Ammar Almomani^1,2,*, Iman Akour³, Ahmed M. Manasrah^4,5, Omar Almomani⁶, Mohammad Alauthman⁷, Esra’a Abdullah¹, Amaal Al Shwait¹, Razan Al Sharaa¹

Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 2499-2517, 2023, DOI:10.32604/iasc.2023.039687

Abstract The exponential growth of Internet and network usage has necessitated heightened security measures to protect against data and network breaches. Intrusions, executed through network packets, pose a significant challenge for firewalls to detect and prevent due to the similarity between legitimate and intrusion traffic. The vast network traffic volume also complicates most network monitoring systems and algorithms. Several intrusion detection methods have been proposed, with machine learning techniques regarded as promising for dealing with these incidents. This study presents an Intrusion Detection System Based on Stacking Ensemble Learning base (Random Forest, Decision Tree, and k-Nearest-Neighbors). The proposed system employs pre-processing… More >

Óscar Mogollón-Gutiérrez^*, José Carlos Sancho Núñez, Mar Ávila Vegas, Andrés Caro Lindo

Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 1691-1709, 2023, DOI:10.32604/iasc.2023.039255

Abstract Nowadays, IT systems rely mainly on artificial intelligence (AI) algorithms to process data. AI is generally used to extract knowledge from stored information and, depending on the nature of data, it may be necessary to apply different AI algorithms. In this article, a novel perspective on the use of AI to ensure the cybersecurity through the study of network traffic is presented. This is done through the construction of a two-stage cyberattack classification ensemble model addressing class imbalance following a one-vs-rest (OvR) approach. With the growing trend of cyberattacks, it is essential to implement techniques that ensure legitimate access to… More >

Mohammad S. Al-kahtani¹, Zahid Mehmood^2,3,*, Tariq Sadad⁴, Islam Zada⁵, Gauhar Ali⁶, Mohammed ElAffendi⁶

Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 2279-2290, 2023, DOI:10.32604/iasc.2023.037673

Abstract Cybersecurity threats are increasing rapidly as hackers use advanced techniques. As a result, cybersecurity has now a significant factor in protecting organizational limits. Intrusion detection systems (IDSs) are used in networks to flag serious issues during network management, including identifying malicious traffic, which is a challenge. It remains an open contest over how to learn features in IDS since current approaches use deep learning methods. Hybrid learning, which combines swarm intelligence and evolution, is gaining attention for further improvement against cyber threats. In this study, we employed a PSO-GA (fusion of particle swarm optimization (PSO) and genetic algorithm (GA)) for… More >

Mansoor Farooq^1,*, Mubashir Hassan Khan²

Journal on Internet of Things, Vol.4, No.3, pp. 155-168, 2022, DOI:10.32604/jiot.2022.039271

Abstract An “Intrusion Detection System” (IDS) is a security measure designed to perceive and be aware of unauthorized access or malicious activity on a computer system or network. Signature-based IDSs employ an attack signature database to identify intrusions. This indicates that the system can only identify known attacks and cannot identify brand-new or unidentified assaults. In Wireless 6G IoT networks, signature-based IDSs can be useful to detect a wide range of known attacks such as viruses, worms, and Trojans. However, these networks have specific requirements and constraints, such as the need for real-time detection and low-power operation. To meet these requirements,… More >

Jie Deng¹, Ran Guo², Zilong Jin^1,3,*

Journal on Internet of Things, Vol.4, No.3, pp. 141-153, 2022, DOI:10.32604/jiot.2022.038914

Abstract Traditional based deep learning intrusion detection methods face problems such as insufficient cloud storage, data privacy leaks, high communication costs, unsatisfactory detection rates, and false positive rate. To address existing issues in intrusion detection, this paper presents a novel approach called CS-FL, which combines Federated Learning and a Self-Attention Fusion Convolutional Neural Network. Federated Learning is a new distributed computing model that enables individual training of client data without uploading local data to a central server. at the same time, local training results are uploaded and integrated across all participating clients to produce a global model. The sharing model reduces… More >

