Visible to the public Biblio

Found 117 results

Filters: Keyword is Classification algorithms  [Clear All Filters]
2021-09-08
Ali, Jehad, Roh, Byeong-hee, Lee, Byungkyu, Oh, Jimyung, Adil, Muhammad.  2020.  A Machine Learning Framework for Prevention of Software-Defined Networking Controller from DDoS Attacks and Dimensionality Reduction of Big Data. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :515–519.
The controller is an indispensable entity in software-defined networking (SDN), as it maintains a global view of the underlying network. However, if the controller fails to respond to the network due to a distributed denial of service (DDoS) attacks. Then, the attacker takes charge of the whole network via launching a spoof controller and can also modify the flow tables. Hence, faster, and accurate detection of DDoS attacks against the controller will make the SDN reliable and secure. Moreover, the Internet traffic is drastically increasing due to unprecedented growth of connected devices. Consequently, the processing of large number of requests cause a performance bottleneck regarding SDN controller. In this paper, we propose a hierarchical control plane SDN architecture for multi-domain communication that uses a statistical method called principal component analysis (PCA) to reduce the dimensionality of the big data traffic and the support vector machine (SVM) classifier is employed to detect a DDoS attack. SVM has high accuracy and less false positive rate while the PCA filters attribute drastically. Consequently, the performance of classification and accuracy is improved while the false positive rate is reduced.
2021-09-07
Shi, Jiayu, Wu, Bin.  2020.  Detection of DDoS Based on Gray Level Co-Occurrence Matrix Theory and Deep Learning. 2020 5th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :1615–1618.
There have been researches on Distributed Denial of Service (DDoS) attack detection based on deep learning, but most of them use the feature data processed by data mining for feature learning and classification. Based on the original data flow, this paper combines the method of Gray Level Co-occurrence Matrix (GLCM), which not only retains the original data but also can further extract the potential relationship between the original data. The original data matrix and the reconstructed matrix were taken as the input of the model, and the Convolutional Neural Network(CNN) was used for feature learning. Finally, the classifier model was trained for detection. The experimental part is divided into two parts: comparing the detection effect of different data processing methods and different deep learning algorithms; the effectiveness and objectivity of the proposed method are verified by comparing the detection effect of the deep learning algorithm with that of the statistical analysis feature algorithm.
Priya, S.Shanmuga, Sivaram, M., Yuvaraj, D., Jayanthiladevi, A..  2020.  Machine Learning Based DDOS Detection. 2020 International Conference on Emerging Smart Computing and Informatics (ESCI). :234–237.
One of a high relentless attack is the crucial distributed DoS attacks. The types and tools for this attacks increases day-to-day as per the technology increases. So the methodology for detection of DDoS should be advanced. For this purpose we created an automated DDoS detector using ML which can run on any commodity hardware. The results are 98.5 % accurate. We use three classification algorithms KNN, RF and NB to classify DDoS packets from normal packets using two features, delta time and packet size. This detector mostly can detect all types of DDoS such as ICMP flood, TCP flood, UDP flood etc. In the older systems they detect only some types of DDoS attacks and some systems may require a large number of features to detect DDoS. Some systems may work only with certain protocols only. But our proposed model overcome these drawbacks by detecting the DDoS of any type without a need of specific protocol that uses less amount of features.
2021-08-31
Hu, Dongfang, Xu, Bin, Wang, Jun, Han, Linfeng, Liu, Jiayi.  2020.  A Shilling Attack Model Based on TextCNN. 2020 IEEE 3rd International Conference on Automation, Electronics and Electrical Engineering (AUTEEE). :282–289.
