RESUMO
With the significant increase in cyber-attacks and attempts to gain unauthorised access to systems and information, Network Intrusion-Detection Systems (NIDSs) have become essential detection tools. Anomaly-based systems use machine learning techniques to distinguish between normal and anomalous traffic. They do this by using training datasets that have been previously gathered and labelled, allowing them to learn to detect anomalies in future data. However, such datasets can be accidentally or deliberately contaminated, compromising the performance of NIDS. This has been the case of the UGR'16 dataset, in which, during the labelling process, botnet-type attacks were not identified in the subset intended for training. This paper addresses the mislabelling problem of real network traffic datasets by introducing a novel methodology that (i) allows analysing the quality of a network traffic dataset by identifying possible hidden or unidentified anomalies and (ii) selects the ideal subset of data to optimise the performance of the anomaly detection model even in the presence of hidden attacks erroneously labelled as normal network traffic. To this end, a two-step process that makes incremental use of the training dataset is proposed. Experiments conducted on the contaminated UGR'16 dataset in conjunction with the state-of-the-art NIDS, Kitsune, conclude with the feasibility of the approach to reveal observations of hidden botnet-based attacks on this dataset.
RESUMO
The Internet of Things (IoT) introduces significant security vulnerabilities, raising concerns about cyber-attacks. Attackers exploit these vulnerabilities to launch distributed denial-of-service (DDoS) attacks, compromising availability and causing financial damage to digital infrastructure. This study focuses on mitigating DDoS attacks in corporate local networks by developing a model that operates closer to the attack source. The model utilizes Host Intrusion Detection Systems (HIDS) to identify anomalous behaviors in IoT devices and employs network-based intrusion detection approaches through a Network Intrusion Detection System (NIDS) for comprehensive attack identification. Additionally, a Host Intrusion Detection and Prevention System (HIDPS) is implemented in a fog computing infrastructure for real-time and precise attack detection. The proposed model integrates NIDS with federated learning, allowing devices to locally analyze their data and contribute to the detection of anomalous traffic. The distributed architecture enhances security by preventing volumetric attack traffic from reaching internet service providers and destination servers. This research contributes to the advancement of cybersecurity in local network environments and strengthens the protection of IoT networks against malicious traffic. This work highlights the efficiency of using a federated training and detection procedure through deep learning to minimize the impact of a single point of failure (SPOF) and reduce the workload of each device, thus achieving accuracy of 89.753% during detection and increasing privacy issues in a decentralized IoT infrastructure with a near-real-time detection and mitigation system.
RESUMO
In the context of 6G technology, the Internet of Everything aims to create a vast network that connects both humans and devices across multiple dimensions. The integration of smart healthcare, agriculture, transportation, and homes is incredibly appealing, as it allows people to effortlessly control their environment through touch or voice commands. Consequently, with the increase in Internet connectivity, the security risk also rises. However, the future is centered on a six-fold increase in connectivity, necessitating the development of stronger security measures to handle the rapidly expanding concept of IoT-enabled metaverse connections. Various types of attacks, often orchestrated using botnets, pose a threat to the performance of IoT-enabled networks. Detecting anomalies within these networks is crucial for safeguarding applications from potentially disastrous consequences. The voting classifier is a machine learning (ML) model known for its effectiveness as it capitalizes on the strengths of individual ML models and has the potential to improve overall predictive performance. In this research, we proposed a novel classification technique based on the DRX approach that combines the advantages of the Decision tree, Random forest, and XGBoost algorithms. This ensemble voting classifier significantly enhances the accuracy and precision of network intrusion detection systems. Our experiments were conducted using the NSL-KDD, UNSW-NB15, and CIC-IDS2017 datasets. The findings of our study show that the DRX-based technique works better than the others. It achieved a higher accuracy of 99.88% on the NSL-KDD dataset, 99.93% on the UNSW-NB15 dataset, and 99.98% on the CIC-IDS2017 dataset, outperforming the other methods. Additionally, there is a notable reduction in the false positive rates to 0.003, 0.001, and 0.00012 for the NSL-KDD, UNSW-NB15, and CIC-IDS2017 datasets.
