scholarly journals A Self-Learning Detection Method of Sybil Attack Based on LSTM for Electric Vehicles

Energies ◽  
2020 ◽  
Vol 13 (6) ◽  
pp. 1382 ◽  
Author(s):  
Yi-Ying Zhang ◽  
Jing Shang ◽  
Xi Chen ◽  
Kun Liang
Keyword(s):  
Communication Network ◽  
Electric Vehicles ◽  
Short Term Memory ◽  
Detection Method ◽  
Detection Efficiency ◽  
Attack Detection ◽  
Detection Methods ◽  
Sybil Attack ◽  
Time Dimension ◽  
Self Learning

Electric vehicles (EVs) are the development direction of new energy vehicles in the future. As an important part of the Internet of things (IOT) communication network, the charging pile is also facing severe challenges in information security. At present, most detection methods need a lot of prophetic data and too much human intervention, so they cannot do anything about unknown attacks. In this paper, a self-learning-based attack detection method is proposed, which makes training and prediction a closed-loop system according to a large number of false information packets broadcast to the communication network. Using long short-term memory (LSTM) neural network training to obtain the characteristics of traffic data changes in the time dimension, the unknown malicious behavior characteristics are self-extracted and self-learning, improving the detection efficiency and quality. In this paper, we take the Sybil attack in the car network as an example. The simulation results show that the proposed method can detect the Sybil early attack quickly and accurately.

scholarly journals OUTLIER DETECTION METHOD USE FOR THE NETWORK FLOW ANOMALY DETECTION / IŠSKIRČIŲ RADIMO METODŲ TAIKYMAS ANOMALIJOMS KOMPIUTERIŲ TINKLO PAKETŲ SRAUTUOSE APTIKTI

2016 ◽  
Vol 8 (3) ◽  
pp. 327-333 ◽  
Author(s):  
Rimas Ciplinskas ◽  
Nerijus Paulauskas
Keyword(s):  
Anomaly Detection ◽  
Network Flow ◽  
Detection Method ◽  
Attack Detection ◽  
Detection Methods ◽  
Cyber Attack ◽  
Normal Network ◽  
New Type ◽  
Flow Detection ◽  
F Measure

New and existing methods of cyber-attack detection are constantly being developed and improved because there is a great number of attacks and the demand to protect from them. In prac-tice, current methods of attack detection operates like antivirus programs, i. e. known attacks signatures are created and attacks are detected by using them. These methods have a drawback – they cannot detect new attacks. As a solution, anomaly detection methods are used. They allow to detect deviations from normal network behaviour that may show a new type of attack. This article introduces a new method that allows to detect network flow anomalies by using local outlier factor algorithm. Accom-plished research allowed to identify groups of features which showed the best results of anomaly flow detection according the highest values of precision, recall and F-measure. Kibernetinių atakų gausa ir įvairovė bei siekis nuo jų apsisaugoti verčia nuolat kurti naujus ir tobulinti jau esamus atakų aptikimo metodus. Kaip rodo praktika, dabartiniai atakų atpažinimo metodai iš esmės veikia pagal antivirusinių programų principą, t.y. sudaromi žinomų atakų šablonai, kuriais remiantis yra aptinkamos atakos, tačiau pagrindinis tokių metodų trūkumas – negalėjimas aptikti naujų, dar nežinomų atakų. Šiai problemai spręsti yra pasitelkiami anomalijų aptikimo metodai, kurie leidžia aptikti nukrypimus nuo normalios tinklo būsenos. Straipsnyje yra pateiktas naujas metodas, leidžiantis aptikti kompiuterių tinklo paketų srauto anomalijas taikant lokalių išskirčių faktorių algoritmą. Atliktas tyrimas leido surasti požymių grupes, kurias taikant anomalūs tinklo srautai yra atpažįstami geriausiai, t. y. pasiekiamos didžiausios tikslumo, atkuriamumo ir F-mato reikšmės.

scholarly journals Note on Studying Change Point of LRD Traffic Based on Li's Detection of DDoS Flood Attacking

2010 ◽  
Vol 2010 ◽  
pp. 1-14 ◽  
Author(s):  
Zhengmin Xia ◽  
Songnian Lu ◽  
Junhua Tang
Keyword(s):  
Change Point ◽  
Detection Method ◽  
Denial Of Service ◽  
Attack Detection ◽  
Detection Methods ◽  
Hurst Parameter ◽  
Test Results ◽  
Self Similarity ◽  
Ddos Detection ◽  
Detection Evaluation

Distributed denial-of-service (DDoS) flood attacks remain great threats to the Internet. To ensure network usability and reliability, accurate detection of these attacks is critical. Based on Li's work on DDoS flood attack detection, we propose a DDoS detection method by monitoring the Hurst variation of long-range dependant traffic. Specifically, we use an autoregressive system to estimate the Hurst parameter of normal traffic. If the actual Hurst parameter varies significantly from the estimation, we assume that DDoS attack happens. Meanwhile, we propose two methods to determine the change point of Hurst parameter that indicates the occurrence of DDoS attacks. The detection rate associated with one method and false alarm rate for the other method are also derived. The test results on DARPA intrusion detection evaluation data show that the proposed approaches can achieve better detection performance than some well-known self-similarity-based detection methods.

scholarly journals ADS-B spoofing attack detection method based on LSTM

2020 ◽  
Author(s):  
Jing Wang ◽  
Yunkai Zou ◽  
Jianli Ding
Keyword(s):  
Short Term Memory ◽  
Detection Method ◽  
Sliding Window ◽  
Attack Detection ◽  
Security Threats ◽  
Short Term ◽  
Long Short Term Memory ◽  
Lstm Network ◽  
Predicted Values ◽  
True Values

