Network Threats Research Articles

Network Threat Detection and Modelling

Network threat detection and modelling are critical aspects of network security in an organization since the many devices connecting to the internet can be vulnerable. Network attacks are unauthorized actions on the digital assets within an organizational network. Malicious parties usually execute network attacks to alter, destroy, or steal private data. Perpetrators in network attacks tend to target network perimeters to gain access to internal systems. In this project the incoming traffic and outgoing network traffic is analyzed and from the several devices in an organization and security determined and made easy to visualize by the security analyst to take necessary action. Firstly, the network traffic related information is collected assets or end points in an organization which are exposed to the external world. In fact, the assets will be having data related to external world in the form of IP addresses to which domain or traffic they are being connected or they being accepted. These IP addresses are processed to obtain the actual location and domain which is used to visualize the geographical location of incoming and outgoing traffic and some data like port number are also collected to know the protocol being used by assets are secure. And vulnerable port numbers are displayed in user Interface to take necessary action by the security analyst. In this project for threat detection. The some of the standard compliance like CIS (Center for Internet Security) benchmarks are used to determine the network vulnerabilities in the assets that can be easily attacked by the attackers and the firewall configurations and other network configurations are verified according to these standards. If any of the required check or compliance failing is indicated as a threat in the UI so that security analyst can take necessary action on that particular asset

Deep Learning Approaches for IoT Intrusion Detection Systems

The Internet of Things (IoT) has had a substantial impact on a number of industries, including smart cities, the medical field, the automotive industry, and logistics tracking. But along with the IoT's advantages come security worries that are proliferating more and more. Deep learning-based Intelligent Network Intrusion Detection Systems (NIDS) have been created to detect continually evolving network threats and trends in order to address this issue. Six alternative deep learning algorithms, including CNN, RNN, and DNN architectures, are used in this research to present a novel anomaly-based solution for IoT networks. Three distinct intrusion detection datasets were used to evaluate the algorithms, and the findings revealed that the hybrid method performed better than the others in terms of accuracy. In particular, the hybrid algorithm had a 99.13% accuracy on the UNSW-NB15 dataset, an 89.01% accuracy on the IoTID20 dataset, and a 90.83% accuracy on the BoTNeTIoT-L01-v2 dataset. These results point to the suggested hybrid algorithm as superior to previous algorithms and a potential intrusion detection method for Internet of Things networks.

K-means Optimized Network Security Management in the Internet Context

The rapid development of the Internet has had a broad and profound impact on humanity, making information acquisition and dissemination more convenient. It has also brought significant opportunities and benefits to business and the economy. However, there are some issues, such as personal factors and data security concerns. In order to solve the above problems, the K-means algorithm is optimized from the perspectives of K-value validity index, feature weighting and three-branch decision making. First, the optimal clustering results are determined according to K-value validity index, and the influence of different dimensional features on clustering is considered for feature weighting, and the uncertain objects in the three-branch decision deadlock class are divided into the boundary domain. The delay decision of the boundary domain data is carried out, and the K-means clustering optimization algorithm is improved by combining the above three aspects, and the intelligent network security management system is developed on this basis. The results showed that the K-means optimization algorithm achieved the highest average accuracy rate, adjusted Morandi index, and adjusted mutual information across various datasets, with values of 96.01%, 0.866, and 0.869, respectively. In practical network attack scenarios, the K-means optimization algorithm attained an attack threat recognition accuracy of 94.38%. Under unknown network attack types, its detection rate and false alarm rate were 94.63% and 1.32%, respectively. Surveys conducted post-implementation of the intelligent network security management system indicated that over 90% of users were satisfied with their experience of the system. In summary, the proposed method accurately identifies potential network threats in network data, fulfilling performance requirements for network security management systems and ensuring the security of network resources.

