Mesopotamian Journal of CyberSecurity

An optimized model for network intrusion detection in the network operating system environment

2024-11-07T18:56:09+00:00

With the heavy reliance on computers and information technology to send and receive data across networks of various types, there has been concern about securing that data from intrusions and cyber-attacks. The expansion of network usage has led to an increase in hacker attacks, which has led to prioritizing cybersecurity precautions in detecting potential threats. Intrusion detection techniques are a critical security measure to protect networks in both personal and corporate environments that are managed by network operating systems. For this, the paper relies on designing a network intrusion detection model. Since deep neural networks (DNNs) are classic deep learning models known for their strong classification performance, making them popular in intrusion detection along with other machine learning algorithms, they have been chosen to improve intrusion classification models based on datasets for intrusion detection systems. The basic structure of this proposal is to adopt one of the optimization algorithms in extracting features from the dataset to obtain more accurate results in the classification and intrusion detection stage. The developed Corona Virus algorithm is adopted to improve the system performance by identifying optimal features. This algorithm, which consists of several stages, optimally selects individuals based on features from the NSL-KDD dataset used for intrusion detection. The resulting optimization solution acts as a network structure for the intrusion classification model based on machine learning and deep learning algorithms. The test results showed exceptional performance on the NSL-KDD dataset, where the proposed Convolution Neural Network CNN model achieved 99.3% accuracy for multi-class classification, while the Decision Tree (DT) achieved 88.64% accuracy for anomaly detection in bi-class classification.

A New Lightweight Cryptosystem for IoT in Smart City Environments

2024-10-13T13:36:58+00:00

Internet of Things (IoT) devices, user interfaces (UI), software, as well as communication networks are all deployed within Smart Cities topology. The security approach designed for Internet of Things IoT should be able to prevent and detect both internal and external attacks. The problem in IoT network that not every linked node or device has an adequate amount of processing power. This means that data encryption and other related activities will be impossible and means that the security of any kind must be lightweight. A trustworthy security solution that stops illegal access to private data on the network is necessary for maintaining the privacy of information on the Internet of Things. Cryptographic processes need to be quicker and more compact without sacrificing security. The aim of this study is to reduce the execution time and power consumption of encryption processes without compromise the complexity of the encryption algorithm. This research presents a new lightweight cryptographic technique to protect various multimedia and real-time traffics across IoT network, by using two S-box in SubByte of encryption process, without affecting its performance. In this study, different audio samples will be used to test the new algorithm efficiency. Comparing the suggested method to the most advanced standard algorithm, it can reduce the cryptography process's execution time as well as energy consumption while maintaining the required security level. The outcomes demonstrate good performance in terms of power usage and delay. The new technique consumed a roughly 0.2 µJ for encryption process while the typical AES algorithm consumed 0.29 µJ, this mean the new algorithm achieved (33% power savings), while maintaining a good complexity level (security) within the process of encryption according to the results in tables I, II, and the comparison in table III. The novelty of this work can be showed by using dual XOR S-box technique which increased the complexity of SubByte process making it more secure without overload the processing performance, in addition to the reduction in encryption rounds which contribute to enhance the performance without compromise the security. Making it more suited for the Internet of Things (IoT) used in smart city environments.

Enhancing Electronic Agriculture Data Security with a Blockchain-Based Search Method and E-Signatures

2024-09-10T10:14:22+00:00

The production of digital signatures with blockchain constitutes a prerequisite for the security of electronic agriculture applications (EAA), such as the Internet of Things (IoT). To prevent irresponsibility within the blockchain, attackers regularly attempt to manipulate or intercept data stored or sent via EAA-IoT. Additionally, cybersecurity has not received much attention recently because IoT applications are still relatively new. As a result, the protection of EAAs against security threats remains insufficient. Moreover, the security protocols used in contemporary research are still insufficient to thwart a wide range of threats. For these security issues, first, this study proposes a security system to combine consortium blockchain blocks with Edwards25519 (Ed25519) signatures to stop block data tampering in the IoT. Second, the proposed study leverages an artificial bee colonizer (ABC) approach to preserve the unpredictable nature of Ed25519 signatures while identifying the optimal solution and optimizing various complex challenges. Advanced deep learning (ADL) technology is used as a model to track and evaluate objects in the optimizer system. We tested our system in terms of security measures and performance overhead. Tests conducted on the proposed system have shown that it can prevent the most destructive applications, such as obfuscation, selfish mining, block blocking, block ignoring, blind blocking, and heuristic attacks, and that our system fends off these attacks through the use of the test of the Scyther tool. Additionally, the system measures performance parameters, including a scalability of 99.56%, an entropy of 60.99 Mbps, and a network throughput rate of 200,000.0 m/s, which reflects the acceptability of the proposed system over existing security systems.

