Manish Kumar,Sunggon Kim

DOI: https://doi.org/10.3390/electronics13173461

IF: 2.9

2024-09-03

Electronics

Abstract:The proliferation of the Internet of Health Things (IoHT) introduces significant benefits for healthcare through enhanced connectivity and data-driven insights, but it also presents substantial cybersecurity challenges. Protecting sensitive health data from cyberattacks is critical. This paper proposes a novel approach for detecting cyberattacks in IoHT environments using a Federated Learning (FL) framework integrated with Long Short-Term Memory (LSTM) networks. The FL paradigm ensures data privacy by allowing individual IoHT devices to collaboratively train a global model without sharing local data, thereby maintaining patient confidentiality. LSTM networks, known for their effectiveness in handling time-series data, are employed to capture and analyze temporal patterns indicative of cyberthreats. Our proposed system uses an embedded feature selection technique that minimizes the computational complexity of the cyberattack detection model and leverages the decentralized nature of FL to create a robust and scalable cyberattack detection mechanism. We refer to the proposed approach as Embedded Federated Learning-Driven Long Short-Term Memory (EFL-LSTM). Extensive experiments using real-world ECU-IoHT data demonstrate that our proposed model outperforms traditional models regarding accuracy (97.16%) and data privacy. The outcomes highlight the feasibility and advantages of integrating Federated Learning with LSTM networks to enhance the cybersecurity posture of IoHT infrastructures. This research paves the way for future developments in secure and privacy-preserving IoHT systems, ensuring reliable protection against evolving cyberthreats.

engineering, electrical & electronic,computer science, information systems,physics, applied

Sidra Abbas,Imen Bouazzi,Stephen Ojo,Abdullah Al Hejaili,Gabriel Avelino Sampedro,Ahmad Almadhor,Michal Gregus

DOI: https://doi.org/10.7717/peerj-cs.1793

2024-01-17

PeerJ Computer Science

Abstract:The Internet of Things (IoT), considered an intriguing technology with substantial potential for tackling many societal concerns, has been developing into a significant component of the future. The foundation of IoT is the capacity to manipulate and track material objects over the Internet. The IoT network infrastructure is more vulnerable to attackers/hackers as additional features are accessible online. The complexity of cyberattacks has grown to pose a bigger threat to public and private sector organizations. They undermine Internet businesses, tarnish company branding, and restrict access to data and amenities. Enterprises and academics are contemplating using machine learning (ML) and deep learning (DL) for cyberattack avoidance because ML and DL show immense potential in several domains. Several DL teachings are implemented to extract various patterns from many annotated datasets. DL can be a helpful tool for detecting cyberattacks. Early network data segregation and detection thus become more essential than ever for mitigating cyberattacks. Numerous deep-learning model variants, including deep neural networks (DNNs), convolutional neural networks (CNNs), and recurrent neural networks (RNNs), are implemented in the study to detect cyberattacks on an assortment of network traffic streams. The Canadian Institute for Cybersecurity's CICDIoT2023 dataset is utilized to test the efficacy of the proposed approach. The proposed method includes data preprocessing, robust scalar and label encoding techniques for categorical variables, and model prediction using deep learning models. The experimental results demonstrate that the RNN model achieved the highest accuracy of 96.56%. The test results indicate that the proposed approach is efficient compared to other methods for identifying cyberattacks in a realistic IoT environment.

computer science, information systems, artificial intelligence, theory & methods

Beenish Habib,Farida Khursheed

DOI: https://doi.org/10.1002/cpe.7996

2024-02-16

Concurrency and Computation Practice and Experience

Abstract:Summary Internet data thefts, intrusions and DDoS attacks are some of the big concerns for the network security today. Detection of these anomalies, is gaining tremendous impetus with the development of machine learning and artificial intelligence. Even now researchers are shifting the base from machine learning to the deep neural architectures with auto‐feature selection capabilities. We in this paper propose multiple deep neural network architectures which can select, co‐learn and teach the gradients of the neural network by itself with no human intervention. This is what we call as meta‐learning. The models are configured in both many to one and many to many design architectures. We combine long short‐term memory (LSTM), bi‐directional long short‐term memory (BiLSTM), convolutional neural network (CNN) layers along with attention mechanism to achieve the higher accuracy values among all the available deep learning model architectures. LSTMs overcomes the vanishing and exploding gradient problem of RNN and attention mechanism mimics the human cognitive attention that screens the network flow to obtain the key features for network traffic classification. In addition, we also add multiple convolutional layers to get the key features for network traffic classification. We get the time series analysis of the traffic done for the possibility of a DDoS attack without using any feature selection techniques and without balancing the dataset. The performance analysis is done based on confusion matrix scores, that is, accuracy, false alarm rate (FAR), sensitivity, specificity, false‐positive rate (FPR), F1 score, area under curve (AUC) analysis and loss functions on well‐known public benchmark KDD Cup'99 data set. The results of our experiments reveal that our models outperform existing techniques, showing their superiority in performance.

