Anum Talpur,Mohan Gurusamy

DOI: https://doi.org/10.1109/COMST.2021.3129079

2021-08-19

Abstract:Machine Learning (ML) has emerged as an attractive and viable technique to provide effective solutions for a wide range of application domains. An important application domain is vehicular networks wherein ML-based approaches are found to be very useful to address various problems. The use of wireless communication between vehicular nodes and/or infrastructure makes it vulnerable to different types of attacks. In this regard, ML and its variants are gaining popularity to detect attacks and deal with different kinds of security issues in vehicular communication. In this paper, we present a comprehensive survey of ML-based techniques for different security issues in vehicular networks. We first briefly introduce the basics of vehicular networks and different types of communications. Apart from the traditional vehicular networks, we also consider modern vehicular network architectures. We propose a taxonomy of security attacks in vehicular networks and discuss various security challenges and requirements. We classify the ML techniques developed in the literature according to their use in vehicular network applications. We explain the solution approaches and working principles of these ML techniques in addressing various security challenges and provide insightful discussion. The limitations and challenges in using ML-based methods in vehicular networks are discussed. Finally, we present observations and lessons learned before we conclude our work.

Machine Learning,Cryptography and Security,Networking and Internet Architecture

Mayra Macas,Chunming Wu

DOI: https://doi.org/10.1109/latincom50620.2020.9282324

2020-01-01

Abstract:As the number of cyber-attacks is increasing, cybersecurity is evolving to a key concern for any business. Artificial Intelligence (AI) and Machine Learning (ML) (in particular Deep Learning - DL) can be leveraged as key enabling technologies for cyber-defense, since they can contribute in threat detection and can even provide recommended actions to cyber analysts. A partnership of industry, academia, and government on a global scale is necessary in order to advance the adoption of AI/ML to cybersecurity and create efficient cyber defense systems. In this paper, we are concerned with the investigation of the various deep learning techniques employed for network intrusion detection and we introduce a DL framework for cybersecurity applications.

Alan Fuad Jahwar,Siddeeq Y. Ameen,,

DOI: https://doi.org/10.30880/jscdm.2021.02.02.002

2021-10-15

Journal of Soft Computing and Data Mining

Abstract:Machin learning (ML) and Deep Learning (DL) technique have been widely applied to areas like image processing and speech recognition so far. Likewise, ML and DL play a critical role in detecting and preventing in the field of cybersecurity. In this review, we focus on recent ML and DL algorithms that have been proposed in cybersecurity, network intrusion detection, malware detection. We also discuss key elements of cybersecurity, the main principle of information security, and the most common methods used to threaten cybersecurity. Finally, concluding remarks are discussed, including the possible research topics that can be taken into consideration to enhance various cyber security applications using DL and ML algorithms.

Muhammad Tayyab,Mohsen Marjani,N.Z. Jhanjhi,Ibrahim Abaker Targio Hashem,Raja Sher Afgun Usmani,Faizan Qamar

DOI: https://doi.org/10.1016/j.cose.2023.103297

2023-05-20

Abstract:Machine Learning (ML) algorithms are used to train the machines to perform various complicated tasks that begin to modify and improve with experiences. It has become widely used for automated decisions. In particular, the applications which have a profound impact on society that rely on Deep Learning (DL) for autonomous decisions, such as Patient Health Record (PHR), Unmanned Aerial Vehicles (UAVs), etc. Such impacts have a vital concern about the potential vulnerabilities introduced by DL. Traditional attackers have powerful motives that can alter and modify DL algorithms to subvert the outcomes. In poisoning attacks, an attacker can consciously change training dataset, which is used to operate the outcomes of decision-based model. While in privacy and evasion attacks, an adversary can also misclassify new datasets to infer private information. Therefore, in this paper, we have provided a review of security and privacy issues of DL algorithms and analyzed their applications and challenges based on state-of-the-art literature. We have classified attacks, devised a taxonomy, and comprehensive analysis of defense techniques for the most common attacks such as poisoning, evasion, model extraction, and model inversion. We have also presented various privacy preserving techniques to ensure the privacy of dataset. We have proposed a secure cryptographic framework for dataset based on hash functions and Homomorphic Encryption (HE) scheme. Finally, we have provided recent research challenges and future studies concerning security and privacy issues. We believed that the highlighted limitations and weaknesses provide possible research questions and open matters for designing efficient future DL algorithms.

