Network Defense Research Articles

Deep Learning-Driven IoT Defence: Comparative Analysis of CNN and LSTM for DDoS Detection and Mitigation

The extensive utilization of Internet of Things (IoT) devices has revolutionized multiple sectors, ranging from smart homes to industrial automation, while concurrently broadening the attack surface for cyber threats, including Distributed Denial of Service (DDoS) attacks. This study examines the efficacy of Convolutional Neural Networks (CNNs) and Long Short-Term Memory Networks (LSTMs) in detecting DDoS attacks, focusing on the distinct security concerns presented by IoT networks. Employing the extensive CICDDoS2019 dataset, these algorithms scrutinize individual IP flow records to attain real-time anomaly identification with elevated precision. The evaluation results reveal that both CNN and LSTM models exhibit strong performance, with CNNs showing enhanced precision (99.42%) and F1-score (99.26%) due to their capacity to extract spatial patterns from multidimensional traffic data. Although LSTMs are proficient in capturing temporal dependencies, their elevated computing demands render them less appropriate for real-time applications in resource-limited IoT settings. This paper emphasizes CNNs as a scalable and efficient option for IoT network defence and advocates for more research into hybrid deep learning architectures to improve anomaly detection.

Research on power plant security issues monitoring and fault detection using attention based LSTM model

OverviewFor Photo Voltaic (PV) arrays and Wind systems to operate as efficiently and effectively as possible, fault detection is essential. It is possible to improve the safety of renewable energy systems and guarantee that the service will continue uninterrupted if problem detection and diagnostics are performed in a timely and accurate manner. In general, wind power is one of the three major renewable energy sources, along with solar power and hydropower. Wind power is well distributed around the world, making it suitable to be exploited in human activities for the general welfare of society.ObjectivesA prototype security situational awareness system applicable to the power data communication network service and traffic model should be developed. This will help to successfully enhance the security and service quality of the power data communication network, effectively cope with network security threats in the new environment, and ensure the security of the power plant network access. The traffic of the main network of the existing data communication network will be combined and analyzed, and NQA traffic management algorithms will be studied and proposed. These actions will improve the SLA hierarchical service capability, the service quality of the core services carried by the backbone network, and strengthen the security capability of the new energy power plant communication network access system.MethodologyFor the purpose of this investigation, an attention-based long short-term memory (Att-LSTM) model was used for the categorization of time series actual data. The approach that has been developed is able to identify defects in photovoltaic arrays and inverters, which offers a dependable option for improving the efficiency and dependability of solar energy systems. For the purpose of evaluating the proposed method, a real-world solar energy dataset is used.ResultsThe findings acquired from this evaluation are compared to the results received from existing detection approaches such as Cryptography, Intrusion Detection System (IDS) methods, and Network Defense Schemes. The results obtained demonstrate that the suggested method surpasses current fault detection techniques, providing greater accuracy and better performance.

Navigating Collaboration: Understanding Civil-Military Interactions in Swedish Total Defence From a Security Network Perspective

This study aims to contribute to our knowledge of civil-military collaboration within the framework of contemporary Swedish total defence planning and organizing. The exploratory study focuses on perspectives on collaboration among civilian and military actors at the local and regional levels of the Swedish total defence network. Empirically, the study draws on official documents, policies, reports and interviews with civilian and military officials in Sweden. The analysis explores assumptions about, and understandings of, roles, relationships, shared goals, responsibilities and governance, pointing to several potential challenges to inter-organizational and inter-group collaboration. The study, showing how understandings and perspectives held by collaborators serve to shape the nature of their relations, identifies a potential need for collaborative actors, civil and military, capable of performing a “double grasp” – that is, of representing their organization while understanding and handling their counterpart’s perspective on (and often lack of knowledge about) their own organization and requirements. The article identifies several avenues for future research into civil-military collaboration in practice, and across country contexts.

