Enhancement performance of random forest algorithm via one hot encoding for IoT IDS

The random forest algorithm is one of important supervised machine learning (ML) algorithms. In the present paper, the accuracy of the results of the random forest (RF) algorithm has been improved by the use of the One Hot Encoding method. The Intrusion Detection System (IDS) can be defined as a system that can predict security vulnerabilities within network traffic and is located out of range on a network infrastructure. It does not affect the efficiency of the built-in network because it analyzes a copy of the built-in traffic flow and reports results to the administrator by giving alerts. However, since IDS is a listening system only, it cannot take automatic action to prevent an attack or security vulnerability detected from infecting the system, it provides information about the source address to start the break-in, the address of the target and the type of suspected attack. The IoTID20 dataset is used to verify the improved algorithm, where this dataset is having three targets, the proposed system is compared with the state-of-art approaches and shows superiority over them

Enhancement performance of random forest algorithm via one hot encoding for IoT IDS

The random forest algorithm is one of important supervised machine learning (ML) algorithms. In the present paper, the accuracy of the results of the random forest (RF) algorithm has been improved by the use of the One Hot Encoding method. The Intrusion Detection System (IDS) can be defined as a system that can predict security vulnerabilities within network traffic and is located out of range on a network infrastructure. It does not affect the efficiency of the built-in network because it analyzes a copy of the built-in traffic flow and reports results to the administrator by giving alerts. However, since IDS is a listening system only, it cannot take automatic action to prevent an attack or security vulnerability detected from infecting the system, it provides information about the source address to start the break-in, the address of the target and the type of suspected attack. The IoTID20 dataset is used to verify the improved algorithm, where this dataset is having three targets, the proposed system is compared with the state-of-art approaches and shows superiority over them

Analysis of a SCADA System Anomaly Detection Model Based on Information Entropy

SCADA (supervisory control and data acquisition) systems monitor and control many different types of critical infrastructure such as power, water, transportation, and pipelines. These once isolated systems are increasingly being connected to the internet to improve operations, which creates vulnerabilities to attacks. A SCADA operator receives automated alarms concerning system components operating out of normal thresholds. These alarms are susceptible to manipulation by an attacker. This research uses information theory to build an anomaly detection model that quantifies the uncertainty of the system based on alarm message frequency. Several attack scenarios are statistically analyzed for their significance including someone injecting false alarms or hiding alarms. This research evaluates the use of information theory for anomaly detection and the impact of different attack scenarios

BotCap: Machine Learning Approach for Botnet Detection Based on Statistical Features

In this paper, we describe a detailed approach to develop a botnet detection system using machine learning (ML)techniques. Detecting botnet member hosts, or identifying botnet traffic has been the main subject of manyresearch efforts. This research aims to overcome two serious limitations of current botnet detection systems:First, the need for Deep Packet Inspection-DPI and the need to collect traffic from several infected hosts. Toachieve that, we have analyzed several botware samples of known botnets. Based on this analysis, we haveidentified a set of statistical features that may help to distinguish between benign and botnet malicious traffic.Then, we have carried several machine learning experiments in order to test the suitability of ML techniques andalso to pick a minimal subset of the identified features that provide best detection. We have implemented ourapproach in a tool called BotCap whose test results showed its proven ability to detect individually infected hostsin a local network