A Survey on Security of UAV Swarm Networks: Attacks and Countermeasures

The increasing popularity of Unmanned Aerial Vehicle (UAV) swarms is attributed to their ability to generate substantial returns for various industries at a low cost. Additionally, in the future landscape of wireless networks, UAV swarms can serve as airborne base stations, alleviating the scarcity of communication resources. However, UAV swarm networks are vulnerable to various security threats that attackers can exploit with unpredictable consequences. Against this background, this paper provides a comprehensive review on security of UAV swarm networks. We begin by briefly introducing the dominant UAV swarm technologies, followed by their civilian and military applications. We then present and categorize various potential attacks that UAV swarm networks may encounter, such as denial-of-service attacks, man-in-the-middle attacks and attacks against Machine Learning (ML) models. After that, we introduce security technologies that can be utilized to address these attacks, including cryptography, physical layer security techniques, blockchain, ML, and intrusion detection. Additionally, we investigate and summarize mitigation strategies addressing different security threats in UAV swarm networks. Finally, some research directions and challenges are discussed.

Detection of Traffic Anomalies Based on Their Frame Wavelet Transformations Processing

Relevance. The active transition to a massive digital infrastructure based on Internet of Things (IoT) technology has brought telecommunications networks to the level of dominant information resources. The one-time increase in the number of existing Internet services is inextricably linked to the growing variety of network anomalies on telecommunications equipment. In turn, existing methods of detecting network threats do not allow timely assessment of network traffic, which is characterized by a large number of parameters, and the detected anomalies from external interference do not have pronounced patterns. The purpose of the study is to increase the efficiency of detecting traffic anomalies based on the results of processing its frame wavelet transform. The scientific task is to develop scientific and methodological approaches that allow effective analysis and timely detection of anomalies in network traffic. A comparative review of search methods for detecting network traffic anomalies, algorithms for detecting uncontrolled anomalies, traffic analysis methods based on local emission factor, binary trees, optical emission spectroscopy. Decision. The results of the study of the possibility of detecting anomalies in the bitstream traffic based on the results of its multiple-variable transformation in the Haar wavelet basis are considered. The choice for further processing of the coefficients of the traffic decomposition matrix along the time shift variable is justified. It is proved that multiple-scale transformations not only increase the structural differences in traffic, but also open up the possibility of localization of anomalies that caused these differences. The scientific novelty of the work is determined by the author's approach to detecting network traffic anomalies during the transition from the direct representation of a signal in the form of its discrete samples to coefficients formed from the matrices of its wavelet transformations, and, as a result, increasing its contrast with other signals with a similar structure. Theoretical significance. The necessity and sufficiency of using wavelet coefficients instead of time samples of signals in the basis of the parent wavelet from the matrix of the generated frame is proved. The relationship between the Hurst indicators and the coefficients of the cross-correlation functions has been established. Practical significance. The results obtained in the work, in the future, can be used in the construction of models for evaluating network traffic in conditions of deliberate, as well as methods for searching and synthesizing effective methods of protection against them.

Designing a Novel Network Anomaly Detection Framework using Multi-Serial Stacked Network with Optimal Feature Selection Procedures over DDOS Attacks

- Distributed denial-of-service (DDoS) attacks are the major threat that disrupts the services in the computer system and networks using traffic and targeted sources. So, real-world attack detection techniques are considered an important element in executing cybersecurity tasks. The present DDoS techniques are prone to False Positive Rates (FPR) and also it didn’t acquire the complicated patterns presented in the attack traffic. Internet of Things (IoT) is a complicated network with resource-constrained devices and networks that are prone to different security threats like DDoS attacks. Later, the Software Defined Networking (SDN) with IoT models is used to enhance the access control techniques and security models. DDoS attacks are considered as an important threat in the IoT networks. Hence, it is important to construct a novel network anomaly detection model with a deep learning mechanism to resolve the limitations of the existing techniques. Initially, essential data required for the validation are gathered from the IDS ISCX 2012 dataset. The optimal features are selected from input data using the Predefined-Mud Ring Algorithm (P-MRA). The optimally selected features are provided to the Multi-Serial Stacked Networks (Multi-SSN), which is the fusion of Convolutional Autoencoder (CAE), Gated Recurrent Unit (GRU), and Bayesian Learning (BL) networks. Here, the essential features for the validation are acquired from the CAE and GRU. Then, these features are stacked and given to the BL mechanism for detecting the anomalies in the network. Further, several experimental validations are performed in the developed framework over traditional network anomaly detection mechanism.

