{"title":"Integrated Spatial and Temporal Features Based Network Intrusion Detection System Using SMOTE Sampling","authors":"Shrinivas Khedkar, Madhav Chandane, Rasika Gawande","doi":"10.5815/ijcnis.2024.02.02","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.02","url":null,"abstract":"With attackers discovering more inventive ways to take advantage of network weaknesses, the pace of attacks has drastically increased in recent years. As a result, network security has never been more important, and many network intrusion detection systems (NIDS) rely on old, out-of-date attack signatures. This necessitates the deployment of reliable and modern Network Intrusion Detection Systems that are educated on the most recent data and employ deep learning techniques to detect malicious activities. However, it has been found that the most recent datasets readily available contain a large quantity of benign data, enabling conventional deep learning systems to train on the imbalance data. A high false detection rate result from this. To overcome the aforementioned issues, we suggest a Synthetic Minority Over-Sampling Technique (SMOTE) integrated convolution neural network and bi-directional long short-term memory SCNN-BIDLSTM solution for creating intrusion detection systems. By employing the SMOTE, which integrates a convolution neural network to extract spatial features and a bi-directional long short-term memory to extract temporal information; difficulties are reduced by increasing the minority samples in our dataset. In order to train and evaluate our model, we used open benchmark datasets as CIC-IDS2017, NSL-KDD, and UNSW-NB15 and compared the results with other state of the art models.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"121 S158","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140731247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
R. A. Yunmar, S. Kusumawardani, Widyawan Widyawan, Fadi Mohsen
{"title":"Detecting Android Malware by Mining Enhanced System Call Graphs","authors":"R. A. Yunmar, S. Kusumawardani, Widyawan Widyawan, Fadi Mohsen","doi":"10.5815/ijcnis.2024.02.03","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.03","url":null,"abstract":"The persistent threat of malicious applications targeting Android devices has been growing in numbers and severity. Numerous techniques have been utilized to defend against this thread, including heuristic-based ones, which are able to detect unknown malware. Among the many features that this technique uses are system calls. Researchers have used several representation methods to capture system calls, such as histograms. However, some information may be lost if the system calls as a feature is only represented as a 1-dimensional vector. Graphs can represent the interaction of different system calls in an unusual or suspicious way, which can indicate malicious behavior. This study uses machine learning algorithms to recognize malicious behavior represented in a graph. The system call graph was fed into machine learning algorithms such as AdaBoost, Decision Table, Naïve Bayes, Random Forest, IBk, J48, and Logistic regression. We further employ a series feature selection method to improve detection accuracy and eliminate computational complexity. Our experiment results show that the proposed method has reduced feature dimension to 91.95% and provides 95.32% detection accuracy.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"53 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140730047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Individual Updating Strategies-based Elephant Herding Optimization Algorithm for Effective Load Balancing in Cloud Environments","authors":"Syed Muqthadar Ali, N. Kumaran, G. N. Balaji","doi":"10.5815/ijcnis.2024.02.06","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.06","url":null,"abstract":"In this manuscript, an Individual Updating Strategies-based Elephant Herding Optimization Algorithm are proposed to facilitate the effective load balancing (LB) process in cloud computing. Primary goal of proposed Individual Updating Strategies-based Elephant Herding Optimization Algorithm focus on issuing the workloads pertaining to network links by the purpose of preventing over-utilization and under-utilization of the resources. Here, NIUS-EHOA-LB-CE is proposed to exploit the merits of traditional Elephant Herd Optimization algorithm to achieve superior results in all dimensions of cloud computing. In this NIUS-EHOA-LB-CE achieves the allocation of Virtual Machines for the incoming tasks of cloud, when the number of currently processing tasks of a specific VM is less than the cumulative number of tasks. Also, it attains potential load balancing process differences with the help of each