A Novel Efficient Dynamic Throttling Strategy for Blockchain-Based Intrusion Detection Systems in 6G-Enabled VSNs

Vehicular Social Networks (VSNs) have emerged as a new social interaction paradigm, where vehicles can form social networks on the roads to improve the convenience/safety of passengers. VSNs are part of Vehicle to Everything (V2X) services, which is one of the industrial verticals in the coming sixth generation (6G) networks. The lower latency, higher connection density, and near-100% coverage envisaged in 6G will enable more efficient implementation of VSNs applications. The purpose of this study is to address the problem of lateral movements of attackers who could compromise one device in a VSN, given the large number of connected devices and services in VSNs and attack other devices and vehicles. This challenge is addressed via our proposed Blockchain-based Collaborative Distributed Intrusion Detection (BCDID) system with a novel Dynamic Throttling Strategy (DTS) to detect and prevent attackers’ lateral movements in VSNs. Our experiments showed how the proposed DTS improve the effectiveness of the BCDID system in terms of detection capabilities and handling queries three times faster than the default strategy with 350k queries tested. We concluded that our DTS strategy can increase transaction processing capacity in the BCDID system and improve its performance while maintaining the integrity of data on-chain

Blockchain Technology in the Intrusion Detection Domain

The ability of blockchain technology to improve security and transparency across a range of industries has receivedA great deal of attention has been garnered lately in correcting the sentence.. In the domain of intrusion detection, where the identification and mitigation of cyber threats are paramount, blockchain has emerged as a promising solution. This abstract examines how blockchain is used in intrusion detection systems and emphasizes its advantages. Blockchain technology improves the security and integrity of intrusion detection systems by using a decentralized and immutable ledger. It provides an immutable audit trail, distributed consensus, and increased resilience to attacks. Moreover, blockchain fosters trust, transparency, and collaboration among stakeholders, enabling faster threat detection and response. This research can explore novel approaches to integrating blockchain into intrusion detection systems, providing stronger protection against cyber threats.Immutable Audit Trail: In the context of intrusion detection, the capacity of blockchain to produce an unalterable and transparent audit trail is of enormous value. Research in this area can focus on developing techniques to leverage the blockchain's audit trail for effective incident response, forensic investigations, and attribution of cyberattacks. We will use theweighted product model in this study, which is a research approach that gives weights to various factors and combines them to make conclusions based on their relative relevance in a weighted way. Taken as alternative is“IDS1, IDS2, IDS3, IDS4, IDS5, IDS6, IDS7, and IDS8”.Detection Quality, Performance, Stability, User Interface, Profile update, ConvenienceThe By this we can see that IDS4 has 1 RANK and IDS5 has the 8th RANK.In conclusion, blockchain technology holds great potential in the intrusion detection domain. Its decentralized and immutable nature can enhance the security and reliability of intrusion detection systems by providing transparent and tamper-proof logs of network activity. Blockchain-based solutions can improve threat detection, facilitate secure information sharing among entities, and enhance the overall resilience of intrusion detection systems. As the technology continues to evolve, further research and development in integrating blockchain with intrusion detection will unlock new possibilities for combating cyber threats

Detection Of Insider Attacks In Block Chain Network Using The Trusted Two Way Intrusion Detection System

For data privacy, system reliability, and security, Blockchain technologies have become more popular in recent years. Despite its usefulness, the blockchain is vulnerable to cyber assaults; for example, in January 2019 a 51% attack on Ethereum Classic successfully exposed flaws in the platform's security. From a statistical point of view, attacks represent a highly unusual occurrence that deviates significantly from the norm. Blockchain attack detection may benefit from Deep Learning, a field of study whose aim is to discover insights, patterns, and anomalies within massive data repositories. In this work, we define an trusted two way intrusion detection system based on a Hierarchical weighed fuzzy algorithm and self-organized stacked network (SOSN) deep learning model, that is trained exploiting aggregate information extracted by monitoring blockchain activities. Here initially the smart contract handles the node authentication. The purpose of authenticating the node is to ensure that only specific nodes can submit and retrieve the information. We implement Hierarchical weighed fuzzy algorithm to evaluate the trust ability of the transaction nodes. Then the transaction verification step ensures that all malicious transactions or activities on the submitted transaction by self-organized stacked network deep learning model. The whole experimentation was carried out under matlab environment. Extensive experimental results confirm that our suggested detection method has better performance over important indicators such as Precision, Recall, F-Score, overhead

IoT Security Evolution: Challenges and Countermeasures Review

Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain

Blockchain-based Architecture for Secured Cyberattack Signatures and Features Distribution

One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics\u27 exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics among each other. Researchers proposed a cooperative intrusion detection system (CoIDS) to share these attack characteristics effectively. Although this solution enhanced IDS node’s ability to respond to attacks previously identified by cooperating IDSs, malicious activities such as fake data injection, data manipulation or deletion, data integrity, and consistency are problems threatening this approach. In this dissertation, we develop a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. The developed architecture achieves this result by continuously monitoring blockchain nodes\u27 behavior to detect and prevent malicious activities from both outsider and insider threats. Apart from this, the architecture facilitates scalable attack characteristics’ exchange among IDS nodes and ensures heterogeneous IDS participation. It is also robust to public IDS nodes joining and leaving the network. The security analysis result shows that the architecture can detect and prevent malicious activities from both outsider and insider attackers, while performance analysis shows scalability with low latency

