IMPACT: Impersonation Attack Detection via Edge Computing Using Deep Autoencoder and Feature Abstraction

Lee, Seo Jin; Yoo, Paul D.; Asyhari, A. Taufiq; Jhi, Yoon-Chan; Chermak, Lounis; Yeun, Chan Yeob; Taha, Kamal

doi:10.1109/access.2020.2985089

Cited by 75 publications

(49 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, supervised learning alone is not feasible for modern IDSs because there are many possible attacks with different features, which renders the training process computationally expensive and time consuming. Therefore, most recent research works have applied autoencoders in IDSs and obtained promising outputs [48,49]. An autoencoder is an unsupervised learning technique that uses neural networks for the so-called task of representation learning [50].…”

Section: System Modelmentioning

confidence: 99%

Deep Semisupervised Learning-Based Network Anomaly Detection in Heterogeneous Information Systems

Lutsiv¹,

Maksymyuk²,

Beshley³

et al. 2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

The extensive proliferation of modern information services and ubiquitous digitization of society have raised cybersecurity challenges to new levels. With the massive number of connected devices, opportunities for potential network attacks are nearly unlimited. An additional problem is that many low-cost devices are not equipped with effective security protection so that they are easily hacked and applied within a network of bots (botnet) to perform distributed denial of service (DDoS) attacks. In this paper, we propose a novel intrusion detection system (IDS) based on deep learning that aims to identify suspicious behavior in modern heterogeneous information systems. The proposed approach is based on a deep recurrent autoencoder that learns time series of normal network behavior and detects notable network anomalies. An additional feature of the proposed IDS is that it is trained with an optimized dataset, where the number of features is reduced by 94% without classification accuracy loss. Thus, the proposed IDS remains stable in response to slight system perturbations, which do not represent network anomalies. The proposed approach is evaluated under different simulation scenarios and provides a 99% detection accuracy over known datasets while reducing the training time by an order of magnitude.

show abstract

Section: System Modelmentioning

confidence: 99%

Deep Semisupervised Learning-Based Network Anomaly Detection in Heterogeneous Information Systems

Lutsiv¹,

Maksymyuk²,

Beshley³

et al. 2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

show abstract

“…In the second work, several shallow algorithms such as random forest are also used to detect anomalies using the output of VAE. In a similar manner, the work introduced in [20] employs VAE with gradientbased linear SVM to detect some particular attacks on the AWID2019 dataset, where SVM first reduces feature dimension then VAE selects the most relevant features. It is reported that the detection rate is higher than state-of-art models.…”

Section: Autoencoder (Ae)mentioning

confidence: 99%

“…It is reported that the detection rate is higher than state-of-art models. In addition to models in [18][19][20], the model introduced in [21] combines VAE with GAN and DNN. Basically, it uses VAE to obtain new input representations formed in a statistical and nonlinear way then GAN to make less-represented intrusions augmented.…”

Section: Autoencoder (Ae)mentioning

confidence: 99%

AI for Cybersecurity: ML-Based Techniques for Intrusion Detection Systems

Gumusbas

Yıldırım

2021

Learning and Analytics in Intelligent Systems

View full text Add to dashboard Cite

Through this chapter, problems in cybersecurity and the potential AIbased solutions are first introduced. Then, several proposed methods based on Machine Learning in cybersecurity are discussed with examples to give detailed insights to the reader. Finally, the chapter is concluded with an overview of open topics as well as potential directions in cybersecurity within the scope of conclusions of researches in the literature. D. Gumusbas (B) • T.

show abstract

“…They built the classifier for normal and impersonation attack samples. A quite similar approach was followed by Lee et al that emphasized three phases in the proposed IDS, feature extraction using SAE, feature selection using Mutual Information and C4.8, and SVM based classification with gradient descent optimization [14]. The goal was to reduce the number of features as much as possible for classification.…”

Section: Related Workmentioning

confidence: 99%

A Machine Learning Based Two-Stage Wi-Fi Network Intrusion Detection System

et al. 2020

View full text Add to dashboard Cite

The growth of wireless networks has been remarkable in the last few years. One of the main reasons for this growth is the massive use of portable and stand-alone devices with wireless network connectivity. These devices have become essential on the daily basis in consumer electronics. As the dependency on wireless networks has increased, the attacks against them over time have increased as well. To detect these attacks, a network intrusion detection system (NIDS) with high accuracy and low detection time is needed. In this work, we propose a machine learning (ML) based wireless network intrusion detection system (WNIDS) for Wi-Fi networks to efficiently detect attacks against them. The proposed WNIDS consists of two stages that work together in a sequence. An ML model is developed for each stage to classify the network records into normal or one of the specific attack classes. We train and validate the ML model for WNIDS using the publicly available Aegean Wi-Fi Intrusion Dataset (AWID). Several feature selection techniques have been considered to identify the best features set for the WNIDS. Our two-stage WNIDS achieves an accuracy of 99.42% for multi-class classification with a reduced set of features. A module for eXplainable Artificial Intelligence (XAI) is implemented as well to understand the influence of features on each type of network traffic records.

show abstract

IMPACT: Impersonation Attack Detection via Edge Computing Using Deep Autoencoder and Feature Abstraction

Cited by 75 publications

References 13 publications

Deep Semisupervised Learning-Based Network Anomaly Detection in Heterogeneous Information Systems

Deep Semisupervised Learning-Based Network Anomaly Detection in Heterogeneous Information Systems

AI for Cybersecurity: ML-Based Techniques for Intrusion Detection Systems

A Machine Learning Based Two-Stage Wi-Fi Network Intrusion Detection System

Contact Info

Product

Resources

About