Botnet attacks detection in IoT environment using machine learning techniques

IoT devices with weak security designs are a serious threat to organizations. They are the building blocks of Botnets, the platforms that launch organized attacks that are capable of shutting down an entire infrastructure. Researchers have been developing IDS solutions that can counter such threats, often by employing innovation from other disciplines like artificial intelligence and machine learning. One of the issues that may be encountered when machine learning is used is dataset purity. Since they are not captured from perfect environments, datasets may contain data that could affect the machine learning process, negatively. Algorithms already exist for such problems. Repeated Edited Nearest Neighbor (RENN), Encoding Length (Explore), and Decremental Reduction Optimization Procedure 5 (DROP5) algorithm can filter noises out of datasets. They also provide other benefits such as instance reduction which could help reduce larger Botnet datasets, without sacrificing their quality. Three datasets were chosen in this study to construct an IDS: IoTID20, N-BaIoT and MedBIoT. The filtering algorithms, RENN, Explore, and DROP5 were used on them to filter noise and reduce instances. Noise was also injected and filtered again to assess the resilience of these filters. Then feature optimizations were used to shrink the dataset features. Finally, machine learning was applied on the processed dataset and the resulting IDS was evaluated with the standard supervised learning metrics: Accuracy, Precision, Recall, Specificity, F-Score and G-Mean. Results showed that RENN and DROP5 filtering delivered excellent results. DROP5, in particular, managed to reduce the dataset substantially without sacrificing accuracy. However, when noise got injected, the DROP5 accuracy went down and could not keep up. Of the three dataset, N-BaIoT delivers the best accuracy overall across the learning techniques

Android malicious attacks detection models using machine learning techniques based on permissions

The Android operating system is the most used mobile operating system in the world, and it is one of the most popular operating systems for different kinds of devices from smartwatches, IoT, and TVs to mobiles and cockpits in cars. Security is the main challenge to any operating system. Android malware attacks and vulnerabilities are known as emerging risks for mobile devices. The development of Android malware has been observed to be at an accelerated speed. Most Android security breaches permitted by permission misuse are amongst the most critical and prevalent issues threatening Android OS security. This research performs several studies on malware and non-malware applications to provide a recently updated dataset. The goal of proposed models is to find a combination of noise-cleaning algorithms, features selection techniques, and classification algorithms that are noise-tolerant and can achieve high accuracy results in detecting new Android malware. The results from the empirical experiments show that the proposed models are able to detect Android malware with an accuracy that reaches 87%, despite the noise in the dataset. We also find that the best classification results are achieved using the RF algorithm. This work can be extended in many ways by applying higher noise ratios and running more classifiers and optimizers

Discriminative context-aware network for camouflaged object detection

IntroductionAnimals use camouflage (background matching, disruptive coloration, etc.) for protection, confusing predators and making detection difficult. Camouflage Object Detection (COD) tackles this challenge by identifying objects seamlessly blended into their surroundings. Existing COD techniques struggle with hidden objects due to noisy inferences inherent in natural environments. To address this, we propose the Discriminative Context-aware Network (DiCANet) for improved COD performance.MethodsDiCANet addresses camouflage challenges through a two-stage approach. First, an adaptive restoration block intelligently learns feature weights, prioritizing informative channels and pixels. This enhances convolutional neural networks’ ability to represent diverse data and handle complex camouflage. Second, a cascaded detection module with an enlarged receptive field refines the object prediction map, achieving clear boundaries without post-processing.ResultsWithout post-processing, DiCANet achieves state-of-the-art performance on challenging COD datasets (CAMO, CHAMELEON, COD10K) by generating accurate saliency maps with rich contextual details and precise boundaries.DiscussionDiCANet tackles the challenge of identifying camouflaged objects in noisy environments with its two-stage restoration and cascaded detection approach. This innovative architecture surpasses existing methods in COD tasks, as proven by benchmark dataset experiments

Antimicrobial resistance among migrants in Europe: a systematic review and meta-analysis