Weifei Wang¹, Jinguo Li^1,*, Na Zhao², Min Liu¹

CMC-Computers, Materials & Continua, Vol.76, No.1, pp. 471-487, 2023, DOI:10.32604/cmc.2023.039733

Abstract With the advancement of network communication technology, network traffic shows explosive growth. Consequently, network attacks occur frequently. Network intrusion detection systems are still the primary means of detecting attacks. However, two challenges continue to stymie the development of a viable network intrusion detection system: imbalanced training data and new undiscovered attacks. Therefore, this study proposes a unique deep learning-based intrusion detection method. We use two independent in-memory autoencoders trained on regular network traffic and attacks to capture the dynamic relationship between traffic features in the presence of unbalanced training data. Then the original data is fed into the triplet network… More >

Yuna Han¹, Hangbae Chang^2,*

CMC-Computers, Materials & Continua, Vol.76, No.1, pp. 221-237, 2023, DOI:10.32604/cmc.2023.039463

Abstract Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission. Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry. However, real-time training and classifying network traffic pose challenges, as they can lead to the degradation of the overall dataset and difficulties preventing attacks. Additionally, existing semi-supervised learning research might need to analyze the experimental results comprehensively. This paper proposes XA-GANomaly, a novel technique for explainable adaptive semi-supervised learning using GANomaly, an image anomalous detection model that dynamically trains… More >

Turke Althobaiti^1,2, Yousef Sanjalawe^3,*, Naeem Ramzan⁴

Computer Systems Science and Engineering, Vol.47, No.1, pp. 453-469, 2023, DOI:10.32604/csse.2023.039207

Abstract Flash Crowd attacks are a form of Distributed Denial of Service (DDoS) attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing (CC). Botnets are often used by attackers to perform a wide range of DDoS attacks. With advancements in technology, bots are now able to simulate DDoS attacks as flash crowd events, making them difficult to detect. When it comes to application layer DDoS attacks, the Flash Crowd attack that occurs during a Flash Event is viewed as the most intricate issue. This is mainly because it can imitate… More >

Ouail Mjahed^1,*, Salah El Hadaj¹, El Mahdi El Guarmah^1,2, Soukaina Mjahed¹

Computer Systems Science and Engineering, Vol.47, No.1, pp. 757-775, 2023, DOI:10.32604/csse.2023.039111

Abstract Denial of Service (DoS/DDoS) intrusions are damaging cyber-attacks, and their identification is of great interest to the Intrusion Detection System (IDS). Existing IDS are mainly based on Machine Learning (ML) methods including Deep Neural Networks (DNN), but which are rarely hybridized with other techniques. The intrusion data used are generally imbalanced and contain multiple features. Thus, the proposed approach aims to use a DNN-based method to detect DoS/DDoS attacks using CICIDS2017, CSE-CICIDS2018 and CICDDoS 2019 datasets, according to the following key points. a) Three imbalanced CICIDS2017-2018-2019 datasets, including Benign and DoS/DDoS attack classes, are used. b) A new technique based… More >

S. Sureshkumar^1,*, G .K. D. Prasanna Venkatesan², R. Santhosh³

Computer Systems Science and Engineering, Vol.47, No.1, pp. 1109-1123, 2023, DOI:10.32604/csse.2023.036267

Abstract Cloud computing technology provides flexible, on-demand, and completely controlled computing resources and services are highly desirable. Despite this, with its distributed and dynamic nature and shortcomings in virtualization deployment, the cloud environment is exposed to a wide variety of cyber-attacks and security difficulties. The Intrusion Detection System (IDS) is a specialized security tool that network professionals use for the safety and security of the networks against attacks launched from various sources. DDoS attacks are becoming more frequent and powerful, and their attack pathways are continually changing, which requiring the development of new detection methods. Here the purpose of the study… More >