individual virtual machine’s processing time and the mean processing time (MPT) incurred by complete virtual machine. Efficacy of the proposed technique activates the Cloudsim platform. Experimental results of the proposed method shows lower Mean Response time 11.6%, 18.4%, 20.34%and 28.1%, lower Mean Execution Time 78.2%, 65.4%, 40.32% and 52.6% compared with existing methods, like Improved Artificial Bee Colony utilizing Monarchy Butterfly Optimization approach for Load Balancing in Cloud Environments (IABC-MBOA-LB-CE), An improved Hybrid Fuzzy-Ant Colony Algorithm Applied to Load Balancing in Cloud Computing Environment (FACOA-LB-CE), Hybrid firefly and Improved Multi-Objective Particle Swarm Optimization for energy efficient LB in Cloud environments (FF-IMOPSO-LB-CE) and A hybrid gray wolf optimization and Particle Swarm Optimization algorithm for load balancing in cloud computing environment (GWO-PSO-LB-CE).","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"173 S393","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140730929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dipti Prava Sahu, Biswajit Tripathy, Leena Samantaray
{"title":"Optimized Intrusion Detection System in Fog Computing Environment Using Automatic Termination-based Whale Optimization with ELM","authors":"Dipti Prava Sahu, Biswajit Tripathy, Leena Samantaray","doi":"10.5815/ijcnis.2024.02.07","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.07","url":null,"abstract":"In fog computing, computing resources are deployed at the network edge, which can include routers, switches, gateways, and even end-user devices. Fog computing focuses on running computations and storing data directly on or near the fog devices themselves. The data processing occurs locally on the device, reducing the reliance on network connectivity and allowing for faster response times. However, the conventional intrusion detection system (IDS) failed to provide security during the data transfer between fog nodes to cloud, fog data centres. So, this work implemented the optimized IDS in fog computing environment (OIDS-FCE) using advanced naturally inspired optimization algorithms with extreme learning. Initially, the data preprocessing operation maintains the uniform characteristics in the dataset by normalizing the columns. Then, comprehensive learning particle swarm based effective seeker optimization (CLPS-ESO) algorithm extracts the intrusion specific features by analyzing the internal patterns of all rows, columns. In addition, automatic termination-based whale optimization algorithm (ATWOA) selects the best intrusion features from CLPS-ESO resultant features using correlation analysis. Finally, the hybrid extreme learning machine (HELM) classifies the varies instruction types from ATWOA optimal features. The simulation results show that the proposed OIDS-FCE achieved 98.52% accuracy, 96.38% precision, 95.50% of recall, and 95.90% of F1-score using UNSW-NB dataset, which are higher than other artificial intelligence IDS models.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"44 9","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140731720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Naveen Arali, N. D. G., Altaf Husain M., P. S. Hiremath
{"title":"An Efficient and Secure Blockchain Consensus Algorithm Using Game Theory","authors":"Naveen Arali, N. D. G., Altaf Husain M., P. S. Hiremath","doi":"10.5815/ijcnis.2024.02.08","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.08","url":null,"abstract":"Blockchain technology is a decentralized ledger system that finds applications in various domains such as banking, e-governance, and supply chain management. The consensus algorithm plays a crucial role in any blockchain network as it directly impacts the network's performance and security. There have been several proposed consensus mechanisms in the literature, including Proof of Work (PoW), Proof of Stake (PoS), Robust Proof of Stake (RPoS), and Delegated Proof of Stake (DPoS). Both Ethereum and Bitcoin utilize the PoW consensus mechanism, where nodes compete to solve puzzles in order to generate blocks, consuming significant processing power. On the other hand, the PoS consensus mechanism selects miners based on the stakes they hold, making it more energy efficient. However, PoS has drawbacks such as vulnerability to coin age accumulation attacks and the potential for partial centralization. In this work, we present a consensus mechanism known as Delegated Proof of Stake with Downgrading Mechanism using Game Theory (DDPoS (GT)). This mechanism employs a two-step game strategy to divide nodes into strong and weak nodes, as well as attack and non-attack nodes. Later, the results of the two games are combined to enhance protocol efficiency and security. Experimental results using a private Ethereum-based network demonstrate that DDPoS (GT) performs better than PoS and DPoS in terms of transaction latency, average block waiting time, and fairness.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"29 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140729185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mohammed Abdessamad Goumidi, E. Zigh, N. Hadj-Said, A. Ali-Pacha