BACKGROUND: Rates of antimicrobial resistance (AMR) are rising globally and there is concern that increased migration is contributing to the burden of antibiotic resistance in Europe. However, the effect of migration on the burden of AMR in Europe has not yet been comprehensively examined. Therefore, we did a systematic review and meta-analysis to identify and synthesise data for AMR carriage or infection in migrants to Europe to examine differences in patterns of AMR across migrant groups and in different settings. METHODS: For this systematic review and meta-analysis, we searched MEDLINE, Embase, PubMed, and Scopus with no language restrictions from Jan 1, 2000, to Jan 18, 2017, for primary data from observational studies reporting antibacterial resistance in common bacterial pathogens among migrants to 21 European Union-15 and European Economic Area countries. To be eligible for inclusion, studies had to report data on carriage or infection with laboratory-confirmed antibiotic-resistant organisms in migrant populations. We extracted data from eligible studies and assessed quality using piloted, standardised forms. We did not examine drug resistance in tuberculosis and excluded articles solely reporting on this parameter. We also excluded articles in which migrant status was determined by ethnicity, country of birth of participants' parents, or was not defined, and articles in which data were not disaggregated by migrant status. Outcomes were carriage of or infection with antibiotic-resistant organisms. We used random-effects models to calculate the pooled prevalence of each outcome. The study protocol is registered with PROSPERO, number CRD42016043681. FINDINGS: We identified 2274 articles, of which 23 observational studies reporting on antibiotic resistance in 2319 migrants were included. The pooled prevalence of any AMR carriage or AMR infection in migrants was 25·4% (95% CI 19·1-31·8; I2 =98%), including meticillin-resistant Staphylococcus aureus (7·8%, 4·8-10·7; I2 =92%) and antibiotic-resistant Gram-negative bacteria (27·2%, 17·6-36·8; I2 =94%). The pooled prevalence of any AMR carriage or infection was higher in refugees and asylum seekers (33·0%, 18·3-47·6; I2 =98%) than in other migrant groups (6·6%, 1·8-11·3; I2 =92%). The pooled prevalence of antibiotic-resistant organisms was slightly higher in high-migrant community settings (33·1%, 11·1-55·1; I2 =96%) than in migrants in hospitals (24·3%, 16·1-32·6; I2 =98%). We did not find evidence of high rates of transmission of AMR from migrant to host populations. INTERPRETATION: Migrants are exposed to conditions favouring the emergence of drug resistance during transit and in host countries in Europe. Increased antibiotic resistance among refugees and asylum seekers and in high-migrant community settings (such as refugee camps and detention facilities) highlights the need for improved living conditions, access to health care, and initiatives to facilitate detection of and appropriate high-quality treatment for antibiotic-resistant infections during transit and in host countries. Protocols for the prevention and control of infection and for antibiotic surveillance need to be integrated in all aspects of health care, which should be accessible for all migrant groups, and should target determinants of AMR before, during, and after migration. FUNDING: UK National Institute for Health Research Imperial Biomedical Research Centre, Imperial College Healthcare Charity, the Wellcome Trust, and UK National Institute for Health Research Health Protection Research Unit in Healthcare-associated Infections and Antimictobial Resistance at Imperial College London

Surgical site infection after gastrointestinal surgery in high-income, middle-income, and low-income countries: a prospective, international, multicentre cohort study

Background: Surgical site infection (SSI) is one of the most common infections associated with health care, but its importance as a global health priority is not fully understood. We quantified the burden of SSI after gastrointestinal surgery in countries in all parts of the world. Methods: This international, prospective, multicentre cohort study included consecutive patients undergoing elective or emergency gastrointestinal resection within 2-week time periods at any health-care facility in any country. Countries with participating centres were stratified into high-income, middle-income, and low-income groups according to the UN's Human Development Index (HDI). Data variables from the GlobalSurg 1 study and other studies that have been found to affect the likelihood of SSI were entered into risk adjustment models. The primary outcome measure was the 30-day SSI incidence (defined by US Centers for Disease Control and Prevention criteria for superficial and deep incisional SSI). Relationships with explanatory variables were examined using Bayesian multilevel logistic regression models. This trial is registered with ClinicalTrials.gov, number NCT02662231. Findings: Between Jan 4, 2016, and July 31, 2016, 13 265 records were submitted for analysis. 12 539 patients from 343 hospitals in 66 countries were included. 7339 (58·5%) patient were from high-HDI countries (193 hospitals in 30 countries), 3918 (31·2%) patients were from middle-HDI countries (82 hospitals in 18 countries), and 1282 (10·2%) patients were from low-HDI countries (68 hospitals in 18 countries). In total, 1538 (12·3%) patients had SSI within 30 days of surgery. The incidence of SSI varied between countries with high (691 [9·4%] of 7339 patients), middle (549 [14·0%] of 3918 patients), and low (298 [23·2%] of 1282) HDI (p < 0·001). The highest SSI incidence in each HDI group was after dirty surgery (102 [17·8%] of 574 patients in high-HDI countries; 74 [31·4%] of 236 patients in middle-HDI countries; 72 [39·8%] of 181 patients in low-HDI countries). Following risk factor adjustment, patients in low-HDI countries were at greatest risk of SSI (adjusted odds ratio 1·60, 95% credible interval 1·05–2·37; p=0·030). 132 (21·6%) of 610 patients with an SSI and a microbiology culture result had an infection that was resistant to the prophylactic antibiotic used. Resistant infections were detected in 49 (16·6%) of 295 patients in high-HDI countries, in 37 (19·8%) of 187 patients in middle-HDI countries, and in 46 (35·9%) of 128 patients in low-HDI countries (p < 0·001). Interpretation: Countries with a low HDI carry a disproportionately greater burden of SSI than countries with a middle or high HDI and might have higher rates of antibiotic resistance. In view of WHO recommendations on SSI prevention that highlight the absence of high-quality interventional research, urgent, pragmatic, randomised trials based in LMICs are needed to assess measures aiming to reduce this preventable complication

