Reflective Distributed Denial of Service Detection: A Novel Model Utilizing Binary Particle Swarm Optimization-Simulated Annealing for Feature Selection and Gray Wolf Optimization-Optimized LightGBM Algorithm.

The fast growth of the Internet has made network security problems more noticeable, so intrusion detection systems (IDSs) have become a crucial tool for maintaining network security. IDSs guarantee the normal operation of the network by tracking network traffic and spotting possible assaults, thereby safeguarding data security. However, traditional intrusion detection methods encounter several issues such as low detection efficiency and prolonged detection time when dealing with massive and high-dimensional data. Therefore, feature selection (FS) is particularly important in IDSs. By selecting the most representative features, it can not only improve the detection accuracy but also significantly reduce the computational complexity and attack detection time. This work proposes a new FS approach, BPSO-SA, that is based on the Binary Particle Swarm Optimization (BPSO) and Simulated Annealing (SA) algorithms. It combines these with the Gray Wolf Optimization (GWO) algorithm to optimize the LightGBM model, thereby building a new type of reflective Distributed Denial of Service (DDoS) attack detection model. The BPSO-SA algorithm enhances the global search capability of Particle Swarm Optimization (PSO) using the SA mechanism and effectively screens out the optimal feature subset; the GWO algorithm optimizes the hyperparameters of LightGBM by simulating the group hunting behavior of gray wolves to enhance the detection performance of the model. While showing great resilience and generalizing power, the experimental results show that the proposed reflective DDoS attack detection model surpasses conventional methods in terms of detection accuracy, precision, recall, F1-score, and prediction time.

Novel Multi-Classification Dynamic Detection Model for Android Malware Based on Improved Zebra Optimization Algorithm and LightGBM.

With the increasing popularity of Android smartphones, malware targeting the Android platform is showing explosive growth. Currently, mainstream detection methods use static analysis methods to extract features of the software and apply machine learning algorithms for detection. However, static analysis methods can be less effective when faced with Android malware that employs sophisticated obfuscation techniques such as altering code structure. In order to effectively detect Android malware and improve the detection accuracy, this paper proposes a dynamic detection model for Android malware based on the combination of an Improved Zebra Optimization Algorithm (IZOA) and Light Gradient Boosting Machine (LightGBM) model, called IZOA-LightGBM. By introducing elite opposition-based learning and firefly perturbation strategies, IZOA enhances the convergence speed and search capability of the traditional zebra optimization algorithm. Then, the IZOA is employed to optimize the LightGBM model hyperparameters for the dynamic detection of Android malware multi-classification. The results from experiments indicate that the overall accuracy of the proposed IZOA-LightGBM model on the CICMalDroid-2020, CCCS-CIC-AndMal-2020, and CIC-AAGM-2017 datasets is 99.75%, 98.86%, and 97.95%, respectively, which are higher than the other comparative models.

Traffic Feature Selection and Distributed Denial of Service Attack Detection in Software-Defined Networks Based on Machine Learning.

As 5G technology becomes more widespread, the significant improvement in network speed and connection density has introduced more challenges to network security. In particular, distributed denial of service (DDoS) attacks have become more frequent and complex in software-defined network (SDN) environments. The complexity and diversity of 5G networks result in a great deal of unnecessary features, which may introduce noise into the detection process of an intrusion detection system (IDS) and reduce the generalization ability of the model. This paper aims to improve the performance of the IDS in 5G networks, especially in terms of detection speed and accuracy. It proposes an innovative feature selection (FS) method to filter out the most representative and distinguishing features from network traffic data to improve the robustness and detection efficiency of the IDS. To confirm the suggested method's efficacy, this paper uses four common machine learning (ML) models to evaluate the InSDN, CICIDS2017, and CICIDS2018 datasets and conducts real-time DDoS attack detection on the simulation platform. According to experimental results, the suggested FS technique may match 5G network requirements for high speed and high reliability of the IDS while also drastically cutting down on detection time and preserving or improving DDoS detection accuracy.

Joint Optimization for Mobile Edge Computing-Enabled Blockchain Systems: A Deep Reinforcement Learning Approach.

A mobile edge computing (MEC)-enabled blockchain system is proposed in this study for secure data storage and sharing in internet of things (IoT) networks, with the MEC acting as an overlay system to provide dynamic computation offloading services. Considering latency-critical, resource-limited, and dynamic IoT scenarios, an adaptive system resource allocation and computation offloading scheme is designed to optimize the scalability performance for MEC-enabled blockchain systems, wherein the scalability is quantified as MEC computational efficiency and blockchain system throughput. Specifically, we jointly optimize the computation offloading policy and block generation strategy to maximize the scalability of MEC-enabled blockchain systems and meanwhile guarantee data security and system efficiency. In contrast to existing works that ignore frequent user movement and dynamic task requirements in IoT networks, the joint performance optimization scheme is formulated as a Markov decision process (MDP). Furthermore, we design a deep deterministic policy gradient (DDPG)-based algorithm to solve the MDP problem and define the multiple and variable number of consecutive time slots as a decision epoch to conduct model training. Specifically, DDPG can solve an MDP problem with a continuous action space and it only requires a straightforward actor-critic architecture, making it suitable for tackling the dynamics and complexity of the MEC-enabled blockchain system. As demonstrated by simulations, the proposed scheme can achieve performance improvements over the deep Q network (DQN)-based scheme and some other greedy schemes in terms of long-term transactional throughput.

Trustworthiness and a Zero Leakage OTMP-P2L Scheme Based on NP Problems for Edge Security Access.

Resource constraints have prevented comprehensive cryptography and multifactor authentication in numerous Internet of Things (IoT) connectivity scenarios. Existing IoT systems generally adopt lightweight security protocols that lead to compromise and privacy leakage. Edge computing enables better access control and privacy protection, furthermore, blockchain architecture has achieved a trusted store of value by open-source and distributed consensus mechanisms. To embrace these new paradigms, we propose a scheme that employs one-time association multitasking proofs for peer to local authentication (OTMP-P2L). The scheme chooses relevant nondeterministic polynomial (NP) problem tasks, and manages localized trust and anonymity by using smart devices such as phones and pads, thereby enabling IoT devices to autonomously perform consensus validation with an enhanced message authentication code. This nested code is a one-time zero-knowledge proof that comprises multiple logic verification arguments. To increase diversity and reduce the workload of each one, these arguments are chained by a method that establishes some of the inputs of the following task from the output of previous tasks. We implemented a smart lock system and confirmed that the scheme outperforms IoT authentication methods. The result demonstrates superior flexibility through dynamic difficulty strategies and succinct non-interactive peer-to-peer (P2P) verification.