computer science, theory & methods, software engineering

Sharma, Nikhil

DOI: https://doi.org/10.1007/s10115-024-02149-9

IF: 2.7

2024-06-11

Knowledge and Information Systems

Abstract:The fusion of Internet of Things (IoT) technology into healthcare, known as the Internet of Medical Things (IoMT), has significantly enhanced medical treatment and operational efficiency. Real-time patient monitoring (RPM) and remote diagnostics enabled by IoMT allow doctors to treat more patients effectively and save lives. However, healthcare devices' interconnected nature makes them vulnerable to cyber-attacks, threatening patient privacy and security. Ensuring the security and accuracy of patient health data is paramount, as any tampering could have life-threatening consequences, especially in emergency situations. To address these challenges, this research focuses on developing robust security models to secure patient data in IoMT networks while meeting the growing demand for efficient healthcare services. Artificial intelligence (AI)-based technologies such as machine learning (ML) and deep learning (DL) have the potential to be employed as the methodology for intrusion detection. The goal of this research is threefold: firstly, the linear support vector machine (LinSVM) model; secondly, the convolutional support vector machine (ConvSVM) model; and finally, the categorical embedding (CatEmb) model, which have been proposed to overcome the issue of security in a network. This article offers the CatEmb model as the first effort to use a DL-based embedding approach to recognize intrusion in the IoMT environment, utilizing patient biometric and network traffic flow data. Our experimental results show the efficacy of the proposed DL models, with the LinSVM achieving a training accuracy of 99.78%, ConvSVM reaching 99.98%, and CatEmb achieving 99.84%. These models outperform existing methodologies by 2.61% in detecting network intrusions, as demonstrated through metrics such as detection rate and F1-score. Furthermore, the proposed approaches are thoroughly compared with the existing state-of-the-art studies.

computer science, information systems, artificial intelligence

Kuljeet Singh,Amit Mahajan,Vibhakar Mansotra

DOI: https://doi.org/10.1504/ijsnet.2023.135851

2024-01-10

International Journal of Sensor Networks

Abstract:Due to the continued and unabated increase in the number of cyber-attacks, the need for improved network security architecture is more apparent. The deep learning approach plays a pivotal role by classifying network traffic and identifying malicious records. However, this approach is often met with twin challenges of the high dimensionality of data and imbalanced ratio of attack labels within the data. To mitigate these issues and achieve a better detection rate, this research has proposed a new intrusion detection framework based on three main components; feature selection, oversampling, and hybrid CNN-LSTM classifier. This study deployed information gain, chi-square, basic methods, L1 regularisation, and random forest classifier as five feature selection methods and SMOTE for handling class imbalance. The experimental results, conducted using the CICIDS2017 dataset, have shown that the proposed model has demonstrated better performance in the detection of network attacks with more than 99% detection rate. Results established that number of features can be significantly reduced without altering the accuracy and oversampling has helped in improving the detection rate of minority attack labels.

computer science, information systems,telecommunications

Alireza Mohamadi,Hosna Ghahramani,Seyyed Amir Asghari,Mehdi Aminian

2024-11-20

Abstract:The increasing integration of the Internet of Medical Things (IoMT) into healthcare systems has significantly enhanced patient care but has also introduced critical cybersecurity challenges. This paper presents a novel approach based on Convolutional Neural Networks (CNNs) for detecting cyberattacks within IoMT environments. Unlike previous studies that predominantly utilized traditional machine learning (ML) models or simpler Deep Neural Networks (DNNs), the proposed model leverages the capabilities of CNNs to effectively analyze the temporal characteristics of network traffic data. Trained and evaluated on the CICIoMT2024 dataset, which comprises 18 distinct types of cyberattacks across a range of IoMT devices, the proposed CNN model demonstrates superior performance compared to previous state-of-the-art methods, achieving a perfect accuracy of 99% in binary, categorical, and multiclass classification tasks. This performance surpasses that of conventional ML models such as Logistic Regression, AdaBoost, DNNs, and Random Forests. These findings highlight the potential of CNNs to substantially improve IoMT cybersecurity, thereby ensuring the protection and integrity of connected healthcare systems.