Enhancing Network Threat Detection with Random Forest-Based NIDS and Permutation Feature Importance

Network Intrusion Detection Systems (NIDS) are critical for protecting computer networks from unauthorized activities. Traditional NIDS rely on rule-based signatures, which can be limiting in detecting emerging threats. This study investigates the effectiveness of the random forest classifier in advancing NIDS capabilities through machine learning. Using the CICIDS-2017 dataset, the data are preprocessed to enhance their quality by removing redundancies. feature selection and permutation importance were employed to identify the most relevant features. The methodology involves rigorous testing and analysis of the random forest classifier’s performance, focusing on f1-score rates compared to other machine learning models. Results demonstrate that by optimizing class weights, applying a custom prediction function and leveraging 26 key features, the random forest classifier achieves an outstanding 99.8% in the weighted f1-score and 93.31% in the macro f1-score in various attack types. This research highlights the potential of machine learning to significantly enhance NIDS effectiveness, offering a robust defense mechanism against evolving cybersecurity threats in modern networks.

An automated intrusion detection system in IoT system using Attention based Deep Bidirectional Sparse Auto Encoder model

Nowadays, the Internet of Things (IoT) is a smart network connected to the Internet for transmitting gathered data with verified protocols. Attackers frequently use communication protocol defects as the basis for their attacks. Better protection measures are required since attacks affect the reputations of service providers. Both machine learning (ML) and deep learning (DL) methods have been developed in a number of research works to detect network intrusions. However, the system's security is limited by the rising number of new threats. Critical problems in IoT platforms, cyber-physical systems, wireless networks, and fog computing are caused by such attacks. The development of various cyber-security attacks reinforces the need for a strong intrusion detection system (IDS) in the IoT platform. The proposed study introduced a robust deep-feature learning mechanism for automatically detecting network intruders in the IoT platform. Initially, input data are gathered from the given dataset. Pre-processing helps reduce any noise in the data and improves the data quality using cleaning, outlier removal, and min-max normalization. The proposed Attention-based Deep Bidirectional Sparse Auto Encoder (AD-BiSA) model is the most important feature retrieved using the attention-based deep Bi-LSTM model. The different IoT network threats are categorized using a sparse Autoencoder approach. The chaotic Seagull Optimization (CSGO) algorithm decreases the loss and enhances the weight in the proposed DL technique. The UNSW NB15_IDS and NSL-KDD datasets achieve accuracy rates of 99.71% and 98.97%, respectively, for the proposed technique. The proposed method achieves better performance than existing approaches.

ENHANCING THE RESILIENCE OF IOT NETWORKS: STRATEGIES AND MEASURES FOR MITIGATING DDOS ATTACKS

The Internet of Things (IoTs) are emerging and become a vital need in our daily routine. The privacy protection and insecurity of these IoT-based devices face many challenges. Distributed denial of service (DDoS) attacks in IoT networks become a significant growing challenge that is addressed in this research. The resilience and strategy for IoT devices due to distributed denial of service (DDoS) attacks assess current security measures by proposing modern procedures to upgrade the strength of IoT frameworks. This article proposes a mechanism that mitigiates the effects of DDoS attacks in IoTs, that cause significant destruction to existing systems. Utilizing secondary data from Kaggle, the machine is trained and tested. Our proposed approach incorporates descriptive statistics, correlations, t-tests, chi-square tests, and regression analyses to supply a systematic understanding of IoT security by critically analyzing the existing variants of numerous DDoS attacks, Security issues in IoTs, and creation of them in Botnets or zombies. Our findings show that the proposed security techniques are viable and detection rates correlate with security viability. The proposed model asses various network threat and cybersecurity arrangements for mitigating DDoS attacks in IoT’s and outperforms the previously implemented Web Application Firewall (WAF), Bot Mitigation, Resource Prioritisation, and Content Delivery Networks (CDNs)based DDoS mitigation techniques by 80.5%, 88%, 86% in terms of effectiveness, T-test, chi test, and correlation.