Real-Time Sensor Networks and Systems for the Industrial IoT

The Industrial Internet of Things (Industrial IoT—IIoT) has emerged as the core construct behind the various cyber-physical systems constituting a principal dimension of the fourth Industrial Revolution. While initially born as the concept behind specific industrial applications of generic IoT technologies, for the optimization of operational efficiency in automation and control, it quickly enabled the achievement of the total convergence of Operational (OT) and Information Technologies (IT). The IIoT has now surpassed the traditional borders of automation and control functions in the process and manufacturing industry, shifting towards a wider domain of functions and industries, embraced under the dominant global initiatives and architectural frameworks of Industry 4.0 (or Industrie 4.0) in Germany, Industrial Internet in the US, Society 5.0 in Japan, and Made-in-China 2025 in China. As real-time embedded systems are quickly achieving ubiquity in everyday life and in industrial environments, and many processes already depend on real-time cyber-physical systems and embedded sensors, the integration of IoT with cognitive computing and real-time data exchange is essential for real-time analytics and realization of digital twins in smart environments and services under the various frameworks’ provisions. In this context, real-time sensor networks and systems for the Industrial IoT encompass multiple technologies and raise significant design, optimization, integration and exploitation challenges. The ten articles in this Special Issue describe advances in real-time sensor networks and systems that are significant enablers of the Industrial IoT paradigm. In the relevant landscape, the domain of wireless networking technologies is centrally positioned, as expected

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems

IMAT: A Lightweight IoT Network Intrusion Detection System based on Machine Learning techniques

Internet of Things (IoT) is one of the fast-expanding technologies nowadays, and promises to be revolutionary for the near future. IoT systems are in fact an incredible convenience due to centralized and computerized control of any electronic device. This technology allows various physical devices, home applications, vehicles, appliances, etc., to be interconnected and exposed to the Internet. On the other hand, it entails the fundamental need to protect the network from adversarial and unwanted alterations. To prevent such threats it is necessary to appeal to Intrusion Detection Systems (IDS), which can be used in information environments to monitor identified threats or anomalies. The most recent and efficient IDS applications involve the use of Machine Learning (ML) techniques which can automatically detect and prevent malicious attacks, such as distributed denial-of-service (DDoS), which represents a recurring thread to IoT networks in the last years. The work presented on this thesis comes with double purpose: build and test different light Machine Learning models which achieve great performance by running on resource-constrained devices; and at the same time we present a novel Network-based Intrusion Detection System based on the latter devices which can automatically detect IoT attack traffic. Our proposed system consists on deploying small low-powered devices to each component of an IoT environment where each device performs Machine Learning based Intrusion Detection at network level. In this work we describe and train different light-ML models which are tested on Raspberry Pis and FPGAs boards. The performance of such classifiers detecting benign and malicious traffic is presented and compared by response time, accuracy, precision, recall, f1-score and ROC-AUC metrics. The aim of this work is to test these machine learning models on recent datasets with the purpose of finding the most performing ones which can be used for intrusion-defense over IoT environments characterized by high flexibility, easy-installation and efficiency. The obtained results are above 0.99\% of accuracy for different models and they indicate that the proposed system can bring a remarkable layer of security. We show how Machine Learning applied to small low-cost devices is an efficient and versatile combination characterized by a bright future ahead.Internet of Things (IoT) is one of the fast-expanding technologies nowadays, and promises to be revolutionary for the near future. IoT systems are in fact an incredible convenience due to centralized and computerized control of any electronic device. This technology allows various physical devices, home applications, vehicles, appliances, etc., to be interconnected and exposed to the Internet. On the other hand, it entails the fundamental need to protect the network from adversarial and unwanted alterations. To prevent such threats it is necessary to appeal to Intrusion Detection Systems (IDS), which can be used in information environments to monitor identified threats or anomalies. The most recent and efficient IDS applications involve the use of Machine Learning (ML) techniques which can automatically detect and prevent malicious attacks, such as distributed denial-of-service (DDoS), which represents a recurring thread to IoT networks in the last years. The work presented on this thesis comes with double purpose: build and test different light Machine Learning models which achieve great performance by running on resource-constrained devices; and at the same time we present a novel Network-based Intrusion Detection System based on the latter devices which can automatically detect IoT attack traffic. Our proposed system consists on deploying small low-powered devices to each component of an IoT environment where each device performs Machine Learning based Intrusion Detection at network level. In this work we describe and train different light-ML models which are tested on Raspberry Pis and FPGAs boards. The performance of such classifiers detecting benign and malicious traffic is presented and compared by response time, accuracy, precision, recall, f1-score and ROC-AUC metrics. The aim of this work is to test these machine learning models on recent datasets with the purpose of finding the most performing ones which can be used for intrusion-defense over IoT environments characterized by high flexibility, easy-installation and efficiency. The obtained results are above 0.99\% of accuracy for different models and they indicate that the proposed system can bring a remarkable layer of security. We show how Machine Learning applied to small low-cost devices is an efficient and versatile combination characterized by a bright future ahead

