Cyber situational awareness has been proven to be of value in forming a comprehensive understandi... more Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CR and TB platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CR and TB research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs different dimensions, as well as, highlighting a diminishing differentiation between application areas.
Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Syst... more Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Systems (IDS). The increase in both the number and sheer variety of new cyber-attacks poses a tremendous challenge for IDS solutions that rely on a database of historical attack signatures. Therefore, the industrial pull for robust IDSs that are capable of flagging zero-day attacks is growing. Current outlier-based zero-day detection research suffers from high false-negative rates, thus limiting their practical use and performance. This paper proposes an autoencoder implementation for detecting zero-day attacks. The aim is to build an IDS model with high recall while keeping the miss rate (false-negatives) to an acceptable minimum. Two well-known IDS datasets are used for evaluation-CICIDS2017 and NSL-KDD. In order to demonstrate the efficacy of our model, we compare its results against a One-Class Support Vector Machine (SVM). The manuscript highlights the performance of a One-Class SVM when zero-day attacks are distinctive from normal behaviour. The proposed model benefits greatly from autoencoders encoding-decoding capabilities. The results show that autoencoders are well-suited at detecting complex zero-day attacks. The results demonstrate a zero-day detection accuracy of 89-99% for the NSL-KDD dataset and 75-98% for the CICIDS2017 dataset. Finally, the paper outlines the observed trade-off between recall and fallout.
The convergence of information technology and vehicular technologies are a growing paradigm, allo... more The convergence of information technology and vehicular technologies are a growing paradigm, allowing information to be sent by and to vehicles. This information can further be processed by the Electronic Control Unit (ECU) and the Controller Area Network (CAN) for in-vehicle communications or through a mobile phone or server for out-vehicle communication. Information sent by or to the vehicle can be life-critical (e.g. breaking, acceleration, cruise control, emergency communication, etc.. .). As vehicular technology advances, in-vehicle networks are connected to external networks through 3 and 4G mobile networks, enabling manufacturer and customer monitoring of different aspects of the car. While these services provide valuable information, they also increase the attack surface of the vehicle, and can enable long and short range attacks. In this manuscript, we evaluate the security of the 2017 Skoda Octavia vRS 4x4. Both physical and remote attacks are considered, the key fob rolling code is successfully compromised, privacy attacks are demonstrated through the infotainment system, the Volkswagen Transport Protocol 2.0 is reverse engineered. Additionally, in-car attacks are highlighted and described, providing an overlook of potentially deadly threats by modifying ECU parameters and components enabling digital forensics investigation are identified. INDEX TERMS Cyber-security, digital forensics, physical attacks, privacy attacks, remote attacks, reverse engineering, Skoda Octavia.
Cloud-based infrastructures have grown in popularity over the last decade leveraging virtualisati... more Cloud-based infrastructures have grown in popularity over the last decade leveraging virtualisation, server, storage, compute power and network components to develop flexible applications. The requirements for instantaneous deployment and reduced costs have led the shift from virtual machine deployment to containerisation, increasing the overall flexibility of applications and increasing performances. However, containers require a fully fleshed operating system to execute, increasing the attack surface of an application. Unikernels, on the other hand, provide a lightweight memory footprint, ease of application packaging and reduced start-up times. Moreover, Unikernels reduce the attack surface due to the self-contained environment only enabling low-level features. In this work, we provide an exhaustive description of the unikernel ecosystem; we demonstrate unikernel vulnerabilities and further discuss the security implications of Unikernel-enabled environments through different use-cases.
With the ever growing networking capabilities and services offered to users, attack surfaces have... more With the ever growing networking capabilities and services offered to users, attack surfaces have been increasing exponentially, additionally , the intricacy of network architectures has increased the complexity of cyber-defenses, to this end, the use of deception has recently been trending both in academia and industry. Deception enables to create proactive defense systems, luring attackers in order to better defend the systems at hand. Current applications of deception, only rely on static, or low interactive environments. In this paper we present a platform that combines human-computer-interaction, analytics, gamification and deception to lure malicious users into selected traps while piquing their interests. Furthermore we analyse the interactive deceptive aspects of the platform through the addition of a narrative, further engaging malicious users into following a predefined path and deflecting attacks from key network systems.