RESUMO
Rock detention structures (RDS) are used in restoration of riparian areas around the world. The purpose of this study was to analyze the effect of RDS installation on vegetation in terms of species abundance and composition. We present the results from 5 years of annual vegetation sampling which focused on short term non-woody vegetation response within the riparian channel at 3 restoration sites across southeastern Arizona. We examined the potential ways that RDS can preserve native species, encourage wetland species, and/or introduce nonnative species using a Control-Impact-Paired-Series study design. Species composition and frequency were measured within quadrats and zones on an annual basis. Multivariate bootstrap analyses were performed, including Bray-Curtis dissimilarity index and non-metric multidimensional scaling ordination. We found that response to RDS was variable and could be related to the level of degradation or proximity to groundwater. The non-degraded site did not show a response to RDS and the severely degraded site showed a slight increase in vegetation frequency, but the moderately degraded site experienced a significant increase. At the moderately degraded site, located between two historic ciénegas (desert wetlands), species composition shifted and nonnative species invaded, dominating the vegetation increase at this location. At the severely degraded site, pre-existing wetland species frequency increased in response to the installation of RDS. These findings extend the understanding of RDS effects on vegetation, provide scenarios to help land and water resource managers understand potential outcomes, and can assist in optimizing success for restoration projects.
Assuntos
Água Subterrânea , Áreas Alagadas , Estados Unidos , Arizona , Recursos Hídricos , EcossistemaRESUMO
Machine learning-based Network Intrusion Detection Systems (NIDS) are designed to protect networks by identifying anomalous behaviors or improper uses. In recent years, advanced attacks, such as those mimicking legitimate traffic, have been developed to avoid alerting such systems. Previous works mainly focused on improving the anomaly detector itself, whereas in this paper, we introduce a novel method, Test-Time Augmentation for Network Anomaly Detection (TTANAD), which utilizes test-time augmentation to enhance anomaly detection from the data side. TTANAD leverages the temporal characteristics of traffic data and produces temporal test-time augmentations on the monitored traffic data. This method aims to create additional points of view when examining network traffic during inference, making it suitable for a variety of anomaly detector algorithms. Our experimental results demonstrate that TTANAD outperforms the baseline in all benchmark datasets and with all examined anomaly detection algorithms, according to the Area Under the Receiver Operating Characteristic (AUC) metric.
RESUMO
The explosive growth of the Internet of Things (IoT) applications has imposed a dramatic increase of network data and placed a high computation complexity across various connected devices. The IoT devices capture valuable information, which allows the industries or individual users to make critical live dependent decisions. Most of these IoT devices have resource constraints such as low CPU, limited memory, and low energy storage. Hence, these devices are vulnerable to cyber-attacks due to the lack of capacity to run existing general-purpose security software. It creates an inherent risk in IoT networks. The multi-access edge computing (MEC) platform has emerged to mitigate these constraints by relocating complex computing tasks from the IoT devices to the edge. Most of the existing related works are focusing on finding the optimized security solutions to protect the IoT devices. We believe distributed solutions leveraging MEC should draw more attention. This paper presents a comprehensive review of state-of-the-art network intrusion detection systems (NIDS) and security practices for IoT networks. We have analyzed the approaches based on MEC platforms and utilizing machine learning (ML) techniques. The paper also performs a comparative analysis on the public available datasets, evaluation metrics, and deployment strategies employed in the NIDS design. Finally, we propose an NIDS framework for IoT networks leveraging MEC.
RESUMO
Recently, smart cities have increasingly been experiencing an evolution to improve the lifestyle of citizens and society. These emerge from the innovation of information and communication technologies (ICT) which are able to create a new economic and social opportunities. However, there are several challenges regarding our security and expectation of privacy. People are already involved and interconnected by using smart phones and other appliances. In many cities, smart energy meters, smart devices, and security appliances have recently been standardized. Full connectivity between public venues, homes, cares, and some other social systems are on their way to be applied, which are known as Internet of Things. In this paper, we aim to enhance the performance of security in smart city communication networks by using a new framework and scheme that provide an authentication and high confidentiality of data. The smart city system can achieve mutual authentication and establish the shared session key schemes between smart meters and the control center in order to secure a two-way communication channel. In our extensive simulation, we investigated and evaluated the security performance of the smart city communication network with and without our proposed scheme in terms of throughput, latency, load, and traffic received packet per seconds. Furthermore, we implemented and applied a man-in-the-middle (MITM) attack and network intrusion detection system (NIDS) in our proposed technique to validate and measure the security requirements maintaining the constrained resources.