Cryptography and Security,Artificial Intelligence,Machine Learning

Ilhan Firat Kilincer,Fatih Ertam,Abdulkadir Sengur,Ru-San Tan,U. Rajendra Acharya

DOI: https://doi.org/10.1016/j.bbe.2022.11.005

IF: 5.687

2022-12-09

Biocybernetics and Biomedical Engineering

Abstract:Widespread proliferation of interconnected healthcare equipment, accompanying software, operating systems, and networks in the Internet of Medical Things (IoMT) raises the risk of security compromise as the bulk of IoMT devices are not built to withstand internet attacks. In this work, we have developed a cyber-attack and anomaly detection model based on recursive feature elimination (RFE) and multilayer perceptron (MLP). The RFE approach selected optimal features using logistic regression (LR) and extreme gradient boosting regression (XGBRegressor) kernel functions. MLP parameters were adjusted by using a hyperparameter optimization and 10-fold cross-validation approach was performed for performance evaluations. The developed model was performed on various IoMT cybersecurity datasets, and attained the best accuracy rates of 99.99%, 99.94%, 98.12%, and 96.2%, using Edith Cowan University- Internet of Health Things (ECU-IoHT), Intensive Care Unit (ICU Dataset), Telemetry data, Operating systems' data, and Network data from the testbed IoT/IIoT network (TON-IoT), and Washington University in St. Louis enhanced healthcare monitoring system (WUSTL-EHMS) datasets, respectively. The proposed method has the ability to counter cyber attacks in healthcare applications.

engineering, biomedical

Md Rashed Buiya,A K M Nuruzzaman Laskar,Md Rafiqul Islam,Sanjib Kumar Shil Sawalmeh,Muhammad Shoyaibur Rahman Chowdhury Roy,Reza E Rabbi Shawon Roy,Md Sumsuzoha

DOI: https://doi.org/10.32996/jcsts.2024.6.4.16

2024-10-18

Journal of Computer Science and Technology Studies

Abstract:The IoT is one of the most revolutionary technological advancements of the contemporary era, embedding networked devices into nearly every aspect of human life, from smart homes and wearables to industrial systems and healthcare applications in the U.S.A. The immediate need for better cybersecurity in the U.S.A. arises from the increasing sophistication and frequency of cyberattacks on IoT systems. Machine learning and AI have emerged as promising technologies to deal with the security challenges IoT systems pose. Unlike traditional rule-based systems, ML models learn from large datasets to identify deviations from the normal behavior pattern that signifies malicious activity. The prime objective of this research is to design, curate, evaluate, and deploy state-of-the-art machine learning models that improve the detection of cyberattacks over IoT network traffic. This research used a well-established dataset that emulates IoT network traffic consisting of benign and malicious activities. Benchmarks like the UNSW-NB15, CICIDS2017, and TON_IoT have been in extensive use by researchers in this domain because they contain a rich variety of network traffic created by various IoT devices and systems along with corresponding labels that classify normal and associated with specific types of cyberattacks: DDOS, MITM, and botnet attacks. Data preprocessing and cleaning ensured that the dataset was consistent, complete, and in a format that helps machine learning algorithms learn from it. Imputation techniques used the feature's mean/median/mode to handle missing values. In this research project, two machine learning algorithms were used in the experiment, notably, Logistic Regression and Random Forest. In this study, the machine learning algorithms used in the experiment undertaken for the current research project are Logistic Regression and Random Forest. The performance of Random Forest was superior to Logistic Regression in almost all metrics. While Logistic Regression provided a strong baseline, it struggled with detecting attacks, as evidenced by its lower recall and higher number of false negatives. This implied that Logistic Regression was less reliable in detecting cyberattacks, which could be critical in real-world cybersecurity settings. By contrast, Random Forest attained impressive accuracy and significantly diminished the number of false negatives. Its higher precision and recall demonstrate that it is better suited for detecting attacks in this dataset, offering a more reliable solution for cyberattack detection.