Lecture Notes in Computer Science book series , 2018
Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the... more Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing , fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work helps in accelerating the mitigation process by notifying the operator with additional information when an anomaly occurs. This additional information includes the probability and confidence level of event(s) occurring. The model is trained and tested using a real-world dataset.
With the world moving towards being increasingly dependent on computers and automation, one of th... more With the world moving towards being increasingly dependent on computers and automation, one of the main challenges in the current decade has been to build secure applications, systems and networks. Alongside these challenges, the number of threats is rising exponentially due to the attack surface increasing through numerous interfaces offered for each service. To alleviate the impact of these threats, researchers have proposed numerous solutions; however, current tools often fail to adapt to ever-changing architectures, associated threats and 0-days. This manuscript aims to provide researchers with a taxonomy and survey of current dataset composition and current Intrusion Detection Systems (IDS) capabilities and assets. These taxonomies and surveys aim to improve both the efficiency of IDS and the creation of datasets to build the next generation IDS as well as to reflect networks threats more accurately in future datasets. To this end, this manuscript also provides a taxonomy and survey or network threats and associated tools. The manuscript highlights that current IDS only cover 25% of our threat taxonomy, while current datasets demonstrate clear lack of real-network threats and attack representation, but rather include a large number of deprecated threats, hence limiting the accuracy of current machine learning IDS. Moreover, the taxonomies are open-sourced to allow public contributions through a Github repository.
Knowing that predicting the secondary structure of protein can help deeply in the protein functio... more Knowing that predicting the secondary structure of protein can help deeply in the protein functionality understanding and helps in multiple diseases diagnoses. Moreover, it can help in giving an accurate prediction to the tertiary structures. This forces any researcher to try multiple experiments to find ways to enhance the prediction accuracy. Through the past decade, many machine learning techniques have been used to predict the secondary structures. The main used technique was neural networks. This paper presents three different experiments that make use of artificial neural networks. The first uses a single neural network with different number of hidden layers and nodes. The second combines the output of two neural networks to enhance the accuracy. Last, the third compared to the previous two predicts not only the broad classes of secondary structure (namely; alpha, beta and coil) but predicts all the classes, then combines the result. All the experiments are based on a data set pulled out from the Rcsb protein data bank. The results of all experiments show that the highest accuracy is reached when encoding the primary sequence using binary format and use Feed-Forward network. The accuracy reached around 86% when predicting Beta strands or sheets only. Combining the results of two neural networks showed accuracy of about 83%. Moreover, merging the results of alpha and beta predictors didn't show high significance.
The significance of the secondary structure prediction process is something no one can deny. This... more The significance of the secondary structure prediction process is something no one can deny. This is because of the importance of protein in all our human system functionalities. Protein forms every single element in the body using its amino acids. These amino acids start to bond together forming other protein structures. A lot of diseases can be diagnosed by simply checking the deformation of these structures. The problem is that it takes a lot of effort to get from the primary protein structure –aka amino sequence– to the secondary, tertiary and quaternary structures it forms. Through the past decade a lot of machine learning methods arose that predicted the secondary structure and then predicted the tertiary from it. Most of these methods were based on Neural Networks paradigm only. This paper aims to show how other machine learning techniques have been used to predict the secondary structure. The techniques used are; Case Based Reasoning, Bayes Network, Decision Tables and Decision trees. The highest accuracy reached was when using Bayes network to predict Beta secondary structure only, it reached an accuracy of 75.89 %.