Remote Data Security Monitoring Technology for Computer Networks Based on Machine Learning Algorithms

In an era dominated by increasing cyber threats and the expansion of digital systems, securing computer networks has become a critical challenge. Traditional security techniques, such as firewalls and intrusion detection systems, are often inadequate in addressing the dynamic and evolving nature of modern cyber-attacks. Remote data security monitoring, when combined with machine learning (ML) algorithms, has emerged as a promising solution to address these security gaps. This paper explores the integration of machine learning techniques into remote data security monitoring systems for computer networks. It investigates how ML algorithms can enhance real-time detection, classification, and prediction of security incidents, thereby improving the robustness and efficiency of network defense mechanisms. The study reviews various ML models, their application to data security, and the benefits and challenges of their deployment in remote monitoring systems. Finally, we present case studies and discuss future research directions in this domain.

Integrated analysis of physiological and metabolic data uncovers essential dynamic mechanisms involved in the maturation of cigar tobacco leaves

The quality of cigar tobacco leaves is profoundly affected by the timing of their harvest, with both early and late collections resulting in inferior characteristics. While the relationship between maturity and physiological metabolic processes is acknowledged, a comprehensive understanding of the physiological behavior of cigar leaves harvested at different stages remains elusive. This research investigated the physiological and metabolomic profiles of the cigar tobacco variety CX-014, grown in Danjiangkou City, Hubei Province, with leaves sampled at 35 (T1), 42 (T2), 49 (T3), and 56 (T4) days post-inflorescence removal. Leaf color transitioned from green to yellow, accompanied by the appearance of white mature spots. Notable increases in photosynthetic pigments and gas exchange parameters occurred between T1 and T2, followed by decline at T3 and T4. The optimal sugar-to-nicotine and potassium-to-chlorine ratios, critical determinants of smoking quality and tobacco combustibility, were observed at T3, indicating a superior chemical balance in leaves harvested at this stage. Metabolomic analysis revealed 2153 distinct metabolites, with the most significant changes occurring between T2 and T3, highlighting critical physiological transformations during this interval. Pathway enrichment analysis via KEGG pinpointed notable shifts in amino acid synthesis pathways, particularly those involving tryptophan, alanine, and aspartate. Tryptophan metabolism and zeatin biosynthesis were substantially altered, with compounds like indolepyruvic acid, N-formylpurine nucleotide, isopentenyladenine nucleotide, and dihydrozeatin showing marked reductions at T3. This study also explored how the timing of lower leaf harvest influences the physiological processes of middle leaves, finding that a plethora of metabolites associated with the breakdown of arachidonic acid—a primitive metazoan signaler implicated in plant stress and defense networks—were abundant in T3 leaves when lower leaves were harvested 43–38 days prior. Overall, these findings elucidates the complex physiological dynamics of cigar leaves during maturation, highlighting critical metabolites involved in essential metabolic pathways.

THE UTILIZATION OF MACHINE LEARNING FOR NETWORK INTRUSION DETECTION SYSTEMS

This study investigates the integration of Multilayer Perceptron (MLP) architecture in Network Intrusion Detection Systems (NIDS) to strengthen cyber defences against evolving threats. The goal is to explore the potential of MLP in learning complex patterns and adapting to dynamic attack vectors, thereby improving detection accuracy. Key results from 5-fold cross-validation demonstrate model consistency, achieving an average accuracy of 0.97 with minimal standard deviation. Further evaluation across multiple nodes per layer and train-test splits demonstrate model robustness, displaying high metrics such as AUC-ROC and F1-Score. Challenges, such as the scarcity of large labelled datasets and complex model interpretability, are acknowledged. This study provides a comprehensive foundation for future investigations, suggesting potential directions such as integrating advanced neural network architectures and assessing model transferability. In conclusion, this study contributes to the evolving intersection of machine learning and cyber security, offering insights into the strengths, limitations, and future directions of MLP-based NIDS. As cyber threats evolve, continued refinement of MLP methods is critical to effective network defences against sophisticated adversaries.

The PpPep2-Triggered PTI-like Response in Peach Trees Is Mediated by miRNAs.

