PAN Ju-long,LI Shan-ping,ZHANG Dao-yuan

DOI: https://doi.org/10.3785/j.issn.1008-973x.2012.01.12

2012-01-01

Abstract:A new method using game theoretic approach with multiple detecting nodes within one cluster was proposed after clusters were formed by using low-energy adaptive clustering hierarchy(LEACH)-C router protocol in order to detect and distinguish suspicious nodes in wireless sensor network.A suspicious node in a cluster is determined as malicious or normal one by the cluster-head using majority voting principle after all its neighbor's decisions are collected.A symmetrical encryption algorithm is used to secure the neighbor's result transmission.If the suspicious node is malicious,the final detecting result will be broadcasted to all nodes within this cluster and the suspicious one will be isolated in order to decrease the risk of invasion.The energy consume of both attacker and defender in the game is considered to fit the wireless sensor network environment.Experimental results show that the multiple detecting nodes scheme is feasible and effective to use game theoretic approach in wireless sensor network,and the detection precision is promoted.

Lu Chen,Tao Zhang,Yuanyuan Ma,Mu Chen

DOI: https://doi.org/10.1109/iist62526.2024.00098

2024-01-01

Abstract:With the increasing complexity, automation, and intelligence of network attacks, new types of attacks are constantly emerging in the network, posing great challenges to network attack detection and timely response based on prior rules. In order to more effectively and accurately identify abnormal traffic, a network abnormal traffic detection algorithm based on improved convolutional neural networks is proposed. The algorithm first inputs the key features of traffic anomaly monitoring, converts them into color images through visualization technology, extracts higher dimensional features, and then uses neural structure search technology to find a lightweight convolutional network structure with high accuracy and less time consumption. The optimal model is used to output the type of traffic anomaly. The results indicate that the algorithm has a higher accuracy and the shortest classification time for a single image.

Kavita Verma,P. Mukherjee,Mohit Kumar,D. Rawat,Sahil Verma

DOI: https://doi.org/10.1109/TNSE.2021.3098011

IF: 6.6

2022-09-01

IEEE Transactions on Network Science and Engineering

Abstract:Wireless Sensors Networks (WSN) is the self-configured Wireless Ad hoc Networks (WANET) for Internet of Things (IoT) which consists of a huge measure of resource-restrained Sensor Nodes (SN). In WSN, the key parameters are effectual energy utilization and security. The adversary could send false information because of the Malicious Nodes’ (MNs’) presence. Thus, to shun security threats, it is vital to find and isolate those MNs. Consequently, this work proffered a solution for detecting MNs in WSN utilizing every SN's parameters. This work not only regards the security but also rendered energy-efficient data transmission (DT) by means of choosing the Cluster Head (CH) centred on the sensor's residual energy. The Improved Deep Convolutional Neural Network (IDCNN) identifies the MN and then isolates them into the malicious list box in the Malicious Nodes Detection (MND) phase. In the energy-efficient DT phase, the Extended K-Means (EKM) algorithm clusters the Trusted Nodes (TN), and the t-Distribution based Satin Bowerbird Optimization (t-DSBO) algorithm selects an individual CH for each cluster centred on those nodes’ residual energy. The data of that cluster is transmitted to the Base Station (BS) through the CH. The t-DSBO selects an alternate CH if the current CH loses its energy. The proposed techniques effectively detect the MN and render energy-efficient DT, which is experimentally proved by comparing it with existing techniques.

Computer Science,Environmental Science,Engineering

Dongzhi Cao,Xinglan Zhang,Zhenhu Ning,Jianfeng Zhao,Fei Xue,Yongli Yang

DOI: https://doi.org/10.1145/3297156.3297246

2018-01-01

Abstract:With the rapid development of the Internet, people have variety in their life style. While the Internet is developing rapidly, some malware has also been generated, and the number of malicious codes grows exponentially, which seriously affects the security of the Internet. In the prevention of malicious code, the accurate classification of malicious code is the most critical components. At present, researchers mainly focus on static detection and dynamic detection to study malicious code variant detection schemes. In the study of malicious code classification, this paper first analyzes the limitations of static detection and dynamic detection, then employs convolution neural networks to classify and identify malicious code, and finally implements an efficient malicious code detection system based on convolutional neural networks. Our malware detection model realizes the idea of automatic detection of malicious code variants. Experimental results demonstrated that the proposed malicious code detection system is efficient.