With the development of the Internet, the amount of information on the Internet is increasing rapidly, which makes it difficult for people to select the information they really want. A recommendation system is an effective way to solve this problem. Fake users can be injected by criminals to attack the recommendation system; therefore, accurate identification of fake users is a necessary feature of the recommendation system. Existing fake user detection algorithms focus on designing recognition methods for different types of attacks and have limited detection capabilities against unknown or hybrid attacks. The use of deep learning models can automate the extraction of false user scoring features, but neural network models are not applicable to discrete user scoring data. In this paper, random walking is used to rearrange the otherwise discrete user rating data into a rating feature matrix with spatial continuity. The rating data and the text data have some similarity in the distribution mode. By effective analogy, the TextCNN model originally used in NLP domain can be improved and applied to the classification task of rating feature matrix. Combining the ideas of random walking and word vector processing, this paper proposes a TextCNN detection model for user rating data. To verify the validity of the proposed model, the model is tested on MoiveLens dataset against 7 different attack detection algorithms, and exhibits better performance when compared with 4 attack detection algorithms. Especially for the Aop attack, the proposed model has nearly 100% detection performance with F1 - value as the evaluation index.
2021-08-17
Zhang, Yu-Yan, Chen, Xing-Xing, Zhang, Xu.  2020.  PCHA: A Fast Packet Classification Algorithm For IPv6 Based On Hash And AVL Tree. 2020 IEEE 13th International Conference on Cloud Computing (CLOUD). :397–404.
As the core infrastructure of cloud data operation, exchange and storage, data centerneeds to ensure its security and reliability, which are the important prerequisites for the development of cloud computing. Due to various illegal accesses, attacks, viruses and other security threats, it is necessary to protect the boundary of cloud data center through security gateway. Since the traffic growing up to gigabyte level, the secure gateway must ensure high transmission efficiency and different network services to support the cloud services. In addition, data center is gradually evolving from IPv4 to IPv6 due to excessive consumption of IP addresses. Packet classification algorithm, which can divide packets into different specific streams, is very important for QoS, real-time data stream application and firewall. Therefore, it is necessary to design a high performance IPv6 packet classification algorithm suitable for security gateway.AsIPv6 has a128-bitIP address and a different packet structure compared with IPv4, the traditional IPv4 packet classification algorithm is not suitable properly for IPv6 situations. This paper proposes a fast packet classification algorithm for IPv6 - PCHA (packet classification based on hash andAdelson-Velsky-Landis Tree). It adopts the three flow classification fields of source IPaddress(SA), destination IPaddress(DA) and flow label(FL) in the IPv6 packet defined by RFC3697 to implement fast three-tuple matching of IPv6 packet. It is through hash matching of variable length IPv6 address and tree matching of shorter flow label. Analysis and testing show that the algorithm has a time complexity close to O(1) in the acceptable range of space complexity, which meets the requirements of fast classification of IPv6 packetsand can adapt well to the changes in the size of rule sets, supporting fast preprocessing of rule sets. Our algorithm supports the storage of 500,000 3-tuple rules on the gateway device and can maintain 75% of the performance of throughput for small packets of 78 bytes.
2021-08-02
Pedramnia, Kiyana, Shojaei, Shayan.  2020.  Detection of False Data Injection Attack in Smart Grid Using Decomposed Nearest Neighbor Techniques. 2020 10th Smart Grid Conference (SGC). :1—6.
Smart grid communication system deeply rely on information technologies which makes it vulnerable to variable cyber-attacks. Among possible attacks, False Data Injection (FDI) Attack has created a severe threat to smart grid control system. Attackers can manipulate smart grid measurements such as collected data of phasor measurement units (PMU) by implementing FDI attacks. Detection of FDI attacks with a simple and effective approach, makes the system more reliable and prevents network outages. In this paper we propose a Decomposed Nearest Neighbor algorithm to detect FDI attacks. This algorithm improves traditional k-Nearest Neighbor by using metric learning. Also it learns the local-optima free distance metric by solving a convex optimization problem which makes it more accurate in decision making. We test the proposed method on PMU dataset and compare the results with other beneficial machine learning algorithms for FDI attack detection. Results demonstrate the effectiveness of the proposed approach.
2021-06-30
Zhao, Yi, Jia, Xian, An, Dou, Yang, Qingyu.  2020.  LSTM-Based False Data Injection Attack Detection in Smart Grids. 2020 35th Youth Academic Annual Conference of Chinese Association of Automation (YAC). :638—644.
