Development of PCCNN-Based Network Intrusion Detection System for EDGE Computing

Abodayeh, Kamaledin; Raza, Ali; Rafiq, Muhammad Umer; Arif, Muhammad; Naveed, Muhammad; Zeb, Zunir; Abbas, Syed Zaheer; Shahzadi, Kiran; Sarwar, Sana; Naveed, Qasim; Zaman, Badar Ul; Mohsin, Muhammad

doi:10.32604/cmc.2022.018708

Cited by 21 publications

(10 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To evaluate the proposed approach, we perform some compared experiments by using the typical SWaT dataset, and the experimental results fully verify that: (1) our approach can achieve a relatively ideal detection precision and recall rate, both of which exceed 90% for the majority of attack types; and (2) the high F1-score also explains that our approach has fine detection stability. Although our approach exhibits the relatively excellent detection ability to identify the process control-oriented threat, some problems still deserves further investigation, mainly including: firstly, for some complicated control and monitoring process that involves lots of critical control devices, the pattern association analysis may become one bottleneck problem due to its degraded performance; secondly, there is still room to improve the detection precision for some special attacks; thirdly, because one complicated control and monitoring process may generate one large-scale functional state transition model, the overfitting and model tuning is further required to guarantee the fine enough detection performance [26,44,45].…”

Section: Discussionmentioning

confidence: 99%

“…Moreover, AI algorithms have excellent self-learning and self-adaptation abilities, which are particularly suitable for analyzing the implicit data correlation and multi-dimensional behavior changes in industrial automation control [19]. More specifically, the AI algorithms applied in ML-based anomaly detection largely consist of the traditional machine learning algorithms and the deep learning algorithms: (1) the traditional machine learning algorithms, such as Neural Network [20], Support Vector Method [21], Clustering Algorithm [22], Genetic Algorithm [23] and Decision Tree [24], can offer a fast and convenient detection service due to their lower computational complexity, and are well-suited for the small sample data handling; (2) the deep learning algorithms, such as Long Short-Term Memory [25], Convolutional Neural Network [26] and Recurrent Neural Network [27], can possess excellent learning and adaptive abilities to exploit some potential correlations in a large quantity of data, and jointly execute and optimize the feature representation and classification training by designing some optimization algorithms [28,29]. However, these algorithms frequently require more computing resources and greater computing capability due to their high complexity, and may have an adverse effect on detection efficiency.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Wan,

Hao,

et al. 2023

CMC

View full text Add to dashboard Cite

The process control-oriented threat, which can exploit OT (Operational Technology) vulnerabilities to forcibly insert abnormal control commands or status information, has become one of the most devastating cyber attacks in industrial automation control. To effectively detect this threat, this paper proposes one functional patternrelated anomaly detection approach, which skillfully collaborates the BinSeg (Binary Segmentation) algorithm with FSM (Finite State Machine) to identify anomalies between measuring data and control data. By detecting the change points of measuring data, the BinSeg algorithm is introduced to generate some initial sequence segments, which can be further classified and merged into different functional patterns due to their backward difference means and lengths. After analyzing the pattern association according to the Bayesian network, one functional state transition model based on FSM, which accurately describes the whole control and monitoring process, is constructed as one feasible detection engine. Finally, we use the typical SWaT (Secure Water Treatment) dataset to evaluate the proposed approach, and the experimental results show that: for one thing, compared with other changepoint detection approaches, the BinSeg algorithm can be more suitable for the optimal sequence segmentation of measuring data due to its highest detection accuracy and least consuming time; for another, the proposed approach exhibits relatively excellent detection ability, because the average detection precision, recall rate and F1-score to identify 10 different attacks can reach 0.872, 0.982 and 0.896, respectively.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Wan,

