Biblio

People are increasingly sharing their details online as internet usage grows. Therefore, fraudsters have access to a massive amount of information and financial activities. The attackers create web pages that seem like reputable sites and transmit the malevolent content to victims to get them to provide subtle information. Prevailing phishing security measures are inadequate for detecting new phishing assaults. To accomplish this aim, objective to meet for this research is to analyses and compare phishing website and legitimate by analyzing the data collected from open-source platforms through a survey. Another objective for this research is to propose a method to detect fake sites using Decision Tree and Random Forest approaches. Microsoft Form has been utilized to carry out the survey with 30 participants. Majority of the participants have poor awareness and phishing attack and does not obverse the features of interface before accessing the search browser. With the data collection, this survey supports the purpose of identifying the best phishing website detection where Decision Tree and Random Forest were trained and tested. In achieving high number of feature importance detection and accuracy rate, the result demonstrates that Random Forest has the best performance in phishing website detection compared to Decision Tree.

During pandemic COVID-19 outbreaks, number of cyber-attacks including phishing activities have increased tremendously. Nowadays many technical solutions on phishing detection were developed, however these approaches were either unsuccessful or unable to identify phishing pages and detect malicious codes efficiently. One of the downside is due to poor detection accuracy and low adaptability to new phishing connections. Another reason behind the unsuccessful anti-phishing solutions is an arbitrary selected URL-based classification features which may produce false results to the detection. Therefore, in this work, an intelligent phishing detection and prevention model is designed. The proposed model employs a self-destruct detection algorithm in which, machine learning, especially supervised learning algorithm was used. All employed rules in algorithm will focus on URL-based web characteristic, which attackers rely upon to redirect the victims to the simulated sites. A dataset from various sources such as Phish Tank and UCI Machine Learning repository were used and the testing was conducted in a controlled lab environment. As a result, a chrome extension phishing detection were developed based on the proposed model to help in preventing phishing attacks with an appropriate countermeasure and keep users aware of phishing while visiting illegitimate websites. It is believed that this smart phishing detection and prevention model able to prevent fraud and spam websites and lessen the cyber-crime and cyber-crisis that arise from year to year.

Global cybersecurity threats have grown as a result of the evolving digital transformation. Cybercriminals have more opportunities as a result of digitization. Initially, cyberthreats take the form of phishing in order to gain confidential user credentials.As cyber-attacks get more sophisticated and sophisticated, the cybersecurity industry is faced with the problem of utilising cutting-edge technology and techniques to combat the ever-present hostile threats. Hackers use phishing to persuade customers to grant them access to a company’s digital assets and networks. As technology progressed, phishing attempts became more sophisticated, necessitating the development of tools to detect phishing.Machine learning is unsupervised one of the most powerful weapons in the fight against terrorist threats. The features used for phishing detection, as well as the approaches employed with machine learning, are discussed in this study.In this light, the study’s major goal is to propose a unique, robust ensemble machine learning model architecture that gives the highest prediction accuracy with the lowest error rate, while also recommending a few alternative robust machine learning models.Finally, the Random forest algorithm attained a maximum accuracy of 96.454 percent. But by implementing a hybrid model including the 3 classifiers- Decision Trees,Random forest, Gradient boosting classifiers, the accuracy increases to 98.4 percent.

State-of-the-art approaches in gait analysis usually rely on one isolated tracking system, generating insufficient data for complex use cases such as sports, rehabilitation, and MedTech. We address the opportunity to comprehensively understand human motion by a novel data model combining several motion-tracking methods. The model aggregates pose estimation by captured videos and EMG and EIT sensor data synchronously to gain insights into muscle activities. Our demonstration with biceps curl and sitting/standing pose generates time-synchronous data and delivers insights into our experiment’s usability, advantages, and challenges.

