Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II
share announcement

Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (30 September 2022) | Viewed by 16459

Special Issue Editors

Prof. Dr. Mamoun Alazab

grade E-Mail Website
Guest Editor
NT Academic Centre for Cyber Security and Innovation (ACCI), Charles Darwin University, Darwin 0812, Australia
Interests: cybersecurity; cybercrime; trust and privacy; intrusion detection; machine learning; big data analytics; IoT; CPS; cloud computing
Special Issues, Collections and Topics in MDPI journals
Dr. Andrii Shalaginov

E-Mail Website
Guest Editor
Department of Technology, School of Economics, Innovation and Technology, Kristiania University College, Oslo, Norway
Interests: internet of things; cyber security; smart applications; digital forensics; malware analysis
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Security and privacy of data is one of the major concerns in today’s world, and intrusion detection systems (IDS) play an important role in cybersecurity. Industry 4.0 ecosystems are able to collect data, interconnect between each other, and process and make decisions without any human interaction. Currently, the amount of data traveling through networks is overwhelming from the perspective of the veracity and variety of the data that are transmitted, the volume of the information, and velocity of the Internet links. This resembles well-known paradigm Big Data in addition to the omnipresent usage of the encryption and creates multiple challenges when it comes to effective detection of distributed denial of service (DDoS) attacks, advanced persistent threats (APT), and distribution of malware infection. Conventional intrusion detection systems utilize the signature-based approach that helps to identify known attacks and protect the network. However, those are less efficient when it comes to tailored attacks, APT, Zero-Day attack, encryption, and distributed reconnaissance, due to the large volume and sophistication. Fortunately, machine learning can aid in solving the most common tasks, including regression, prediction, and classification. Machine learning techniques have been effectively used in multiple applications in intelligent intrusion detection systems, including network traffic analysis, access logs analysis, spam, and malware detection. However, current machine learning methods and their implementations are designed to handle tens of thousands of data yet have complexity issues with bigger datasets. Big Data analytics require new and enhanced models to handle complex problems as network attacks detection. Future intelligent intrusion detection systems require faster and more accurate machine learning models. Therefore, it is important to improve the existing and find proper ways of designing new machine learning methods suitable to detect indicators of compromise and find malicious connections even if the network traffic is encrypted. This Special Issue provides a platform for discussing new developments in the intersection of security and privacy with machine learning and deep learning.

Prof. Dr. Mamoun Alazab
Dr. Andrii Shalaginov
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cybersecurity
  • Cybercrime
  • Security, trust, and privacy
  • Anomaly intrusion detection
  • Distributed intrusion detection
  • Hybrid intrusion detection
  • Adversarial attacks
  • Machine learning
  • Deep learning
  • Big Data analytics
  • IoT
  • CPS
  • Blockchain
  • Cloud computing

Published Papers (6 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

16 pages, 2736 KiB  
Article
Performance Investigation of Principal Component Analysis for Intrusion Detection System Using Different Support Vector Machine Kernels
by Mohammed Amin Almaiah, Omar Almomani, Adeeb Alsaaidah, Shaha Al-Otaibi, Nabeel Bani-Hani, Ahmad K. Al Hwaitat, Ali Al-Zahrani, Abdalwali Lutfi, Ali Bani Awad and Theyazn H. H. Aldhyani
Electronics 2022, 11(21), 3571; https://doi.org/10.3390/electronics11213571 - 01 Nov 2022
Cited by 39 | Viewed by 2562
Abstract
The growing number of security threats has prompted the use of a variety of security techniques. The most common security tools for identifying and tracking intruders across diverse network domains are intrusion detection systems. Machine Learning classifiers have begun to be used in [...] Read more.
The growing number of security threats has prompted the use of a variety of security techniques. The most common security tools for identifying and tracking intruders across diverse network domains are intrusion detection systems. Machine Learning classifiers have begun to be used in the detection of threats, thus increasing the intrusion detection systems’ performance. In this paper, the investigation model for an intrusion detection systems model based on the Principal Component Analysis feature selection technique and a different Support Vector Machine kernels classifier is present. The impact of various kernel functions used in Support Vector Machines, namely linear, polynomial, Gaussian radial basis function, and Sigmoid, is investigated. The performance of the investigation model is measured in terms of detection accuracy, True Positive, True Negative, Precision, Sensitivity, and F-measure to choose an appropriate kernel function for the Support Vector Machine. The investigation model was examined and evaluated using the KDD Cup’99 and UNSW-NB15 datasets. The obtained results prove that the Gaussian radial basis function kernel is superior to the linear, polynomial, and sigmoid kernels in both used datasets. Obtained accuracy, Sensitivity, and, F-measure of the Gaussian radial basis function kernel for KDD CUP’99 were 99.11%, 98.97%, and 99.03%. for UNSW-NB15 datasets were 93.94%, 93.23%, and 94.44%. Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Figure 1