Assuntos
Segurança Computacional , Internet das Coisas , Cidades , Confidencialidade , Humanos , PrivacidadeRESUMO
The study sought to ascertain the changes in the food insecurity status of households during the COVID-19 pandemic. The study made use of secondary data obtained from the 5 Waves of the National Income Dynamics Study-Coronavirus Rapid Mobile Survey (NIDS-CRAM). Descriptive statistics, food insecurity index and independent sample t-test were used to compare the mean differences in the food insecurity statuses of the households over the 5 Waves. The study found that there was an increase in food insecurity as the COVID-19 progressed from Wave 1 to 5. Significant differences at the 1% level were observed between Wave 5 and Wave 1 as well as between Wave 5 and Wave 3. The study concludes that there was food security in the initial progression of the COVID-19 pandemic which deteriorated. The study recommends a reconsideration of the scrapping of the top ups on the social grants. This will likely tighten the dire economic situation the households find themselves in. There is need to expand the social safety nets to accommodate the vulnerable in society. Short and localised value chains should be promoted to improve food accessibility during times of crisis.
RESUMO
As network attacks are constantly and dramatically evolving, demonstrating new patterns, intelligent Network Intrusion Detection Systems (NIDS), using deep-learning techniques, have been actively studied to tackle these problems. Recently, various autoencoders have been used for NIDS in order to accurately and promptly detect unknown types of attacks (i.e., zero-day attacks) and also alleviate the burden of the laborious labeling task. Although the autoencoders are effective in detecting unknown types of attacks, it takes tremendous time and effort to find the optimal model architecture and hyperparameter settings of the autoencoders that result in the best detection performance. This can be an obstacle that hinders practical applications of autoencoder-based NIDS. To address this challenge, we rigorously study autoencoders using the benchmark datasets, NSL-KDD, IoTID20, and N-BaIoT. We evaluate multiple combinations of different model structures and latent sizes, using a simple autoencoder model. The results indicate that the latent size of an autoencoder model can have a significant impact on the IDS performance.
RESUMO
Cyber-attack detection via on-gadget embedded models and cloud systems are widely used for the Internet of Medical Things (IoMT). The former has a limited computation ability, whereas the latter has a long detection time. Fog-based attack detection is alternatively used to overcome these problems. However, the current fog-based systems cannot handle the ever-increasing IoMT's big data. Moreover, they are not lightweight and are designed for network attack detection only. In this work, a hybrid (for host and network) lightweight system is proposed for early attack detection in the IoMT fog. In an adaptive online setting, six different incremental classifiers were implemented, namely a novel Weighted Hoeffding Tree Ensemble (WHTE), Incremental K-Nearest Neighbors (IKNN), Incremental Naïve Bayes (INB), Hoeffding Tree Majority Class (HTMC), Hoeffding Tree Naïve Bayes (HTNB), and Hoeffding Tree Naïve Bayes Adaptive (HTNBA). The system was benchmarked with seven heterogeneous sensors and a NetFlow data infected with nine types of recent attack. The results showed that the proposed system worked well on the lightweight fog devices with ~100% accuracy, a low detection time, and a low memory usage of less than 6 MiB. The single-criteria comparative analysis showed that the WHTE ensemble was more accurate and was less sensitive to the concept drift.