Plant diseases diminish crop yields and put the world's food supply at risk. Plant elicitor peptides (Peps) are innate danger signals inducing defense responses both naturally and after external application onto plants. Pep-triggered defense networks are compatible with pattern-triggered immunity (PTI). Nevertheless, in complex regulatory pathways, there is crosstalk among different signaling pathways, involving noncoding RNAs in the natural response to pathogen attack. Here, we used Prunus persica, PpPep2 and a miRNA-Seq approach to show for the first time that Peps regulate, in parallel with a set of protein-coding genes, a set of plant miRNAs (~15%). Some PpPep2-regulated miRNAs have been described to participate in the response to pathogens in various plant-pathogen systems. In addition, numerous predicted target mRNAs of PpPep2-regulated miRNAs are themselves regulated by PpPep2 in peach trees. As an example, peach miRNA156 and miRNA390 probably have a role in plant development regulation under stress conditions, while others, such as miRNA482 and miRNA395, would be involved in the regulation of resistance (R) genes and sulfate-mediated protection against oxygen free radicals, respectively. This adds to the established role of Peps in triggering plant defense systems by incorporating the miRNA regulatory network and to the possible use of Peps as sustainable phytosanitary products.

Probing the depths: assessing the efficacy of the two-tier deception-driven security model

In the age characterized by relentless cyber threats, the need for innovative and proactive security measures has never been more important. Deception is defined as the deliberate structure of tricks, traps, and false information to mislead and discourage threats, while providing timely warning signals and useful information to defenders. The two-tier deception-driven security model's implementation focuses on applying deception security techniques to deceive potential attackers and protect network resources, with an emphasis on a proactive defense approach. The study emphasized the deployment and deep testing of the model, which aims to assess its efficacy and feasibility in real-time practice. The study shows that the two-layered approach effectively defends the network within the multiple layers using a combination of decoys, honeypots, and deceptive network segments. The deception security model effectively prevents and confuses potential threats, improving the network's overall resilience and threat defense capabilities. The findings suggest that integrating deception techniques into cybersecurity frameworks can provide a robust layer of protection against evolving cyber threats. Furthermore, this research contributes to the ongoing discourse on proactive cybersecurity strategies and offers practical insights for improving network defense mechanisms.

Exploiting self-evolutionary strategies of components for Dynamic Heterogeneous Redundancy

The network security situation is increasingly serious. Traditional security equipment like firewalls and intrusion detection systems cannot prevent unknown risks due to their passive nature. Dynamic Heterogeneous Redundancy (DHR) actively defends by switching the attack surface and confusing attackers, becoming essential in modern network defense. However, existing DHR approaches based on scheduling algorithms struggle under high-intensity attacks due to resource limitations. To overcome this weakness, we propose a Genetic Algorithm and Particle Swarm Optimization (GAPSO), a novel DHR architecture. GAPSO provides real-time security awareness of host components, maps potential attacker paths, and calculates the risk probability of each component. High-risk components evolve into others in the pool during attacks. Experiments show that GAPSO significantly reduces system risk compared to scheduling-based DHR and effectively delays the hacker’s attack lifecycle. Additionally, we developed a prototype system and evaluated it in a real network environment, obtaining positive results.

New Continual Federated Learning System for Intrusion Detection in SDN‐Based Edge Computing

ABSTRACTSoftware Defined Networking (SDN) is an open network approach that has been proposed to address some of the main problems with traditional networks. However, SDN faces cybersecurity issues. To provide a network defense against attacks, an Intrusion Detection System (IDS) needs to be updated and included into the SDN architecture on a regular basis. Machine learning methods have proved effective in detecting intrusions in SDN. Moreover, these techniques pose the problem of significant computational overload and the absence of regular updates when new cyber‐attacks appear. To address these issues, we propose a new SDN‐based cloud intrusion detection system called Continual Federated Learning (CFL). In CFL, we modify the classical federated learning process by granting a more important and dynamic role to each participating client. On the one hand, it can trigger this process whenever a new type of intrusion is detected. On the other hand, once the new model has been identified, the customer can decide whether or not to deploy it in his network. In addition, to verify the accuracy of the CFL system, we have formally specified it by a communication protocol. This specification organizes the exchanges between the different communicating entities involved in the CFL. To verify the accuracy of this specification, we described it using the PROMELA language and checked with the associated SPIN tool. On the experimental side, we deployed this specification of the CFL system in an SDN computing environment. We defined different scenarios, and we proposed that each client decides locally to deploy or not the newly obtained intrusion detection model. The decision is based on a modified metric where we integrate the severity of the intrusions. Experimental results using private local datasets show that the proposed CFL system can efficiently and accurately detect new types of intrusions while preserving client confidentiality. Thus, it can be considered a promising system for SDN‐based edge computing.