Protein is considered the backbone of any human being. Protein is responsible for many functional... more Protein is considered the backbone of any human being. Protein is responsible for many functionalities in the human body, these functionalities differ according to the way protein amino acids (amino acids are the raw elements of protein) bond together. Then the protein forms its secondary,tertiary and quaternary structures from the amino acid structure (primary sequence) by forming hydrogen bonds. Many machine learning techniques have been used through the past decade to try to predict the protein secondary structure. The most commonly used paradigm was the Artificial Neural Networks. A lot of research was conducted in this field. This paper presents the usage of Artificial Neural Networks to predict the protein secondary structure. The difference this paper proposes is predicting the eight classes of secondary structure not only the three main classes named: alpha, beta and coil. The maximum accuracy reached is 71% which is better that other discussed methods.
—The process of predicting the secondary structure of protein is crucial in understanding the pro... more —The process of predicting the secondary structure of protein is crucial in understanding the protein functionality. It is very important in understanding the protein functions and in diagnosing any disorder. This paper shows the usage of neural networks paradigm in the prediction process. It discusses the difference between applying feed forward and back propagation algorithms on the prediction accuracy. The results show that the highest accuracy is reached when presenting the primary sequence in binary format and use Feed-Forward network. The accuracy reached around 86% when predicting Beta strands or sheets only. Moreover, it was seen that predicting alpha and beta each alone and combining the results didn't show significant accuracy enhancement.
Protein secondary structure prediction has been and will continue to be a rich research field. Th... more Protein secondary structure prediction has been and will continue to be a rich research field. This is because the protein structure and shape directly affect protein behavior. Moreover, the number of known secondary and tertiary structures versus primary structures is relatively small. Although the secondary prediction started in the seventies but it has been together with the tertiary structure prediction a topic that is always under research. This paper presents a technical study on recent methods used for secondary structure prediction using amino acid sequence. The methods are studied along with their accuracy levels. The most known methods like Neural Networks and Support Vector Machines are shown and other techniques as well. The paper shows different approaches for predicting the protein structures that showed different accuracies that ranged from 50% to over than 90%. The most commonly used technique is Neural Networks. However, Case Based Reasoning and Mixed Integer Linear Optimization showed the best accuracy among the machine learning techniques and provided accuracy of approximately 83%.
The Internet of Things (IoT) is one of the main research fields in the Cybersecurity domain. This... more The Internet of Things (IoT) is one of the main research fields in the Cybersecurity domain. This is due to (a) the increased dependency on automated device, and (b) the inadequacy of general purpose Intrusion Detection Systems (IDS) to be deployed for special purpose networks usage. Numerous lightweight protocols are being proposed for IoT devices communication usage. One of the recent IoT machine-to-machine communication protocols is Message Queuing Telemetry Transport (MQTT) protocol. However, as per the authors best knowledge, there are no available IDS datasets that include MQTT benign or attack instances and thus, no IDS experimental results available. In this paper, we evaluate the effectiveness of six Machine Learning (ML) techniques to detect MQTT-based attacks. Three abstraction levels of features are assessed, namely, packet-based, uni-directional flow, and bi-directional flow features. An MQTT simulated dataset is generated and used for the training and evaluation processes. The dataset is released with an open access licence to help the research community further analyse the challenges. The experimental results demonstrated the adequacy of the proposed ML models to suit MQTT-based networks IDS requirements. Moreover, the results emphasise on the importance of using flow-based features to discriminate MQTT-based attacks from benign traffic, while packet-based features are sufficient for traditional networking attacks .
Cyber situational awareness has been proven to be of value in forming a comprehensive understandi... more Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CR and TB platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CR and TB research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs different dimensions, as well as, highlighting a diminishing differentiation between application areas.
Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Syst... more Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Systems (IDS). The increase in both the number and sheer variety of new cyber-attacks poses a tremendous challenge for IDS solutions that rely on a database of historical attack signatures. Therefore, the industrial pull for robust IDSs that are capable of flagging zero-day attacks is growing. Current outlier-based zero-day detection research suffers from high false-negative rates, thus limiting their practical use and performance. This paper proposes an autoencoder implementation for detecting zero-day attacks. The aim is to build an IDS model with high recall while keeping the miss rate (false-negatives) to an acceptable minimum. Two well-known IDS datasets are used for evaluation-CICIDS2017 and NSL-KDD. In order to demonstrate the efficacy of our model, we compare its results against a One-Class Support Vector Machine (SVM). The manuscript highlights the performance of a One-Class SVM when zero-day attacks are distinctive from normal behaviour. The proposed model benefits greatly from autoencoders encoding-decoding capabilities. The results show that autoencoders are well-suited at detecting complex zero-day attacks. The results demonstrate a zero-day detection accuracy of 89-99% for the NSL-KDD dataset and 75-98% for the CICIDS2017 dataset. Finally, the paper outlines the observed trade-off between recall and fallout.
The convergence of information technology and vehicular technologies are a growing paradigm, allo... more The convergence of information technology and vehicular technologies are a growing paradigm, allowing information to be sent by and to vehicles. This information can further be processed by the Electronic Control Unit (ECU) and the Controller Area Network (CAN) for in-vehicle communications or through a mobile phone or server for out-vehicle communication. Information sent by or to the vehicle can be life-critical (e.g. breaking, acceleration, cruise control, emergency communication, etc.. .). As vehicular technology advances, in-vehicle networks are connected to external networks through 3 and 4G mobile networks, enabling manufacturer and customer monitoring of different aspects of the car. While these services provide valuable information, they also increase the attack surface of the vehicle, and can enable long and short range attacks. In this manuscript, we evaluate the security of the 2017 Skoda Octavia vRS 4x4. Both physical and remote attacks are considered, the key fob rolling code is successfully compromised, privacy attacks are demonstrated through the infotainment system, the Volkswagen Transport Protocol 2.0 is reverse engineered. Additionally, in-car attacks are highlighted and described, providing an overlook of potentially deadly threats by modifying ECU parameters and components enabling digital forensics investigation are identified. INDEX TERMS Cyber-security, digital forensics, physical attacks, privacy attacks, remote attacks, reverse engineering, Skoda Octavia.
Cloud-based infrastructures have grown in popularity over the last decade leveraging virtualisati... more Cloud-based infrastructures have grown in popularity over the last decade leveraging virtualisation, server, storage, compute power and network components to develop flexible applications. The requirements for instantaneous deployment and reduced costs have led the shift from virtual machine deployment to containerisation, increasing the overall flexibility of applications and increasing performances. However, containers require a fully fleshed operating system to execute, increasing the attack surface of an application. Unikernels, on the other hand, provide a lightweight memory footprint, ease of application packaging and reduced start-up times. Moreover, Unikernels reduce the attack surface due to the self-contained environment only enabling low-level features. In this work, we provide an exhaustive description of the unikernel ecosystem; we demonstrate unikernel vulnerabilities and further discuss the security implications of Unikernel-enabled environments through different use-cases.
With the ever growing networking capabilities and services offered to users, attack surfaces have... more With the ever growing networking capabilities and services offered to users, attack surfaces have been increasing exponentially, additionally , the intricacy of network architectures has increased the complexity of cyber-defenses, to this end, the use of deception has recently been trending both in academia and industry. Deception enables to create proactive defense systems, luring attackers in order to better defend the systems at hand. Current applications of deception, only rely on static, or low interactive environments. In this paper we present a platform that combines human-computer-interaction, analytics, gamification and deception to lure malicious users into selected traps while piquing their interests. Furthermore we analyse the interactive deceptive aspects of the platform through the addition of a narrative, further engaging malicious users into following a predefined path and deflecting attacks from key network systems.
Lecture Notes in Computer Science book series , 2018
Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the... more Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing , fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work helps in accelerating the mitigation process by notifying the operator with additional information when an anomaly occurs. This additional information includes the probability and confidence level of event(s) occurring. The model is trained and tested using a real-world dataset.