computer science, information systems

Mostofa Ahsan,Kendall E. Nygard,Rahul Gomes,Minhaz Chowdhury,Nafiz Rifat,Jayden F Connolly,Md Minhaz Chowdhury

DOI: https://doi.org/10.3390/jcp2030027

2022-07-10

Journal of Cybersecurity and Privacy

Abstract:Machine learning is of rising importance in cybersecurity. The primary objective of applying machine learning in cybersecurity is to make the process of malware detection more actionable, scalable and effective than traditional approaches, which require human intervention. The cybersecurity domain involves machine learning challenges that require efficient methodical and theoretical handling. Several machine learning and statistical methods, such as deep learning, support vector machines and Bayesian classification, among others, have proven effective in mitigating cyber-attacks. The detection of hidden trends and insights from network data and building of a corresponding data-driven machine learning model to prevent these attacks is vital to design intelligent security systems. In this survey, the focus is on the machine learning techniques that have been implemented on cybersecurity data to make these systems secure. Existing cybersecurity threats and how machine learning techniques have been used to mitigate these threats have been discussed. The shortcomings of these state-of-the-art models and how attack patterns have evolved over the past decade have also been presented. Our goal is to assess how effective these machine learning techniques are against the ever-increasing threat of malware that plagues our online community.

computer science, information systems, interdisciplinary applications, software engineering

Yahya Layth Khaleel,Mustafa Abdulfattah Habeeb,Hussein Alnabulsi

DOI: https://doi.org/10.58496/adsa/2024/011

2024-08-07

Abstract:There is a considerable threat present in genres such as machine learning due to adversarial attacks which include purposely feeding the system with data that will alter the decision region. These attacks are committed to presenting different data to machine learning models in a way that the model would be wrong in its classification or prediction. The field of study is still relatively young and has to develop strong bodies of scientific research that would eliminate the gaps in the current knowledge. This paper provides the literature review of adversarial attacks and defenses based on the highly cited articles and conference published in the Scopus database. Through the classification and assessment of 128 systematic articles: 80 original papers and 48 review papers till May 15, 2024, this study categorizes and reviews the literature from different domains, such as Graph Neural Networks, Deep Learning Models for IoT Systems, and others. The review posits findings on identified metrics, citation analysis, and contributions from these studies while suggesting the area’s further research and development for adversarial robustness’ and protection mechanisms. The identified objective of this work is to present the basic background of adversarial attacks and defenses, and the need for maintaining the adaptability of machine learning platforms. In this context, the objective is to contribute to building efficient and sustainable protection mechanisms for AI applications in various industries

Deepthy K Bhaskar,B. Minimol,V. P. Binu

DOI: https://doi.org/10.1109/ICSCC59169.2023.10335074

2023-08-17

Abstract:Privacy preserving and secure machine learning (PPSML), has turned into increasingly significant in recent years due to the need to protect sensitive data while enabling data analysis and model training. The study explores various Privacy preserving techniques and evaluate their effectiveness in protecting sensitive data against security threats. The findings suggest that while many privacy preserving techniques can significantly improve data security, there is no common solution which fits all. Different techniques are better suited for different scenarios, depending on the type of attack, nature of the data, and the specific privacy requirements. Therefore, it is crucial to carefully evaluate and select the appropriate privacy preserving technique for each situation to ensure effective protection against security threats while maintaining data utility and performance.

