Egyptian Informatics Journal最新文献_第5页

Advanced AI-driven intrusion detection for securing cloud-based industrial IoT 先进的人工智能驱动的入侵检测，以保护基于云的工业物联网

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-04-04 DOI: 10.1016/j.eij.2025.100644

Saima Siraj Qureshi , Jingsha He , Siraj Uddin Qureshi , Nafei Zhu , Ahsan Wajahat , Ahsan Nazir , Faheem Ullah , Abdul Wadud

{"title":"Advanced AI-driven intrusion detection for securing cloud-based industrial IoT","authors":"Saima Siraj Qureshi , Jingsha He , Siraj Uddin Qureshi , Nafei Zhu , Ahsan Wajahat , Ahsan Nazir , Faheem Ullah , Abdul Wadud","doi":"10.1016/j.eij.2025.100644","DOIUrl":"10.1016/j.eij.2025.100644","url":null,"abstract":"<div><div>The rapid integration of smart devices with cloud services in the Industrial Internet of Things (IIoT) has exposed significant vulnerabilities in conventional security protocols, making them insufficient against sophisticated cyber threats. Despite advancements in intrusion detection systems (IDS), there remains a critical need for highly accurate, adaptive, and scalable solutions for cloud-based IIoT environments. Motivated by this necessity, we propose an advanced AI-powered IDS leveraging Long Short-Term Memory (LSTM) and Gated Recurrent Unit (GRU) networks. Developed using Python and the Kitsune dataset, our IDS demonstrates a remarkable detection accuracy of 98.68%, a low False Negative rate of 0.01%, and an impressive F1 score of 98.62%. Comparative analysis with other deep learning models validates the superior performance of our approach. This research contributes significantly to enhancing cybersecurity in cloud-based IIoT systems, offering a robust, scalable solution to mitigate evolving cyber threats.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100644"},"PeriodicalIF":5.0,"publicationDate":"2025-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143768061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

MANET highly efficient clustering technique based on coverage k-means algorithm 基于覆盖k-均值算法的MANET高效聚类技术

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-04-03 DOI: 10.1016/j.eij.2025.100672

Aya Ayad Hussein , Hazem Noori Abdulrazzak , Ali Salem Ali

{"title":"MANET highly efficient clustering technique based on coverage k-means algorithm","authors":"Aya Ayad Hussein , Hazem Noori Abdulrazzak , Ali Salem Ali","doi":"10.1016/j.eij.2025.100672","DOIUrl":"10.1016/j.eij.2025.100672","url":null,"abstract":"<div><div>Mobile ad hoc networks (MANET) are employed as an alternative access for established infrastructure in areas lacking permanent connections. MANET are dynamic and flexible, all devices can communicate. This makes them particularly useful in situations like disaster recovery, military operations, or remote areas where traditional networks are unavailable. The routing techniques are more important to managing the communication and improving the network stability, reliability, and efficiency. In this paper, a Coverage K-Means cluster-based Routing Protocol (CKRP) is proposed. The CKRP has better link connectivity, a higher route lifetime, and is more reliable with minimum transmission delay. The MANET square area is divided into multiple zones based on the zone generation proposed model based on the ratio of the maximum and minimum boundary to the node coverage. The node density and zone will used to compute the number of clusters. The k-Means algorithm will used in the cluster formulation stage. In this paper, a new Cluster Head (CH) selection model was proposed as a final stage of the CKRP model to elect the optimal node as a CH. The experiment simulated the proposed model and compared it with Ad hoc On-Demand Distance Vector Routing (AODV) and Fuzzy Logic- AODV (FL-AODV). The CKRP routing reliability has 25% improvements compared with AODV for the number of nodes exceeding 90. The proposed model has a minimum delay compared with the other algorithms.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100672"},"PeriodicalIF":5.0,"publicationDate":"2025-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143760090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dynamic secret sharing for enhanced cloud security: Tackling eavesdropping and threshold attacks 增强云安全的动态秘密共享：解决窃听和阈值攻击