A Network Defense System for Detecting and Preventing Hacking

Many computing systems have recently suffered significantly from hacking and preventing hacking is important in protecting business, sensitive information and every day network communications. Many efforts have been made to provide security assurance by proposing security solutions. However, the gap between hacking incidents and current security solutions is significant. Fortunately, hacking attempts can be addressed if the pre-hacking step, called scanning, is properly investigated and good counter measures are in place. The importance of scanning appears is in providing sophisticated hackers with the necessary information about nominated victims systems which eventually forms their hacking strategies. Therefore, this article proposes a security solution that aims to make scanning difficult by addressing its properties, which makes developing hacking strategies against protected computer networks unpractical. The proposed security solution protects computer networks by dynamically generating a unique protocol to replace the expected standard protocols and changing network paths periodically in order to confuse scanning attempts, as well as to prevent unauthorized scanning and hacking traffic. Key Words: hacking,sensitive information, unauthorized scanning, hacking traffic, network communications

Improved identification of network anomalies through optimal CURE clustering

Abstract In this paper, we propose an advanced network anomaly behavior identification framework to overcome the constraints inherent in conventional rule- or signature-based approaches, which often struggle with emerging and previously unknown threats. Central to our framework is an Enhanced CURE (Cluster Updating and REfining) clustering algorithm, meticulously tailored and refined to incorporate a density-based methodology. This enhancement enables the algorithm to discern subtle shifts in network anomaly patterns with heightened precision. The implementation workflow commences with the application of the optimized CURE algorithm to analyze network data, followed by the deployment of a sophisticated anomaly degree ranking mechanism. This mechanism, through meticulous calculation of individual data points’ anomaly degrees and subsequent ranking, effectively isolates those deviating significantly from standard behavioral norms, incorporating a strategic threshold to filter out false positives. To validate our methodology’s efficacy and its superiority over existing techniques, experiments were conducted utilizing a substantial real-world network dataset. These tests affirm not only a marked increase in the accuracy of abnormal behavior recognition and a reduction in computational intricacy but also demonstrate the adaptability across diverse network ecosystems. Our approach has proven successful in pinpointing a wide array of network anomalies, encompassing malicious cyberattacks, fraudulent activities, unauthorized intrusions, and breaches of security protocols, thereby highlighting its comprehensive capability in bolstering network defense strategies. Despite the notable advancements and successful identification of various network anomalies, our framework currently lacks integration with real-time learning capabilities, limiting its immediate responsiveness to rapidly evolving attack patterns and necessitating ongoing research for dynamic updates and adaptive learning mechanisms.

A multiscale approach for network intrusion detection based on variance–covariance subspace distance and EQL v2

As an important network defense approach, network intrusion detection is mainly used to identify anomaly traffic behavior. However, dominant network intrusion detection approaches are now struggling to identify the complex and variable means of attack, leading to high false alarm rate. Additionally, the feature redundancy and class imbalance problem in the intrusion detection dataset also constrain the performance of detection methods. This paper proposes a multiscale intrusion detection approach based on variance–covariance subspace distance and Equalization Loss v2 (EQL v2). Firstly, the variance–covariance subspace distance is used for feature selection on the preprocessed dataset to determine a set of representative feature subsets that can effectively approximate the original feature space. Secondly, the loss function, EQL v2, is adopted to balance the positive and negative gradients, addressing the class imbalance problem. Finally, a pyramid depthwise separable convolution model is proposed to capture the multiscale information of the traffic, and the convolutional layer in the depthwise convolution is replaced with self-supervised predictive convolutional attention block to compensate for the performance loss caused by the parameter reduction. Extensive experiments demonstrated that the proposed approach exhibits better performance on the three datasets of NSL-KDD, UNSW_NB15, and CIC-IDS-2017, with accuracy rates of 99.19%, 97.81%, and 99.83%, respectively, effectively improve the intrusion detection performance.