{"title":"A Hybrid Intrusion Detection System to Mitigate Biomedical Malicious Nodes","authors":"Mohammed Abdessamad Goumidi, E. Zigh, N. Hadj-Said, A. Ali-Pacha","doi":"10.5815/ijcnis.2024.02.10","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.10","url":null,"abstract":"This paper proposes an intrusion detection system to prevent malicious node attacks that may result in failure links in wireless body area networks. The system utilizes a combination of Optimized Convolutional Neural Networks and Support Vector Machine techniques to classify nodes as malicious or not, and links as failure or not. In case of detection, the system employs a trust-based routing strategy to isolate malicious nodes or failure links and ensure a secure path. Furthermore, sensitive data is encrypted using a modified RSA encryption algorithm. The experimental results demonstrate the improved network performance in terms of data rate, delay, packet delivery ratio, energy consumption, and network security, by providing effective protection against malicious node attacks and failure links. The proposed system achieves the highest classification rate and sensitivity, surpassing similar methods in all evaluation metrics.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"241 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140730490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Secure VM Placement Strategy to Defend against Co-residence Attack in Cloud Datacentres","authors":"Ankita Srivastava, Narander Kumar","doi":"10.5815/ijcnis.2024.02.05","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.05","url":null,"abstract":"With the increasing number of co-residence attacks, the security of the multi-tenant public IaaS cloud environment has become a growing concern. The co-residence attacker creates a side channel to retrieve the secured data. These attacks help the adversary to leak out the sensitive information of the user with whom it is co-located. This paper discusses a secured VM placement technique, Previous Server and Co-resident users First (PSCF), which focuses on facilitating security against the co-residence attack by minimizing the probability of co-locating the malicious user with the authentic user. Co-location resistance and core utilization metrics are utilized to evaluate the algorithm’s performance. The proposed method is simulated, and the result is analysed and compared with existing approaches like Best Fit, Worst Fit, PSSF, and SC-PSSF. It is observed that the proposed approach furnished maximum co-location resistance of 74.32% and a core utilization of 82.63%. Further, the algorithm has shown significant performance in balancing the load and energy consumption. The result has reduced the probability that malicious users co-located with the authentic one, thus reducing the security breach of confidential information.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"214 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140730697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Novel Approach of DDOS Attack Classification with Genetic Algorithm-optimized Spiking Neural Network","authors":"Anuradha Pawar, Nidhi Tiwari","doi":"10.5815/ijcnis.2024.02.09","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.02.09","url":null,"abstract":"Spiking Neural Network (SNN) use spiking neurons that transmit information through discrete spikes, similar to the way biological neurons communicate through action potentials. This unique property of SNNs makes them suitable for applications that require real-time processing and low power consumption. This paper proposes a new method for detecting DDoS attacks using a spiking neural network (SNN) with a distance-based rate coding mechanism and optimizing the SNN using a genetic algorithm (GA). The proposed GA-SNN approach achieved a remarkable accuracy rate of 99.98% in detecting DDoS attacks, outperforming existing state-of-the-art methods. The GA optimization approach helps to overcome the challenges of setting the initial weights and biases in the SNN, and the distance-based rate coding mechanism enhances the accuracy of the SNN in detecting DDoS attacks. Additionally, the proposed approach is designed to be computationally efficient, which is essential for practical implementation in real-time systems. Overall, the proposed GA-SNN approach is a promising solution for accurate and efficient detection of DDoS attacks in network security applications.