Network Intrusion Detection Systems (IDSs) have been used to increase the level of network security for many years. The main purpose of such systems is to detect and block malicious activity in the network traffic. Researchers have been improving the performance of IDS technology for decades by applying various machine-learning techniques. From the perspective of academia, obtaining a quality dataset (i.e. a sufficient amount of captured network packets that contain both malicious and normal traffic) to support machine learning approaches has always been a challenge. There are many datasets publicly available for research purposes, including NSL-KDD, KDDCUP 99, CICIDS 2017 and UNSWNB15. However, these datasets are becoming obsolete over time and may no longer be adequate or valid to model and validate IDSs against state-of-the-art attack techniques. As attack techniques are continuously evolving, datasets used to develop and test IDSs also need to be kept up to date. Proven performance of an IDS tested on old attack patterns does not necessarily mean it will perform well against new patterns. Moreover, existing datasets may lack certain data fields or attributes necessary to analyse some of the new attack techniques. In this paper, we argue that academia needs up-to-date high-quality datasets. We compare publicly available datasets and suggest a way to provide up-to-date high-quality datasets for researchers and the security industry. The proposed solution is to utilize the network traffic captured from the Locked Shields exercise, one of the world’s largest live-fire international cyber defence exercises held annually by the NATO CCDCOE. During this three-day exercise, red team members consisting of dozens of white hackers selected by the governments of over 20 participating countries attempt to infiltrate the networks of over 20 blue teams, who are tasked to defend a fictional country called Berylia. After the exercise, network packets captured from each blue team’s network are handed over to each team. However, the countries are not willing to disclose the packet capture (PCAP) files to the public since these files contain specific information that could reveal how a particular nation might react to certain types of cyberattacks. To overcome this problem, we propose to create a dedicated virtual team, capture all the traffic from this team’s network, and disclose it to the public so that academia can use it for unclassified research and studies. In this way, the organizers of Locked Shields can effectively contribute to the advancement of future artificial intelligence (AI) enabled security solutions by providing annual datasets of up-to-date attack patterns.

This research evaluates the accuracy of two methods of authorship prediction: syntactical analysis and n-gram, and explores its potential usage. The proposed algorithm measures n-gram, and counts adjectives, adverbs, verbs, nouns, punctuation, and sentence length from the training data, and normalizes each metric. The proposed algorithm compares the metrics of training samples to testing samples and predicts authorship based on the correlation they share for each metric. The severity of correlation between the testing and training data produces significant weight in the decision-making process. For example, if analysis of one metric approximates 100% positive correlation, the weight in the decision is assigned a maximum value for that metric. Conversely, a 100% negative correlation receives the minimum value. This new method of authorship validation holds promise for future innovation in fraud protection, the study of historical documents, and maintaining integrity within academia.

In recent times, the occurrence of malware attacks are increasing at an unprecedented rate. Particularly, the image-based malware attacks are spreading worldwide and many people get harmful malware-based images through the technique called steganography. In the existing system, only open malware and files from the internet can be identified. However, the image-based malware cannot be identified and detected. As a result, so many phishers make use of this technique and exploit the target. Social media platforms would be totally harmful to the users. To avoid these difficulties, Machine learning can be implemented to find the steganographic malware images (contents). The proposed methodology performs an automatic detection of malware and steganographic content by using Machine Learning. Steganography is used to hide messages from apparently innocuous media (e.g., images), and steganalysis is the approach used for detecting this malware. This research work proposes a machine learning (ML) approach to perform steganalysis. In the existing system, only open malware and files from the internet are identified but in the recent times many people get harmful malware-based images through the technique called steganography. Social media platforms would be totally harmful to the users. To avoid these difficulties, the proposed Machine learning has been developed to appropriately detect the steganographic malware images (contents). Father, the steganalysis method using machine learning has been developed for performing logistic classification. By using this, the users can avoid sharing the malware images in social media platforms like WhatsApp, Facebook without downloading it. It can be also used in all the photo-sharing sites such as google photos.