Computer Science

Dipankar Dasgupta,Zahid Akhtar,Sajib Sen

DOI: https://doi.org/10.1177/1548512920951275

2020-09-19

Abstract:Today’s world is highly network interconnected owing to the pervasiveness of small personal devices (e.g., smartphones) as well as large computing devices or services (e.g., cloud computing or online banking), and thereby each passing minute millions of data bytes are being generated, processed, exchanged, shared, and utilized to yield outcomes in specific applications. Thus, securing the data, machines (devices), and user’s privacy in cyberspace has become an utmost concern for individuals, business organizations, and national governments. In recent years, machine learning (ML) has been widely employed in cybersecurity, for example, intrusion or malware detection and biometric-based user authentication. However, ML algorithms are vulnerable to attacks both in the training and testing phases, which usually leads to remarkable performance decreases and security breaches. Comparatively, limited studies have been conducted to understand the essence and degree of the vulnerabilities of ML techniques against security threats and their defensive mechanisms. It is imperative to systematize recent works related to cybersecurity using ML to seek the attention of researchers, scientists, and engineers. Therefore, in this paper, we provide a comprehensive survey of the works that have been carried out most recently (from 2013 to 2018) on ML in cybersecurity, describing the basics of cyber-attacks and corresponding defenses, the basics of the most commonly used ML algorithms, and proposed ML and data mining schemes for cybersecurity in terms of features, dimensionality reduction, and classification/detection techniques. In this context, this article also provides an overview of adversarial ML, including the security characteristics of deep learning methods. Finally, open issues and challenges in cybersecurity are highlighted and potential future research directions are discussed.

Nicolas Papernot,Patrick McDaniel,Arunesh Sinha,Michael Wellman

DOI: https://doi.org/10.48550/arXiv.1611.03814

2016-11-11

Cryptography and Security

Abstract:Advances in machine learning (ML) in recent years have enabled a dizzying array of applications such as data analytics, autonomous systems, and security diagnostics. ML is now pervasive---new systems and models are being deployed in every domain imaginable, leading to rapid and widespread deployment of software based inference and decision making. There is growing recognition that ML exposes new vulnerabilities in software systems, yet the technical community's understanding of the nature and extent of these vulnerabilities remains limited. We systematize recent findings on ML security and privacy, focusing on attacks identified on these systems and defenses crafted to date. We articulate a comprehensive threat model for ML, and categorize attacks and defenses within an adversarial framework. Key insights resulting from works both in the ML and security communities are identified and the effectiveness of approaches are related to structural elements of ML algorithms and the data used to train them. We conclude by formally exploring the opposing relationship between model accuracy and resilience to adversarial manipulation. Through these explorations, we show that there are (possibly unavoidable) tensions between model complexity, accuracy, and resilience that must be calibrated for the environments in which they will be used.

Ruixiao Liu,Jing Shi,Xingyu Chen,Cuiying Lu

DOI: https://doi.org/10.1016/j.compeleceng.2024.109581

IF: 4.152

2024-08-27

Computers & Electrical Engineering

Abstract:Robust solutions are essential for protecting complex network systems in the constantly changing cybersecurity scenario. This investigation examines the role of machine learning (ML) in improving the safety of digital infrastructure by examining network anomaly detection and security defense. We evaluate the effectiveness of key ML techniques, including deep learning (DL), ensemble methods, and supervised and unsupervised learning, in recognizing abnormalities and reducing dangers. Real-time monitoring and adaptive reactions are emphasized in the analysis of ML-based systems integration into comprehensive security frameworks. This section also addresses challenges like interpretability, harmful assaults, and model resilience. Real-world case examples emphasize the importance of ML in the advancement of network security. The paper continues with a discussion of ML's future role in the optimization of security measures and the mitigation of emergent threats.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Huaming Chen,M. Ali Babar