A Systematic Literature Review on Cyber Attack Detection in Software-Define Networking (SDN)

2024-11-12T02:33:28+00:00

The increasing complexity and sophistication of cyberattacks pose significant challenges to traditional network security tools. Software-defined networking (SDN) has emerged as a promising solution because of its centralized management and adaptability. However, cyber-attack detection in SDN settings remains a vital issue. The current literature lacks comprehensive assessment of SDN cyber-attack detection methods including preparation techniques, benefits and types of attacks analysed in datasets. This gap hinders the understanding of the strengths and weaknesses of various detection approaches. This systematic literature review aims to examine SDN cyberattack detection, identify strengths, weaknesses, and gaps in existing techniques, and suggest future research directions in this critical area. A systematic approach was used to review and analyse various SDN cyberattack detection techniques from 2017--2024. A comprehensive assessment was conducted to address these research gaps and provide a comprehensive understanding of different detection methods. The study classified attacks on SDN planes, analysed detection datasets, discussed feature selection methods, evaluated approaches such as entropy, machine learning (ML), deep learning (DL), and federated learning (FL), and assessed metrics for evaluating defense mechanisms against cyberattacks. The review emphasized the importance of developing SDN-specific datasets and using advanced feature selection algorithms. It also provides valuable insights into the state-of-the-art techniques for detecting cyber-attacks in SDN and outlines a roadmap for future research in this critical area. This study identified research gaps and emphasized the importance of further exploration in specific areas to increase cybersecurity in SDN environments.

Hybrid Classifier for Detecting Zero-Day Attacks on IoT Networks

2024-11-05T06:59:50+00:00

Recently, Internet of Things (IoT) networks have been exposed to many electronic attacks, giving rise to concerns about the security of these networks, where their weaknesses and gaps can be exploited to access or steal data. These networks are threatened by several cyberattacks, one of which is the zero-day distributed denial-of-service (DDoS) attack, which is considered one of the dangerous attacks targeting network security. As such, it is necessary to find smart solutions to address such attacks swiftly. To address these attacks, this research proposed a hybrid IDS to detect cyber-attacks on IoT networks via machine learning (ML) algorithms, namely, XGBoost, K-nearest neighbors, and stochastic gradient descent (SGD), while classifiers are combined via an ML ensemble. Grid search CV was used to find the best hyperparameters for each classifier at each classification stage. Random projection was used to select the relevant features for training the model. In the evaluation and performance testing phase of the model, two cybersecurity datasets (CIC-IDS2017 and CIC-DDoS2019) were used to test the efficiency of the model in detecting zero-day threats. The best results were obtained for the CIC-DDoS2019 dataset, where 20 features out of the total selection were used. The model was able to achieve an accuracy of 99.91% and an intrusion detection time of 0.22 seconds. The confusion matrix results also revealed a reduction in false alarms. The results and their comparison with those of recent relevant studies demonstrated the effectiveness of the hybrid model in securing IoT networks from zero-day attacks as well as its superiority in terms of accuracy and intrusion detection time. This study is an important step in enhancing security in the IoT environment by presenting a new hybrid model that is capable of dealing with zero-day attacks that are difficult to detect with traditional models.