CMDN: Pre-Trained Visual Representations Boost Adversarial Robustness for UAV Tracking

Visual object tracking is widely adopted to unmanned aerial vehicle (UAV)-related applications, which demand reliable tracking precision and real-time performance. However, UAV trackers are highly susceptible to adversarial attacks, while research on developing effective adversarial defense methods for UAV tracking remains limited. To tackle these challenges, we propose CMDN, a novel pre-processing defense network that effectively purifies adversarial perturbations by reconstructing video frames. This network learns robust visual representations from video frames, guided by meaningful features from both the search region and the template. Comprehensive experiments on three benchmarks demonstrate that CMDN is capable of enhancing a UAV tracker’s adversarial robustness in both adaptive and non-adaptive attack scenarios. In addition, CMDN maintains stable defense effectiveness when transferred to heterogeneous trackers. Real-world tests on the UAV platform also validate its reliable defense effectiveness and real-time performance, with CMDN achieving 27 FPS on NVIDIA Jetson Orin 16 GB (25 W mode).

Machine learning applications of network security enhancement: review

Machine learning (ML) is being used to improve intrusion detection mechanisms and identification in cyber security. Network data volume scaling (with the help of Machine learning) — Automated analysis and pattern recognition for large amounts of network-data, thereby detection of anomalies / potentially malicious activities that escape current rule-based techniques. By training ML models on historical data, these models can learn benign network behavior as well the anomalies in them that may result from malicious activities. The purpose of this essay/report is to begin taking a look under the hood at how ML can be used for security threat detection and analysis in-networking on an ongoing basis. This paper covers the automation of ML algorithms to enhance network security. Given the current state of electronic threats and their evolution, traditional security methods are typically insufficient. ML can analyze large volumes of data, learn patterns from it and this makes it suitable to complement network defense mechanisms. It then discusses different ML applications in network cybersecurity: intrusion detection, anomaly detection, spam and malware analysis; which the paper characterizes. It analyzes the potential, benefits and constrains of major ML methods in network security like supervised learning; unsupervised learning and reinforcement-learning. Finally, this paper represents recent progress in the use and impact of ML techniques along with case studies.The paper discusses the existing difficulties in the field such as the necessity for datasets and the vulnerability of machine learning models to adversarial attacks.T he paper also highlights avenues for exploration by focusing on developing scalable security solutions based on machine learning that are resilient and flexible.The goal of this examination is to offer both researchers and industry professionals valuable perspectives into the opportunities and obstacles linked to utilizing machine learning, in the domain of network security. ML methods have potential to improve network security by addressing the challenges posed by the increasing cyber threats that traditional security measures struggle to combat effectively over time. One key strength of ML lies in its capacity to analyze datasets and identify intricate patterns efficiently. The research paper delves into applications of ML in enhancing network security. The list covers security tools like Intrusion Detection Systems (IDS) examining malware and phishing attempts as well as anomalies in network activity and user behavior analysis (UEBA). The study explores both supervised and unsupervised learning methods. How they are used for quick threat detection and response in real time scenarios.You will find case studies and recent developments that showcase the implementation and effectiveness of these strategies.In addition the article delves into the obstacles linked to using machine learning techniques in network security including the necessity, for datasets, The paper's goal is to give an enlightening summary to scholars and practitioners about how machine learning can be applied to network security in order to provide solutions that are robust, adaptive, and scalable. To this end, it touches on several relevant aspects. One is the threat posed by adversarial attacks on the sorts of models that are likely to be used in this context. Another is the imperative, deriving from both adversarial threat and model drift, that models needed in this context be available in a form usable for continuous update. Keywords: Network Security, machine learning (ML), Intrusion Detection Systems (IDS), entity behavior analytics (UEBA).

The Influence of Circadian Rhythms on DNA Damage Repair in Skin Photoaging.