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-29 DOI: 10.1016/j.eij.2025.100660

Sijjad Ali , Shuaib Ahmed Wadho , Aun Yichiet , Nayem Uddin Prince , Ming Lee Gan , Chen Kang Lee

{"title":"Dynamic secret sharing for enhanced cloud security: Tackling eavesdropping and threshold attacks","authors":"Sijjad Ali , Shuaib Ahmed Wadho , Aun Yichiet , Nayem Uddin Prince , Ming Lee Gan , Chen Kang Lee","doi":"10.1016/j.eij.2025.100660","DOIUrl":"10.1016/j.eij.2025.100660","url":null,"abstract":"<div><div>In this paper, we propose a novel approach to enhance the security of cloud collaboration while addressing key challenges in cloud computing. The proposed scheme effectively mitigates eavesdropping and threshold attacks, significantly bolstering the security of the cloud environment. Through rigorous performance evaluation, we demonstrate that our method reduces communication overhead and improves resource efficiency compared to existing solutions. Additionally, we introduce a transformation of the dynamic context secret (DCS) into a <span><math><mrow><mo>(</mo><mi>t</mi><mo>,</mo><mi>n</mi><mo>)</mo></mrow></math></span> secret sharing scheme, improving its flexibility and addressing critical security issues. This innovative approach represents a significant advancement in cloud collaboration security, offering a measurable improvement over current models. By strengthening both the security and efficiency of cloud environments, our scheme lays the groundwork for more robust and secure cloud computing frameworks.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100660"},"PeriodicalIF":5.0,"publicationDate":"2025-03-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143735195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust zero-watermarking based on dual branch neural network for ownership authentication, auxiliary information delivery and tamper detection 基于双分支神经网络的所有权认证、辅助信息传递和篡改检测的鲁棒零水印

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-28 DOI: 10.1016/j.eij.2025.100650

Rodrigo Eduardo Arevalo-Ancona, Manuel Cedillo-Hernandez

{"title":"Robust zero-watermarking based on dual branch neural network for ownership authentication, auxiliary information delivery and tamper detection","authors":"Rodrigo Eduardo Arevalo-Ancona, Manuel Cedillo-Hernandez","doi":"10.1016/j.eij.2025.100650","DOIUrl":"10.1016/j.eij.2025.100650","url":null,"abstract":"<div><div>This paper presents a robust multitask zero-watermarking scheme for ownership authentication, auxiliary information embedding, and tamper detection using a dual-branch neural network. The proposed method generates three zero-watermarking codes stored in a three-layer structure, where each layer corresponds to a different type of watermark: a binary logo for ownership authentication, a QR code for auxiliary data, and a halftone version of the original image for tamper detection. The first and third zero-watermarking codes are generated by a logical linking between the binary logo and halftone version, respectively, with a set of neural network weights. The second zero-watermarking code is created by linking the QR code with features extracted from the dual-branch neural network. This approach ensures that the original image remains undistorted and protected at the same time. Experimental results demonstrate the robustness of the proposed method against geometric distortions, common signal processing attacks, and combined attacks, achieving bit error rates below 0.005 and normalized correlation values close to or equal to 1. Additionally, the method attained an average accuracy of 98.7 % or higher in tamper detection tasks across multiple datasets, demonstrating its versatility.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100650"},"PeriodicalIF":5.0,"publicationDate":"2025-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143715663","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Research on network information leakage prevention method based on k-symmetric anonymous algorithm 基于k对称匿名算法的网络信息泄漏预防方法研究

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-25 DOI: 10.1016/j.eij.2025.100636