Chinmay Chakraborty,Senthil Murugan Nagarajan,Ganesh Gopal Devarajan,T V Ramana,Rajanikanta Mohanty

DOI: https://doi.org/10.1145/3597210

2023-05-15

ACM Transactions on Sensor Networks

Abstract:Cyber-security intelligence have made a great impact over healthcare industry where several researchers are developing new techniques to improve security for healthcare systems. Besides, Artificial Intelligence (AI) become the tremendous technology in recent decades to improve the existing methods to be more intelligent. In this paper, we proposed cyber attack detection system for healthcare sector with centralized and federated transfer learning mode. Edge of Things (EoT) framework is developed in connection with cloud and healthcare sectors to transmit the data efficiently and the proposed Centralized with Multi-Source Transfer Learning (CMTL) algorithm which is used for detection and classification of various threats such as information gathering, DoS/DDoS attacks, Malware attacks, Injection attacks, and Man in the Middle attacks. Performance of the proposed framework is evaluated using various datasets such as EMNIST, X-IIoTID, and Federated TON_IoT. Our framework outperforms with the analysis of execution time and obtains high level accuracy when compared with different algorithms.

computer science, information systems,telecommunications

Jung-Chun Liu,Chao-Tung Yang,Yu-Wei Chan,Endah Kristiani,Wei-Je Jiang

DOI: https://doi.org/10.1007/s11227-021-03715-6

IF: 3.3

2021-03-16

The Journal of Supercomputing

Abstract:Network log data is significant for network administrators, since it contains information on every event that occurs in a network, including system errors, alerts, and packets sending statuses. Effectively analyzing large volumes of diverse log data brings opportunities to identify issues before they become problems and to prevent future cyberattacks; however, processing of the diverse NetFlow data poses challenges such as volume, velocity, and veracity of log data. In this study, by means of Elasticsearch, Logstash, and Kibana, i.e., the ELK Stack, we construct an analysis and management system for network log data, which provides functions to filter, analyze, and display network log data for further applications and creates data visualization on a Web browser. In addition, an advanced cyberattack detection model is facilitated using deep neural network (DNN), recurrent neural networks (RNN), and long short-term memory (LSTM) approaches. By knowing cyberattack behaviors and cross-validating with the log analysis system, one can learn from this model the characteristics of a variety of cyberattacks. Finally, we also implement Grafana to perform metrics monitoring.

Qasem Abu Al-Haija,Charles McCurry,Saleh Zein-Sabatto

DOI: https://doi.org/10.20944/preprints202011.0508.v1

2020-11-19

Abstract:With the rapid expansion of intelligent resource-constrained devices and high-speed communication technologies, Internet of Things (IoT) has earned a wide recognition as the primary standard for low-power lossy networks (LLNs). Nevertheless, IoT infrastructures are vulnerable to cyber-attacks due to the constraints in computation, storage, and communication capacity of the endpoint devices. From one side, the majority of newly developed cyber-attacks are formed by slightly mutating formerly established cyber-attacks to produce a new attack tending to be treated as a normal traffic through the IoT network. From the other side, the influence of coupling the deep learning techniques with cybersecurity field has become a recent inclination of many security applications due to their impressive performance. In this paper, we provide a comprehensive development of a new intelligent and autonomous deep learning-based detection and classification system for cyber-attacks in IoT communication networks leveraging the power of convolutional neural networks, abbreviated as (IoT-IDCS-CNN). The proposed IoT-IDCS-CNN makes use of the high-performance computing employing the robust CUDA based Nvidia GPUs and the parallel processing employing the high-speed I9-Cores based Intel CPUs. In particular, the proposed system is composed of three subsystems: Feature Engineering subsystem, Feature Learning subsystem and Traffic classification subsystem. All subsystems are developed, verified, integrated, and validated in this research. To evaluate the developed system, we employed the NSL-KDD dataset which includes all the key attacks in the IoT computing. The simulation results demonstrated more than 99.3% and 98.2% of cyber-attacks’ classification accuracy for the binary-class classifier (normal vs anomaly) and the multi-class classifier (five categories) respectively. The proposed system was validated using k-fold cross validation method and was evaluated using the confusion matrix parameters (i.e., TN, TP, FN, FP) along with other classification performance metrics including precision, recall, F1-score, and false alarm rate. The test and evaluation results of the IoT-IDCS-CNN system outperformed many recent machine-learning based IDCS systems in the same area of study.