Cluster partition-fuzzy broad learning-based fast detection and localization framework for false data injection attack in smart distribution networks

The distributed renewable energy generations, as accessible and easily targets for attackers, introduce an extra false data injection attack (FDIA) threat in the smart distribution networks. Scattered attack points and complex attack features hinder the elimination of potential threats. In this context, an FDIA fast detection and pinpoint localization framework is proposed. This framework identifies abnormal signals and attacked nodes from the unique topology structure and status contiguity of smart distribution networks, namely, spatial-temporal correlations of power grids, by using a cluster partition-fuzzy broad learning system (CP-FBLS). Unlike most existing FDIA detection methods, which are dedicated to high accuracy but neglect the urgent need for rapid detection in smart distribution networks, the proposed CP-FBLS framework maintains the fast computational nature of a fuzzy broad learning system (FBLS), while avoiding the accuracy degradation caused by high-dimension of data in large-scale smart distribution networks. Moreover, the multi-layer structure of the proposed framework recognizes the location of FDIA, bridging the research gap of attack localization. To comprehensively evaluate the proposed strategy, datasets containing various FDIA types are constructed. Numerical simulations based on the above datasets in modified IEEE 34-bus and 123-bus distribution systems are implemented. The results of the case studies showed that the proposed method can achieve 98.43 % accuracy with 0.34 ms detection time, realizing rapid detection and localization of various FDIAs with satisfactory accuracy.

Towards a conceptual framework for AI-driven anomaly detection in smart city IoT networks for enhanced cybersecurity

As smart cities advance, Internet of Things (IoT) devices present cybersecurity challenges that call for innovative solutions. This paper presents a conceptual model for using AI-enabled anomaly detection systems to identify anomalies and security threats in smart city IoT networks. The foundation is supported by the Complex Adaptive Systems (CAS) theory, Technology Acceptance Model (TAM), and Theory of Planned Behavior (TPB). In this framework, the importance of user engagement in ensuring effective AI-driven cybersecurity solutions is underlined with an emphasis on technological readiness and human interaction with AI. By fostering a security-conscious culture through continuous education and skills development, this research provides actionable insights for enhancing the resilience of smart cities against evolving cyber threats. The proposed framework lays the groundwork for future empirical studies and offers practical guidance for policymakers and urban planners dedicated to safeguarding the digital infrastructures of potentially tomorrow's cities – the smart cities.

Enhancing MQTT-SN Security with a Lightweight PUF-Based Authentication and Encrypted Channel Establishment Scheme

The communication of Industrial Internet of Things (IIoT) devices faces important security and privacy challenges. With the rapid increase in the number of devices, it is difficult for traditional security mechanisms to balance performance and security. Although schemes based on encryption and authentication exist, there are still difficulties in achieving lightweight security. In this paper, an authentication and key exchange scheme combining hardware security features and modern encryption technology is proposed for the MQTT-SN protocol, which is not considered security. The scheme uses Physical Unclonable Functions (PUFs) to generate unpredictable responses, and combines random numbers, time stamps, and shared keys to achieve two-way authentication and secure communication between devices and broker, effectively preventing network threats such as replay and man-in-the-middle attacks. Through verification, the proposed scheme has proved effective in terms of security and robustness, has computational and communication cost advantages compared with recent schemes, and provides higher availability.

