36 research outputs found
A Novel Efficient Dynamic Throttling Strategy for Blockchain-Based Intrusion Detection Systems in 6G-Enabled VSNs
Vehicular Social Networks (VSNs) have emerged as a new social interaction paradigm, where vehicles can form social networks on the roads to improve the convenience/safety of passengers. VSNs are part of Vehicle to Everything (V2X) services, which is one of the industrial verticals in the coming sixth generation (6G) networks. The lower latency, higher connection density, and near-100% coverage envisaged in 6G will enable more efficient implementation of VSNs applications. The purpose of this study is to address the problem of lateral movements of attackers who could compromise one device in a VSN, given the large number of connected devices and services in VSNs and attack other devices and vehicles. This challenge is addressed via our proposed Blockchain-based Collaborative Distributed Intrusion Detection (BCDID) system with a novel Dynamic Throttling Strategy (DTS) to detect and prevent attackers’ lateral movements in VSNs. Our experiments showed how the proposed DTS improve the effectiveness of the BCDID system in terms of detection capabilities and handling queries three times faster than the default strategy with 350k queries tested. We concluded that our DTS strategy can increase transaction processing capacity in the BCDID system and improve its performance while maintaining the integrity of data on-chain
Blockchain Technology in the Intrusion Detection Domain
The ability of blockchain technology to improve security and transparency across a range of industries has receivedA great deal of attention has been garnered lately in correcting the sentence.. In the domain of intrusion detection, where the identification and mitigation of cyber threats are paramount, blockchain has emerged as a promising solution. This abstract examines how blockchain is used in intrusion detection systems and emphasizes its advantages. Blockchain technology improves the security and integrity of intrusion detection systems by using a decentralized and immutable ledger. It provides an immutable audit trail, distributed consensus, and increased resilience to attacks. Moreover, blockchain fosters trust, transparency, and collaboration among stakeholders, enabling faster threat detection and response. This research can explore novel approaches to integrating blockchain into intrusion detection systems, providing stronger protection against cyber threats.Immutable Audit Trail: In the context of intrusion detection, the capacity of blockchain to produce an unalterable and transparent audit trail is of enormous value. Research in this area can focus on developing techniques to leverage the blockchain's audit trail for effective incident response, forensic investigations, and attribution of cyberattacks. We will use theweighted product model in this study, which is a research approach that gives weights to various factors and combines them to make conclusions based on their relative relevance in a weighted way. Taken as alternative is“IDS1, IDS2, IDS3, IDS4, IDS5, IDS6, IDS7, and IDS8”.Detection Quality, Performance, Stability, User Interface, Profile update, ConvenienceThe By this we can see that IDS4 has 1 RANK and IDS5 has the 8th RANK.In conclusion, blockchain technology holds great potential in the intrusion detection domain. Its decentralized and immutable nature can enhance the security and reliability of intrusion detection systems by providing transparent and tamper-proof logs of network activity. Blockchain-based solutions can improve threat detection, facilitate secure information sharing among entities, and enhance the overall resilience of intrusion detection systems. As the technology continues to evolve, further research and development in integrating blockchain with intrusion detection will unlock new possibilities for combating cyber threats
Detection Of Insider Attacks In Block Chain Network Using The Trusted Two Way Intrusion Detection System
For data privacy, system reliability, and security, Blockchain technologies
have become more popular in recent years. Despite its usefulness, the
blockchain is vulnerable to cyber assaults; for example, in January 2019 a 51%
attack on Ethereum Classic successfully exposed flaws in the platform's
security. From a statistical point of view, attacks represent a highly unusual
occurrence that deviates significantly from the norm. Blockchain attack
detection may benefit from Deep Learning, a field of study whose aim is to
discover insights, patterns, and anomalies within massive data repositories. In
this work, we define an trusted two way intrusion detection system based on a
Hierarchical weighed fuzzy algorithm and self-organized stacked network (SOSN)
deep learning model, that is trained exploiting aggregate information extracted
by monitoring blockchain activities. Here initially the smart contract handles
the node authentication. The purpose of authenticating the node is to ensure
that only specific nodes can submit and retrieve the information. We implement
Hierarchical weighed fuzzy algorithm to evaluate the trust ability of the
transaction nodes. Then the transaction verification step ensures that all
malicious transactions or activities on the submitted transaction by
self-organized stacked network deep learning model. The whole experimentation
was carried out under matlab environment. Extensive experimental results
confirm that our suggested detection method has better performance over
important indicators such as Precision, Recall, F-Score, overhead
IoT Security Evolution: Challenges and Countermeasures Review
Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain
Blockchain-based Architecture for Secured Cyberattack Signatures and Features Distribution
One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics\u27 exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics among each other. Researchers proposed a cooperative intrusion detection system (CoIDS) to share these attack characteristics effectively. Although this solution enhanced IDS node’s ability to respond to attacks previously identified by cooperating IDSs, malicious activities such as fake data injection, data manipulation or deletion, data integrity, and consistency are problems threatening this approach.