Alaeddine Diaf,Abdelaziz Amara Korba,Nour Elislem Karabadji,Yacine Ghamri-Doudane

2024-08-26

Abstract:In recent years, numerous large-scale cyberattacks have exploited Internet of Things (IoT) devices, a phenomenon that is expected to escalate with the continuing proliferation of IoT technology. Despite considerable efforts in attack detection, intrusion detection systems remain mostly reactive, responding to specific patterns or observed anomalies. This work proposes a proactive approach to anticipate and mitigate malicious activities before they cause damage. This paper proposes a novel network intrusion prediction framework that combines Large Language Models (LLMs) with Long Short Term Memory (LSTM) networks. The framework incorporates two LLMs in a feedback loop: a fine-tuned Generative Pre-trained Transformer (GPT) model for predicting network traffic and a fine-tuned Bidirectional Encoder Representations from Transformers (BERT) for evaluating the predicted traffic. The LSTM classifier model then identifies malicious packets among these predictions. Our framework, evaluated on the CICIoT2023 IoT attack dataset, demonstrates a significant improvement in predictive capabilities, achieving an overall accuracy of 98%, offering a robust solution to IoT cybersecurity challenges.

Cryptography and Security,Artificial Intelligence

Monika Khatkar,Kaushal Kumar,Brijesh Kumar,Asha Sohal,Kriti Sharma,Amita Bisht,B. Sankara Babu,Monica Gulati,M. Manasa,S. Swadesh Kumar

DOI: https://doi.org/10.1051/e3sconf/202343001182

2023-10-07

E3S Web of Conferences

Abstract:Concerns about cyber threats have emerged as the expansion of system connectivity and the proliferation of system applications intensified in the industry. This has underscored the necessity for a robust defense mechanism against various cyber threats, including potential intrusions from malicious actors within the network. A specially targeted system is the intrusion detection system (IDS), designed to safeguard the confidentiality, integrity, and availability of network traffic, especially in critical sectors like healthcare. Recent advancements in the area of IDS involve the utilization of artificial intelligence (AI) and deep learning (DL) based IDS to efficiently recognize network issues. Notably, the research at hand adopts a deep learning approach employing Long Short Term Memory (LSTM) models, applied to the CICIDS-2019 dataset that is sourced from New Brunswick University's website. The focal point of evaluation lies in the precision, recall, F1-score, and accuracy metrics, specifically analyzing its performance in identifying Denial-of-Service (DoS) cyber-attacks. The findings of this study lighten the superior performance of the Long Short Term Memory method in the realm of intrusion detection systems. The LSTM model showcases its proficiency, particularly in discerning Denial of Service attacks by giving a loss of less than 0.03%.

Sami Yaras,Murat Dener

DOI: https://doi.org/10.3390/electronics13061053

IF: 2.9

2024-03-13

Electronics

Abstract:The most significant threat that networks established in IoT may encounter is cyber attacks. The most commonly encountered attacks among these threats are DDoS attacks. After attacks, the communication traffic of the network can be disrupted, and the energy of sensor nodes can quickly deplete. Therefore, the detection of occurring attacks is of great importance. Considering numerous sensor nodes in the established network, analyzing the network traffic data through traditional methods can become impossible. Analyzing this network traffic in a big data environment is necessary. This study aims to analyze the obtained network traffic dataset in a big data environment and detect attacks in the network using a deep learning algorithm. This study is conducted using PySpark with Apache Spark in the Google Colaboratory (Colab) environment. Keras and Scikit-Learn libraries are utilized in the study. 'CICIoT2023' and 'TON_IoT' datasets are used for training and testing the model. The features in the datasets are reduced using the correlation method, ensuring the inclusion of significant features in the tests. A hybrid deep learning algorithm is designed using one-dimensional CNN and LSTM. The developed method was compared with ten machine learning and deep learning algorithms. The model's performance was evaluated using accuracy, precision, recall, and F1 parameters. Following the study, an accuracy rate of 99.995% for binary classification and 99.96% for multiclassification is achieved in the 'CICIoT2023' dataset. In the 'TON_IoT' dataset, a binary classification success rate of 98.75% is reached.

engineering, electrical & electronic,computer science, information systems,physics, applied