IDENTIFYING CYBERTHREATS THROUGH SOCIAL MEDIA RESEARCH

The work provides an overview of the main methods of social network analysis used to identify cyber threats. The main types of threats in social networks are indicated and some protection methods for their prevention are described. Typical tasks of social network analysis aimed at detecting cyber threats are, for example, identifying online communities, identifying leaders and experts in communities, analyzing the stability of communities, clustering textual information, etc. With increasing digitization and active use of social networks as a means of communication, the importance of effective monitoring and data analysis to ensure cyber security is becoming more and more relevant. Complexities and challenges associated with processing large amounts of data in social networks are also analyzed, including privacy issues and ethical aspects of user data control. The study provides a holistic view of the use of social media as a tool to proactively identify and prevent cyberthreats, highlighting the importance of integrating analytical systems into the overall cybersecurity framework of organizations and individuals. The study provides a holistic view of the use of social media as a tool for proactive detection and prevention of cyber threats, highlighting the importance of integrating analytical systems into the overall cybersecurity posture of organizations and individuals, while emphasizing the need to improve machine learning and artificial intelligence techniques for deeper and more accurate analysis of user behavior and community dynamics, which can contribute to more effective prevention and neutralization of threats in the digital environment.

Establising CNN for Network Intrusion Detection: A Comparative Approach

Intrusion detection plays an important role in protecting systems from various threats. However, as intrusion techniques become more sophisticated, traditional detection methods have shown limitations in identifying new attacks. This research addresses the pressing issue of improving intrusion detection by utilizing Convolutional Neural Networks (CNN) algorithms, compared to various other machine learning techniques such as Support Vector Machines (SVM), K-Nearest Neighbors (KNN), Gaussian Naive Bayes (GNB), Decision Trees, and Gradient Boosting (GBoost). The main objective is to evaluate and compare the performance of these algorithms using a comprehensive dataset sourced from Kaggle, which includes 25,192 data and 42 features. Using metrics such as accuracy, precision, recall, and F1-score, the results show a complex pattern in the strengths and weaknesses of each. Surprisingly, CNN achieved exceptional accuracy, raising questions that require further investigation. Notably, KNN stands out as the best-performing machine learning algorithm. Contextualized within existing research, this study advances the understanding of the role of machine learning in intrusion detection, providing valuable insights for practical implementation. The findings reinforce the relevance of adapting to the evolving network threat landscape while raising interesting questions for future research. In conclusion, this research provides a comparative analysis of intrusion detection techniques, offering a basis for making informed decisions to improve network security and mitigate evolving threats.

Modelling of Cyber Attack Detection and Response System for 5G Network Using Machine Learning Technique

The rapid increase in the adoption of 5G networks has revolutionized communication technologies, enabling high-speed data transmission and connectivity across various domains. However, the advent of 5G technology comes with an increased risk of cyber-attacks and security breaches, necessitating the development of robust defence mechanisms to safeguard network infrastructure and mitigate potential threats. The work presents a novel approach for modelling a cyber-attack response system tailored specifically for 5G networks, leveraging machine learning techniques to enhance threat detection and response capabilities. The study introduced innovative methodologies, including the integration of standard backpropagation and dropout regularization technique. Furthermore, an intelligent cyber threat classification model that proactively detects and mitigates malware threats in 5G networks was developed. Additionally, a comprehensive cyber-attack response model designed to isolate threats from the network infrastructure and mitigate potential security risks was formulated. The result of testing the response algorithm with simulation, and considering quality of service such as throughput, latency and packet loss, showed 80.05%, 24.9ms and 4.09% respectively. During system integration of the model on 5G network with stimulated malware, the throughput reported 71.81%. Also, packet loss reported loss rate of 23.18%, while latency reported 178.98ms. Our findings contribute to the advancement of cybersecurity in 5G environments and lay the foundation for the development of robust cyber defence systems to safeguard critical network infrastructure against emerging threats.