As a typical cyber-physical system, smart grid has attracted growing attention due to the safe and efficient operation. The false data injection attack against energy management system is a new type of cyber-physical attack, which can bypass the bad data detector of the smart grid to influence the results of state estimation directly, causing the energy management system making wrong estimation and thus affects the stable operation of power grid. We transform the false data injection attack detection problem into binary classification problem in this paper, which use the long-term and short-term memory network (LSTM) to construct the detection model. After that, we use the BP algorithm to update neural network parameters and utilize the dropout method to alleviate the overfitting problem and to improve the detection accuracy. Simulation results prove that the LSTM-based detection method can achieve higher detection accuracy comparing with the BPNN-based approach.
Lu, Xiao, Jing, Jiangping, Wu, Yi.  2020.  False Data Injection Attack Location Detection Based on Classification Method in Smart Grid. 2020 2nd International Conference on Artificial Intelligence and Advanced Manufacture (AIAM). :133—136.
The state estimation technology is utilized to estimate the grid state based on the data of the meter and grid topology structure. The false data injection attack (FDIA) is an information attack method to disturb the security of the power system based on the meter measurement. Current FDIA detection researches pay attention on detecting its presence. The location information of FDIA is also important for power system security. In this paper, locating the FDIA of the meter is regarded as a multi-label classification problem. Each label represents the state of the corresponding meter. The ensemble model, the multi-label decision tree algorithm, is utilized as the classifier to detect the exact location of the FDIA. This method does not need the information of the power topology and statistical knowledge assumption. The numerical experiments based on the IEEE-14 bus system validates the performance of the proposed method.
2021-06-01
Jing, Si-Yuan, Yang, Jun.  2020.  Efficient attribute reduction based on rough sets and differential evolution algorithm. 2020 16th International Conference on Computational Intelligence and Security (CIS). :217–222.
Attribute reduction algorithms in rough set theory can be classified into two groups, i.e. heuristics algorithms and computational intelligence algorithms. The former has good search efficiency but it can not find the global optimal reduction. Conversely, the latter is possible to find global optimal reduction but usually suffers from premature convergence. To address this problem, this paper proposes a two-stage algorithm for finding high quality reduction. In first stage, a classical differential evolution algorithm is employed to rapidly approach the optimal solution. When the premature convergence is detected, a local search algorithm which is intuitively a forward-backward heuristics is launched to improve the quality of the reduction. Experiments were performed on six UCI data sets and the results show that the proposed algorithm can outperform the existing computational intelligence algorithms.
2021-05-26
Zhengbo, Chen, Xiu, Liu, Yafei, Xing, Miao, Hu, Xiaoming, Ju.  2020.  Markov Encrypted Data Prefetching Model Based On Attribute Classification. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :54—59.

In order to improve the buffering performance of the data encrypted by CP-ABE (ciphertext policy attribute based encryption), this paper proposed a Markov prefetching model based on attribute classification. The prefetching model combines the access strategy of CP-ABE encrypted file, establishes the user relationship network according to the attribute value of the user, classifies the user by the modularity-based community partitioning algorithm, and establishes a Markov prefetching model based on attribute classification. In comparison with the traditional Markov prefetching model and the classification-based Markov prefetching model, the attribute-based Markov prefetching model is proposed in this paper has higher prefetch accuracy and coverage.

2021-05-25
Hopkins, Stephen, Kalaimannan, Ezhil, John, Caroline Sangeetha.  2020.  Cyber Resilience using State Estimation Updates Based on Cyber Attack Matrix Classification. 2020 IEEE Kansas Power and Energy Conference (KPEC). :1—6.
Cyber-physical systems (CPS) maintain operation, reliability, and safety performance using state estimation and control methods. Internet connectivity and Internet of Things (IoT) devices are integrated with CPS, such as in smart grids. This integration of Operational Technology (OT) and Information Technology (IT) brings with it challenges for state estimation and exposure to cyber-threats. This research establishes a state estimation baseline, details the integration of IT, evaluates the vulnerabilities, and develops an approach for detecting and responding to cyber-attack data injections. Where other approaches focus on integration of IT cyber-controls, this research focuses on development of classification tools using data currently available in state estimation methods to quantitatively determine the presence of cyber-attack data. The tools may increase computational requirements but provide methods which can be integrated with existing state estimation methods and provide for future research in state estimation based cyber-attack incident response. A robust cyber-resilient CPS includes the ability to detect and classify a cyber-attack, determine the true system state, and respond to the cyber-attack. The purpose of this paper is to establish a means for a cyber aware state estimator given the existence of sub-erroneous outlier detection, cyber-attack data weighting, cyber-attack data classification, and state estimation cyber detection.