2023-12-18

Abstract:The rapid development of Machine Learning (ML) has demonstrated superior performance in many areas, such as computer vision, video and speech recognition. It has now been increasingly leveraged in software systems to automate the core tasks. However, how to securely develop the machine learning-based modern software systems (MLBSS) remains a big challenge, for which the insufficient consideration will largely limit its application in safety-critical domains. One concern is that the present MLBSS development tends to be rush, and the latent vulnerabilities and privacy issues exposed to external users and attackers will be largely neglected and hard to be identified. Additionally, machine learning-based software systems exhibit different liabilities towards novel vulnerabilities at different development stages from requirement analysis to system maintenance, due to its inherent limitations from the model and data and the external adversary capabilities. The successful generation of such intelligent systems will thus solicit dedicated efforts jointly from different research areas, i.e., software engineering, system security and machine learning. Most of the recent works regarding the security issues for ML have a strong focus on the data and models, which has brought adversarial attacks into consideration. In this work, we consider that security for machine learning-based software systems may arise from inherent system defects or external adversarial attacks, and the secure development practices should be taken throughout the whole lifecycle. While machine learning has become a new threat domain for existing software engineering practices, there is no such review work covering the topic. Overall, we present a holistic review regarding the security for MLBSS, which covers a systematic understanding from a structure review of three distinct aspects in terms of security threats...

Cryptography and Security,Software Engineering

Muhammad Imran Tariq,Nisar Ahmed Memon,Shakeel Ahmed,Shahzadi Tayyaba,Muhammad Tahir Mushtaq,Natash Ali Mian,Muhammad Imran,Muhammad W. Ashraf

DOI: https://doi.org/10.1155/2020/6535834

2020-04-07

Mobile Information Systems

Abstract:In recent past years, Deep Learning presented an excellent performance in different areas like image recognition, pattern matching, and even in cybersecurity. The Deep Learning has numerous advantages including fast solving complex problems, huge automation, maximum application of unstructured data, ability to give high quality of results, reduction of high costs, no need for data labeling, and identification of complex interactions, but it also has limitations like opaqueness, computationally intensive, need for abundant data, and more complex algorithms. In our daily life, we used many applications that use Deep Learning models to make decisions based on predictions, and if Deep Learning models became the cause of misprediction due to internal/external malicious effects, it may create difficulties in our real life. Furthermore, the Deep Learning training models often have sensitive information of the users and those models should not be vulnerable and expose security and privacy. The algorithms of Deep Learning and machine learning are still vulnerable to different types of security threats and risks. Therefore, it is necessary to call the attention of the industry in respect of security threats and related countermeasures techniques for Deep Learning, which motivated the authors to perform a comprehensive survey of Deep Learning security and privacy security challenges and countermeasures in this paper. We also discussed the open challenges and current issues.

computer science, information systems,telecommunications

Atul Kumar,Sameep Mehta

DOI: https://doi.org/10.48550/arXiv.1707.03184

2017-07-11

Abstract:Machine learning based system are increasingly being used for sensitive tasks such as security surveillance, guiding autonomous vehicle, taking investment decisions, detecting and blocking network intrusion and malware etc. However, recent research has shown that machine learning models are venerable to attacks by adversaries at all phases of machine learning (eg, training data collection, training, operation). All model classes of machine learning systems can be misled by providing carefully crafted inputs making them wrongly classify inputs. Maliciously created input samples can affect the learning process of a ML system by either slowing down the learning process, or affecting the performance of the learned mode, or causing the system make error(s) only in attacker's planned scenario. Because of these developments, understanding security of machine learning algorithms and systems is emerging as an important research area among computer security and machine learning researchers and practitioners. We present a survey of this emerging area in machine learning.

Artificial Intelligence,Cryptography and Security,Machine Learning

Ivan Evtimov,Weidong Cui,Ece Kamar,Emre Kiciman,Tadayoshi Kohno,Jerry Li

DOI: https://doi.org/10.48550/arXiv.2007.07205

2020-07-13

Cryptography and Security

Abstract:Machine learning (ML) models deployed in many safety- and business-critical systems are vulnerable to exploitation through adversarial examples. A large body of academic research has thoroughly explored the causes of these blind spots, developed sophisticated algorithms for finding them, and proposed a few promising defenses. A vast majority of these works, however, study standalone neural network models. In this work, we build on our experience evaluating the security of a machine learning software product deployed on a large scale to broaden the conversation to include a systems security view of these vulnerabilities. We describe novel challenges to implementing systems security best practices in software with ML components. In addition, we propose a list of short-term mitigation suggestions that practitioners deploying machine learning modules can use to secure their systems. Finally, we outline directions for new research into machine learning attacks and defenses that can serve to advance the state of ML systems security.