Integrating deep learning and metaheuristics algorithms for blockchain-based reassurance data management in the detection of malicious IoT nodes

The Internet of Things (IoT) refers to a network where different smart devices are interconnected through the Internet. This network enables these devices to communicate, share data, and exert control over the surrounding physical environment to work as a data-driven mobile computing system. Nevertheless, due to wireless networks' openness, connectivity, resource constraints, and smart devices' resource limitations, the IoT is vulnerable to several different routing attacks. Addressing these security concerns becomes crucial if data exchanged over IoT networks is to remain precise and trustworthy. This study presents a trust management evaluation for IoT devices with routing using the cryptographic algorithms Rivest, Shamir, Adleman (RSA), Self-Adaptive Tasmanian Devil Optimization (SA_TDO) for optimal key generation, and Secure Hash Algorithm 3-512 (SHA3-512), as well as an Intrusion Detection System (IDS) for spotting threats in IoT routing. By verifying the validity and integrity of the data exchanged between nodes and identifying and thwarting network threats, the proposed approach seeks to enhance IoT network security. The stored data is encrypted using the RSA technique, keys are optimally generated using the Tasmanian Devil Optimization (TDO) process, and data integrity is guaranteed using the SHA3-512 algorithm. Deep Learning Intrusion detection is achieved with Convolutional Spiking neural network-optimized deep neural network. The Deep Neural Network (DNN) is optimized with the Archimedes Optimization Algorithm (AOA). The developed model is simulated in Python, and the results obtained are evaluated and compared with other existing models. The findings indicate that the design is efficient in providing secure and reliable routing in IoT-enabled, futuristic, smart vertical networks while identifying and blocking threats. The proposed technique also showcases shorter response times (209.397 s at 70% learn rate, 223.103 s at 80% learn rate) and shorter sharing record times (13.0873 s at 70% learn rate, 13.9439 s at 80% learn rate), which underlines its strength. The performance metrics for the proposed AOA-ODNN model were evaluated at learning rates of 70% and 80%. The highest metrics were achieved at an 80% learning rate, with an accuracy of 0.989434, precision of 0.988886, sensitivity of 0.988886, specificity of 0.998616, F-measure of 0.988886, Matthews Correlation Coefficient (MCC) of 0.895521, Negative predictive value (NPV) of 0.998616, False Positive Rate (FPR) of 0.034365, and False Negative Rate (FNR) of 0.103095.

Advanced modelling and recurrent analysis in network security: Scrutiny of data and fault resolution

This research dealt with the critical integration of advanced modelling techniques and recurrent analysis within network security, with a primary goal of enhancing the critical analysis of network data and improving fault resolution processes. The study focuses on the development of advance, predictive models capable of identifying and mitigating security threats in real-time, leveraging the power of Recurrent Neural Networks (RNNs) alongside other sophisticated machine learning techniques. By harnessing the dynamic capabilities of these models, the research aims to address the growing complexity and sophistication of network threats, which require continuous monitoring and adaptive responses. Also, the study investigates the effectiveness of these advanced models in environments where network conditions are constantly evolving, necessitating security protocols that can dynamically adjust to new and emerging threats. Through rigorous data scrutiny and recurrent analysis, the research seeks to establish fault resolution mechanisms that not only detect and neutralize immediate security breaches but also anticipate potential vulnerabilities before they can be exploited. Ultimately, this research contributes to the advancement of network security by providing a framework that integrates cutting-edge technology with real-time adaptability, ensuring that security measures remain robust and effective in the face of ever-changing digital threats.