Ethical bias in machine learning models has become a matter of concern in the software engineering community. Most of the prior software engineering works concentrated on finding ethical bias in models rather than fixing it. After finding bias, the next step is mitigation. Prior researchers mainly tried to use supervised approaches to achieve fairness. However, in the real world, getting data with trustworthy ground truth is challenging and also ground truth can contain human bias. Semi-supervised learning is a technique where, incrementally, labeled data is used to generate pseudo-labels for the rest of data (and then all that data is used for model training). In this work, we apply four popular semi-supervised techniques as pseudo-labelers to create fair classification models. Our framework, Fair-SSL, takes a very small amount (10%) of labeled data as input and generates pseudo-labels for the unlabeled data. We then synthetically generate new data points to balance the training data based on class and protected attribute as proposed by Chakraborty et al. in FSE 2021. Finally, classification model is trained on the balanced pseudo-labeled data and validated on test data. After experimenting on ten datasets and three learners, we find that Fair-SSL achieves similar performance as three state-of-the-art bias mitigation algorithms. That said, the clear advantage of Fair-SSL is that it requires only 10% of the labeled training data. To the best of our knowledge, this is the first SE work where semi-supervised techniques are used to fight against ethical bias in SE ML models. To facilitate open science and replication, all our source code and datasets are publicly available at https://github.com/joymallyac/FairSSL. CCS CONCEPTS • Software and its engineering → Software creation and management; • Computing methodologies → Machine learning. ACM Reference Format: Joymallya Chakraborty, Suvodeep Majumder, and Huy Tu. 2022. Fair-SSL: Building fair ML Software with less data. In International Workshop on Equitable Data and Technology (FairWare ‘22), May 9, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 8 pages. https://doi.org/10.1145/3524491.3527305

For a long time, SQL injection has been considered one of the most serious security threats. NoSQL databases are becoming increasingly popular as big data and cloud computing technologies progress. NoSQL injection attacks are designed to take advantage of applications that employ NoSQL databases. NoSQL injections can be particularly harmful because they allow unrestricted code execution. In this paper we use supervised learning and natural language processing to construct a model to detect NoSQL injections. Our model is designed to work with MongoDB, CouchDB, CassandraDB, and Couchbase queries. Our model has achieved an F1 score of 0.95 as established by 10-fold cross validation.

The complexity and scale of modern software programs often lead to overlooked programming errors and security vulnerabilities. Developers often rely on automatic tools, like static analysis tools, to look for bugs and vulnerabilities. Static analysis tools are widely used because they can understand nontrivial program behaviors, scale to millions of lines of code, and detect subtle bugs. However, they are known to generate an excess of false alarms which hinder their utilization as it is counterproductive for developers to go through a long list of reported issues, only to find a few true positives. One of the ways proposed to suppress false positives is to use machine learning to identify them. However, training machine learning models requires good quality labeled datasets. For this purpose, we developed D2A [3], a differential analysis based approach that uses the commit history of a code repository to create a labeled dataset of Infer [2] static analysis output.

Smart grids integrate computing and communication infrastructure with conventional power grids to improve situational awareness, control, and safety. Several technologies such as automatic fault detection, automated reconfiguration, and outage management require close network monitoring. Therefore, utilities utilize sensing equipment such as PMUs (phasor measurement units), smart meters, and bellwether meters to obtain grid measurements. However, the expansion in sensing equipment results in an increased strain on existing communication infrastructure. Prior works overcome this problem by exploiting the sparsity of power consumption data in the Haar, Hankel, and Toeplitz transformation bases to achieve sub-Nyquist compression. However, data-driven dictionaries enable superior compression ratios and reconstruction accuracy by learning the sparsifying basis. Therefore, this work proposes using dictionary learning to learn the sparsifying basis of smart meter data. The smart meter data sent to the data centers are compressed using a random projection matrix prior to transmission. These measurements are aggregated to obtain the compressed measurements at the primary nodes. Compressive sensing-based estimators are then utilized to estimate the system states. This approach was validated on the IEEE 33-node distribution system and showed superior reconstruction accuracy over conventional transformation bases and over-complete dictionaries. Voltage magnitude and angle estimation error less than 0.3% mean absolute percentage error and 0.04 degree mean absolute error, respectively, were achieved at compression ratios as high as eight.