Dr.Priyanka Kaushik

DOI: https://doi.org/10.55938/ijgasr.v2i2.46

2023-06-30

Abstract:Detecting botnet and malware cyber-attacks is a critical task in ensuring the security of computer networks. Traditional methods for identifying such attacks often involve static rules and signatures, which can be easily evaded by attackers. Dl is a subdivision of ML, has shown promise in enhancing the accuracy of detecting botnets and malware by analyzing large amounts of network traffic data and identifying patterns that are difficult to detect with traditional methods. In order to identify abnormal traffic patterns that can be a sign of botnet or malware activity, deep learning models can be taught to learn the intricate interactions and correlations between various network traffic parameters, such as packet size, time intervals, and protocol headers. The models can also be trained to detect anomalies in network traffic, which could indicate the presence of unknown malware. The threat of malware and botnet assaults has increased in frequency with the growth of the IoT. In this research, we offer a unique LSTM and GAN-based method for identifying such attacks. We utilise our model to categorise incoming traffic as either benign or malicious using a dataset of network traffic data from various IoT devices. Our findings show how well our method works by attaining high accuracy in identifying botnet and malware cyberattacks in IoT networks. This study makes a contribution to the creation of stronger and more effective security systems for shielding IoT devices from online dangers. One of the major advantages of using deep learning for botnet and malware detection is its ability to adapt to new and previously unknown attack patterns, making it a useful tool in the fight against constantly evolving cyber threats. However, DL models require large quantity of labeled data for training, and their performance can be affected by the quality and quantity of the data used. Deep learning holds great potential for improving the accuracy and effectiveness of botnet and malware detection, and its continued development and application could lead to significant advancements in the field of cybersecurity.

Sidra Abbas,Shtwai Alsubai,Stephen Ojo,Gabriel Avelino Sampedro,Ahmad Almadhor,Abdullah Al Hejaili,Imen Bouazzi,Abbas, Sidra,Ojo, Stephen,Sampedro, Gabriel Avelino

DOI: https://doi.org/10.1007/s11227-024-05993-2

IF: 3.3

2024-03-10

The Journal of Supercomputing

Abstract:The rapid growth of Internet of Things (IoT) devices has changed human interactions with the environment. IoT networks require specialized defense strategies distinct from traditional corporate contexts. Security measures such as anti-malware software, firewalls, authentication protocols, and encryption techniques are established but face limitations against evolving attack strategies. Therefore, this study proposes an intrusion detection approach for a realistic IoT environment, employing various variants of deep learning models such as deep neural networks (DNNs), convolutional neural networks (CNNs), and recurrent neural networks (RNNs). The research tested three variants for each model: DNN1, DNN2, DNN3, CNN1, CNN2, CNN3, RNN1, RNN2, RNN3 . All these variants are customized and tuned differently to analyze the efficacy of the suggested methodology. Likewise, notable observation highlights the significance of aligning training and validation accuracy curves that indicate controlled overfitting, validating the model's reliability in accurately predicting intrusion and benign network traffic in IoT settings. Results reveal that RNN1 achieves the best results: accuracy of 98.61%, precision of 98.55%, recall of 98.61%, and F1-score of 98.57% compared with other DNN and CNN architectures and benchmark papers. This study advances intrusion detection within IoT networks through a comprehensive evaluation of deep learning models and inspires ongoing research to enhance intrusion detection systems' resilience in dynamic IoT environments.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Ishaani Priyadarshini,Pinaki Mohanty,Ahmed Alkhayyat,Rohit Sharma,Sachin Kumar

DOI: https://doi.org/10.1002/ett.4758

IF: 3.6

2023-03-15

Transactions on Emerging Telecommunications Technologies

Abstract:This article presents a novel hybrid algorithm based on attention‐based bidirectional long short term memory and convolutional neural networks, or attention‐based Bi‐LSTM‐CNN, to detect and classify DDoS attacks. We deploy several other machine learning models to evaluate the performance of our proposed model. The Internet of Things (IoT) is connecting more devices every day. Security is critical to ensure that the devices operate in a trusted environment. The lack of proper IoT security encourages cybercriminals to target many smart devices across the network and gain sensitive information. Distributed Denial of Service (DDoS) attacks are common in the IoT infrastructure and involve hijacking IoT devices to consume resources and interrupt services. This may specifically vandalize the application running the service that the end users are trying to access (application layer DDoS attacks) or flood the network bandwidth leading to network failure (software defined network DDoS attacks). This article proposes a hybrid attention‐based bidirectional long short term memory (LSTM) with convolutional neural networks (CNN) to identify DDoS attacks in the application layer and SDN. We deploy several other machine learning models like logistic regression, decision trees, random forests, support vector machines, K‐nearest neighbors, extreme gradient boosting, artificial neural networks, CNN, LSTM, CNN‐LSTM to evaluate the performance of our proposed model. The evaluation metrics considered for the study are accuracy, precision, recall, and F‐1 score. The experimental analysis on multiple datasets exhibits that the proposed model performs the classification efficiently with an accuracy of 99.74% and 99.98%.