Zaoxian Zheng, Hao Liu, Na Lin, Shanni Li, Dawei Wang

{"title":"Research on network information leakage prevention method based on k-symmetric anonymous algorithm","authors":"Zaoxian Zheng, Hao Liu, Na Lin, Shanni Li, Dawei Wang","doi":"10.1016/j.eij.2025.100636","DOIUrl":"10.1016/j.eij.2025.100636","url":null,"abstract":"<div><div>In order to prevent the leakage of privacy information in published network data and improve the security of network information, a network information leakage prevention method based on K-symmetric anonymity algorithm is proposed. The relationship between individuals in the network is analyzed, and the network information graph is constructed based on graph theory to intuitively reflect the relationship between nodes in the network. The detailed query method is used to judge whether each node in the network information graph has a corresponding self-conserved equivalent node, and the simple symmetric processing is carried out to ensure that each node has a self-conserved equivalent node. Use the K-symmetric anonymous processing method to copy all nodes that have been treated with simple symmetry so that each set of equivalence classes contains more than two nodes. With the addition of network nodes, the network topology changes significantly, which reduces the probability of the attacker identifying network nodes. The improved K-symmetric anonymous algorithm only performs symmetric processing on the nodes with moderately minimal processing results. While reducing the system overhead, the network topology also presents irregular changes, making it difficult for attackers to discover the topology of the original graph, and increasing the difficulty of network information cracking. The experimental results show that this method can effectively prevent network information leakage, and has good information availability and confidentiality. By constructing a network information graph and analyzing the relationship between individuals in the network based on graph theory, the effective protection of network information is realized. It improves the security of network information and reduces the risk of disclosure of private information.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100636"},"PeriodicalIF":5.0,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143697729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Metadata association feature ATC data security assessment 元数据关联功能ATC数据安全评估

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-25 DOI: 10.1016/j.eij.2025.100667

Ruchun Jia , Jianwei Zhang , Yi Lin , Yunxiang Han , Yinhui Luo , Fang Fei

{"title":"Metadata association feature ATC data security assessment","authors":"Ruchun Jia , Jianwei Zhang , Yi Lin , Yunxiang Han , Yinhui Luo , Fang Fei","doi":"10.1016/j.eij.2025.100667","DOIUrl":"10.1016/j.eij.2025.100667","url":null,"abstract":"<div><div>The assessment of air traffic management (ATM) security is important for maintaining the secure operation of ATM information systems. However, the accuracy of ATM assessment still needs to be improved. To solve this problem, this paper proposes a security assessment method for ATM data based on metadata correlation characteristics. The method consists of two parts: calculating the weight characteristics and optimizing the evaluation model. In the stage of calculating weight features, we extract ATM features from metadata with normalization method to obtain evaluation indicators for weight allocation. Then, the fuzzy Borda method and CRITIC method are used for weight assignment. The variable weight synthesis method is used to dynamically modify the weight, and finally the normalization method is used to achieve dimensionless processing of indicators. In the stage of optimizing the evaluation model, the multi-layer feedforward neural network is used to optimize the weights parameters. Compared with comparison methods, the accuracy of our method reaches up to 97 %, while the accuracy of compared methods fluctuates between 40 % and 80 %. In our method, the safety assessment time is up to maximum 12 s, the confidence level is always above 95 % and the p-value of the assessment results around 0.95. Comparative experimental results show that the proposed method can improve the accuracy of ATC safety assessment, and is of great significance to promote the integrity of ATM safety risk assessment system.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100667"},"PeriodicalIF":5.0,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143696666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

IAPN: Framework to secure IoT-based infrastructures using Private APN IAPN：使用私有APN保护基于物联网的基础设施的框架

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-25 DOI: 10.1016/j.eij.2025.100671

Naif Alsharabi , Akashdeep Bhardwaj , Talal Alshammari , Shoayee alotaibi , Dhahi Alshammari , Amr Jadi