15 pages, 4980 KiB  
Article
Intelligent Intrusion Detection Using Arithmetic Optimization Enabled Density Based Clustering with Deep Learning
by Fadwa Alrowais, Radwa Marzouk, Mohamed K. Nour, Heba Mohsen, Anwer Mustafa Hilal, Ishfaq Yaseen, Mohamed Ibrahim Alsaid and Gouse Pasha Mohammed
Electronics 2022, 11(21), 3541; https://doi.org/10.3390/electronics11213541 - 30 Oct 2022
Cited by 6 | Viewed by 1421
Abstract
Rapid advancements in the internet and communication domains have led to a massive rise in the network size and the equivalent data. Consequently, several new attacks have been created and pose several challenging issues for network security. In addition, the intrusions can launch [...] Read more.
Rapid advancements in the internet and communication domains have led to a massive rise in the network size and the equivalent data. Consequently, several new attacks have been created and pose several challenging issues for network security. In addition, the intrusions can launch several attacks and can be handled by the use of intrusion detection system (IDS). Though several IDS models are available in the literature, there is still a need to improve the detection rate and decrease the false alarm rate. The recent developments of machine learning (ML) and deep learning (DL)-based IDS systems are being deployed as possible solutions for effective intrusion detection. In this work, we propose an arithmetic optimization-enabled density-based clustering with deep learning (AOEDBC-DL) model for intelligent intrusion detection. The presented AOEDBC-DL technique follows a data clustering process to handle the massive quantity of network data traffic. To accomplish this, the AOEDBC-DL technique applied a density-based clustering technique and the initial set of clusters are initialized using the arithmetic optimization algorithm (AOA). In order to recognize and classify intrusions, a bidirectional long short term memory (BiLSTM) mechanism was exploited in this study. Eventually, the AOA was applied as a hyperparameter tuning procedure of the BiLSTM model. The experimental result analysis of the AOEDBC-DL algorithm was tested using benchmark IDS datasets. Extensive comparison studies highlighted the enhancements of the AOEDBC-DL technique over other existing approaches. Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Figure 1

18 pages, 12357 KiB  
Article
PDF Malware Detection Based on Optimizable Decision Trees
by Qasem Abu Al-Haija, Ammar Odeh and Hazem Qattous
Electronics 2022, 11(19), 3142; https://doi.org/10.3390/electronics11193142 - 30 Sep 2022
Cited by 21 | Viewed by 4087
Abstract
Portable document format (PDF) files are one of the most universally used file types. This has incentivized hackers to develop methods to use these normally innocent PDF files to create security threats via infection vector PDF files. This is usually realized by hiding [...] Read more.
Portable document format (PDF) files are one of the most universally used file types. This has incentivized hackers to develop methods to use these normally innocent PDF files to create security threats via infection vector PDF files. This is usually realized by hiding embedded malicious code in the victims’ PDF documents to infect their machines. This, of course, results in PDF malware and requires techniques to identify benign files from malicious files. Research studies indicated that machine learning methods provide efficient detection techniques against such malware. In this paper, we present a new detection system that can analyze PDF documents in order to identify benign PDF files from malware PDF files. The proposed system makes use of the AdaBoost decision tree with optimal hyperparameters, which is trained and evaluated on a modern inclusive dataset, viz. Evasive-PDFMal2022. The investigational assessment demonstrates a lightweight and accurate PDF detection system, achieving a 98.84% prediction accuracy with a short prediction interval of 2.174 μSec. To this end, the proposed model outperforms other state-of-the-art models in the same study area. Hence, the proposed system can be effectively utilized to uncover PDF malware at a high detection performance and low detection overhead. Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Graphical abstract

