Mitigation of Black-Box Attacks on Intrusion Detection Systems-Based ML

Alahmed, Shahad; Alasad, Qutaiba; Hammood, Maytham M.; Yuan, J.S.; Alawad, Mohammed

doi:10.3390/computers11070115

Cited by 13 publications

(11 citation statements)

References 47 publications

(67 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Table 1, the attacks are listed. To more accurately represent the attacks, a network infrastructure with machine diversity similar to real-world networks was developed (five departments making up the victim organisation, with fifty attacker machines, four hundred victim machines, and thirty servers) [3,2]. The dataset includes 80 features that CICFlowMeter-V3 retrieved from the traffic, together with forward and backward collected system logs and network traffic for each machine [33].…”

Section: Experiments and Discussionmentioning

confidence: 99%

“…The output gate manages the distribution of the most recent data to other networks. It is denoted by the symbol OG and the output gate's value at time instance t is expressed in Equation (3).…”

Section: Long Short-term Memory (Lstm)mentioning

confidence: 99%

“…2023, Brno, Czech RepublicX Institute for Cybersecurity, both of which have their headquarters in Fredericton, Canada[?]. The most recent intrusion dataset, acquired to conduct real attacks, is the CSE-CIC-IDS2018[3]. It is available to the public.…”

mentioning

confidence: 99%

See 2 more Smart Citations

A Hybrid Extreme Gradient Boosting and Long Short-Term Memory Algorithm for Cyber Threats Detection

Amin,

El-Taweel,

Ali

et al. 2023

mendel

View full text Add to dashboard Cite

The vast amounts of data, lack of scalability, and low detection rates of traditional intrusion detection technologies make it impossible to keep up with evolving and increasingly sophisticated cyber threats. Therefore, there is an urgent need to detect and stop cyber threats early. Deep Learning has greatly improved intrusion detection due to its ability to self-learn and extract highly accurate features. In this paper, a Hybrid XG Boosted and Long Short-Term Memory algorithm (HXGBLSTM) is proposed. A comparative analysis is conducted between the computational performance of six established evolutionary computation algorithms and the recently developed bio-inspired metaheuristic algorithm called Zebra Optimisation Algorithm. These algorithms include the Particle Swarm Optimisation Algorithm, the Bio-inspired Algorithms, Bat Optimisation Algorithm, Firefly Optimisation Algorithm, and Monarch Butterfly Optimisation Algorithm, as well as the Genetic Algorithm as an Evolutionary Algorithm. The dimensionality curse has been mitigated by using these metaheuristic methods for feature selection, and the results are compared with the wrapper-based feature selection XGBoost algorithm. The proposed algorithm uses the CSE-CIC -IDS2018 dataset, which contains the latest network attacks. XGBoost outperformed the other FS algorithms and was used as the feature selection algorithm. In evaluating the effectiveness of the newly proposed HXGBLSTM, binary and multi-class classifications are considered. When comparing the performance of the proposed HXGBLSTM for cyber threat detection, it outperforms seven innovative deep learning algorithms for binary classification and four of them for multi-class classification. Other evaluation criteria such as recall, F1 score, and precision have been also used for comparison. The results showed that the best accuracy for binary classification is 99.8\%, with F1-score of 99.83\%, precision of 99.85\%, and recall of 99.82\%, in extensive and detailed experiments conducted on a real dataset. The best accuracy, F1-score, precision, and recall for multi-class classification were all around 100\%, which does give the proposed algorithm an advantage over the compared ones.

show abstract

Section: Experiments and Discussionmentioning

confidence: 99%

Section: Long Short-term Memory (Lstm)mentioning

confidence: 99%

See 1 more Smart Citation

A Hybrid Extreme Gradient Boosting and Long Short-Term Memory Algorithm for Cyber Threats Detection

Amin,

El-Taweel,

Ali

et al. 2023

mendel

View full text Add to dashboard Cite

show abstract

“…The CSE-CIC-IDS2018 intrusion detection dataset was created in 2018 by the Communications Security Establishment and the Canadian Institute for Cybersecurity, both of which have their headquarters in Fredericton, Canada ( [52]; [53]). It is the most recent intrusion dataset, acquired to conduct real attacks [54]. It is available to the public.…”

Section: B Cse-cic-ids2018 Datasetmentioning

confidence: 99%

“…Common attacks are listed in Table 5. To more accurately represent the attacks, a network infrastruc- ture with machine diversity similar to real-world networks was developed (five departments making up the victim organization, with fifty attacker machines, four hundred victim machines, and thirty servers) ( [54]; [3]).…”

Section: B Cse-cic-ids2018 Datasetmentioning

confidence: 99%

Hybrid Chaotic Zebra Optimization Algorithm and Long Short-Term Memory for Cyber Threats Detection

Amin,

El-Taweel,

Ali

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Cyber Threat Detection (CTD) is subject to complicated and rapidly accelerating developments. Poor accuracy, high learning complexity, limited scalability, and a high false positive rate are problems that CTD encounters. Deep Learning defense mechanisms aim to build effective models for threat detection and protection allowing them to adapt to the complex and ever-accelerating changes in the field of CTD. Furthermore, swarm intelligence algorithms have been developed to tackle the optimization challenges. In this paper, a Chaotic Zebra Optimization Long-Short Term Memory (CZOLSTM) algorithm is proposed. The proposed algorithm is a hybrid between Chaotic Zebra Optimization Algorithm (CZOA) for feature selection and LSTM for cyber threat classification in the CSE-CIC-IDS2018 dataset. Invoking the chaotic map in CZOLSTM can improve the diversity of the search and avoid trapping in a local minimum. In evaluating the effectiveness of the newly proposed CZOLSTM, binary and multi-class classifications are considered. The acquired outcomes demonstrate the efficiency of implemented improvements across many other algorithms. When comparing the performance of the proposed CZOLSTM for cyber threat detection, it outperforms six innovative deep learning algorithms for binary classification and five of them for multiclass classification. Other evaluation criteria such as accuracy, recall, F1 score, and precision have been also used for comparison. The results showed that the best accuracy was achieved using the proposed algorithm for binary is 99.83%, with F1-score of 99.82%, precision of 99.83%, and recall of 99.82%. The proposed CZOLSTM algorithm also achieved the best performance for multi-class classification among other compared algorithms.

show abstract

Intrinsic Weaknesses of IDSs to Malicious Adversarial Attacks and Their Mitigation

Chaitou,

Robert,

Leneutre

et al. 2023

Communications in Computer and Information Science

View full text Add to dashboard Cite

Mitigation of Black-Box Attacks on Intrusion Detection Systems-Based ML

Cited by 13 publications

References 47 publications

A Hybrid Extreme Gradient Boosting and Long Short-Term Memory Algorithm for Cyber Threats Detection

A Hybrid Extreme Gradient Boosting and Long Short-Term Memory Algorithm for Cyber Threats Detection

Hybrid Chaotic Zebra Optimization Algorithm and Long Short-Term Memory for Cyber Threats Detection

Intrinsic Weaknesses of IDSs to Malicious Adversarial Attacks and Their Mitigation

Contact Info

Product

Resources

About