A novel deep learning-based intrusion detection system for IoT DDoS security

Intrusion detection systems (IDS) for IoT devices are critical for protecting against a wide range of possible attacks when dealing with Distributed Denial of Service (DDoS) attacks. These attacks have become a primary concern for IoT networks. Intelligent decision-making techniques are required for DDoS attacks, which pose serious threats. The range of devices connected to the IoT ecosystem is growing, and the data traffic they generate is continually changing; the need for models more resistant to new attack types and existing attacks is of research interest. Motivated by this gap, this paper provides an effective IDS powered by deep learning models for IoT networks based on the recently published CICIoT2023 dataset. In this work, we improved the detection and mitigation of potential security threats in IoT networks. To increase performance, we performed preprocessing operations on the dataset, such as random subset selection, feature elimination, duplication removal, and normalization. A two-level IDS using deep-learning models containing binary and multiclass classifiers has been designed to identify DDoS attacks in IoT networks. The effectiveness of several deep-learning models in real-time and detection performance has been evaluated. We trained fully connected, convolutional, and LSTM-based deep learning models for detecting DDoS attacks and sub-classes. According to the results on a partially balanced sub-dataset, two staged models performed better than baseline models such as DNN (Deep Neural Networks), CNN (Convolutional Neural Networks), LSTM (Long Short Term Memory), RNN (Recurrent Neural Network).

Anomalous Network Behaviour Detection in Interoperable Health Systems using Machine Learning in Resource Limited Areas

The connection of devices in distributed environments produces and shares a vast amount of data useful for different organisational decision-making. In healthcare service organisations, for example, multiple e-health systems from different departments or facilities connect and share health data and information. During sharing, proper management is important to ensure the information is secure against intruders. Machine learning as a non-conventional security technique can be used along conventional techniques like firewalls, antivirus and intrusion detection systems to predict future network threats and other anomalies using historical backgrounds and other features. However, some machine learning algorithms have complex computation thus requiring resourceful systems in terms of network bandwidth, CPU power, memory, and storage capacity. In resource-constrained environments, therefore, special consideration is needed to ensure that the analysis of the big data is successful and that the benefits associated with them are effectively obtained. In this paper, a Machine Learning algorithm was selected among four algorithms whose performance was compared through various performance metrics. Classification accuracy, Mean Absolute Error (MAE), Root Mean Square Error (RMSE), and Relative Absolute Error (RAE) among other performance metrics were used to compare the ANN, Random forest, Decision trees, and Naïve byes classification algorithms using an extract from CICDDOS2019 dataset. Using the Weka version 3.8.6, the algorithms were compared to choose the best one to classify the data. By using three computers with different resources, the experiments were carried out to determine the performance of those machine learning algorithms. The result revealed that the random forest produced a good average classification performance in resource-limited systems since it surpassed other algorithms in classifying the data at an average of 99 per cent with a low average mean absolute error of 0.0001. Furthermore, as an ensemble that classifies with multiple decision trees algorithm, it likewise uses reasonable time to build and test the model therefore recommended for resource-limited systems.

An SDN-based Hybrid-DL-driven cognitive intrusion detection system for IoT ecosystem

Smart homes, healthcare, transportation, agriculture, manufacturing, and many more sectors can all benefit from IoT technology. This revolutionary way of interacting with the world could increase efficiency, convenience, and productivity. However, it also raises concerns regarding security, privacy, and data management. To mitigate security threats in IoT networks, this article presents a software-defined networking-enabled cognitive hybrid-deep learning model for intrusion detection in IoT ecosystem. The primary purpose of this framework is to continuously and efficiently identify cybersecurity threats in the IoT environment. With the influence of the cognitive computing paradigm, the designed system can analyse, understand, and even respond to various traffic approaching IoT devices. The proposed model is trained and tested using the cutting-edge N-BaIoT and CICDDoS2019 datasets. The experimental results demonstrate a high level of accuracy, yielding an acceptable false positive rate in conjunction with reasonable testing time. Furthermore, the architecture considers the limited resources of IoT devices, ensuring that they are not overburdened in the process. The proposed model obtained an acceptable accuracy rate of 99. 86 %, 99. 96 % precision, 99. 903 % recall, and 99.93 % F1-Score. The proposed model outperformed the other hybrid-DL models, such as Cu-GRU+LSTM and Cu-GRU+DNN.