With the world moving towards being increasingly dependent on computers and automation, one of th... more With the world moving towards being increasingly dependent on computers and automation, one of the main challenges in the current decade has been to build secure applications, systems and networks. Alongside these challenges, the number of threats is rising exponentially due to the attack surface increasing through numerous interfaces offered for each service. To alleviate the impact of these threats, researchers have proposed numerous solutions; however, current tools often fail to adapt to ever-changing architectures, associated threats and 0-days. This manuscript aims to provide researchers with a taxonomy and survey of current dataset composition and current Intrusion Detection Systems (IDS) capabilities and assets. These taxonomies and surveys aim to improve both the efficiency of IDS and the creation of datasets to build the next generation IDS as well as to reflect networks threats more accurately in future datasets. To this end, this manuscript also provides a taxonomy and survey or network threats and associated tools. The manuscript highlights that current IDS only cover 25% of our threat taxonomy, while current datasets demonstrate clear lack of real-network threats and attack representation, but rather include a large number of deprecated threats, hence limiting the accuracy of current machine learning IDS. Moreover, the taxonomies are open-sourced to allow public contributions through a Github repository.
Knowing that predicting the secondary structure of protein can help deeply in the protein functio... more Knowing that predicting the secondary structure of protein can help deeply in the protein functionality understanding and helps in multiple diseases diagnoses. Moreover, it can help in giving an accurate prediction to the tertiary structures. This forces any researcher to try multiple experiments to find ways to enhance the prediction accuracy. Through the past decade, many machine learning techniques have been used to predict the secondary structures. The main used technique was neural networks. This paper presents three different experiments that make use of artificial neural networks. The first uses a single neural network with different number of hidden layers and nodes. The second combines the output of two neural networks to enhance the accuracy. Last, the third compared to the previous two predicts not only the broad classes of secondary structure (namely; alpha, beta and coil) but predicts all the classes, then combines the result. All the experiments are based on a data set pulled out from the Rcsb protein data bank. The results of all experiments show that the highest accuracy is reached when encoding the primary sequence using binary format and use Feed-Forward network. The accuracy reached around 86% when predicting Beta strands or sheets only. Combining the results of two neural networks showed accuracy of about 83%. Moreover, merging the results of alpha and beta predictors didn't show high significance.
The significance of the secondary structure prediction process is something no one can deny. This... more The significance of the secondary structure prediction process is something no one can deny. This is because of the importance of protein in all our human system functionalities. Protein forms every single element in the body using its amino acids. These amino acids start to bond together forming other protein structures. A lot of diseases can be diagnosed by simply checking the deformation of these structures. The problem is that it takes a lot of effort to get from the primary protein structure –aka amino sequence– to the secondary, tertiary and quaternary structures it forms. Through the past decade a lot of machine learning methods arose that predicted the secondary structure and then predicted the tertiary from it. Most of these methods were based on Neural Networks paradigm only. This paper aims to show how other machine learning techniques have been used to predict the secondary structure. The techniques used are; Case Based Reasoning, Bayes Network, Decision Tables and Decision trees. The highest accuracy reached was when using Bayes network to predict Beta secondary structure only, it reached an accuracy of 75.89 %.
Protein is considered the backbone of any human being. Protein is responsible for many functional... more Protein is considered the backbone of any human being. Protein is responsible for many functionalities in the human body, these functionalities differ according to the way protein amino acids (amino acids are the raw elements of protein) bond together. Then the protein forms its secondary,tertiary and quaternary structures from the amino acid structure (primary sequence) by forming hydrogen bonds. Many machine learning techniques have been used through the past decade to try to predict the protein secondary structure. The most commonly used paradigm was the Artificial Neural Networks. A lot of research was conducted in this field. This paper presents the usage of Artificial Neural Networks to predict the protein secondary structure. The difference this paper proposes is predicting the eight classes of secondary structure not only the three main classes named: alpha, beta and coil. The maximum accuracy reached is 71% which is better that other discussed methods.