Trustworthy Federated Learning: A Survey

Federated Learning (FL) has emerged as a significant advancement in the field of Artificial Intelligence (AI), enabling collaborative model training across distributed devices while maintaining data privacy. As the importance of FL increases, addressing trustworthiness issues in its various aspects becomes crucial. In this survey, we provide an extensive overview of the current state of Trustworthy FL, exploring existing solutions and well-defined pillars relevant to Trustworthy . Despite the growth in literature on trustworthy centralized Machine Learning (ML)/Deep Learning (DL), further efforts are necessary to identify trustworthiness pillars and evaluation metrics specific to FL models, as well as to develop solutions for computing trustworthiness levels. We propose a taxonomy that encompasses three main pillars: Interpretability, Fairness, and Security & Privacy. Each pillar represents a dimension of trust, further broken down into different notions. Our survey covers trustworthiness challenges at every level in FL settings. We present a comprehensive architecture of Trustworthy FL, addressing the fundamental principles underlying the concept, and offer an in-depth analysis of trust assessment mechanisms. In conclusion, we identify key research challenges related to every aspect of Trustworthy FL and suggest future research directions. This comprehensive survey serves as a valuable resource for researchers and practitioners working on the development and implementation of Trustworthy FL systems, contributing to a more secure and reliable AI landscape.Comment: 45 Pages, 8 Figures, 9 Table

Federated Deep Learning for Zero-Day Botnet Attack Detection in IoT Edge Devices

Deep Learning (DL) has been widely proposed for botnet attack detection in Internet of Things (IoT) networks. However, the traditional Centralized DL (CDL) method cannot be used to detect previously unknown (zero-day) botnet attack without breaching the data privacy rights of the users. In this paper, we propose Federated Deep Learning (FDL) method for zero-day botnet attack detection to avoid data privacy leakage in IoT edge devices. In this method, an optimal Deep Neural Network (DNN) architecture is employed for network traffic classification. A model parameter server remotely coordinates the independent training of the DNN models in multiple IoT edge devices, while Federated Averaging (FedAvg) algorithm is used to aggregate local model updates. A global DNN model is produced after a number of communication rounds between the model parameter server and the IoT edge devices. Zero-day botnet attack scenarios in IoT edge devices is simulated with the Bot-IoT and N-BaIoT data sets. Experiment results show that FDL model: (a) detects zero-day botnet attacks with high classification performance; (b) guarantees data privacy and security; (c) has low communication overhead (d) requires low memory space for the storage of training data; and (e) has low network latency. Therefore, FDL method outperformed CDL, Localized DL, and Distributed DL methods in this application scenario

On the Integration of Blockchain and SDN: Overview, Applications, and Future Perspectives

Blockchain (BC) and Software-Defined Networking (SDN) are leading technologies which have recently found applications in several network-related scenarios and have consequently experienced a growing interest in the research community. Indeed, current networks connect a massive number of objects over the Internet and in this complex scenario, to ensure security, privacy, confidentiality, and programmability, the utilization of BC and SDN have been successfully proposed. In this work, we provide a comprehensive survey regarding these two recent research trends and review the related state-of-the-art literature. We first describe the main features of each technology and discuss their most common and used variants. Furthermore, we envision the integration of such technologies to jointly take advantage of these latter efficiently. Indeed, we consider their group-wise utilization -- named BC-SDN -- based on the need for stronger security and privacy. Additionally, we cover the application fields of these technologies both individually and combined. Finally, we discuss the open issues of reviewed research and describe potential directions for future avenues regarding the integration of BC and SDN. To summarize, the contribution of the present survey spans from an overview of the literature background on BC and SDN to the discussion of the benefits and limitations of BC-SDN integration in different fields, which also raises open challenges and possible future avenues examined herein. To the best of our knowledge, compared to existing surveys, this is the first work that analyzes the aforementioned aspects in light of a broad BC-SDN integration, with a specific focus on security and privacy issues in actual utilization scenarios.Comment: 42 pages, 14 figures, to be published in Journal of Network and Systems Management - Special Issue on Blockchains and Distributed Ledgers in Network and Service Managemen

Assessing Feature Representations for Instance-Based Cross-Domain Anomaly Detection in Cloud Services Univariate Time Series Data

In this paper, we compare and assess the efficacy of a number of time-series instance feature representations for anomaly detection. To assess whether there are statistically significant differences between different feature representations for anomaly detection in a time series, we calculate and compare confidence intervals on the average performance of different feature sets across a number of different model types and cross-domain time-series datasets. Our results indicate that the catch22 time-series feature set augmented with features based on rolling mean and variance performs best on average, and that the difference in performance between this feature set and the next best feature set is statistically significant. Furthermore, our analysis of the features used by the most successful model indicates that features related to mean and variance are the most informative for anomaly detection. We also find that features based on model forecast errors are useful for anomaly detection for some but not all datasets