Subhash Mondal,Subinoy Mukherjee,Suharta Banerjee

DOI: https://doi.org/10.1007/978-981-16-4435-1_30

2021-08-03

Abstract:Internet of Things is the most promising technology that is trying to transform the way in which we live and is expected to seamlessly get integrated into our environment. However, securing the IoT devices from attacks is the prime concern for researchers today. Securing IoT systems from malicious attacks is the most challenging task as attacks like DoS or DDoS are distributed in nature. In this paper we have proposed an architecture based on ML that will identify the malicious nodes which in turn will provide pre-authentication and access control, thus preventing unauthorized access of IoT resources. We have mainly emphasized on the trade-off between time, memory, and accuracy of ML algorithms for achieving better performance.

Jie Chen,Ai-dong Xu,Hong Wen,Wen-jie Liu,Yi-xin Jiang,Peng Li,Yu-shan Li

DOI: https://doi.org/10.12783/dteees/icepe2019/28962

2019-01-01

DEStech Transactions on Environment Energy and Earth Science

Abstract:The edge computing performs data processing at the proximity of data collecting nodes, which makes the edge computing devices also face a series of malicious attacking, such as clone node attack, Sybil node attack and so on. However, such malicious attacks are hard to identify by the traditional security measures because the illegal nodes capture the keys of the legal nodes. In order to solve the above problems, a channel information approached malicious node recognition method based on intelligent algorithm for the edge computing is proposed. The novel algorithm is feasible and the recognition accuracy meets the requirements.

Bismin V. Sherif,P Salini

DOI: https://doi.org/10.1109/iccica52458.2021.9697234

2021-11-26

Abstract:A mobile ad hoc network, abbreviately called as MANET, is an infrastructure-less network of mobile nodes connected wirelessly in a self-configuring, self-organizing manner. Because of the fact that MANETs can be effectively used in crucial applications like disaster relief operations and rescue operations, it has gained the attention of research community. But due to on-the-fly characteristics, MANETs are highly vulnerable to security attacks. Since the presence of attacker nodes degrades the performance of MANET, special considerations are required to enhance the performance of the network by developing more sophisticated techniques to detect and eliminate these attacks from the network. This paper focuses on the study of existing traditional and machine learning approaches which helps in identifying the presence of malicious nodes in MANET.

Sun Haoliang,Wang Dawei,Zhang Ying

DOI: https://doi.org/10.1109/iccsn.2019.8905286

2019-01-01

Abstract:Nowadays, a major challenge to network security is malicious codes. However, manual extraction of features is one of the characteristics of traditional detection techniques, which is inefficient. On the other hand, the features of the content and behavior of the malicious codes are easy to change, resulting in more inefficiency of the traditional techniques. In this paper, a K-Means Clustering Analysis is proposed based on Adaptive Weights (AW-MMKM). Identifying malicious codes in the proposed method is based on four types of network behavior that can be extracted from network traffic, including active, fault, network scanning, and page behaviors. The experimental results indicate that the AW-MMKM can detect malicious codes efficiently with higher accuracy.

Aidong Xu,Minggui Cao,Runfa Liao,Yunan Zhang,Yixin Jiang,Yi Chen,Hong Wen,Jinran Du

DOI: https://doi.org/10.1088/1755-1315/428/1/012019

2020-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Edge computing can meet the needs of many industries in real-time business control, security and privacy protection. In the process of massive heterogeneous terminals accessing the network through edge devices, it is very challenging to achieve fast and reliable authentication. The physical layer authentication technology authenticates through the channel characteristics, which has the characteristics of lightweight, and can well adapt to the authentication scenario of massive heterogeneous terminal access. In order to identify malicious nodes, this paper proposes an attack identification scheme of malicious nodes under edge computing. The new channel response information vector is constructed by using the correlation between the channel information of consecutive frames. Two or more time slot channel frequency response vectors are averaged to obtain a new channel response vector. It has the advantages of low computational complexity and high recognition accuracy. And combined with the channel frequency response based on the deep neural network to identify malicious nodes, the data set in the factory environment is simulated.

