a modified
obfuscated Non-Malicious Botnet (NMB) whose functionality
operates as a distributed forensic Agent-Based Solution (ABS) in a
cloud environment with capabilities of performing forensic logging
for DFR purposes. Under basic Service Level Agreements (SLAs), this
proactive technique allows any organization to perform DFR in the
cloud without interfering with operations and functionalities of the
existing cloud architecture or infrastructure and the collected file
metadata. Based on the evaluation discussed, the effectiveness of
our approach is presented as the easiest way of conducting DFR
in the cloud environment as stipulated in the ISO/IEC 27043: 2015
international standard, which is a standard of information technology,
security techniques and incident investigation principles and
processes. Through this technique, digital forensic analysts are able
to maximize the potential use of digital evidence while minimizing
the cost of conducting DFR. As a result of this process, the time
and cost needed to conduct a Digital Forensic Investigation (DFI) is
saved. As a consequence, the technique helps the law enforcement,
forensic analysts and Digital Forensic Investigators (DFIs) during
post-event response and in a court of law to develop a hypothesis
in order to prove or disprove a fact during an investigative process,
if there is an occurrence of a security incident. Experimental results
of the developed prototype are described which conclude that the
technique is effective in improving the planning and preparation of
pre-incident detection during digital crime investigations. In spite of
that, a comparison with other existing forensic readiness models has
been conducted to show the effectiveness of the previously proposed
Cloud Forensic Readiness as a Service (CFRaaS) model.The work was supported by National Research Foundation (Grant No. UID85794).The National Research Foundation (Grant No. UID85794)http://www.tandfonline.com/loi/tajf202018-01-31hb2017Computer Scienc