Chaitanya Gupta,Ishita Johri,Kathiravan Srinivasan,Yuh-Chung Hu,Saeed Mian Qaisar,Kuo-Yi Huang

DOI: https://doi.org/10.3390/s22052017

IF: 3.9

2022-03-04

Sensors

Abstract:Today’s advancements in wireless communication technologies have resulted in a tremendous volume of data being generated. Most of our information is part of a widespread network that connects various devices across the globe. The capabilities of electronic devices are also increasing day by day, which leads to more generation and sharing of information. Similarly, as mobile network topologies become more diverse and complicated, the incidence of security breaches has increased. It has hampered the uptake of smart mobile apps and services, which has been accentuated by the large variety of platforms that provide data, storage, computation, and application services to end-users. It becomes necessary in such scenarios to protect data and check its use and misuse. According to the research, an artificial intelligence-based security model should assure the secrecy, integrity, and authenticity of the system, its equipment, and the protocols that control the network, independent of its generation, in order to deal with such a complicated network. The open difficulties that mobile networks still face, such as unauthorised network scanning, fraud links, and so on, have been thoroughly examined. Numerous ML and DL techniques that can be utilised to create a secure environment, as well as various cyber security threats, are discussed. We address the necessity to develop new approaches to provide high security of electronic data in mobile networks because the possibilities for increasing mobile network security are inexhaustible.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jiaxiang Chen

DOI: https://doi.org/10.54254/2755-2721/71/20241665

2024-09-02

Abstract:In recent years, significant advancements have been made in cyber security, particularly through the application of machine learning (ML) methods. ML-based techniques have enhanced system security by effectively distinguishing between malicious and benign objects across various domains, including spam email detection, social media content filtering, intrusion detection systems, and malware detection. This paper focuses on the specific area of ML-based malware detection and its advantages over traditional methods, such as improved accuracy and the ability to generalize to unknown threats. Despite these advancements, ML-based malware detection systems are vulnerable to adversarial attacks, especially in black-box scenarios where the internal workings of the detection model are not accessible. This paper provides a comprehensive review of adversarial attacks on black-box malware detection systems and examines the current defense mechanisms against these attacks. Understanding the challenges and strategies in this field, this review aims to offer insights into enhancing the robustness and security of ML-based malware detection systems.

Yahya Layth Khaleel,Mustafa Abdulfattah Habeeb,A. S. Albahri,Tahsien Al-Quraishi,O. S. Albahri,A. H. Alamoodi

DOI: https://doi.org/10.1515/jisys-2024-0153

2024-01-01

Journal of Intelligent Systems

Abstract:Abstract This study aims to perform a thorough systematic review investigating and synthesizing existing research on defense strategies and methodologies in adversarial attacks using machine learning (ML) and deep learning methods. A methodology was conducted to guarantee a thorough literature analysis of the studies using sources such as ScienceDirect, Scopus, IEEE Xplore, and Web of Science. A question was shaped to retrieve articles published from 2019 to April 2024, which ultimately produced a total of 704 papers. A rigorous screening, deduplication, and matching of the inclusion and exclusion criteria were followed, and hence 42 studies were included in the quantitative synthesis. The considered papers were categorized into a coherent and systematic classification including three categories: security enhancement techniques, adversarial attack strategies and defense mechanisms, and innovative security mechanisms and solutions. In this article, we have presented a systematic and comprehensive analysis of earlier studies and opened the door to potential future studies by discussing in depth four challenges and motivations of adversarial attacks, while three recommendations have been discussed. A systematic science mapping analysis was also performed to reorganize and summarize the results of studies to address the issues of trustworthiness. Moreover, this research covers a large variety of network and cybersecurity applications of defense in adversarial attack subjects, including intrusion detection systems, anomaly detection, ML-based defenses, and cryptographic techniques. The relevant conclusions well demonstrate what have achieved in defense mechanisms against adversarial attacks. In addition, the analysis revealed a few emerging tendencies and deficiencies in the area to be remedied through better and more dependable mitigation methods against advanced persistent threats. The findings of this review have crucial implications for the community of researchers, practitioners, and policy makers in network and cybersecurity using artificial intelligence applications.