This paper belongs to a sequence of manuscripts that discuss generic and easy-to-apply security metrics for Strong PUFs. These metrics cannot and shall not fully replace in-depth machine learning (ML) studies in the security assessment of Strong PUF candidates. But they can complement the latter, serve in initial PUF complexity analyses, and are much easier and more efficient to apply: They do not require detailed knowledge of various ML methods, substantial computation times, or the availability of an internal parametric model of the studied PUF. Our metrics also can be standardized particularly easily. This avoids the sometimes inconclusive or contradictory findings of existing ML-based security test, which may result from the usage of different or non-optimized ML algorithms and hyperparameters, differing hardware resources, or varying numbers of challenge-response pairs in the training phase.This first manuscript within the abovementioned sequence treats one of the conceptually most straightforward security metrics on that path: It investigates the effects that small perturbations in the PUF-challenges have on the resulting PUF-responses. We first develop and implement several sub-metrics that realize this approach in practice. We then empirically show that these metrics have surprising predictive power, and compare our obtained test scores with the known real-world security of several popular Strong PUF designs. The latter include (XOR) Arbiter PUFs, Feed-Forward Arbiter PUFs, and (XOR) Bistable Ring PUFs. Along the way, our manuscript also suggests techniques for representing the results of our metrics graphically, and for interpreting them in a meaningful manner.

Cybersecurity insurance is one of the important means of cybersecurity risk management and the development of cyber insurance is inseparable from the support of cyber risk assessment technology. Cyber risk assessment can not only help governments and organizations to better protect themselves from related risks, but also serve as a basis for cybersecurity insurance underwriting, pricing, and formulating policy content. Aiming at the problem that cybersecurity insurance companies cannot conduct cybersecurity risk assessments on policyholders before the policy is signed without the authorization of the policyholder or in legal, combining with the need that cybersecurity insurance companies want to obtain network security vulnerability risk profiles of policyholders conveniently, quickly and at low cost before the policy signing, this study proposed a non-intrusive network security vulnerability risk assessment method based on ensemble machine learning. Our model uses only open source intelligence and publicly available network information data to rate cyber vulnerability risk of an organization, achieving an accuracy of 70.6% compared to a rating based on comprehensive information by cybersecurity experts.

With the rise of IoT applications, about 20.4 billion devices will be online in 2020, and that number will rise to 75 billion a month by 2025. Different sensors in IoT devices let them get and process data remotely and in real time. Sensors give them information that helps them make smart decisions and manage IoT environments well. IoT Security is one of the most important things to think about when you're developing, implementing, and deploying IoT platforms. People who use the Internet of Things (IoT) say that it allows people to communicate, monitor, and control automated devices from afar. This paper shows how to use Deep learning and machine learning to make an IDS that can be used on IoT platforms as a service. In the proposed method, a cnn mapped the features, and a random forest classifies normal and attack classes. In the end, the proposed method made a big difference in all performance parameters. Its average performance metrics have gone up 5% to 6%.

DDoS is a major issue in network security and a threat to service providers that renders a service inaccessible for a period of time. The number of Internet of Things (IoT) devices has developed rapidly. Nevertheless, it is proven that security on these devices is frequently disregarded. Many detection methods exist and are mostly focused on Machine Learning. However, the best method has not been defined yet. The aim of this paper is to find the optimal volumetric DDoS attack detection method by first comparing different existing machine learning methods, and second, by building an adaptive lightweight heuristics model relying on few traffic attributes and simple DDoS detection rules. With this new simple model, our goal is to decrease the classification time. Finally, we compare machine learning methods with our adaptive new heuristics method which shows promising results both on the accuracy and performance levels.

Machine Learning (ML) and Artificial Intelligence (AI) techniques are widely adopted in the telecommunication industry, especially to automate beyond 5G networks. Federated Learning (FL) recently emerged as a distributed ML approach that enables localized model training to keep data decentralized to ensure data privacy. In this paper, we identify the applicability of FL for securing future networks and its limitations due to the vulnerability to poisoning attacks. First, we investigate the shortcomings of state-of-the-art security algorithms for FL and perform an attack to circumvent FoolsGold algorithm, which is known as one of the most promising defense techniques currently available. The attack is launched with the addition of intelligent noise at the poisonous model updates. Then we propose a more sophisticated defense strategy, a threshold-based clustering mechanism to complement FoolsGold. Moreover, we provide a comprehensive analysis of the impact of the attack scenario and the performance of the defense mechanism.