A. Ranjith Kumar,A. Sivagami

DOI: https://doi.org/10.1007/s11042-020-08631-0

IF: 2.577

2020-02-06

Multimedia Tools and Applications

Abstract:Wireless Multimedia Sensor Networks (WMSNs) have drawn tremendous attention because of their potential impact on scientific research and their numerous attractive applications. However, security is one of the main challenges to WMSN. During the data transmission from source to destination, the intermediate nodes may misbehave as a malicious node. So, before reliable data transmission, these malicious nodes are to be detected. In this paper, Fuzzy logic system is presented for malicious node detection. Using this fuzzy system, the trust score is calculated for each sensor node in the network. Depend on the calculated trust score, malicious nodes are detected. For securable data transmission, Improved Elliptic Curve Cryptography (IECC) algorithm is presented. In ECC, Oppositional Particle Swarm Optimization (OPSO) is included for optimal key generation. Simulation results show that the performance of this proposed approach outperforms that of the existing approaches in terms of energy consumption, network lifetime and delay.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Vedanth Ramanathan,Krish Mahadevan,Sejal Dua

DOI: https://doi.org/10.48550/arXiv.2309.05646

2023-09-12

Abstract:Cybersecurity attacks are becoming increasingly sophisticated and pose a growing threat to individuals, and private and public sectors. Distributed Denial of Service attacks are one of the most harmful of these threats in today's internet, disrupting the availability of essential services. This project presents a novel deep learning-based approach for detecting DDoS attacks in network traffic using the industry-recognized DDoS evaluation dataset from the University of New Brunswick, which contains packet captures from real-time DDoS attacks, creating a broader and more applicable model for the real world. The algorithm employed in this study exploits the properties of Convolutional Neural Networks (CNN) and common deep learning algorithms to build a novel mitigation technique that classifies benign and malicious traffic. The proposed model preprocesses the data by extracting packet flows and normalizing them to a fixed length which is fed into a custom architecture containing layers regulating node dropout, normalization, and a sigmoid activation function to out a binary classification. This allows for the model to process the flows effectively and look for the nodes that contribute to DDoS attacks while dropping the "noise" or the distractors. The results of this study demonstrate the effectiveness of the proposed algorithm in detecting DDOS attacks, achieving an accuracy of .9883 on 2000 unseen flows in network traffic, while being scalable for any network environment.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

V Chandrasekar,V Shanmugavalli,T R Mahesh,R Shashikumar,Naiwrita Borah,V Vinoth Kumar,Suresh Guluwadi

DOI: https://doi.org/10.1038/s41598-024-57480-6

2024-04-03

Abstract:In wireless networking, the security of flying ad hoc networks (FANETs) is a major issue, and the use of drones is growing every day. A distributed network is created by a drone network in which nodes can enter and exit the network at any time. Because malicious nodes generate bogus identifiers, FANET is unstable. In this research study, we proposed a threat detection method for detecting malicious nodes in the network. The proposed method is found to be most effective compared to other methods. Malicious nodes fill the network with false information, thereby reducing network performance. The secure ad hoc on-demand distance vector (AODV) that has been suggested algorithm is used for detecting and isolating a malicious node in FANET. In addition, because temporary flying nodes are vulnerable to attacks, trust models based on direct or indirect reliability similar to trusted neighbors have been incorporated to overcome the vulnerability of malicious/selfish harassment. A node belonging to the malicious node class is disconnected from the network and is not used to forward or forward another message. The FANET security performance is measured by throughput, packet loss and routing overhead with the conventional algorithms of AODV (TAODV) and reliable AODV secure AODV power consumption decreased by 16.5%, efficiency increased by 7.4%, and packet delivery rate decreased by 9.1% when compared to the second ranking method. Reduced packet losses and routing expenses by 9.4%. In general, the results demonstrate that, in terms of energy consumption, throughput, delivered packet rate, the number of lost packets, and routing overhead, the proposed secure AODV algorithm performs better than the most recent, cutting-edge algorithms.

Wenbo Zhang,Yongxin Feng,Guangjie Han,Hongbo Zhu,Xiaobo Tan

DOI: https://doi.org/10.3390/s22228739

IF: 3.9

2022-11-13

Sensors

Abstract:It is critical to detect malicious code for the security of the Internet of Things (IoT). Therefore, this work proposes a malicious code detection algorithm based on the novel feature fusion–malware image convolutional neural network (FF-MICNN). This method combines a feature fusion algorithm with deep learning. First, the malicious code is transformed into grayscale image features by image technology, after which the opcode sequence features of the malicious code are extracted by the n-gram technique, and the global and local features are fused by feature fusion technology. The fused features are input into FF-MICNN for training, and an appropriate classifier is selected for detection. The results of experiments show that the proposed algorithm exhibits improvements in its detection speed, the comprehensiveness of features, and accuracy as compared with other algorithms. The accuracy rate of the proposed algorithm is also 0.2% better than that of a detection algorithm based on a single feature.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Dr. V. Gokula Krishnan,S. Hemamalini,Praneeth Cheraku,K. Hema Priya,Sangeetha Ganesan,Dr. R. Balamanigandan