Chao, Henry, Stark, Benjamin, Samarah, Mohammad.  2019.  Analysis of Learning Modalities Towards Effective Undergraduate Cybersecurity Education Design. 2019 IEEE International Conference on Engineering, Technology and Education (TALE). :1—6.
Cybersecurity education is a critical component of today's computer science and IT curriculum. To provide for a highly effective cybersecurity education, we propose using machine-learning techniques to identify common learning modalities of cybersecurity students in order to optimize how cybersecurity core topics, threats, tools and techniques are taught. We test various hypothesis, e.g. that students of selected VARK learning styles will outperform their peers. The results indicate that for the class assignments in our study preference of read/write and kinesthetic modalities yielded the best results. This further indicates that specific learning instruments can be tailored for students based on their individual VARK learning styles.
2021-05-13
Wu, Xiaohe, Calderon, Juan, Obeng, Morrison.  2021.  Attribution Based Approach for Adversarial Example Generation. SoutheastCon 2021. :1–6.
Neural networks with deep architectures have been used to construct state-of-the-art classifiers that can match human level accuracy in areas such as image classification. However, many of these classifiers can be fooled by examples slightly modified from their original forms. In this work, we propose a novel approach for generating adversarial examples that makes use of only attribution information of the features and perturbs only features that are highly influential to the output of the classifier. We call this approach Attribution Based Adversarial Generation (ABAG). To demonstrate the effectiveness of this approach, three somewhat arbitrary algorithms are proposed and examined. In the first algorithm all non-zero attributions are utilized and associated features perturbed; in the second algorithm only the top-n most positive and top-n most negative attributions are used and corresponding features perturbed; and in the third algorithm the level of perturbation is increased in an iterative manner until an adversarial example is discovered. All of the three algorithms are implemented and experiments are performed on the well-known MNIST dataset. Experiment results show that adversarial examples can be generated very efficiently, and thus prove the validity and efficacy of ABAG - utilizing attributions for the generation of adversarial examples. Furthermore, as shown by examples, ABAG can be adapted to provides a systematic searching approach to generate adversarial examples by perturbing a minimum amount of features.
2021-04-08
Zhang, T., Zhao, P..  2010.  Insider Threat Identification System Model Based on Rough Set Dimensionality Reduction. 2010 Second World Congress on Software Engineering. 2:111—114.
Insider threat makes great damage to the security of information system, traditional security methods are extremely difficult to work. Insider attack identification plays an important role in insider threat detection. Monitoring user's abnormal behavior is an effective method to detect impersonation, this method is applied to insider threat identification, to built user's behavior attribute information database based on weights changeable feedback tree augmented Bayes network, but data is massive, using the dimensionality reduction based on rough set, to establish the process information model of user's behavior attribute. Using the minimum risk Bayes decision can effectively identify the real identity of the user when user's behavior departs from the characteristic model.
Bouzar-Benlabiod, L., Rubin, S. H., Belaidi, K., Haddar, N. E..  2020.  RNN-VED for Reducing False Positive Alerts in Host-based Anomaly Detection Systems. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :17–24.
Host-based Intrusion Detection Systems HIDS are often based on anomaly detection. Several studies deal with anomaly detection by analyzing the system-call traces and get good detection rates but also a high rate off alse positives. In this paper, we propose a new anomaly detection approach applied on the system-call traces. The normal behavior learning is done using a Sequence to sequence model based on a Variational Encoder-Decoder (VED) architecture that integrates Recurrent Neural Networks (RNN) cells. We exploit the semantics behind the invoking order of system-calls that are then seen as sentences. A preprocessing phase is added to structure and optimize the model input-data representation. After the learning step, a one-class classification is run to categorize the sequences as normal or abnormal. The architecture may be used for predicting abnormal behaviors. The tests are achieved on the ADFA-LD dataset.