A Classifier-Driven Deep Learning Clustering Approach to Enhance Data Collection in MANETs

2024-09-26T17:17:43+00:00

The conventional clustering and routing approaches used in mobile ad hoc networks (MANETs) may fail to work effectively in a dynamic network environment where nodes are highly mobile and the traffic load may also vary significantly. These limitations result in negative effects such as high packet drop rates, delays in data transmission, and low delivery rates, which make these methods unfit for modern high-density networks. To overcome these issues, this paper proposes a new deep learning-based classifier for adaptive clustering in MANETs. Through the use of machine learning algorithms, the proposed method is able to adapt to node clustering through node behavior, mobility, and content distribution in real-time, thus improving network performance. This work compares the performance of the network on networks that contain 50, 100, and 200 nodes via a clustering algorithm. The performance parameters considered include the delivery ratio, packet drop ratio, and end-to-end delay. The evaluation findings show that the developed deep learning-based classifier is far more effective than the non-clustered and conventional clustering approaches are. In particular, the classifier approach provides a delivery rate of up to 89.4%, which is significantly better than that of the baseline scenarios and decreases packet drop rates by more than 70%, especially in high-density node scenarios. In addition, the proposed approach reduces the network delay and effectively handles the inherent dynamic characteristics of MANETs.

Design and Practical Implementation of a Stream Cipher Algorithm Based on a Lorenz System

2024-11-20T02:39:10+00:00

Currently, the security of data has gained significant attention in modern life. Researchers have continued to address this issue. This work addresses image encryption in communication systems. It presents a proposed design and implementation of a cryptography system based on the Lorenz chaos oscillator. The paper methodology uses Xilinx System Generator (XSG) and Field Programmable Gate Array (FPGA) technologies to implement the chaotic system. To determine the approach that uses the least amount of FPGA resources while providing effective and efficient performance, the differential equations of the Lorenz chaotic system are solved via the forward-Euler and Runge–Kutta integration techniques. In the XSG environment, a secure communication system is constructed on the basis of the solution of the differential equations. After that, the planned communication system is implemented on the FPGA board and tested to encrypt images (coloured images). The histogram, entropy and other related security analysis factors are calculated and analysed to test the efficiency of the designed system. Six statistical methods were employed to provide a high level of image encryption in this work. Findings have shown that the proposed system generates (with stable, fast and robust performance) pseudorandom bits that can be successfully used to encrypt the data bits. The simulation and FPGA results are in good agreement; however, the security analysis factors prove that the system can be successfully adopted for image encryption purposes in real-time applications.

CryptoGenSec: A Hybrid Generative AI Algorithm for Dynamic Cryptographic Cyber Defence

2024-07-30T08:06:54+00:00

As the world of cybersecurity constantly changes, traditional cryptographic techniques have faced limitations in the context of today's sophisticated and dynamic threats. Existing protections usually adopt static algorithms and key structures, making it difficult for them to resist the categories of modern attacks. This research paper, therefore, presents CryptoGenSec, a brand-new generative AI algorithm based on a hybrid consisting of generative adversarial networks (GANs) on reconnaissance learning (RL), for the purpose of increasing cryptographic cyber defences. CryptoGenSec applies a GAN to simulate various types of attack scenarios in cyberspace to perceive possible vulnerabilities. Then, RL refines the response strategies of our algorithm through recursive learning from the above simulations in real time and realizes the dynamic adaptation and evolution of defense mechanisms. By assessing the results of CryptoGenSec’s performance when traditional security methods are used as baselines, we can use several metrics for evaluation, such as detection accuracy, response time, resilience and evolution ability. According to these findings, the superiority of CryptoGenSec over conventional mechanisms becomes evident. To be more specific, it even shows an overwhelming edge in terms of threat detection, resulting in a 20% increase in speed of response, a 30% decrease in speed of response, and resisting power, making it 25% harder than the other methods. Moreover, it has a greater possibility of eliminating false-positive effects, which usually come from new and even dawned jeopardy: 50%. Moreover, to highlight the making-a-fortune frauds in the zero-day world, a comparison of the cohorts makes CryptoGenSec a 40% upper step. Stopping attackers from taking away all their data is also its plus point, which gains 95% achievement, whereas using mere methods only results in a 70% possibility. An enormous step in cybersecurity was taken with the combination of GANs and RL within the CryptoGenSec algorithm. Instead of being defenceless against all attacks, this approach changes and matches the threat level when necessary. The highly promising results presented here demonstrate its potential as a crucial technology for addressing the growing complexities of cyber challenges. This is a large step toward making defensive mechanisms more efficient and reliable.