Artificial Intelligence-Enabled DDoS Detection for Blockchain-Based Smart Transport Systems

Liu, Tong; Sabrina, Fariza; Jang-Jaccard, Julian; Xu, Wen; Wei, Yuanyuan

doi:10.3390/s22010032

Cited by 28 publications

(11 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Deep learning is a major branch of machine learning that is based on neural networks with at least two hidden layers. Deep learning is better suited at automatically learning and extracting features from large data sets, and has shown promising performance [8,[12][13][14][15]. In spite of these advantages, feature engineering still plays an important role in deep learning models when faced with high dimensional structured data [16].…”

Section: Introductionmentioning

confidence: 99%

IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset

et al. 2023

Self Cite

View full text Add to dashboard Cite

The effectiveness of machine learning models can be significantly averse to redundant and irrelevant features present in the large dataset which can cause drastic performance degradation. This paper proposes IGRF-RFE: a hybrid feature selection method tasked for multi-class network anomalies using a multilayer perceptron (MLP) network. IGRF-RFE exploits the qualities of both a filter method for its speed and a wrapper method for its relevance search. In the first phase of our approach, we use a combination of two filter methods, information gain (IG) and random forest (RF) respectively, to reduce the feature subset search space. By combining these two filter methods, the influence of less important features but with the high-frequency values selected by IG is more effectively managed by RF resulting in more relevant features to be included in the feature subset search space. In the second phase of our approach, we use a machine learning-based wrapper method that provides a recursive feature elimination (RFE) to further reduce feature dimensions while taking into account the relevance of similar features. Our experimental results obtained based on the UNSW-NB15 dataset confirmed that our proposed method can improve the accuracy of anomaly detection as it can select more relevant features while reducing the feature space. The results show that the feature is reduced from 42 to 23 while the multi-classification accuracy of MLP is improved from 82.25% to 84.24%.

show abstract

Section: Introductionmentioning

confidence: 99%

IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset

et al. 2023

Self Cite

View full text Add to dashboard Cite

show abstract

“…Conversely, [11] suggests a multi-tier model that achieves a recall rate of 28.6%, while [12] introduces the DIDDOS approach with the highest recall rate recorded at 99.91%. In the same manner, the bandwidth control mechanism proposed by [13] has obtained the highest recall of 96.00%, while the hybrid deep learning approach suggested by [14] has obtained the highest recall of 99.00%. Meanwhile, our proposed AWTPSO model obtains a higher recall than both previous models, which is 99.98% using the same conditions.…”

Section: Data Preprocessingmentioning

confidence: 76%

“…According to [4], they suggest an SSK-DDoS system, and the highest precision obtained from their system is 96.00%, while the multi-tier model suggested by [11] has obtained the highest precision at 62.2%, whereas the DIDDOS approach suggested by [12] has obtained the highest precision at 99.71%. In the same manner, the bandwidth control mechanism proposed by [13] has obtained the highest precision of 86.00%, while the hybrid deep learning approach suggested by [14] has obtained the highest precision of 91.00%. Meanwhile, our proposed AWTPSO model obtains higher precision than both previous models, which is 99.99% using the same conditions.…”

Section: Data Preprocessingmentioning

confidence: 79%

See 1 more Smart Citation

Enhanced PSO Algorithm for Detecting DRDoS Attacks on LDAP Servers

2023

IJIES

View full text Add to dashboard Cite

In recent years, there has been an increase in distributed reflective denial of service (DRDoS) attacks, particularly those that target open lightweight directory access protocol (LDAP) servers. These attacks involve transmitting a small request to a large number of available LDAP servers, seeking information from all users. Consequently, the servers respond with significantly more data than the original request, amplifying the traffic and overwhelming the target with massive amounts of data. Therefore, this paper proposes a novel model for detecting LDAP-based DRDoS attacks by utilizing an enhanced particle swarm optimization (PSO) algorithm based on an adaptive weighted threshold (AWTPSO) model. The proposed AWTPSO model incorporates network traffic features and LDAP protocol characteristics to identify attack patterns. It further employs an adaptive weighted threshold model to dynamically adjust the threshold value for each feature. The enhanced PSO algorithm optimizes the threshold values, thereby improving the detection accuracy of the proposed model. The proposed AWTPSO detection model has been validated using the recent CICDDoS2019 dataset (LDAP sub-dataset). The experimental results demonstrate that the AWTPSO model effectively detects LDAP-based DRDoS attacks with exceptional accuracy of 99.99% and minimal false positives of 0.01%, surpassing other state-of-the-art techniques. Consequently, the proposed model presents a highly promising and robust solution for detecting the threat of LDAP-based DRDoS attacks on enterprise networks.

show abstract

“…The proliferation of machine learning techniques has allowed the reduction of manual intervention and has offered more automation-based machine analysis to rapidly recognize different types of ransomware (and other malware) to reduce a significantly increasing loss of money and productivity [7,8,9,10]. Semi-automated approaches using random forest [11,12] were proposed to detect malware rapidly.…”

Section: Introductionmentioning

confidence: 99%

A Ransomware Triage Approach using a Task Memory based on Meta-Transfer Learning Framework

Zhu¹,

Jang-Jaccard²,

Welch³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Solutions for rapid prioritization of different ransomware have been raised to formulate fast response plans to minimize socioeconomic damage from the massive growth of ransomware attacks in recent years. To address this concern, we propose a ransomware triage approach that can rapidly classify and prioritize different ransomware classes. Our Siamese Neural Network (SNN) based approach utilizes a pre-trained ResNet18 network in a meta-learning fashion to reduce the biases in weight and parameter calculations typically associated with a machine learning model trained with a limited number of training samples. Instead of image features typically used as inputs to many existing machine learning-based triage applications, our approach uses the entropy features directly obtained from the ransomware binary files to improve feature representation, resilient to obfuscation noise, and computationally less expensive. Our triage approach can classify ransomware samples into the correct classes if the ransomware features significantly match known ransomware profiles. Our evaluation shows that this classification part of our proposed approach achieves the accuracy exceeding 88% and outperforms other similar classification only machine learning-based approaches. In addition, we offer a new triage strategy based on the normalized and regularized weight ratios that evaluate the level of similarity matching across ransomware classes to identify any risky and unknown ransomware (e.g., zero-day attacks) so that a rapid further analysis can be conducted.

show abstract

Artificial Intelligence-Enabled DDoS Detection for Blockchain-Based Smart Transport Systems

Cited by 28 publications

References 35 publications

IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset

IGRF-RFE: a hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 dataset

Enhanced PSO Algorithm for Detecting DRDoS Attacks on LDAP Servers

A Ransomware Triage Approach using a Task Memory based on Meta-Transfer Learning Framework

Contact Info

Product

Resources

About