This paper delves into the transformative role of machine learning (ML) techniques in revolutionizing the security of electric and flying vehicles (EnFVs). By exploring key domains such as predictive ...maintenance, cyberattack detection, and intelligent decision-making, the study uncovers pivotal insights that will shape the future of this technology.
From a theoretical perspective, ML emerges as a cornerstone for fortifying EnFV safety, offering real-time threat detection, predictive maintenance capabilities, and enhanced anomaly detection. In practical terms, ML-based solutions are envisioned as instrumental in preventing cyberattacks, reducing downtime, and improving overall safety.
The research contributions of this study encompass a comprehensive overview of ML applications in EnFV security, identification of challenges, and paving the way for future research directions. While acknowledging research limitations, particularly the need for real-world implementation, the study emphasizes the crucial yet underexplored ethical considerations in ML for EnFV security. Future research suggestions focus on Explainable AI techniques, real-time ML algorithms for resource-constrained environments, and privacy-preserving ML techniques, aiming for a transparent, efficient, and privacy-aware integration of ML in EnFV security. By addressing key security challenges, ML can potentially revolutionize the EnFV domain, paving the way for a future of efficient, sustainable, and connected transportation systems.
Vision Transformers (ViTs) denote a family of attention-based deep learning techniques that have recently achieved amazing results in various problems related to the field of computer vision. In this ...paper, we explore the use of ViTs in problems of cyber-threat detection related to malware and network intrusion detection. In particular, we propose VINCENT, that is a novel deep neural method, which resorts to a color imagery representation of cyber-data by encoding related cyber-data features into neighboring color pixels. ViTs are trained from cyber-data images as teacher models, to extract explainable imagery signatures of cyber-data classes. This knowledge is extracted by leveraging the self-attention mechanism to give paired attention values between pairs of imagery patches. The signature knowledge, extracted through the ViT teacher, is, finally, used to train a smaller neural student model according to the knowledge distillation theory. Experiments with various benchmark cybersecurity datasets assess the accuracy of the student model VINCENT also compared to that of several state-of-the-art methods. In addition, it shows that VINCENT can obtain insights from explanations recovered through the self-attention mechanism of the ViT teacher.
•ViTs trained on cyber-data images.•Explanation information distilled from ViTs to CNNs.•Experiments with four benchmark cybersecurity datasets.•The proposed method outperforms many state-of-the-art competitors.
Cloud computing environment support resource sharing as cloud service over the internet. It enables the users to outsource data into the cloud server that can be accessed remotely from various ...devices distributed geographically. Accessing resources from the cloud causes various security issues as the attackers try to illegally access the data. The distributed denial of service (DDoS) attack is one of the security concern in the cloud server. DDoS is a kind of cyber attack which disrupt normal traffic of targeted cloud server (or any other servers). In this paper, we propose an effective fuzzy and taylor-elephant herd optimization (FT-EHO) inspired by deep belief network (DBN) classifier for detecting the DDoS attack. FT-EHO uses taylor series and elephant heard optimization algorithm along with a fuzzy classifier for rules learning. The performance of the proposed FT-EHO is evaluated through rigorous computer simulations. Three standard benchmark databases, namely, KDD cup, database1 and database2 are used during simulations. Four quality measures such as accuracy, detection accuracy, precision and recall are considered as a performance metrics. FT-EHO’s performance is compared against the state-of-the-art methods considering the evaluation metrics. Results reveals that the proposed FT-EHO showed significantly higher value of evaluation metrics (accuracy (93.811%), detection rate (97.200%), precision (94.981%) and recall (93.833%)) as compared to other methods.
•A fuzzy and Taylor-Elephant Herd optimization (T-EHO) based DBN classifier is presented for DDoS attack detection.•Fuzzy classifier rule learning approach is discussed where the genetic algorithm is replaced with the T-EHO algorithm.•DDoS attack detection in a cloud environment is shown.•Performance evaluation is shown using standard databases.
Recently, Cyber Threat Intelligence (CTI) sharing has become an important weapon for cyber defenders to mitigate the increasing number of cyber attacks in a proactive and collaborative manner. ...However, with the dramatic increase in the deployment of shared communications between organizations, data has been a major priority to detect threats in the CTI sharing platform. In the modern environment, a valuable asset is the user’s threat data. Privacy policies are necessary to ensure the security of user data in the threat intelligence sharing community. Federated learning acts as a special machine learning technique for privacy preservation and offers to contextualize data in a CTI sharing platform. Therefore, this article proposes a new approach to threat intelligence sharing called BFLS (Blockchain and Federated Learning for sharing threat detection models as Cyber Threat Intelligence), where blockchain-based CTI sharing platforms are used for security and privacy. Federated learning technology is adopted for scalable machine learning applications, such as threat detection. Furthermore, users can obtain a well-trained threat detection model without sending personal data to the central server. Experimental results on the ISCX-IDS-2012 and CIC-DDoS-2019 datasets showed that BFLS can securely share CTI and has high accuracy in threat detection. The accuracies of BFLS are 98.92% and 98.56% on the two datasets, respectively.
