Signature and anomaly based intrusion detection system for secure IoTs and V2G communication

IF 6.2 2区工程技术 Q1 ENGINEERING, MULTIDISCIPLINARY

alexandria engineering journal Pub Date : 2025-04-22 DOI:10.1016/j.aej.2025.03.068

Othman Alnasser , Jalal Al Muhtadi , Kashif Saleem , Sanjeeb Shrestha

{"title":"Signature and anomaly based intrusion detection system for secure IoTs and V2G communication","authors":"Othman Alnasser , Jalal Al Muhtadi , Kashif Saleem , Sanjeeb Shrestha","doi":"10.1016/j.aej.2025.03.068","DOIUrl":null,"url":null,"abstract":"<div><div>Cybersecurity is considered a top priority across all organizations, from corporations to governmental agencies. Every year, we hear about major cyber security breaches in many organizations, especially targeting smart grids with the Internet of Things (IoT) and electric vehicles (EVs) and hindering their operation. Cybersecurity attacks are multifaceted and may initiate with identifying a vulnerability, exploiting that vulnerability to gain shell access, elevating privileges, performing lateral movement, executing commands, exfiltrating data, covering tracks, and keeping persistent access. Based on a comprehensive literature review and analysis, a joint detection system using signature-based and anomaly-based intrusion detection systems (SBaIDS) that utilizes different machine learning algorithms based on a hybrid model is proposed. The novel system effectively detects cybersecurity attacks and performs non-traditional detection mechanisms for IoT and vehicle-to-grid (V2G) communication. The implementation uses the enhanced dataset and presents the result in terms of accuracy, precision, recall, and F1 Score given each attack scenario. The proposed model’s performance shows good results compared to the previous work that uses a Support Vector Machine (SVM) running SPARK. The detection ratio is found to be more than 96%, compared to recent work on a hybrid intrusion detection system.</div></div>","PeriodicalId":7484,"journal":{"name":"alexandria engineering journal","volume":"125 ","pages":"Pages 424-440"},"PeriodicalIF":6.2000,"publicationDate":"2025-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"alexandria engineering journal","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110016825003771","RegionNum":2,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

Abstract

Cybersecurity is considered a top priority across all organizations, from corporations to governmental agencies. Every year, we hear about major cyber security breaches in many organizations, especially targeting smart grids with the Internet of Things (IoT) and electric vehicles (EVs) and hindering their operation. Cybersecurity attacks are multifaceted and may initiate with identifying a vulnerability, exploiting that vulnerability to gain shell access, elevating privileges, performing lateral movement, executing commands, exfiltrating data, covering tracks, and keeping persistent access. Based on a comprehensive literature review and analysis, a joint detection system using signature-based and anomaly-based intrusion detection systems (SBaIDS) that utilizes different machine learning algorithms based on a hybrid model is proposed. The novel system effectively detects cybersecurity attacks and performs non-traditional detection mechanisms for IoT and vehicle-to-grid (V2G) communication. The implementation uses the enhanced dataset and presents the result in terms of accuracy, precision, recall, and F1 Score given each attack scenario. The proposed model’s performance shows good results compared to the previous work that uses a Support Vector Machine (SVM) running SPARK. The detection ratio is found to be more than 96%, compared to recent work on a hybrid intrusion detection system.

查看原文本刊更多论文

基于签名和异常的入侵检测系统，确保物联网和 V2G 通信安全

从企业到政府机构，网络安全被认为是所有组织的首要任务。每年，我们都会听到许多组织中的重大网络安全漏洞，特别是针对具有物联网（IoT）和电动汽车（ev）的智能电网并阻碍其运行。网络安全攻击是多方面的，可以从识别漏洞、利用该漏洞获得shell访问、提升特权、执行横向移动、执行命令、泄露数据、覆盖轨迹和保持持久访问开始。在综合文献综述和分析的基础上，提出了一种基于签名和基于异常的入侵检测系统（saids）的联合检测系统，该系统采用基于混合模型的不同机器学习算法。该新系统有效检测网络安全攻击，并为物联网和车辆到电网（V2G）通信执行非传统检测机制。该实现使用增强的数据集，并根据每个攻击场景的准确性、精度、召回率和F1分数来显示结果。与之前使用支持向量机（SVM）运行SPARK的工作相比，该模型的性能显示出良好的效果。与最近的混合入侵检测系统相比，检测率超过96%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

alexandria engineering journal Engineering-General Engineering

CiteScore

11.20

自引率

4.40%

发文量

1015

审稿时长

43 days

期刊介绍： Alexandria Engineering Journal is an international journal devoted to publishing high quality papers in the field of engineering and applied science. Alexandria Engineering Journal is cited in the Engineering Information Services (EIS) and the Chemical Abstracts (CA). The papers published in Alexandria Engineering Journal are grouped into five sections, according to the following classification: • Mechanical, Production, Marine and Textile Engineering • Electrical Engineering, Computer Science and Nuclear Engineering • Civil and Architecture Engineering • Chemical Engineering and Applied Sciences • Environmental Engineering