{"title":"IAPN: Framework to secure IoT-based infrastructures using Private APN","authors":"Naif Alsharabi , Akashdeep Bhardwaj , Talal Alshammari , Shoayee alotaibi , Dhahi Alshammari , Amr Jadi","doi":"10.1016/j.eij.2025.100671","DOIUrl":"10.1016/j.eij.2025.100671","url":null,"abstract":"<div><div>Private access point network (APN) routes data from mobile apps and devices directly into the vendor’s corporate data networks. Thus the mobile-to-mobile IoT deployments provide options for APN, VPN, and Fixed IP. These deployments transmit data using private APNs and do not share data on the Internet. This research proposes a secure, sustainable IoT framework to implement under a real-world IoT ecosystem by using APN or Private Access Point Name. The proposed APN model focuses on delivering better visibility, security, and network traffic flow control from devices to Cloud portals. By use of Common Vulnerability Scoring System (CVSS) metrics the authors observed the presence of exploits and specific vulnerabilities in IoT environments as per the security score. Fewer vulnerabilities do not always guarantee a lower security score. The authors discuss the management and sustenance of IoT Security and architecture, vulnerability metrics, and process to measure IoT device security is also proposed by the use of Private APN. The authors performed visualization on the Kaggle dataset for IoT sensor and tolerance values, creating scatterplots and counterplots. These confirmed the values are uniform and consistent along with the distribution plot. T-test null hypothesis was calculated to validate the two independent means. The proposed design has been implemented by an Indian startup organization to monitor and secure critical infrastructure and devices in real-world scenarios.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100671"},"PeriodicalIF":5.0,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143704522","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain-enhanced optimization for a secure and transparent global energy supply chain with reduced environmental impact and cost 区块链增强优化，实现安全透明的全球能源供应链，降低环境影响和成本

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-24 DOI: 10.1016/j.eij.2025.100647

Sivajothi Ramalingam , M. Subramanian , B.Srinivasa Kumar , S. Rushma , Nainaru Tarakaramu , Aymen TRIGUI , Farrukh Yuldashev , Taoufik Saidani , M.Ijaz Khan

{"title":"Blockchain-enhanced optimization for a secure and transparent global energy supply chain with reduced environmental impact and cost","authors":"Sivajothi Ramalingam , M. Subramanian , B.Srinivasa Kumar , S. Rushma , Nainaru Tarakaramu , Aymen TRIGUI , Farrukh Yuldashev , Taoufik Saidani , M.Ijaz Khan","doi":"10.1016/j.eij.2025.100647","DOIUrl":"10.1016/j.eij.2025.100647","url":null,"abstract":"<div><div>The rapid evolution of energy systems necessitates innovative solutions to ensure efficient, transparent, and secure energy distribution. This paper introduces a novel blockchain-based model for decentralized energy trading, aiming to optimize the global energy supply chain. The proposed model leverages smart contracts for automated peer-to-peer transactions, allowing for a significant reduction in intermediary costs and enhancing the robustness of the energy market. Through comprehensive data analysis of historical energy production figures, we establish baseline supply curves for various energy sources including coal, natural gas, nuclear, hydro, wind, solar, biofuels, and waste, from 1990 to 2021. We present a mathematical framework that encapsulates supply and demand dynamics, price adjustment mechanisms, and tokenization of energy units. The equilibrium model ensures market clearance, while the pricing algorithm dynamically responds to real-time supply and demand fluctuations. Moreover, the study formulates an optimization objective focused on maximizing social welfare, encompassing consumer and producer surplus, and minimizing environmental impacts. The model is flexible, capable of integrating future advancements in renewable energy and storage technologies. Our findings indicate that blockchain technology not only has the potential to revolutionize the way we trade energy but also to significantly contribute to a more sustainable and environmentally friendly energy landscape.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100647"},"PeriodicalIF":5.0,"publicationDate":"2025-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143680329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cryptocurrency-driven ransomware syndicates operating on the darknet: A focused examination of the Arab world 在暗网上操作的加密货币驱动的勒索软件集团：对阿拉伯世界的集中检查

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-24 DOI: 10.1016/j.eij.2025.100665