Hao,

et al. 2023

CMC

View full text Add to dashboard Cite

show abstract

“…Moreover, the Faster R-CNN de-signed by the team further improves the real-time performance of the detection system [ 17 ]. Haq et al proposed Principal Component-based Convolution Neural Network (PCCNN) approach using CNN to detect intrusions, achieving greater precision based on deep learning [ 18 ]. YOLO enables CNN-based detection methods to be applied to real-time industrial scenarios by treating the bi-classification task as a regression problem.…”

Section: Literature Reviewmentioning

confidence: 99%

Swin-Transformer -YOLOv5 for lightweight hot-rolled steel strips surface defect detection algorithm

Wang,

Dong,

Huang

2024

PLoS ONE

View full text Add to dashboard Cite

An essential industrial application is the examination of surface flaws in hot-rolled steel strips. While automatic visual inspection tools must meet strict real-time performance criteria for inspecting hot-rolled steel strips, their capabilities are constrained by the accuracy and processing speed of the algorithm used to identify defects. To solve the problems of poor detection accuracy, low detection efficiency, and unsuitability of low computing power platforms of the hot-rolled strip surface defect detection algorithm The Swin-Transformer-YOLOv5 model based on the improved one-stage detector is proposed. By employing GhostNet, the model’s lightweight design, and guaranteed detection accuracy are both achieved. The C3 module introduces Swin-Transformer to address the issues of cluttered backdrops of defect photos and easily confused defect categories. With the addition of the CoordAttention module, the model’s capacity to extract defective features is improved, and its performance keeps getting better. The issue of huge differences in different scales and poor detection of small flaws is resolved by employing BiFPN for feature fusion, and the detector’s capacity to adapt to targets of different scales is improved. The experimental results demonstrate that the improved Swin-Transformer-Yolov5 model significantly outperforms the industry-standard target detection algorithms, and the model’s mAP value still improves by 8.39% over the original model while reducing the number of parameters, GFLOPs, and weight by 36.6%, 40.0%, and 34.7%, respectively. The model is better suited for use on low-arithmetic platforms as a result.

show abstract

“…Besides, the title called deep-learning methods include both Machine learning (ML) and Deep learning (DL) models that have been broadly implemented in many areas such as image fusion [27,28], agricultural surveillance [29,30], environmental monitoring [31][32][33][34][35][36], sentiment analyses [37], medical image processing [38], and cyber security [39][40][41]. Moreover, the implementation of the deep learning methods can be divided into (1) training models, and (2) non-training models.…”

Section: Introductionmentioning

confidence: 99%

ICIF: Image fusion via information clustering and image features

et al. 2023

View full text Add to dashboard Cite

Image fusion technology is employed to integrate images collected by utilizing different types of sensors into the same image to generate high-definition images and extract more comprehensive information. However, all available techniques derive the features of the images by utilizing each sensor separately, resulting in poorly correlated image features when different types of sensors are utilized during the fusion process. The fusion strategy to make up for the differences between features alone is an important reason for the poor clarity of fusion results. Therefore, this paper proposes a fusion method via information clustering and image features (ICIF). First, the weighted median filter algorithm is adopted in the spatial domain to realize the clustering of images, which uses the texture features of an infrared image as the weight to influence the clustering results of the visible light image. Then, the image is decomposed into the base layer, bright detail layer, and dark detail layer, which improves the correlations between the layers after conducting the decomposition of a source graph. Finally, the characteristics of the images collected by utilizing sensors and feature information between the image layers are used as the weight reference of the fusion strategy. Hence, the fusion images are reconstructed according to the principle of extended texture details. Experiments on public datasets demonstrate the superiority of the proposed strategy over state-of-the-art methods. The proposed ICIF highlighted targets and abundant details as well. Moreover, we also generalize the proposed ICIF to fuse images with different sensors, e.g., medical images and multi-focus images.

show abstract

Development of PCCNN-Based Network Intrusion Detection System for EDGE Computing

Cited by 21 publications

References 41 publications

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Swin-Transformer -YOLOv5 for lightweight hot-rolled steel strips surface defect detection algorithm

ICIF: Image fusion via information clustering and image features

Contact Info

Product

Resources

About