In an earlier publication we demonstrated that by using pairs of pulses of different colors (e.g., red and blue) it is possible to excite a dilute ensemble of molecules such that lasing and/or ...gain-swept superradiance is realized in a direction toward the observer. This approach is a conceptual step toward spectroscopic probing at a distance, also known as standoff spectroscopy. In the present paper, we propose a related but simpler approach on the basis of the backward-directed lasing in optically excited dominant constituents of plain air, N₂ and O₂. This technique relies on the remote generation of a weakly ionized plasma channel through filamentation of an ultraintense femtosecond laser pulse. Subsequent application of an energetic nanosecond pulse or series of pulses boosts the plasma density in the seed channel via avalanche ionization. Depending on the spectral and temporal content of the driving pulses, a transient population inversion is established in either nitrogen- or oxygen-ionized molecules, thus enabling a transient gain for an optical field propagating toward the observer. This technique results in the generation of a strong, coherent, counterpropagating optical probe pulse. Such a probe, combined with a wavelength-tunable laser signal(s) propagating in the forward direction, provides a tool for various remote-sensing applications. The proposed technique can be enhanced by combining it with the gain-swept excitation approach as well as with beam shaping and adaptive optics techniques.
With the rapid development of technology, insider threat incidents frequently occur in organizations. Detecting insider threats is an essential task in network infrastructure security. In this paper, ...we design an attention module to extract contextual features and augment abnormal features to generate high-quality images representing user behavior. Then, we use pre-trained ResNet and multi-source feature fusion on behavioral, psychological, and role features, intending to identify malicious insiders accurately. The proposed approaches are evaluated using the CMU-CERT Insider Threat Dataset. Experimental results show the effectiveness of methods and outperform other state-of-the-art methods.
Anomaly detection generally involves the extraction of features from entities' or users' properties, and the design of anomaly detection models using machine learning or deep learning algorithms. ...However, only considering entities' property information could lead to high false positives. We posit the importance of also considering connections or relationships between entities in the detecting of anomalous behaviors and associated threat groups. Therefore, in this paper, we design a GCN (graph convolutional networks) based anomaly detection model to detect anomalous behaviors of users and malicious threat groups. The GCN model could characterize entities' properties and structural information between them into graphs. This allows the GCN based anomaly detection model to detect both anomalous behaviors of individuals and associated anomalous groups. We then evaluate the proposed model using a real-world insider threat data set. The results show that the proposed model outperforms several state-of-art baseline methods (i.e., random forest, logistic regression, SVM, and CNN). Moreover, the proposed model can also be applied to other anomaly detection applications.
Insider threats on information security can become a burden for organizations. However, outsider attacks have received more attention compared to insider attacks. Many researchers studied insider ...threats and proposed various approaches (such as signature based, machine learning based, and deep learning based) to alleviate this type of threats. In this work, we present a novel insider threat detection system based on a deep learning network of Long Short Term Memory (LSTM). The developed detection system aims to analyze and mitigate the negative effect of insiders by differentiating benign activities from malicious ones. The detection system utilizes sentiment analysis to classify the users’ activities and gray encoding to maintain temporal behavior between activities (especially correlated activities). This allows us to reform a dataset in which each row represents a variable length sample to train a deep learning based detection system. Different data representations, such as binary encoding (BE), real-valued data, without encoding (WE), were used to test the effectiveness of gray encoding in maintaining the temporal relationships between activities. The proposed detection techniques were evaluated using log files from CERT r4.2 insiders’ dataset that represent activities of employees for eighteen working months. The evaluation results have shown enhanced false positive of 0.29%, false negative of 2.47% and an AUC value of 97%.
This article presents a study on the state-of-the-art methods for automated radioactive material detection and identification, using gamma-ray spectra and modern machine learning methods. The recent ...developments inspired this in deep learning algorithms, and the proposed method provided better performance than the current state-of-the-art models. Machine learning models such as: fully connected, recurrent, convolutional, and gradient boosted decision trees, are applied under a wide variety of testing conditions, and their advantage and disadvantage are discussed. Furthermore, a hybrid model is developed by combining the fully-connected and convolutional neural network, which shows the best performance among the different machine learning models. These improvements are represented by the model's test performance metric (i.e., F1 score) of 93.33% with an improvement of 2%–12% than the state-of-the-art model at various conditions. The experimental results show that fusion of classical neural networks and modern deep learning architecture is a suitable choice for interpreting gamma spectra data where real-time and remote detection is necessary.
Industrial Control Systems (ICSs) play an important role in today’s industry by providing process automation, distributed control, and process monitoring. ICS was designed to be used in an isolated ...area or connected to other systems via specialised communication mechanisms or protocols. This setup allows manufacturers to manage their production processes with great flexibility and safety. However, this design does not meet today’s business requirements to work with state-of-the-art technologies such as Internet-of-Things (IoT) and big data analytics. In order to fulfil industry requirements, many ICSs have been connected to enterprise networks that allow business users to access real-time data generated by power plants. At the same time, this new design opens up several cybersecurity challenges for ICSs.
We review possible cyber attacks on ICSs, identify typical threats and vulnerabilities, and we discuss unresolved security issues with existing ICS cybersecurity solutions. Then, we discuss how to secure ICSs (e.g., using risk assessment methodologies) and other protection measures. We also identify open security research challenges for ICSs, and we present a classification of existing security solutions along with their strengths and weaknesses. Finally, we provide future research directions in ICS security.