A Machine Learning Enhanced Scheme for Intelligent Network Management

The versatile networking services bring about huge influence on daily living styles while the amount and diversity of services cause high complexity of network systems. The network scale and complexity grow with the increasing infrastructure apparatuses, networking function, networking slices, and underlying architecture evolution. The conventional way is manual administration to maintain the large and complex platform, which makes effective and insightful management troublesome. A feasible and promising scheme is to extract insightful information from largely produced network data. The goal of this thesis is to use learning-based algorithms inspired by machine learning communities to discover valuable knowledge from substantial network data, which directly promotes intelligent management and maintenance. In the thesis, the management and maintenance focus on two schemes: network anomalies detection and root causes localization; critical traffic resource control and optimization. Firstly, the abundant network data wrap up informative messages but its heterogeneity and perplexity make diagnosis challenging. For unstructured logs, abstract and formatted log templates are extracted to regulate log records. An in-depth analysis framework based on heterogeneous data is proposed in order to detect the occurrence of faults and anomalies. It employs representation learning methods to map unstructured data into numerical features, and fuses the extracted feature for network anomaly and fault detection. The representation learning makes use of word2vec-based embedding technologies for semantic expression. Next, the fault and anomaly detection solely unveils the occurrence of events while failing to figure out the root causes for useful administration so that the fault localization opens a gate to narrow down the source of systematic anomalies. The extracted features are formed as the anomaly degree coupled with an importance ranking method to highlight the locations of anomalies in network systems. Two types of ranking modes are instantiated by PageRank and operation errors for jointly highlighting latent issue of locations. Besides the fault and anomaly detection, network traffic engineering deals with network communication and computation resource to optimize data traffic transferring efficiency. Especially when network traffic are constrained with communication conditions, a pro-active path planning scheme is helpful for efficient traffic controlling actions. Then a learning-based traffic planning algorithm is proposed based on sequence-to-sequence model to discover hidden reasonable paths from abundant traffic history data over the Software Defined Network architecture. Finally, traffic engineering merely based on empirical data is likely to result in stale and sub-optimal solutions, even ending up with worse situations. A resilient mechanism is required to adapt network flows based on context into a dynamic environment. Thus, a reinforcement learning-based scheme is put forward for dynamic data forwarding considering network resource status, which explicitly presents a promising performance improvement. In the end, the proposed anomaly processing framework strengthens the analysis and diagnosis for network system administrators through synthesized fault detection and root cause localization. The learning-based traffic engineering stimulates networking flow management via experienced data and further shows a promising direction of flexible traffic adjustment for ever-changing environments

Recent Developments in Smart Healthcare

Medicine is undergoing a sector-wide transformation thanks to the advances in computing and networking technologies. Healthcare is changing from reactive and hospital-centered to preventive and personalized, from disease focused to well-being centered. In essence, the healthcare systems, as well as fundamental medicine research, are becoming smarter. We anticipate significant improvements in areas ranging from molecular genomics and proteomics to decision support for healthcare professionals through big data analytics, to support behavior changes through technology-enabled self-management, and social and motivational support. Furthermore, with smart technologies, healthcare delivery could also be made more efficient, higher quality, and lower cost. In this special issue, we received a total 45 submissions and accepted 19 outstanding papers that roughly span across several interesting topics on smart healthcare, including public health, health information technology (Health IT), and smart medicine