telecommunications

Maryam Mahsal Khan,Mohammed Alkhathami

DOI: https://doi.org/10.1038/s41598-024-56126-x

IF: 4.6

2024-03-13

Scientific Reports

Abstract:Internet of Things (IoT) integration in healthcare improves patient care while also making healthcare delivery systems more effective and economical. To fully realize the advantages of IoT in healthcare, it is imperative to overcome issues with data security, interoperability, and ethical considerations. IoT sensors periodically measure the health-related data of the patients and share it with a server for further evaluation. At the server, different machine learning algorithms are applied which help in early diagnosis of diseases and issue alerts in case vital signs are out of the normal range. Different cyber attacks can be launched on IoT devices which can result in compromised security and privacy of applications such as health care. In this paper, we utilize the publicly available Canadian Institute for Cybersecurity (CIC) IoT dataset to model machine learning techniques for efficient detection of anomalous network traffic. The dataset consists of 33 types of IoT attacks which are divided into 7 main categories. In the current study, the dataset is pre-processed, and a balanced representation of classes is used in generating a non-biased supervised (Random Forest, Adaptive Boosting, Logistic Regression, Perceptron, Deep Neural Network) machine learning models. These models are analyzed further by eliminating highly correlated features, reducing dimensionality, minimizing overfitting, and speeding up training times. Random Forest was found to perform optimally across binary and multiclass classification of IoT Attacks with an approximate accuracy of 99.55% under both reduced and all feature space. This improvement was complimented by a reduction in computational response time which is essential for real-time attack detection and response.

multidisciplinary sciences

Weiping Ding,Mohamed Abdel-Basset,Reda Mohamed

DOI: https://doi.org/10.1016/j.ins.2023.03.052

IF: 8.1

2023-01-01

Information Sciences

Abstract:Our daily lives have been profoundly changed over the past few years owing to the growing presence of the Internet of Things (IoT). Importantly, IoT makes our lives more convenient, simpler, and more efficient; however, gadgets are vulnerable to a wide variety of cyberattacks due to the lack of robust security mechanisms and hardware security support. This paper presents an alternative deep learning model known as DeepAK-IoT to detect cyberattacks against IoT devices. DeepAK-IoT uses three blocks as its foundation: the residual-based-spatial representation (RSR) block, the temporal representation block (TRB), and the detection block (DB). The RSR block uses five residual blocks to extract a feature representation from the output of the preceding layer. The four convolutional layers are connected in parallel with a skip connection within each block to avoid vanishing or exploding gradients. Then, the second block uses the extracted spatial representation to learn a temporal representation to detect cyber threats. The final block decides how to classify the input record. We evaluated the accuracy and generalization ability of DeepAK-IoT using three well-known public datasets: TON-IoT, Edge-IIoTset, and UNSW-NB15. The proposed model was compared to three state-of-the-art deep learning models to demonstrate its effectiveness in detecting cyber threats in IoT systems. According to the experimental results, DeepAKIoT was found to be a powerful alternative model for managing cyber threats in IoT networks, as it provided 90.57% accuracy for TON IoT, 94.96% for Edge-IIoTset, and 98.41% for UNSW NB15.

Venkata Atluri,Jeff Horne

DOI: https://doi.org/10.1109/southeastcon45413.2021.9401809

2021-03-10

Abstract:Cyber-attacks on our Nation's Critical Infrastructure are growing. In this research, a Cyber Threat Intelligence (CTI) framework is proposed, developed, and tested. The results of the research, using 5 different simulated attacks on a dataset from an Industrial Control System (ICS) testbed, are presented with the extracted IOCs. The Bagging Decision Trees model showed the highest performance of testing accuracy (94.24%), precision (0.95), recall (0.93), and F1-score (0.94) among the 9 different machine learning models studied.