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"26 17","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140732486","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Machine Learning-based Intrusion Detection Technique for IoT: Simulation with Cooja","authors":"A. H. Farea, Kerem Küçük","doi":"10.5815/ijcnis.2024.01.01","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.01.01","url":null,"abstract":"The Internet of Things (IoT) is one of the promising technologies of the future. It offers many attractive features that we depend on nowadays with less effort and faster in real-time. However, it is still vulnerable to various threats and attacks due to the obstacles of its heterogeneous ecosystem, adaptive protocols, and self-configurations. In this paper, three different 6LoWPAN attacks are implemented in the IoT via Contiki OS to generate the proposed dataset that reflects the 6LoWPAN features in IoT. For analyzed attacks, six scenarios have been implemented. Three of these are free of malicious nodes, and the others scenarios include malicious nodes. The typical scenarios are a benchmark for the malicious scenarios for comparison, extraction, and exploration of the features that are affected by attackers. These features are used as criteria input to train and test our proposed hybrid Intrusion Detection and Prevention System (IDPS) to detect and prevent 6LoWPAN attacks in the IoT ecosystem. The proposed hybrid IDPS has been trained and tested with improved accuracy on both KoU-6LoWPAN-IoT and Edge IIoT datasets. In the proposed hybrid IDPS for the detention phase, the Artificial Neural Network (ANN) classifier achieved the highest accuracy among the models in both the 2-class and N-class. Before the accuracy improved in our proposed dataset with the 4-class and 2-class mode, the ANN classifier achieved 95.65% and 99.95%, respectively, while after the accuracy optimization reached 99.84% and 99.97%, respectively. For the Edge IIoT dataset, before the accuracy improved with the 15-class and 2-class modes, the ANN classifier achieved 95.14% and 99.86%, respectively, while after the accuracy optimized up to 97.64% and 99.94%, respectively. Also, the decision tree-based models achieved lightweight models due to their lower computational complexity, so these have an appropriate edge computing deployment. Whereas other ML models reach heavyweight models and are required more computational complexity, these models have an appropriate deployment in cloud or fog computing in IoT networks.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"39 6","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-02-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139853264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Francis H. Shajin, Muthusamy Palaniappan, P. Rajesh
{"title":"Auto-metric Graph Neural Network based Blockchain Technology for Secured Dynamic Optimal Routing in MANET","authors":"Francis H. Shajin, Muthusamy Palaniappan, P. Rajesh","doi":"10.5815/ijcnis.2024.01.10","DOIUrl":"https://doi.org/10.5815/ijcnis.2024.01.10","url":null,"abstract":"Mobile ad hoc network (MANET) routing is a generous tactic used for allocating packets to the base station (BS). During the operations of routing, occurrence of malicious node embellishes the mobile ad hoc network operations. For that reason, a trusted distributed routing protocol is obliged that maintains the routing buttressing and the proficiency of mobile ad hoc network. To overcome these challenging issues, Auto-Metric Graph Neural Network based Blockchain technology is proposed in this manuscript for Secured Dynamic Optimal Routing in MANET (BC-SDOR-MANET-AGNN). The proposed approach is simulated in NS-2 tool. The proposed BC-SDOR-MANET-AGNN approach attains 76.26%, 65.57%, 42.9% minimal delay during 25% malicious routing environment, 73.06%, 63.82%, 38.84% less delay during 50% malicious routing environment when analyzed to the existing models, like enhanced hybrid secure multipath routing protocol for MANET (BC-SDOR-MANET-GAHC), an improved ad hoc on-demand distance vector routing security approach based on BC technology in MANET (BC-SDOR-MANET-AODV-MQS) and block chain-based better approach for the mobile ad-hoc networking protocol using ensemble algorithm (BC-SDOR-MANET-E-BATMAN) methods.","PeriodicalId":36488,"journal":{"name":"International Journal of Computer Network and Information Security","volume":"72 s320","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-02-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139794591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}