With the widespread deployment of data-driven services, the demand for data volumes continues to grow. At present, many applications lack reliable human supervision in the process of data collection, which makes the collected data contain low-quality data or even malicious data. This low-quality or malicious data make AI systems potentially face much security challenges. One of the main security threats in the training phase of machine learning is data poisoning attacks, which compromise model integrity by contaminating training data to make the resulting model skewed or unusable. This paper reviews the relevant researches on data poisoning attacks in various task environments: first, the classification of attacks is summarized, then the defense methods of data poisoning attacks are sorted out, and finally, the possible research directions in the prospect.

Graph-based Semi-Supervised Learning (GSSL) is a practical solution to learn from a limited amount of labelled data together with a vast amount of unlabelled data. However, due to their reliance on the known labels to infer the unknown labels, these algorithms are sensitive to data quality. It is therefore essential to study the potential threats related to the labelled data, more specifically, label poisoning. In this paper, we propose a novel data poisoning method which efficiently approximates the result of label inference to identify the inputs which, if poisoned, would produce the highest number of incorrectly inferred labels. We extensively evaluate our approach on three classification problems under 24 different experimental settings each. Compared to the state of the art, our influence-driven attack produces an average increase of error rate 50% higher, while being faster by multiple orders of magnitude. Moreover, our method can inform engineers of inputs that deserve investigation (relabelling them) before training the learning model. We show that relabelling one-third of the poisoned inputs (selected based on their influence) reduces the poisoning effect by 50%. ACM Reference Format: Adriano Franci, Maxime Cordy, Martin Gubri, Mike Papadakis, and Yves Le Traon. 2022. Influence-Driven Data Poisoning in Graph-Based Semi-Supervised Classifiers. In 1st Conference on AI Engineering - Software Engineering for AI (CAIN’22), May 16–24, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 11 pages. https://doi.org/10.1145/3522664.3528606

As the effects of climate change are becoming more and more evident, the importance of improved situation awareness is also gaining more attention, both in the context of preventive environmental monitoring and in the context of acute crisis response. One important aspect of situation awareness is the correct and thorough monitoring of air pollutants. The monitoring is threatened by sensor faults, power or network failures, or other hazards leading to missing or incorrect data transmission. For this reason, in this work we propose two complementary approaches for predicting missing sensor data and a combined technique for detecting outliers. The proposed solution can enhance the performance of low-cost sensor systems, closing the gap of missing measurements due to network unavailability, detecting drift and outliers thus paving the way to its use as an alert system for reportable events. The techniques have been deployed and tested also in a low power microcontroller environment, verifying the suitability of such a computing power to perform the inference locally, leading the way to an edge implementation of a virtual sensor digital twin.

Smart cities are a wide range of projects made to facilitate the problems of everyday life and ensure security. Our interest focuses only on the Intelligent Transport System (ITS) that takes care of the transportation issues using the Vehicular Ad-Hoc Network (VANET) paradigm as its base. VANETs are a promising technology for autonomous driving that provides many benefits to the user conveniences to improve road safety and driving comfort. VANET is a promising technology for autonomous driving that provides many benefits to the user's conveniences by improving road safety and driving comfort. The problem with such rapid development is the continuously increasing digital threats. Among all these threats, we will target the Sybil attack since it has been proved to be one of the most dangerous attacks in VANETs. It allows the attacker to generate multiple forged identities to disseminate numerous false messages, disrupt safety-related services, or misuse the systems. In addition, Machine Learning (ML) is showing a significant influence on classification problems, thus we propose a behavior-based classification algorithm that is tested on the provided VeReMi dataset coupled with various machine learning techniques for comparison. The simulation results prove the ability of our proposed mechanism to detect the Sybil attack in VANETs.

The intrusion detection systems are vital for the sustainability of Cooperative Intelligent Transportation Systems (C-ITS) and the detection of sybil attacks are particularly challenging. In this work, we propose a novel approach for the detection of sybil attacks in C-ITS environments. We provide an evaluation of our approach using extensive simulations that rely on real traces, showing our detection approach's effectiveness.