Kyounggon Kim, Seokhee Lee, Sundaresan Ramachandran, Ibrahim Alzahrani

{"title":"Cryptocurrency-driven ransomware syndicates operating on the darknet: A focused examination of the Arab world","authors":"Kyounggon Kim, Seokhee Lee, Sundaresan Ramachandran, Ibrahim Alzahrani","doi":"10.1016/j.eij.2025.100665","DOIUrl":"10.1016/j.eij.2025.100665","url":null,"abstract":"<div><div>Cybercriminals are employing sophisticated techniques to illegally obtain money from victims, with ransomware, that is the most notorious malware utilized for financial gain. This paper focuses on the Arab world, a prime target region for ransomware gangs. Due to rapid economic growth and digitalization in this region, cybercriminals are increasingly targeting it. However, there is a lack of research on ransomware crime syndication in the Arab region. Data on claimed ransomware victims from 2020 to 2023 was collected from the darknet. Analysis of ransomware gangs in this area revealed significant findings. Based on three years of data collection and analysis, 20 ransomware gangs primarily operating in the Arab region were identified in 2023. Three major ransomware gangs-LockBit, ALPHV/BlackCat, and CL0P-are predominantly targeting the Arab world, with the United Arab Emirates and Saudi Arabia being major targets, along with the manufacturing industry. In addition to identifying the ransomware gangs, the tactics, techniques, and procedures (TTP) used by them were also identified. There was 17 TTPs used by ransomware gangs. This study has also developed a platform to track ransomware gangs and cryptocurrency transactions. Bitcoin’s anonymity and popularity made it the most preferred cryptocurrency by ransomware gangs. This research lays the groundwork for further studies to understand the exact trends and data related to ransomware in the Arab world.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100665"},"PeriodicalIF":5.0,"publicationDate":"2025-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143680328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Explainable AI supported hybrid deep learnig method for layer 2 intrusion detection 可解释的人工智能支持的混合深度学习方法用于第二层入侵检测

IF 5 3区计算机科学

Egyptian Informatics Journal Pub Date : 2025-03-22 DOI: 10.1016/j.eij.2025.100669

Ilhan Firat Kilincer

{"title":"Explainable AI supported hybrid deep learnig method for layer 2 intrusion detection","authors":"Ilhan Firat Kilincer","doi":"10.1016/j.eij.2025.100669","DOIUrl":"10.1016/j.eij.2025.100669","url":null,"abstract":"<div><div>With rapidly developing technology, digitalization environments are also expanding. Although this situation has many positive effects on daily life, the security vulnerabilities brought about by digitalization continue to be a major concern. There is a large network structure behind many applications provided to users by organizations. A substantial network infrastructure exists behind numerous applications made available to users by organisations. It is imperative that these extensive network infrastructures, which often contain sensitive data including personal, commercial, financial and security information, possess the capability to impede cyberattacks. This study proposes the creation of a Comprehensive Layer 2 − IDS (CL2-IDS) dataset for the development of IDS systems utilised in the local network structures of organisations, in conjunction with a hybrid deep learning (DL) model for the detection of attack vectors in the proposed dataset. The proposed hybrid model is obtained by using CNN (Convolutional Neural Networks) and Bi-LSTM (Bidirectional Long Short-Term Memory) models, which are widely used in areas such as image analysis and time series data. The proposed hybrid DL model achieved an accuracy of 95.28% in the classification of the CL2-IDS dataset. It is observed that the combination of these two deep learning models, which complement each other in various ways, yields successful results in the classification of the proposed CL2-IDS dataset. In the last part of the study, the effect of the features in the CL2-IDS dataset on the classification is interpreted with SHapley Additive exPlanations (SHAP), an Explainable Artificial Intelligence (XAI) method. The study, CL2-IDS dataset and hybrid DL model, combinations of CNN and Bi-LSTM algorithms, facilitates the intrusion detection and exemplifies how DL models and XAI techniques can be used to support IDS systems.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100669"},"PeriodicalIF":5.0,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143680327","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0