2021-03-29
Al-Janabi, S. I. Ali, Al-Janabi, S. T. Faraj, Al-Khateeb, B..  2020.  Image Classification using Convolution Neural Network Based Hash Encoding and Particle Swarm Optimization. 2020 International Conference on Data Analytics for Business and Industry: Way Towards a Sustainable Economy (ICDABI). :1–5.
Image Retrieval (IR) has become one of the main problems facing computer society recently. To increase computing similarities between images, hashing approaches have become the focus of many programmers. Indeed, in the past few years, Deep Learning (DL) has been considered as a backbone for image analysis using Convolutional Neural Networks (CNNs). This paper aims to design and implement a high-performance image classifier that can be used in several applications such as intelligent vehicles, face recognition, marketing, and many others. This work considers experimentation to find the sequential model's best configuration for classifying images. The best performance has been obtained from two layers' architecture; the first layer consists of 128 nodes, and the second layer is composed of 32 nodes, where the accuracy reached up to 0.9012. The proposed classifier has been achieved using CNN and the data extracted from the CIFAR-10 dataset by the inception model, which are called the Transfer Values (TRVs). Indeed, the Particle Swarm Optimization (PSO) algorithm is used to reduce the TRVs. In this respect, the work focus is to reduce the TRVs to obtain high-performance image classifier models. Indeed, the PSO algorithm has been enhanced by using the crossover technique from genetic algorithms. This led to a reduction of the complexity of models in terms of the number of parameters used and the execution time.
Salim, M. N., Hutahaean, I. W., Susanti, B. H..  2020.  Fixed Point Attack on Lin et al.’s Modified Hash Function Scheme based on SMALLPRESENT-[8] Algorithm. 2020 International Conference on ICT for Smart Society (ICISS). CFP2013V-ART:1–7.
Lin et al.'s scheme is a hash function Message Authentication Codes (MAC) block cipher based scheme that's composed of the compression function. Fixed point messages have been found on SMALLPRESENT-[s] algorithm. The vulnerability of block cipher algorithm against fixed point attacks can affect the vulnerability of block cipher based hash function schemes. This paper applies fixed point attack against Lin et al.'s modified scheme based on SMALLPRESENT-[8] algorithm. Fixed point attack was done using fixed point message from SMALLPRESENT-[8] algorithm which used as Initial Value (IV) on the scheme branch. The attack result shows that eight fixed point messages are successfully discovered on the B1 branch. The fixed point messages discovery on B1 and B2 branches form 18 fixed point messages on Lin et al.'s modified scheme with different IVs and keys. The discovery of fixed point messages shows that Lin et al.'s modified scheme is vulnerable to fixed point attack.
Mar, Z., Oo, K. K..  2020.  An Improvement of Apriori Mining Algorithm using Linked List Based Hash Table. 2020 International Conference on Advanced Information Technologies (ICAIT). :165–169.
Today, the huge amount of data was using in organizations around the world. This huge amount of data needs to process so that we can acquire useful information. Consequently, a number of industry enterprises discovered great information from shopper purchases found in any respect times. In data mining, the most important algorithms for find frequent item sets from large database is Apriori algorithm and discover the knowledge using the association rule. Apriori algorithm was wasted times for scanning the whole database and searching the frequent item sets and inefficient of memory requirement when large numbers of transactions are in consideration. The improved Apriori algorithm is adding and calculating third threshold may increase the overhead. So, in the aims of proposed research, Improved Apriori algorithm with LinkedList and hash tabled is used to mine frequent item sets from the transaction large amount of database. This method includes database is scanning with Improved Apriori algorithm and frequent 1-item sets counts with using the hash table. Then, in the linked list saved the next frequent item sets and scanning the database. The hash table used to produce the frequent 2-item sets Therefore, the database scans the only two times and necessary less processing time and memory space.