Circadian rhythms, the internal timekeeping systems governing physiological processes, significantly influence skin health, particularly in response to ultraviolet radiation (UVR). Disruptions in circadian rhythms can exacerbate UVR-induced skin damage and increase the risk of skin aging and cancer. This review explores how circadian rhythms affect various aspects of skin physiology and pathology, with a special focus on DNA repair. Circadian regulation ensures optimal DNA repair following UVR-induced damage, reducing mutation accumulation, and enhancing genomic stability. The circadian control over cell proliferation and apoptosis further contributes to skin regeneration and response to UVR. Oxidative stress management is another critical area where circadian rhythms exert influence. Key circadian genes like brain and muscle ARNT-like 1 (BMAL1) and circadian locomotor output cycles kaput (CLOCK) modulate the activity of antioxidant enzymes and signaling pathways to protect cells from oxidative stress. Circadian rhythms also affect inflammatory and immune responses by modulating the inflammatory response and the activity of Langerhans cells and other immune cells in the skin. In summary, circadian rhythms form a complex defense network that manages UVR-induced damage through the precise regulation of DNA damage repair, cell proliferation, apoptosis, inflammatory response, oxidative stress, and hormonal signaling. Understanding these mechanisms provides insights into developing targeted skin protection and improving skin cancer prevention.

Attention-Enhanced Defensive Distillation Network for Channel Estimation in V2X mm-Wave Secure Communication

Millimeter-wave (mm-wave) technology, crucial for future networks and vehicle-to-everything (V2X) communication in intelligent transportation, offers high data rates and bandwidth but is vulnerable to adversarial attacks, like interference and eavesdropping. It is crucial to protect V2X mm-wave communication from cybersecurity attacks, as traditional security measures often fail to counter sophisticated threats and complex attacks. To tackle these difficulties, the current study introduces an attention-enhanced defensive distillation network (AEDDN) to improve robustness and accuracy in V2X mm-wave communication under adversarial attacks. The AEDDN model combines the transformer algorithm with defensive distillation, leveraging the transformer’s attention mechanism to focus on critical channel features and adapt to complex conditions. This helps mitigate adversarial examples by filtering misleading data. Defensive distillation further strengthens the model by smoothing decision boundaries, making it less sensitive to small perturbations. To evaluate and validate the AEDDN model, this study uses a publicly available dataset called 6g-channel-estimation and a proprietary dataset named MMMC, comparing the simulation results with the convolutional neural network (CNN) model. The findings from the experiments indicate that the AEDDN, especially in the complex V2X mm-wave environment, demonstrates enhanced performance.

Advanced Hybrid Techniques for Cyberattack Detection and Defense in IoT Networks

ABSTRACTThe Internet of Things (IoT) represents a vast network of devices connected to the Internet, making it easier for users to connect to modern technology. However, the complexity of these networks and the large volume of data pose significant challenges in protecting them from persistent cyberattacks, such as distributed denial‐of‐service (DDoS) attacks and spoofing. It has become necessary to use intrusion detection systems and protect these networks. Existing intrusion detection systems for IoT networks face many problems and limitations, including high false alarm rates and delayed detection. Also, the datasets used for training may be outdated or sparse, which reduces the model's accuracy, and mechanisms may not be used to defend the network when any intrusion is detected. To address these limitations, a new hybrid deep learning and machine learning methodology is proposed that contributes to detecting DDoS and spoofing attacks, reducing false alarms, and then implementing the necessary defensive measures. In proposed hybrid methodology consists of three stages: the first stage is to propose a hybrid method for feature selection consisting of techniques (correlation coefficient and sequential feature selector); the second stage is to propose a hybrid model by integrating deep learning neural networks with a machine learning classifier (cascaded long short‐term memory [LSTM] and Naive Bayes classifier); and in the third stage, improving network defense mechanisms and blocking ports after detecting threats and maintaining network integrity. In training and evaluating the performance of the proposed methodology, three datasets (CIC‐DDoS2019, CIC‐IoT2023, and CIC‐IoV2024) were used, and these data were also balanced to obtain effective results. The accuracy of 99.91%, 99.88%, and 99.77% was obtained. Also, a cross‐validation technique was used with the test data to ensure no overfitting. The proposed methodology has proven its high performance in detecting attacks, as it provides a powerful solution to enhance the security of IoT networks and protect them from cyberattacks, as it can be applied in many fields and to other attacks.

