Discriminative spatial-temporal feature learning for modeling network intrusion detection systems

Wanjau, Stephen Kahara; Wambugu, Geoffrey Mariga; Oirere, Aaron M.; Muketha, Geoffrey Muchiri

doi:10.3233/jcs-220031

Cited by 3 publications

(2 citation statements)

References 56 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Today's computer systems are universally vulnerable to cyberattacks, necessitating continuous and comprehensive security measures to mitigate risks [54]. Modern technology infrastructures incorporate various security components, including firewalls, intrusion detection and prevention systems, and security software on devices, to fortify against threats [55]. However, the autonomous operation of these measures requires the integration and analysis of data from different security elements for a complete threat overview, highlighting the importance of Security Information and Event Management systems [56].…”

Section: Reportingmentioning

confidence: 99%

Enhancing the Efficiency of a Cyber SOC Using Biomimetic Algorithms Empowered by Deep Q–Learning

Olivares,

Salinas,

Ravelo

et al. 2024

Preprint

View full text Add to dashboard Cite

Given the landscape of intricate and constantly evolving cyber threats, organizations demand refined strategies to deploy a Security Information and Event Management to support the management of a Cyber Security Operations Center. The dynamic nature of cyber threats complicates the efficient allocation of the location of network intrusion detection sensors, a critical component of a robust cybersecurity framework. Our research introduces an approach that integrates the precision of biomimetic optimization algorithms with the adaptability of Deep Q–Learning. By employing different biomimetic algorithms enhanced with deep learning, we aim to refine the deployment of sensors in network infrastructures, balancing the network security imperative against deployment costs. The results of computational tests demonstrate that the improved iterations leveraging Deep Q–Learning have outperformed their native counterparts. These findings underscore the importance of reinforcement learning, specifically through Deep Q–Learning, as a powerful tool to enhance the effectiveness of metaheuristics in addressing optimization challenges.

show abstract

Section: Reportingmentioning

confidence: 99%

Enhancing the Efficiency of a Cyber SOC Using Biomimetic Algorithms Empowered by Deep Q–Learning

Olivares,

Salinas,

Ravelo

et al. 2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Today’s computer systems are universally vulnerable to cyberattacks, necessitating continuous and comprehensive security measures to mitigate risks [ 61 ]. Modern technology infrastructures incorporate various security components, including firewalls, intrusion detection and prevention systems, and security software on devices, to fortify against threats [ 62 ]. However, the autonomous operation of these measures requires the integration and analysis of data from different security elements for a complete threat overview, highlighting the importance of Security Information and Event Management systems [ 63 ].…”

Section: Preliminariesmentioning

confidence: 99%

Enhancing the Efficiency of a Cybersecurity Operations Center Using Biomimetic Algorithms Empowered by Deep Q-Learning

Olivares,

Salinas,

Ravelo

et al. 2024

Biomimetics

View full text Add to dashboard Cite

In the complex and dynamic landscape of cyber threats, organizations require sophisticated strategies for managing Cybersecurity Operations Centers and deploying Security Information and Event Management systems. Our study enhances these strategies by integrating the precision of well-known biomimetic optimization algorithms—namely Particle Swarm Optimization, the Bat Algorithm, the Gray Wolf Optimizer, and the Orca Predator Algorithm—with the adaptability of Deep Q-Learning, a reinforcement learning technique that leverages deep neural networks to teach algorithms optimal actions through trial and error in complex environments. This hybrid methodology targets the efficient allocation and deployment of network intrusion detection sensors while balancing cost-effectiveness with essential network security imperatives. Comprehensive computational tests show that versions enhanced with Deep Q-Learning significantly outperform their native counterparts, especially in complex infrastructures. These results highlight the efficacy of integrating metaheuristics with reinforcement learning to tackle complex optimization challenges, underscoring Deep Q-Learning’s potential to boost cybersecurity measures in rapidly evolving threat environments.

show abstract

Application of IoT technology in cyber security prevention system

Dong,

Wang,

Guo

et al. 2024

Applied Mathematics and Nonlinear Sciences

View full text Add to dashboard Cite

In the process of gradually expanding the scale of computer networks and the design of network systems becoming more and more complex, people pay more and more attention to the construction of network security protection systems. Starting from the blockchain encryption technology, the article establishes the authentication and access management key based on the elliptic curve encryption algorithm and combines the maximum entropy model with the hidden Markov model to construct the MEMM for intrusion detection of network security. Based on the effective signal-to-noise ratio model of the network channel, an adaptive channel selection strategy based on the UCB algorithm is proposed. The IoT security prevention system is built based on IoT technology, and each functional module of the system is designed. The system’s authentication security, network intrusion detection, adaptive channel selection, and concurrency performance were tested after the design was completed. The encryption operation time of the ECC algorithm was improved by 41.53% compared to the RSA algorithm, the average time of the MEMM network intrusion detection was 41.54ms, and the false alarm rate of the intrusion detection was kept below 16.5%. The average packet collection rate of the nodes in the adaptive channel selection algorithm is 90.98%. The maximum system throughput is up to 62.19MB, and the extreme difference in data volume between different nodes is only 38 entries. Constructing a network security prevention system based on IoT technology and combining multiple encryption techniques can ensure the secure transmission of network data.

show abstract

Discriminative spatial-temporal feature learning for modeling network intrusion detection systems

Cited by 3 publications

References 56 publications

Enhancing the Efficiency of a Cyber SOC Using Biomimetic Algorithms Empowered by Deep Q–Learning

Enhancing the Efficiency of a Cyber SOC Using Biomimetic Algorithms Empowered by Deep Q–Learning

Enhancing the Efficiency of a Cybersecurity Operations Center Using Biomimetic Algorithms Empowered by Deep Q-Learning

Application of IoT technology in cyber security prevention system

Contact Info

Product

Resources

About