ABSTRACT
Health care is always a top priority, and that has not changed no matter how far we have come in terms of technology. Since the coronavirus epidemic broke out, almost every country has made health care a top priority. Therefore, the best way to deal with the coronavirus pandemic and other urgent health problems is through the use of IoHT. The tremendous growth of IoT devices and networks especially in the healthcare domain generates massive amounts of data, necessitating careful authentication and security. Other domains include agriculture, smart homes, industry, etc. These massive data streams can be evaluated to determine undesirable patterns. It has the potential to reduce functional risks, avoid problems that are not visible, and eliminate system downtime. Past systematic and comprehensive reviews have significantly aided the field of cybersecurity. However, this research focuses on IoT issues relating to the medical or healthcare domain, using the systematic literature review method. The current literature in health care is not enough to analyze the anomaly of IoHT. This research has revealed that fact. In our subsequent work, we will discuss the architecture of IoHT and use AI techniques such as CNN and SVM to detect intrusions in IoHT. In the interest of advancing scientific knowledge, this study identifies and suggests potential new lines of inquiry that may be pursued in this area of study. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
ABSTRACT
The Internet of Things (IoT) industry is growing with the high-quality collaboration with Cloud Computing. The data generated by the IoT devices is quite large which can be efficiently stored and processed by the cloud. Further, the scenario like COVID-19 led to an unexpected flood of IoT devices on enabling networks to facilitate online services, which increases the potential threats to the companies fighting to remain operational during the crises. Still, the problem with the IoT devices is their weak security implications because vendors prioritize other factors like energy-saving and efficiency at the cost of security. The Attacker can send malicious requests through the vulnerable IoT device to the network and exploit the cloud in various ways. So, to address this issue, a Game Theoretic Approach to enhance IDS detection (GTA-IDS) in Cloud Environment has been devised that helps the Defender system to be more efficient, accurate in decision-making and save energy. The algorithm based on relative information entropy has been developed to defend against such attacks. The Bayesian Nash Equilibrium (BNE) has been used to make the Defender's strategies and perform actions to maximize its payoffs. The model has been tested on the NSL-KDD dataset and the results have been compared to the existing techniques. The results show that despite efforts made by the Attacker, the Defender always gets a better gain and ultimately eliminates the attack.
ABSTRACT
Cyber security is the implementation of smart technologies to safeguard computer systems, mobile devices, communication networks or most importantly the sensitive and confidential data saved in those systems or devices from various types of cyber-attacks, unauthorized access, hackers or intruders. Cyber security can also be considered as a subset of information security because information security is a general term. It aims to protect a wider domain which includes all kinds of information assets either hard copy or soft copy. The recent accelerating rise in digitalization due to Covid-19 has brought in many new challenges. The amount of personal data present on the web due to the same has raised concerns among users. However, it's not only the personal data that is a matter of concern but also the dataset which is given as input to numerous machine learning and deep learning models. Local networks are prone to attacks and intrusion activities now more than ever. As a result, cyber security experts have been working on the development of more complex monitoring systems and algorithms for the detection and prevention of such activities. Various technologies like machine learning and deep learning might play a significant role in improving cyber security. It can help in analyzing patterns and improving the models for recognizing similar attacks in future. This research work aims to study intrusion detection systems in detail and differentiate between intrusion detection systems, intrusion prevention systems and firewalls as IDS and IPS are commonly regarded as the same thing. It also highlights the previous works related to this subject along with their suggested methods. © 2022 IEEE.
ABSTRACT
All around the world, the rapid spread of the pandemic (COVID-19) has brought an enormous challenge, especially to the ICT industry. The total lockdown which prevailed had increased the use of the internet, which is a challenge to safety and security. Thus, an Intrusion Detection System (IDS) is needed to maintain this emergence of the boundless communication paradigm. This paper proposed an optimized Network IDS by applying two machine learning algorithms in intrusion dataset and feature selection techniques to optimize the IDS model. The viability of this work is shown by comparing, the result of the model with existing work. The decision tree applied outperformed the Naïve Bayes algorithm with 89.27% and 75.09% accuracy, respectively. © 2022 IEEE.