Assessing the effect of offline topography on electrical resistivity measurements: insights from flood embankments

Summary Electrical resistivity tomography (ERT), a geophysical imaging method, is commonly used on flood embankments (dykes or levees) to characterise their internal structure and look for defects. These surveys often use a single line of electrodes to enable 2D imaging through the embankment crest, an approach that enables rapid and efficient surveying compared to 3D surveys. However, offline variations in topography can introduce artefacts into these 2D images, by affecting the measured resistivity data. Such topographic effects have only been explored on a site-specific basis. If the topographic effects can be assessed for a distribution of embankment geometries (e.g. slope angle and crest width) and resistivity variations, it would allow for targeted correction procedures and improved survey design. To investigate topographic effects on ERT measurements, we forward-modelled embankments with different trapezoidal cross-sections sat atop a flat foundation layer with contrasting resistivity values. Each was compared to a corresponding flat model with the same vertical resistivity distribution. The modelling workflow was designed to minimise the effect of forward modelling errors on the calculation of topographic effect. We ran 1872 unique embankment forward models, representing 144 geometries, each with 13 different resistivity contrasts. Modelling results show that offline topography affects the tested array types (Wenner-Schlumberger, Dipole-Dipole, and Multiple-Gradient) in slightly different ways, but the magnitudes are similar, so all are equally suitable for embankment surveys. Three separate mechanisms are found to cause topographic effects. The dominant mechanism is caused by the offline topography confining the electrical current flow, increasing the measured transfer resistance from the embankment model. The two other mechanisms, previously unidentified, decrease the measured transfer resistances from the embankment model compared to a layered half-space but only affect embankments with specific geometries and resistivity distributions. Overall, we found that for typical embankment geometries and resistivity distributions, the resistivity distribution has a greater control on the magnitude of the topographic effect than the exact embankment geometry: the subsurface resistivity distribution cannot be neglected. 2D inversions are suitable when both the embankment is more resistive than the foundations and when the embankment's cross-sectional area is greater than 4 m2/m2 (area scaled to an embankment with a height of 1 m). Topographic corrections, 3D data acquisition or 3D forward models are required when these conditions are not met. These are demonstrated using field data from an embankment at Hexham, Northumberland, UK. Improving the accuracy of the resistivity values in ERT models will enable more accurate ground models, better integration of resistivity data with geotechnical datasets, and will improve the translation of resistivity values into geotechnical properties. Such developments will contribute to a better characterised and safer flood defence network.

Optimization of machine learning model training procedure on multi-gpu systems to enhance cyber security in telecommunication networks

This paper analyzes the optimization features of machine learning (ML) model training procedures using multi-GPU systems to enhance cyber security in telecommunication networks. A key aspect of the study is the use of data parallelism, which allows the distribution of the training load across multiple GPUs, significantly reducing training time and improving model accuracy-critical factors for rapid threat detection in cyberspace. A novel approach for optimizing data batch size using Mutual Information (MI) is proposed, which harmonizes the utilization of computational resources with the information content of the training data. MI helps to determine the optimal data batch size that minimizes training errors and improves model accuracy without a significant increase in training time. Experimental results demonstrate the substantial advantages of multi-GPU configurations compared to single-GPU setups, providing faster training and improved model accuracy. It was particularly emphasized that MI-guided batch size tuning significantly outperforms traditional manual tuning methods, ensuring higher validation accuracy and reducing training time. The study showed that the MI-based approach is an effective tool for addressing the problem of optimizing ML model training processes in real-world scenarios where cyber security is critical. The proposed methods allow ML models to train faster and more accurately identify potential threats, making them particularly relevant for telecommunication networks where a rapid response to new threats in real time is required. The implementation of modern computational technologies such as multi-GPU systems and MI-optimized training enhances the efficiency and accuracy of machine learning models. This, in turn, improves cyber security measures and ensures a more reliable defence of telecommunication networks against malicious attacks. It is noted that the proposed approaches can be adapted not only for cyber security but also for other areas where high model accuracy and fast training are important. Future research prospects include the development of new machine learning methods, particularly deep neural networks, the exploration of alternative computational architectures such as quantum computing or distributed systems, and their integration into real-time systems. Special attention should be paid to the ethical aspects of implementing automated cyber security systems, particularly in preventing bias in algorithms and ensuring fairness in their application.