DOI: https://doi.org/10.52866/ijcsm.2023.01.01.008

2023-01-07

Iraqi Journal for Computer Science and Mathematics

Abstract:People in the modern era spend most of their lives in virtual environments that offer a range of public and private services and social platforms. Therefore, these environments need to be protected from cyber attackers that can steal data or disrupt systems. Cybersecurity refers to a collection of technical, organizational, and executive means for preventing the unauthorized use or misuse of electronic information and communication systems to ensure the continuity of their work, guarantee the confidentiality and privacy of personal data, and protect consumers from threats and intrusions. Accordingly, this article explores the cybersecurity practices that protect computer systems from attacks, hacking, and data thefts and investigates the role of artificial intelligence in this domain. This article also summarizes the most significant literature that explore the roles and effects of machine learning and deep learning techniques in cybersecurity. Results show that machine learning and deep learning techniques play significant roles in protecting computer systems from unauthorized entry and in controlling system penetration by predicting and understanding the behaviour and traffic of malicious software.

English Else

Olakunle Ibitoye,Rana Abou-Khamis,Mohamed el Shehaby,Ashraf Matrawy,M. Omair Shafiq

DOI: https://doi.org/10.48550/arXiv.1911.02621

2023-03-21

Abstract:Machine learning models have made many decision support systems to be faster, more accurate, and more efficient. However, applications of machine learning in network security face a more disproportionate threat of active adversarial attacks compared to other domains. This is because machine learning applications in network security such as malware detection, intrusion detection, and spam filtering are by themselves adversarial in nature. In what could be considered an arm's race between attackers and defenders, adversaries constantly probe machine learning systems with inputs that are explicitly designed to bypass the system and induce a wrong prediction. In this survey, we first provide a taxonomy of machine learning techniques, tasks, and depth. We then introduce a classification of machine learning in network security applications. Next, we examine various adversarial attacks against machine learning in network security and introduce two classification approaches for adversarial attacks in network security. First, we classify adversarial attacks in network security based on a taxonomy of network security applications. Secondly, we categorize adversarial attacks in network security into a problem space vs feature space dimensional classification model. We then analyze the various defenses against adversarial attacks on machine learning-based network security applications. We conclude by introducing an adversarial risk grid map and evaluating several existing adversarial attacks against machine learning in network security using the risk grid map. We also identify where each attack classification resides within the adversarial risk grid map.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Mohanthi Kakarla,Dr. K. Padma Raju

DOI: https://doi.org/10.47392/irjaem.2024.0075

2024-03-22

Abstract:In this digital world, the data is wealth, this data is analyzed, developed and applied to specific applications using some well-developed algorithms known as Machine learning (ML). Machine learning algorithms are supervised, unsupervised, semi-supervised and reinforcement types. Deep learning (DL) is also a method of analyzing the data on a large scale. Deep learning is a further subdivision of The subsection of ML is deep learning and measures a particular type of learning that involves the use of artificial neural networks (ANN). This paper provides group of different machine learning terminologies for quick reference. This study is important to focus on different machine learning techniques and their connection in various real-world applications such as smart cities, cyber security, healthcare, agriculture and intelligent transportation systems. In this paper, machine learning concepts, different types of architectures, the challenges, various real world applications are discussed.