2021-03-22
Li, Y., Zhou, W., Wang, H..  2020.  F-DPC: Fuzzy Neighborhood-Based Density Peak Algorithm. IEEE Access. 8:165963–165972.
Clustering is a concept in data mining, which divides a data set into different classes or clusters according to a specific standard, making the similarity of data objects in the same cluster as large as possible. Clustering by fast search and find of density peaks (DPC) is a novel clustering algorithm based on density. It is simple and novel, only requiring fewer parameters to achieve better clustering effect, without the requirement for iterative solution. And it has expandability and can detect the clustering of any shape. However, DPC algorithm still has some defects, such as it employs the clear neighborhood relations to calculate local density, so it cannot identify the neighborhood membership of different values of points from the distance of points and It is impossible to accurately cluster the data of the multi-density peak. The fuzzy neighborhood density peak clustering algorithm is proposed for this shortcoming (F-DPC): novel local density is defined by the fuzzy neighborhood relationship. The fuzzy set theory can be used to make the fuzzy neighborhood function of local density more sensitive, so that the clustering for data set of various shapes and densities is more robust. Experiments show that the algorithm has high accuracy and robustness.
2021-03-09
Hegde, M., Kepnang, G., Mazroei, M. Al, Chavis, J. S., Watkins, L..  2020.  Identification of Botnet Activity in IoT Network Traffic Using Machine Learning. 2020 International Conference on Intelligent Data Science Technologies and Applications (IDSTA). :21—27.

Today our world benefits from Internet of Things (IoT) technology; however, new security problems arise when these IoT devices are introduced into our homes. Because many of these IoT devices have access to the Internet and they have little to no security, they make our smart homes highly vulnerable to compromise. Some of the threats include IoT botnets and generic confidentiality, integrity, and availability (CIA) attacks. Our research explores botnet detection by experimenting with supervised machine learning and deep-learning classifiers. Further, our approach assesses classifier performance on unbalanced datasets that contain benign data, mixed in with small amounts of malicious data. We demonstrate that the classifiers can separate malicious activity from benign activity within a small IoT network dataset. The classifiers can also separate malicious activity from benign activity in increasingly larger datasets. Our experiments have demonstrated incremental improvement in results for (1) accuracy, (2) probability of detection, and (3) probability of false alarm. The best performance results include 99.9% accuracy, 99.8% probability of detection, and 0% probability of false alarm. This paper also demonstrates how the performance of these classifiers increases, as IoT training datasets become larger and larger.

Herrera, A. E. Hinojosa, Walshaw, C., Bailey, C..  2020.  Improving Black Box Classification Model Veracity for Electronics Anomaly Detection. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1092–1097.
Data driven classification models are useful to assess quality of manufactured electronics. Because decisions are taken based on the models, their veracity is relevant, covering aspects such as accuracy, transparency and clarity. The proposed BB-Stepwise algorithm aims to improve the classification model transparency and accuracy of black box models. K-Nearest Neighbours (KNN) is a black box model which is easy to implement and has achieved good classification performance in different applications. In this paper KNN-Stepwise is illustrated for fault detection of electronics devices. The results achieved shows that the proposed algorithm was able to improve the accuracy, veracity and transparency of KNN models and achieve higher transparency and clarity, and at least similar accuracy than when using Decision Tree models.
Mashhadi, M. J., Hemmati, H..  2020.  Hybrid Deep Neural Networks to Infer State Models of Black-Box Systems. 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE). :299–311.
Inferring behavior model of a running software system is quite useful for several automated software engineering tasks, such as program comprehension, anomaly detection, and testing. Most existing dynamic model inference techniques are white-box, i.e., they require source code to be instrumented to get run-time traces. However, in many systems, instrumenting the entire source code is not possible (e.g., when using black-box third-party libraries) or might be very costly. Unfortunately, most black-box techniques that detect states over time are either univariate, or make assumptions on the data distribution, or have limited power for learning over a long period of past behavior. To overcome the above issues, in this paper, we propose a hybrid deep neural network that accepts as input a set of time series, one per input/output signal of the system, and applies a set of convolutional and recurrent layers to learn the non-linear correlations between signals and the patterns, over time. We have applied our approach on a real UAV auto-pilot solution from our industry partner with half a million lines of C code. We ran 888 random recent system-level test cases and inferred states, over time. Our comparison with several traditional time series change point detection techniques showed that our approach improves their performance by up to 102%, in terms of finding state change points, measured by F1 score. We also showed that our state classification algorithm provides on average 90.45% F1 score, which improves traditional classification algorithms by up to 17%.