The Internet of Things (IoT) is advancing technology by creating smart surroundings that make it easier for humans to do their work. This technological advancement not only improves human life and expands economic opportunities, but also allows intruders or attackers to discover and exploit numerous methods in order to circumvent the security of IoT networks. Hence, security and privacy are the key concerns to the IoT networks. It is vital to protect computer and IoT networks from many sorts of anomalies and attacks. Traditional intrusion detection systems (IDS) collect and employ large amounts of data with irrelevant and inappropriate attributes to train machine learning models, resulting in long detection times and a high rate of misclassification. This research presents an advance approach for the design of IDS for IoT networks based on the Particle Swarm Optimization Algorithm (PSO) for feature selection and the Extreme Gradient Boosting (XGB) model for PSO fitness function. The classifier utilized in the intrusion detection process is Random Forest (RF). The IoTID20 is being utilized to evaluate the efficacy and robustness of our suggested strategy. The proposed system attains the following level of accuracy on the IoTID20 dataset for different levels of classification: Binary classification 98 %, multiclass classification 83 %. The results indicate that the proposed framework effectively detects cyber threats and improves the security of IoT networks.

The rapid growth of number of devices that are connected to internet of things (IoT) networks, increases the severity of security problems that need to be solved in order to provide safe environment for network data exchange. The discovery of new vulnerabilities is everyday challenge for security experts and many novel methods for detection and prevention of intrusions are being developed for dealing with this issue. To overcome these shortcomings, artificial intelligence (AI) can be used in development of advanced intrusion detection systems (IDS). This allows such system to adapt to emerging threats, react in real-time and adjust its behavior based on previous experiences. On the other hand, the traffic classification task becomes more difficult because of the large amount of data generated by network systems and high processing demands. For this reason, feature selection (FS) process is applied to reduce data complexity by removing less relevant data for the active classification task and therefore improving algorithm's accuracy. In this work, hybrid version of recently proposed sand cat swarm optimizer algorithm is proposed for feature selection with the goal of increasing performance of extreme learning machine classifier. The performance improvements are demonstrated by validating the proposed method on two well-known datasets - UNSW-NB15 and CICIDS-2017, and comparing the results with those reported for other cutting-edge algorithms that are dealing with the same problems and work in a similar configuration.

This paper introduces an application of machine learning algorithms. In fact, support vector machine and decision tree approaches are studied and applied to compare their performances in detecting, classifying, and locating faults in the transmission network. The IEEE 14-bus transmission network is considered in this work. Besides, 13 types of faults are tested. Particularly, the one fault and the multiple fault cases are investigated and tested separately. Fault simulations are performed using the SimPowerSystems toolbox in Matlab. Basing on the accuracy score, a comparison is made between the proposed approaches while testing simple faults, on the one hand, and when complicated faults are integrated, on the other hand. Simulation results prove that the support vector machine technique can achieve an accuracy of 87% compared to the decision tree which had an accuracy of 53% in complicated cases.

Being a part of today’s technical world, we are connected through a vast network. More we are addicted to these modernization techniques we need security. There must be reliability in a network security system so that it is capable of doing perfect monitoring of the whole network of an organization so that any unauthorized users or intruders wouldn’t be able to halt our security breaches. Firewalls are there for securing our internal network from unauthorized outsiders but still some time possibility of attacks is there as according to a survey 60% of attacks were internal to the network. So, the internal system needs the same higher level of security just like external. So, understanding the value of security measures with accuracy, efficiency, and speed we got to focus on implementing and comparing an improved intrusion detection system. A comprehensive literature review has been done and found that some feature selection techniques with standard scaling combined with Machine Learning Techniques can give better results over normal existing ML Techniques. In this survey paper with the help of the Uni-variate Feature selection method, the selection of 14 essential features out of 41 is performed which are used in comparative analysis. We implemented and compared both binary class classification and multi-class classification-based Intrusion Detection Systems (IDS) for two Supervised Machine Learning Techniques Support Vector Machine and Classification and Regression Techniques.