ABSTRACT
The Internet has become an essential part of life, especially after the COVID-19 pandemic. The increasing use of technology brings new challenges. Cyber security has emerged as a major threat during the pandemic. Distributed Denial of Service Attack (DDoS) attacks have become more refined than other cyber-attacks during the pandemic. The most important question comes into mind: What is the source of the DDoS attack? The answer is botnet which provides the platform for the attacker. A botnet has targeted the escalation of vulnerable systems. Therefore, real-life and accurate botnet detection and prevention techniques must be effectively designed. Due to this organized dataset, IoCs are required for a most dangerous botnet to prevent networks at an early stage. Various malware datasets have been published for the research work, but most are outdated. The author has proposed a new dataset of windows based botnets using different analysis techniques. This work provides the geolocation of the live malicious connection made by emotet. They have also presented the mechanism which calculates the IP reputation and detects botnet based on IoCs using snort Intrusion Detection. © 2022 Seventh Sense Research Group®
ABSTRACT
Computer networks data is overgrowing in nowadays world. More and more traffic is generated from the technology revolution (Cloud Computing, IoT, etc.) and the global situation of increased network traffic caused by the COVID19 pandemic. The number of threats that individuals and businesses face is rising exponentially due to the increasing complexity of networks and services of modern networks. Machine learning is used in many different areas where it helps to predict future events and forecasts. Thus it would help detect anomalous data traffic in computer networks if machine learning algorithms are applied for a correctly created dataset. In this paper, we evaluate techniques that are involved in developing data to detect anomalies in computer networks with machine learning algorithms. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
ABSTRACT
Intrusion Detection System (IDS) is considered as one of the essential components of a secure network. Due to the high number of network packet features, one of the major problems of IDS is false intrusion alerts and low intrusion detection rates. Feature selection removes all redundant or irrelevant features among the various features of network packets. For this reason, it plays a pivotal role in overcoming the mentioned problems and can improve the accuracy of intrusion detection system. In this paper, a new human-inspired optimization algorithm called coronavirus herd immunity optimizer (CHIO) is proposed for feature selection in IDS. CHIO is able to select the optimal subset of features from numerous features without affecting system performance. In order to select the feature, two types of classifiers, K-Nearest Neighbor (KNN) and Artificial Neural Network (ANN), are used to obtain the accuracy of intrusion detection. In addition, the ANN classifier is trained with the classic Gradient Descent ( GD) method as well as the two intelligent methods Artificial Bee Colony (ABC) and Harmony Search (HS). In order to demonstrate the performance, our method is tested on 20% of NSL-KDD and its results are reported and compared to other studies. The proposed method has been able to achieve better performance in terms of intrusion detection accuracy and number of features compared to similar works.
ABSTRACT
The integration of healthcare-related sensors and devices into IoT has resulted in the evolution of the IoMT (Internet of Medical Things). IoMT that can be viewed as an improvement and investment in order to meet patients' needs more efficiently and effectively. It is progressively replacing traditional healthcare systems, particularly after the worldwide impact of COVID. IoMT devices have enabled real time monitoring in the healthcare field, allowing physicians to provide superior care while also keeping patients safe. As IoMT applications have evolved, the variety and volume of security threats and attacks including routing attacks and DoS (Denial of Service), for these systems have increased, necessitating specific efforts to study intrusion detection systems (IDSs) for IoMT systems. However, IDSs are generally too resource intensive to be managed by small IoMT devices, due to their limited processing resources and energy. In this regard, machine learning and deep learning approaches are the most suitable detection and control techniques for IoMT device-generated attacks. The purpose of this research is to present various methods for detecting attacks in the IoMT system. Furthermore, we review, compare, and analyze different machine learning (ML) and deep learning (DL) based mechanisms proposed to prevent and detect IoMT network attacks, emphasizing the proposed methods, performances, and limitations. Based on a comprehensive analysis of current defensive security measures, this work identifies potential open research related challenges and orientations for the actual design of those systems for IoMT networks, that may guide further research in this field. © 2022 IEEE.