Blockchain-Based Applications in Education: A Systematic Review

Recently, blockchain technology has gained considerable attention from researchers and practitioners. This is mainly due to its unique features including decentralization, security, reliability, and data integrity. Despite this growing interest, little is known about the current state of knowledge and practice regarding the use of blockchain technology in education. This article is a systematic review of research investigating blockchain-based educational applications. It focuses on three main themes: (1) educational applications that have been developed with blockchain technology, (2) benefits that blockchain technology could bring to education, and (3) challenges of adopting blockchain technology in education. A detailed results analysis of each theme was conducted as well as an intensive discussion based on the findings. This review also offers insight into other educational areas that could benefit from blockchain technology

Detection of Primary User Emulation Attack Using the Differential Evolution Algorithm in Cognitive Radio Networks

Cognitive Radio Network (CRN) is an emerging technology used to solve spectrum shortage problems in wireless communications. In CRN, unlicensed secondary users (SUs) and licensed primary users (PUs) use spectrum resources at the same time by avoiding any interference from SUs. However, the spectrum sensing process in CRN is often disturbed by a security issue known as the Primary User Emulation Attack (PUEA). PUEA is one of the main security issues that disrupt the whole activity of CRN. The attacker transmits false information to interrupt the spectrum sensing process of CRN, which leads to poor usage of the spectrum. The proposed study uses a proficient Time Difference of Arrival (TDOA) based localization method using the Differential Evolution (DE) algorithm to identify the PUEA in CRNs. The DE algorithm is used to solve the objective function of TDOA values. The proposed methodology constructs a CRN and identifies PUEA. The proposed method aims to sense and localize PUEA efficiently. Mean Square Error (MSE) is the performance evaluation parameter that is used to measure the accuracy of the proposed technique. The results are compared with the previously proposed Firefly optimization algorithm (FA). It is clear from the results that DE converges faster than FA

Secure Cooperative Routing in Wireless Sensor Networks

In wireless sensor networks (WSNs), sensor nodes are randomly distributed to transmit sensed data packets to the base station periodically. These sensor nodes, because of constrained battery power and storage space, cannot utilize conventional security measures. The widely held challenging issues for the network layer of WSNs are the packet-dropping attacks, mainly sinkhole and wormhole attacks, which focus on the routing pattern of the protocol. This thesis presents an improved version of the second level of the guard to the system, intrusion detection systems (IDSs), to limit the hostile impact of these attacks in a Low Energy Adaptive Clustering Hierarchy (LEACH) environment. The proposed system named multipath intrusion detection system (MIDS) integrates an IDs with ad hoc on-demand Multipath Distance Vector (AOMDV) protocol. The IDS agent uses the number of packets transmitted and received to calculate intrusion ratio (IR), which helps to mitigate sinkhole attacks and from AOMDV protocol round trip time (RTT) is computed by taking the difference between route request and route reply time to mitigate wormhole attack. MATLAB simulation results show that this cooperative model is an effective technique due to the higher packet delivery ratio (PDR), throughput, and detection accuracy. The proposed MIDS algorithm is proven to be more efficient when compared with an existing LEACH-based IDS system and MS-LEACH in terms of overall energy consumption, lifetime, and throughput of the network