DOI: https://doi.org/10.37391/ijeer.110209

2023-05-30

International Journal of Electrical and Electronics Research

Abstract:Decentralized wireless networks that may connect without a central hub are named Mobile Ad-hoc Networks (MANET). Attacks and threats of the most common kind can easily penetrate MANETs. Malware, APTs, and Distributed Denial of Service (DDoS) assaults all work together to make Internet services less reliable and less secure. Existing methods have been created to counter these assaults, but they either need more hardware, result in significant delivery delays, or fall short in other key areas like as energy consumption. This research therefore provides an intelligent agent system that can automatically choose and classify features to identify DDoS assaults. In this study, we provide an automated attack detector for MANETs based on a multilayer, (1D) convolutional neural network (CNN). Grey relational analysis classifiers are employed to screen attack levels in the classification layer because of their simple mathematical operation. The sunflower optimization technique is also used to fine-tune the classifier's weight. The research suggested a supervised feature classifier and fed the compressed data from an unsupervised auto encoder to it. In our experiment, conducted on the custom-generated dataset CICDDoS2018, the system outperformed state-of-the-art deep learning-based DDoS attack finding methods by a factor of 98%. Our suggested technique utilizes the freshest CICDDoS2018 dataset in combination with automated feature selection and classification to achieve state-of-the-art detection accuracy at a fraction of the processing time.

Gopalakrishnan Subburayalu,Hemanand Duraivelu,Arun Prasath Raveendran,Rajesh Arunachalam,Deepika Kongara,Chitra Thangavel

DOI: https://doi.org/10.1080/19361610.2021.2002118

2021-11-24

Journal of Applied Security Research

Abstract:Improvement of efficient packet access in a wireless Mobile Ad-Hoc network (MANET) is vital for achieving high speed data rate. The degradation occurs due to identification of malicious node and hence, reducing the severity will be a complex problem due to similar characteristics with trusty nodes in sensing area. In this work, Adaptive Neuro Fuzzy Inference System (ANFIS) classifier based defected node identification system is developed. The conviction parameters to be extract of the reliable and malevolent nodes and these parameters are qualified by ANFIS classifier. Further, the individual nodes in MANET are classified in testing mode of classifier. The network performance will be degraded with the increased number of malicious nodes. Certain conditions like packet delivery ratio, throughput, detection rate, energy consumption, and precision value and link failures occur due to malicious node in the network. The anticipated malicious node detection structure be compare by means of the conservative techniques such as Optimized energy efficient routing protocol (OEERP), Low energy adaptive clustering hierarchy (LEACH), Data routing in network aggregation (DRINA)and Base station controlled dynamic clustering protocol (BCDCP). The proposed ANFIS classifier is designed in Matrix Laboratory (MATLAB) and it can be interfaced with NS2 using “c” programming.

Sanjeev Kumar,Anil Kumar

DOI: https://doi.org/10.1016/j.engappai.2024.108374

IF: 8

2024-04-13

Engineering Applications of Artificial Intelligence

Abstract:Technology-enabled intelligent automation has ushered in a new era of Industry 4.0. At the core of this revolution are many interconnected devices, commonly referred to as the Industrial Internet of Things (IIoT). On the one hand, these sensors have resulted in productivity improvements, but at the same time, they have created a new attack surface for the threat actors. This research presents a novel image-based malware detection system leveraging software-defined networking (SDN) honeypot, convolution neural networks (CNN), and a two-level autoencoder. The proposed system transforms binary programs into gray-scale images and extracts textural features using deep CNN architectures via transfer learning. The dimensions of extracted features are then reduced using a custom two-level autoencoder. Finally, these reduced features are fed to six algorithms, including deep learning (DL) and machine learning (ML) classifiers. This study performs hyper-parameter optimization of each classifier using automated grid-search and random-search algorithms. The experimental results performed using the public benchmarked MalImg dataset show that the proposed method outperforms existing approaches, achieving high test accuracy of 98.50% and weighted precision, recall, and f1-score of 98.60%, 98.60%, and 98.60%, respectively. Furthermore, the mean response time is reported as 0.006 s, indicating the fast detection capabilities of the proposed approach. One of the advantages of the proposed methodology is that it reduces the dependence on intensive feature engineering and minimizes the need for domain expertise. The proposed method offers a scalable and industry-suitable solution for detecting malware in IIoT environments without relying on computationally intensive techniques.

automation & control systems,computer science, artificial intelligence,engineering, electrical & electronic, multidisciplinary