28 pages, 7306 KiB  
Article
Framing Network Flow for Anomaly Detection Using Image Recognition and Federated Learning
by Jevgenijus Toldinas, Algimantas Venčkauskas, Agnius Liutkevičius and Nerijus Morkevičius
Electronics 2022, 11(19), 3138; https://doi.org/10.3390/electronics11193138 - 30 Sep 2022
Cited by 6 | Viewed by 1637
Abstract
The intrusion detection system (IDS) must be able to handle the increase in attack volume, increasing Internet traffic, and accelerating detection speeds. Network flow feature (NTF) records are the input of flow-based IDSs that are used to determine whether network traffic is normal [...] Read more.
The intrusion detection system (IDS) must be able to handle the increase in attack volume, increasing Internet traffic, and accelerating detection speeds. Network flow feature (NTF) records are the input of flow-based IDSs that are used to determine whether network traffic is normal or malicious in order to avoid IDS from difficult and time-consuming packet content inspection processing since only flow records are examined. To reduce computational power and training time, this paper proposes a novel pre-processing method merging a specific amount of NTF records into frames, and frame transformation into images. Federated learning (FL) enables multiple users to share the learned models while maintaining the privacy of their training data. This research suggests federated transfer learning and federated learning methods for NIDS employing deep learning for image classification and conducting tests on the BOUN DDoS dataset to address the issue of training data privacy. Our experimental results indicate that the proposed Federated transfer learning (FTL) and FL methods for training do not require data centralization and preserve participant data privacy while achieving acceptable accuracy in DDoS attack identification: FTL (92.99%) and FL (88.42%) in comparison with Traditional transfer learning (93.95%). Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Figure 1

17 pages, 673 KiB  
Article
Augmented Reality-Based English Language Learning: Importance and State of the Art
by Mohammad Wedyan, Jannat Falah, Omar Elshaweesh, Salsabeel F. M. Alfalah and Moutaz Alazab
Electronics 2022, 11(17), 2692; https://doi.org/10.3390/electronics11172692 - 27 Aug 2022
Cited by 14 | Viewed by 3368
Abstract
Augmented reality is increasingly used in the educational domain. However, little is known concerning the actual importance of AR for learning English skills. The weakness of the English language among English as a foreign Language (EFL) students is widespread in different educational institutions. [...] Read more.
Augmented reality is increasingly used in the educational domain. However, little is known concerning the actual importance of AR for learning English skills. The weakness of the English language among English as a foreign Language (EFL) students is widespread in different educational institutions. Accordingly, this paper aims at exploring the importance of AR for learning English skills from the perspectives of English language teachers and educators. Mixed qualitative methods were used. To achieve the objective of this study, 12 interviews were conducted with English teachers concerning the topic under investigation. Second, a systematic literature review (SLR) that demonstrates the advantages, the limitation, and the approach of AR for learning English was performed. This study is different from other studies in using two methods and conducting comprehensive research on the importance of AR in improving English language skills in general. Thus, the study concluded that AR improves language skills and academic achievements. It also reduces students’ anxiety levels, improves students’ creativity, and increases students’ collaboration and engagement. Moreover, the students have positive attitudes towards using AR for learning the English language. The findings present important implications for the integration and development of AR for learning. Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Figure 1

17 pages, 3098 KiB  
Article
Adoption of IP Truncation in a Privacy-Based Decision Tree Pruning Design: A Case Study in Network Intrusion Detection System
by Yee Jian Chew, Shih Yin Ooi, Kok-Seng Wong, Ying Han Pang and Nicholas Lee
Electronics 2022, 11(5), 805; https://doi.org/10.3390/electronics11050805 - 04 Mar 2022
Cited by 5 | Viewed by 2146
Abstract
A decision tree is a transparent model where the rules are visible and can represent the logic of classification. However, this structure might allow attackers to infer confidential information if the rules carry some sensitive information. Thus, a tree pruning methodology based on [...] Read more.
A decision tree is a transparent model where the rules are visible and can represent the logic of classification. However, this structure might allow attackers to infer confidential information if the rules carry some sensitive information. Thus, a tree pruning methodology based on an IP truncation anonymisation scheme is proposed in this paper to prune the real IP addresses. However, the possible drawback of carelessly designed tree pruning might degrade the performance of the original tree as some information is intentionally opted out for the tree’s consideration. In this work, the 6-percent-GureKDDCup’99, full-version-GureKDDCup’99, UNSW-NB15, and CIDDS-001 datasets are used to evaluate the performance of the proposed pruning method. The results are also compared to the original unpruned tree model to observe its tolerance and trade-off. The tree model adopted in this work is the C4.5 tree. The findings from our empirical results are very encouraging and spell two main advantages: the sensitive IP addresses can be “pruned” (hidden) throughout the classification process to prevent any potential user profiling, and the number of nodes in the tree is tremendously reduced to make the rule interpretation possible while maintaining the classification accuracy. Full article
(This article belongs to the Special Issue Machine Learning Techniques for Intelligent Intrusion Detection Systems, Volume II)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-6
Back to TopTop