In this dissertation, we develop a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. The developed architecture achieves this result by continuously monitoring blockchain nodes\u27 behavior to detect and prevent malicious activities from both outsider and insider threats. Apart from this, the architecture facilitates scalable attack characteristics’ exchange among IDS nodes and ensures heterogeneous IDS participation. It is also robust to public IDS nodes joining and leaving the network. The security analysis result shows that the architecture can detect and prevent malicious activities from both outsider and insider attackers, while performance analysis shows scalability with low latency
Trustworthy Federated Learning: A Survey
Federated Learning (FL) has emerged as a significant advancement in the field
of Artificial Intelligence (AI), enabling collaborative model training across
distributed devices while maintaining data privacy. As the importance of FL
increases, addressing trustworthiness issues in its various aspects becomes
crucial. In this survey, we provide an extensive overview of the current state
of Trustworthy FL, exploring existing solutions and well-defined pillars
relevant to Trustworthy . Despite the growth in literature on trustworthy
centralized Machine Learning (ML)/Deep Learning (DL), further efforts are
necessary to identify trustworthiness pillars and evaluation metrics specific
to FL models, as well as to develop solutions for computing trustworthiness
levels. We propose a taxonomy that encompasses three main pillars:
Interpretability, Fairness, and Security & Privacy. Each pillar represents a
dimension of trust, further broken down into different notions. Our survey
covers trustworthiness challenges at every level in FL settings. We present a
comprehensive architecture of Trustworthy FL, addressing the fundamental
principles underlying the concept, and offer an in-depth analysis of trust
assessment mechanisms. In conclusion, we identify key research challenges
related to every aspect of Trustworthy FL and suggest future research
directions. This comprehensive survey serves as a valuable resource for
researchers and practitioners working on the development and implementation of
Trustworthy FL systems, contributing to a more secure and reliable AI
landscape.Comment: 45 Pages, 8 Figures, 9 Table
Federated Deep Learning for Zero-Day Botnet Attack Detection in IoT Edge Devices
Deep Learning (DL) has been widely proposed for botnet attack detection in Internet of Things (IoT) networks. However, the traditional Centralized DL (CDL) method cannot be used to detect previously unknown (zero-day) botnet attack without breaching the data privacy rights of the users. In this paper, we propose Federated Deep Learning (FDL) method for zero-day botnet attack detection to avoid data privacy leakage in IoT edge devices. In this method, an optimal Deep Neural Network (DNN) architecture is employed for network traffic classification. A model parameter server remotely coordinates the independent training of the DNN models in multiple IoT edge devices, while Federated Averaging (FedAvg) algorithm is used to aggregate local model updates. A global DNN model is produced after a number of communication rounds between the model parameter server and the IoT edge devices. Zero-day botnet attack scenarios in IoT edge devices is simulated with the Bot-IoT and N-BaIoT data sets. Experiment results show that FDL model: (a) detects zero-day botnet attacks with high classification performance; (b) guarantees data privacy and security; (c) has low communication overhead (d) requires low memory space for the storage of training data; and (e) has low network latency. Therefore, FDL method outperformed CDL, Localized DL, and Distributed DL methods in this application scenario
On the Integration of Blockchain and SDN: Overview, Applications, and Future Perspectives
Blockchain (BC) and Software-Defined Networking (SDN) are leading
technologies which have recently found applications in several network-related
scenarios and have consequently experienced a growing interest in the research
community. Indeed, current networks connect a massive number of objects over
the Internet and in this complex scenario, to ensure security, privacy,
confidentiality, and programmability, the utilization of BC and SDN have been
successfully proposed. In this work, we provide a comprehensive survey
regarding these two recent research trends and review the related
state-of-the-art literature. We first describe the main features of each
technology and discuss their most common and used variants. Furthermore, we
envision the integration of such technologies to jointly take advantage of
these latter efficiently. Indeed, we consider their group-wise utilization --
named BC-SDN -- based on the need for stronger security and privacy.
Additionally, we cover the application fields of these technologies both
individually and combined. Finally, we discuss the open issues of reviewed
research and describe potential directions for future avenues regarding the
integration of BC and SDN.
To summarize, the contribution of the present survey spans from an overview
of the literature background on BC and SDN to the discussion of the benefits
and limitations of BC-SDN integration in different fields, which also raises
open challenges and possible future avenues examined herein. To the best of our
knowledge, compared to existing surveys, this is the first work that analyzes
the aforementioned aspects in light of a broad BC-SDN integration, with a
specific focus on security and privacy issues in actual utilization scenarios.Comment: 42 pages, 14 figures, to be published in Journal of Network and
Systems Management - Special Issue on Blockchains and Distributed Ledgers in
Network and Service Managemen
Assessing Feature Representations for Instance-Based Cross-Domain Anomaly Detection in Cloud Services Univariate Time Series Data
In this paper, we compare and assess the efficacy of a number of time-series instance feature representations for anomaly detection. To assess whether there are statistically significant differences between different feature representations for anomaly detection in a time series, we calculate and compare confidence intervals on the average performance of different feature sets across a number of different model types and cross-domain time-series datasets. Our results indicate that the catch22 time-series feature set augmented with features based on rolling mean and variance performs best on average, and that the difference in performance between this feature set and the next best feature set is statistically significant. Furthermore, our analysis of the features used by the most successful model indicates that features related to mean and variance are the most informative for anomaly detection. We also find that features based on model forecast errors are useful for anomaly detection for some but not all datasets