—The process of predicting the secondary structure of protein is crucial in understanding the pro... more —The process of predicting the secondary structure of protein is crucial in understanding the protein functionality. It is very important in understanding the protein functions and in diagnosing any disorder. This paper shows the usage of neural networks paradigm in the prediction process. It discusses the difference between applying feed forward and back propagation algorithms on the prediction accuracy. The results show that the highest accuracy is reached when presenting the primary sequence in binary format and use Feed-Forward network. The accuracy reached around 86% when predicting Beta strands or sheets only. Moreover, it was seen that predicting alpha and beta each alone and combining the results didn't show significant accuracy enhancement.
Protein secondary structure prediction has been and will continue to be a rich research field. Th... more Protein secondary structure prediction has been and will continue to be a rich research field. This is because the protein structure and shape directly affect protein behavior. Moreover, the number of known secondary and tertiary structures versus primary structures is relatively small. Although the secondary prediction started in the seventies but it has been together with the tertiary structure prediction a topic that is always under research. This paper presents a technical study on recent methods used for secondary structure prediction using amino acid sequence. The methods are studied along with their accuracy levels. The most known methods like Neural Networks and Support Vector Machines are shown and other techniques as well. The paper shows different approaches for predicting the protein structures that showed different accuracies that ranged from 50% to over than 90%. The most commonly used technique is Neural Networks. However, Case Based Reasoning and Mixed Integer Linear Optimization showed the best accuracy among the machine learning techniques and provided accuracy of approximately 83%.
The Internet of Things (IoT) is one of the main research fields in the Cybersecurity domain. This... more The Internet of Things (IoT) is one of the main research fields in the Cybersecurity domain. This is due to (a) the increased dependency on automated device, and (b) the inadequacy of general purpose Intrusion Detection Systems (IDS) to be deployed for special purpose networks usage. Numerous lightweight protocols are being proposed for IoT devices communication usage. One of the recent IoT machine-to-machine communication protocols is Message Queuing Telemetry Transport (MQTT) protocol. However, as per the authors best knowledge, there are no available IDS datasets that include MQTT benign or attack instances and thus, no IDS experimental results available. In this paper, we evaluate the effectiveness of six Machine Learning (ML) techniques to detect MQTT-based attacks. Three abstraction levels of features are assessed, namely, packet-based, uni-directional flow, and bi-directional flow features. An MQTT simulated dataset is generated and used for the training and evaluation processes. The dataset is released with an open access licence to help the research community further analyse the challenges. The experimental results demonstrated the adequacy of the proposed ML models to suit MQTT-based networks IDS requirements. Moreover, the results emphasise on the importance of using flow-based features to discriminate MQTT-based attacks from benign traffic, while packet-based features are sufficient for traditional networking attacks .
Uploads
Papers by Hanan Hindy
these functionalities differ according to the way protein amino acids (amino acids are the raw elements of protein) bond
together. Then the protein forms its secondary,tertiary and quaternary structures from the amino acid structure (primary
sequence) by forming hydrogen bonds. Many machine learning techniques have been used through the past decade to try
to predict the protein secondary structure. The most commonly used paradigm was the Artificial Neural Networks. A lot
of research was conducted in this field. This paper presents the usage of Artificial Neural Networks to predict the protein
secondary structure. The difference this paper proposes is predicting the eight classes of secondary structure not only the
three main classes named: alpha, beta and coil. The maximum accuracy reached is 71% which is better that other discussed
methods.
Drafts by Hanan Hindy
these functionalities differ according to the way protein amino acids (amino acids are the raw elements of protein) bond
together. Then the protein forms its secondary,tertiary and quaternary structures from the amino acid structure (primary
sequence) by forming hydrogen bonds. Many machine learning techniques have been used through the past decade to try
to predict the protein secondary structure. The most commonly used paradigm was the Artificial Neural Networks. A lot
of research was conducted in this field. This paper presents the usage of Artificial Neural Networks to predict the protein
secondary structure. The difference this paper proposes is predicting the eight classes of secondary structure not only the
three main classes named: alpha, beta and coil. The maximum accuracy reached is 71% which is better that other discussed
methods.