Abstract The open and shared nature of the ADS-B protocol makes its messages extremely vulnerable to various security threats, such as jamming, modification, and injection. This paper proposes an LSTM-based ADS-B spoofing attack detection method from the perspective of data. First, the message sequence is preprocessed in the form of a sliding window, and then a long short-term memory (LSTM) network is used to perform prediction training on the windows. Finally, the residual set of predicted values and true values is calculated to set a threshold. As a result, we can detect a spoofing attack and further identify which feature was attacked. Experiments show that this method can effectively detect 10 different kinds of simulated manipulated ADS-B messages without further increasing the complexity of airborne applications. Therefore, the method can respond well to the security threats suffered by the ADS-B system.

scholarly journals Detection of DDoS Attacks in Software Defined Networking Using Entropy

2021 ◽  
Vol 12 (1) ◽  
pp. 370
Author(s):  
Cong Fan ◽  
Nitheesh Murugan Kaliyamurthy ◽  
Shi Chen ◽  
He Jiang ◽  
Yiwen Zhou ◽  
...  
Keyword(s):  
Detection Method ◽  
Denial Of Service ◽  
Software Defined Networking ◽  
Attack Detection ◽  
Detection Methods ◽  
Network Architectures ◽  
Security Threats ◽  
Ddos Attacks ◽  
Internet Users ◽  
Detection Effect

Software Defined Networking (SDN) is one of the most commonly used network architectures in recent years. With the substantial increase in the number of Internet users, network security threats appear more frequently, which brings more concerns to SDN. Distributed denial of Service (DDoS) attacks are one of the most dangerous and frequent attacks in software defined networks. The traditional attack detection method using entropy has some defects such as slow attack detection and poor detection effect. In order to solve this problem, this paper proposed a method of fusion entropy, which detects attacks by measuring the randomness of network events. This method has the advantages of fast attack detection speed and obvious decrease in entropy value. The complementarity of information entropy and log energy entropy is effectively utilized. The experimental results show that the entropy value of the attack scenarios 91.25% lower than normal scenarios, which has greater advantages and significance compared with other attack detection methods.

scholarly journals LSTM-Based Hierarchical Denoising Network for Android Malware Detection

2018 ◽  
Vol 2018 ◽  
pp. 1-18 ◽  
Author(s):  
Jinpei Yan ◽  
Yong Qi ◽  
Qifan Rao
Keyword(s):  
Detection Method ◽  
Expert Knowledge ◽  
Detection Efficiency ◽  
Malware Detection ◽  
Mobile Security ◽  
Detection Methods ◽  
Android Malware ◽  
Android Malware Detection ◽  
Malicious Behavior ◽  
Gradient Scaling

Mobile security is an important issue on Android platform. Most malware detection methods based on machine learning models heavily rely on expert knowledge for manual feature engineering, which are still difficult to fully describe malwares. In this paper, we present LSTM-based hierarchical denoise network (HDN), a novel static Android malware detection method which uses LSTM to directly learn from the raw opcode sequences extracted from decompiled Android files. However, most opcode sequences are too long for LSTM to train due to the gradient vanishing problem. Hence, HDN uses a hierarchical structure, whose first-level LSTM parallelly computes on opcode subsequences (we called them method blocks) to learn the dense representations; then the second-level LSTM can learn and detect malware through method block sequences. Considering that malicious behavior only appears in partial sequence segments, HDN uses method block denoise module (MBDM) for data denoising by adaptive gradient scaling strategy based on loss cache. We evaluate and compare HDN with the latest mainstream researches on three datasets. The results show that HDN outperforms these Android malware detection methods,and it is able to capture longer sequence features and has better detection efficiency than N-gram-based malware detection which is similar to our method.

scholarly journals A Novel Saliency Detection Method for Wild Animal Monitoring Images with WMSN

2018 ◽  
Vol 2018 ◽  
pp. 1-11 ◽  
Author(s):  
Wenzhao Feng ◽  
Junguo Zhang ◽  
Chunhe Hu ◽  
Yuan Wang ◽  
Qiumin Xiang ◽  
...  
Keyword(s):  
Detection Method ◽  
Detection Efficiency ◽  
Saliency Detection ◽  
Saliency Map ◽  
Wild Animal ◽  
Image Texture ◽  
Detection Methods ◽  
Wireless Multimedia ◽  
Animal Images ◽  
Animal Monitoring

We proposed a novel saliency detection method based on histogram contrast algorithm and images captured with WMSN (wireless multimedia sensor network) for practical wild animal monitoring purpose. Current studies on wild animal monitoring mainly focus on analyzing images with high resolution, complex background, and nonuniform illumination features. Most current visual saliency detection methods are not capable of completing the processing work. In this algorithm, we firstly smoothed the image texture and reduced the noise with the help of structure extraction method based on image total variation. After that, the saliency target edge information was obtained by Canny operator edge detection method, which will be further improved by position saliency map according to the Hanning window. In order to verify the efficiency of the proposed algorithm, field-captured wild animal images were tested by using our algorithm in terms of visual effect and detection efficiency. Compared with histogram contrast algorithm, the result shows that the rate of average precision, recall and F-measure improved by 18.38%, 19.53%, 19.06%, respectively, when processing the captured animal images.

Sign in / Sign up

Export Citation Format

Share Document