ABSTRACT
The Internet of Medical Things (IoMT) is a set of medical devices and applications that connect to healthcare systems through the Internet. Those devices are equipped with communication technologies that allow them to communicate with each other and the Internet. Reliance on the IoMT is increasing with the increase in epidemics and chronic diseases such as COVID-19 and diabetes;with the increase in the number of IoMT users and the need for electronic data sharing and virtual services, cyberattacks in the healthcare sector for accessing confidential patient data has been increasing in the recent years. The healthcare applications and their infrastructures have special requirements for handling sensitive users' data and the need for high availability. Therefore, securing healthcare applications and data has attracted special attention from both industry and researchers. In this paper, we propose a Federated Transfer Learning-based Intrusion Detection System (IDS) to secure the patient's healthcare-connected devices. The model uses Deep Neural Network (DNN) algorithm for training the network and transferring the knowledge from the connected edge models to build an aggregated global model and customizing it for each one of the connected edge devices without exposing data privacy. CICIDS2017 dataset has been used to evaluate the performance in terms of accuracy, detection rate, and average training time. In addition to preserving data privacy of edge devices and achieving better performance, our comparison indicates that the proposed model can be generalized better and learns incrementally compared to other baseline ML/DL algorithms used in the traditional centralized learning schemes. © 2021 IEEE.
ABSTRACT
The use of networks has been accelerated by social adaptations to the Covid-19 pandemic, such as remote work, online shopping, and online meetings. These trends increase the importance of network intrusion detection systems (NIDSs) to protect networks from malware and cyberattacks. Two major technical approaches to NIDS are largely employed: the use of signature matching discriminators and the use of anomaly detectors. Each approach has advantages and disadvantages. Hybrid NIDSs, which integrate aspects of both approaches, minimize the disadvantages and improve detection accuracy, although their detection speed is slow. On the other hand, deep learning methods have been gaining attention as intrusion detectors, including NIDS. Therefore, in this study we propose a two-stage hybrid NIDS that uses deep learning methods, a sparse auto-encoder (SAE), and a multilayer perceptron (MLP). In the first stage of the proposed system, an SAE detects malicious flows while minimizing interference to legitimate flows, and in the second stage an MLP detects malicious flows and precisely classifies each one. Our experimental results against the CICIDS2017 dataset showed that the proposed NIDS was fast and highly accurate. Here we report the architecture of our system and the evaluation of its results. © 2021 IEEE.
ABSTRACT
The success of Internet of Things (IoT) deployment has emerged important smart applications. These applications are running independently on different platforms, almost everywhere in the world. Internet of Medical Things (IoMT), also referred as the healthcare Internet of Things, is the most widely deployed application against COVID-19 and offering extensive healthcare services that are connected to the healthcare information technologies systems. Indeed, with the impact of the COVID-19 pandemic, a large number of interconnected devices designed to create smart networks. These networks monitor patients from remote locations as well as tracking medication orders. However, IoT may be jeopardized by attacks such as TCP SYN flooding and sinkhole attacks. In this paper, we address the issue of detecting Denial of Service attacks performed by TCP SYN flooding attacker nodes. For this purpose, we develop a new algorithm for Intrusion Detection System (IDS) to detect malicious activities in the Internet ofMedical Things. The proposed scheme minimizes as possible the number of attacks to ensure data security, and preserve confidentiality of gathered data. In order to check the viability of our approach, we evaluate analytically and via simulations the performance of our proposed solution under different probability of attacks. © 2022 Tech Science Press. All rights reserved.