Zhiwei Gu,Shah Nazir,Cheng Hong,Sulaiman Khan

DOI: https://doi.org/10.1155/2020/8830903

IF: 1.968

2020-08-28

Security and Communication Networks

Abstract:With the development of communication systems, information securities remain one of the main concerns for the last few years. The smart devices are connected to communicate, process, compute, and monitor diverse real-time scenarios. Intruders are trying to attack the network and capture the organization’s important information for its own benefits. Intrusion detection is a way of identifying security violations and examining unwanted occurrences in a computer network. Building an accurate and effective identification system for intrusion detection or malicious activities can secure the existing system for smooth and secure end-to-end communication. In the proposed research work, a deep learning-based approach is followed for the accurate intrusion detection purposes to ensure the high security of the network. A convolution neural network based approach is followed for the feature classification and malicious data identification purposes. In the end, comparative results are generated after evaluating the performance of the proposed algorithm to other rival algorithms in the proposed field. These comparative algorithms were FGSM, JSMA, C&W, and ENM. After evaluating the performance of these algorithms and the proposed algorithm based on different threshold values ranging, L p norms, and different parametric values for c , it was concluded that the proposed algorithm outperforms with small L p values and high Kitsune scores. These results reflect that the proposed research is promising toward the identification of attack on data packets, and it also reflects the applicability of the proposed algorithms in the network security field.

computer science, information systems,telecommunications

Rajesh Kumar,Zhang Xiaosong,Riaz Ullah Khan,Ijaz Ahad,Jay Kumar

DOI: https://doi.org/10.1145/3194452.3194459

2018-01-01

Abstract:In this study, we have used the Image Similarity technique to detect the unknown or new type of malware using CNN ap- proach. CNN was investigated and tested with three types of datasets i.e. one from Vision Research Lab, which contains 9458 gray-scale images that have been extracted from the same number of malware samples that come from 25 differ- ent malware families, and second was benign dataset which contained 3000 different kinds of benign software. Benign dataset and dataset vision research lab were initially exe- cutable files which were converted in to binary code and then converted in to image files. We obtained a testing ac- curacy of 98% on Vision Research dataset.

Peiyu Li,Hui Wang,Guo Tian,Zhihui Fan

DOI: https://doi.org/10.3390/s24154766

2024-07-23

Abstract:Maintaining security in communication networks has long been a major concern. This issue has become increasingly crucial due to the emergence of new communication architectures like the Internet of Things (IoT) and the advancement and complexity of infiltration techniques. For usage in networks based on the Internet of Things, previous intrusion detection systems (IDSs), which often use a centralized design to identify threats, are now ineffective. For the resolution of these issues, this study presents a novel and cooperative approach to IoT intrusion detection that may be useful in resolving certain current security issues. The suggested approach chooses the most important attributes that best describe the communication between objects by using Black Hole Optimization (BHO). Additionally, a novel method for describing the network's matrix-based communication properties is put forward. The inputs of the suggested intrusion detection model consist of these two feature sets. The suggested technique splits the network into a number of subnets using the software-defined network (SDN). Monitoring of each subnet is done by a controller node, which uses a parallel combination of convolutional neural networks (PCNN) to determine the presence of security threats in the traffic passing through its subnet. The proposed method also uses the majority voting approach for the cooperation of controller nodes in order to more accurately detect attacks. The findings demonstrate that, in comparison to the prior approaches, the suggested cooperative strategy can detect assaults in the NSLKDD and NSW-NB15 datasets with an accuracy of 99.89 and 97.72 percent, respectively. This is a minimum 0.6 percent improvement.

Priyank Singhal,Nataasha Raul

DOI: https://doi.org/10.5121/ijnsa.2012.4106

2012-02-08

Abstract:Malicious software is abundant in a world of innumerable computer users, who are constantly faced with these threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can cause systems to function incorrectly, steal data and even crash. Malware may be executable or system library files in the form of viruses, worms, Trojans, all aimed at breaching the security of the system and compromising user privacy. Typically, anti-virus software is based on a signature definition system which keeps updating from the internet and thus keeping track of known viruses. While this may be sufficient for home-users, a security risk from a new virus could threaten an entire enterprise network. This paper proposes a new and more sophisticated antivirus engine that can not only scan files, but also build knowledge and detect files as potential viruses. This is done by extracting system API calls made by various normal and harmful executable, and using machine learning algorithms to classify and hence, rank files on a scale of security risk. While such a system is processor heavy, it is very effective when used centrally to protect an enterprise network which maybe more prone to such threats.

Cryptography and Security,Machine Learning