2021-03-04
Abedin, N. F., Bawm, R., Sarwar, T., Saifuddin, M., Rahman, M. A., Hossain, S..  2020.  Phishing Attack Detection using Machine Learning Classification Techniques. 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS). :1125—1130.

Phishing attacks are the most common form of attacks that can happen over the internet. This method involves attackers attempting to collect data of a user without his/her consent through emails, URLs, and any other link that leads to a deceptive page where a user is persuaded to commit specific actions that can lead to the successful completion of an attack. These attacks can allow an attacker to collect vital information of the user that can often allow the attacker to impersonate the victim and get things done that only the victim should have been able to do, such as carry out transactions, or message someone else, or simply accessing the victim's data. Many studies have been carried out to discuss possible approaches to prevent such attacks. This research work includes three machine learning algorithms to predict any websites' phishing status. In the experimentation these models are trained using URL based features and attempted to prevent Zero-Day attacks by using proposed software proposal that differentiates the legitimate websites and phishing websites by analyzing the website's URL. From observations, the random forest classifier performed with a precision of 97%, a recall 99%, and F1 Score is 97%. Proposed model is fast and efficient as it only works based on the URL and it does not use other resources for analysis, as was the case for past studies.

Guo, H., Wang, Z., Wang, B., Li, X., Shila, D. M..  2020.  Fooling A Deep-Learning Based Gait Behavioral Biometric System. 2020 IEEE Security and Privacy Workshops (SPW). :221—227.

We leverage deep learning algorithms on various user behavioral information gathered from end-user devices to classify a subject of interest. In spite of the ability of these techniques to counter spoofing threats, they are vulnerable to adversarial learning attacks, where an attacker adds adversarial noise to the input samples to fool the classifier into false acceptance. Recently, a handful of mature techniques like Fast Gradient Sign Method (FGSM) have been proposed to aid white-box attacks, where an attacker has a complete knowledge of the machine learning model. On the contrary, we exploit a black-box attack to a behavioral biometric system based on gait patterns, by using FGSM and training a shadow model that mimics the target system. The attacker has limited knowledge on the target model and no knowledge of the real user being authenticated, but induces a false acceptance in authentication. Our goal is to understand the feasibility of a black-box attack and to what extent FGSM on shadow models would contribute to its success. Our results manifest that the performance of FGSM highly depends on the quality of the shadow model, which is in turn impacted by key factors including the number of queries allowed by the target system in order to train the shadow model. Our experimentation results have revealed strong relationships between the shadow model and FGSM performance, as well as the effect of the number of FGSM iterations used to create an attack instance. These insights also shed light on deep-learning algorithms' model shareability that can be exploited to launch a successful attack.

2021-02-23
Ashraf, S., Ahmed, T..  2020.  Sagacious Intrusion Detection Strategy in Sensor Network. 2020 International Conference on UK-China Emerging Technologies (UCET). :1—4.
Almost all smart appliances are operated through wireless sensor networks. With the passage of time, due to various applications, the WSN becomes prone to various external attacks. Preventing such attacks, Intrusion Detection strategy (IDS) is very crucial to secure the network from the malicious attackers. The proposed IDS methodology discovers the pattern in large data corpus which works for different types of algorithms to detect four types of Denial of service (DoS) attacks, namely, Grayhole, Blackhole, Flooding, and TDMA. The state-of-the-art detection algorithms, such as KNN, Naïve Bayes, Logistic Regression, Support Vector Machine (SVM), and ANN are applied to the data corpus and analyze the performance in detecting the attacks. The analysis shows that these algorithms are applicable for the detection and prediction of unavoidable attacks and can be recommended for network experts and analysts.