Assuntos
Internet das Coisas , Teorema de Bayes , Big Data , Diagnóstico PrecoceRESUMO
Background: This study aimed to assess the impact of the COVID-19 pandemic on the disease burden of Taiwan's notifiable infectious diseases (NIDs). We compared disease burdens between the pandemic and pre-pandemic year of 2020 (with non-pharmaceutical interventions (NPIs)) and 2010 (without NPIs), respectively, to understand the overall pandemic impact on NIDs in Taiwan. Methods: Forty-three national NIDs were analyzed using the Statistics of Communicable Diseases and Surveillance Report by estimating the premature death and disability via different transmission categories, sex, and age groups. The study evaluated the impact of diseases by assessing the years lost due to death (YLLs), the duration of living with disability (YLDs), and the overall disability-adjusted life years (DALYs) by measuring both the severity of the illness and its duration. Results: Taiwan recorded 1,577 (2010) and 1,260 (2020) DALYs per million population and lost 43 NIDs, decreasing 317 DALYs per million population. Tuberculosis, HIV/AIDS and acute hepatitis B/D were the leading causes of DALYs, accounting for 89% (2010) and 77% (2020). Conclusion: Overall, this study provided the first insight of changes in disease burdens in NIDs between pre- and post-COVID-19 based on a nationwide viewpoint for further preventive measures and interventions to be focused on specific diseases by associated health administrations and policies.
Assuntos
COVID-19 , SARS-CoV-2 , Humanos , Taiwan/epidemiologia , COVID-19/epidemiologia , COVID-19/prevenção & controle , Masculino , Feminino , Efeitos Psicossociais da Doença , Anos de Vida Ajustados por Deficiência , Doenças Transmissíveis/epidemiologia , Adulto , Pandemias/prevenção & controle , Pessoa de Meia-Idade , IdosoRESUMO
BACKGROUND: Perpetual food insecurity has long-term health and development effects on populations. The global pandemic created sub-populations that were newly food insecure, but there exists sub-populations were food insecure, and COVID-19 held that situation. This study seeks to identify the demographic and socioeconomic characteristics of the perpetually food insecure in South Africa in order to obtain specific evidence of populations to be prioritised in the post-pandemic era. METHODS: Secondary data from the South African National Income Dynamics CRAM Survey for rounds (Waves) 1 and 5 are analysed. The study population are those respondents who reported a household member not having enough food to eat in the early stages of the pandemic (1st round) and remained without sufficient food a year later (5th round). The study controls for the demographic and socioeconomic characteristics of the population but also changes to employment status, social grant access and willingness to be vaccinated. Descriptive and analytical statistical tests are used. RESULTS: A total of 26.15% of respondents were food insecure at the start of the pandemic. Of these, 41.09% remained food insecure a year later. The drivers of perpetual food insecurity during the pandemic include unemployment (OR = 2.09; CI 1.335293-3.265678), still being unemployed (OR = 1.86; CI 1.308032-2.636252), seven or more (≥ 7) household members (OR = 1.24; CI 1.1611329-1.610126), those with only a primary education (OR = 1.11; CI 1.5051066-2.434695), participants between the ages of 45 and 64 years old (ORs = 1.03 and 1.20; CIs 1.0171956-1.0171956 and 1.1733304-2.144875, respectively) and women (OR = 1.09; CI 1.0745444-1.406035). CONCLUSIONS: South Africa needs to address socioeconomic challenges and inequalities to assist the perpetually food insecure and to ensure that, should there be a pandemic resurgence, or a new pandemic, individuals and households in the country are in a better financial situation and appropriately supported to avoid food insecurity at all costs.
Assuntos
COVID-19 , Insegurança Alimentar , Humanos , Pessoa de Meia-Idade , COVID-19/epidemiologia , Escolaridade , África do Sul/epidemiologiaRESUMO
The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulted in a continuous increase of network security threats. Cyber attackers seek to exploit vulnerabilities in network architecture to steal valuable information or disrupt computer resources. Network Intrusion Detection System (NIDS) is used to effectively detect various attacks, thus providing timely protection to network resources from these attacks. To implement NIDS, a stream of supervised and unsupervised machine learning approaches is applied to detect irregularities in network traffic and to address network security issues. Such NIDSs are trained using various datasets that include attack traces. However, due to the advancement in modern-day attacks, these systems are unable to detect the emerging threats. Therefore, NIDS needs to be trained and developed with a modern comprehensive dataset which contains contemporary common and attack activities. This paper presents a framework in which different machine learning classification schemes are employed to detect various types of network attack categories. Five machine learning algorithms: Random Forest, Decision Tree, Logistic Regression, K-Nearest Neighbors and Artificial Neural Networks, are used for attack detection. This study uses a dataset published by the University of New South Wales (UNSW-NB15), a relatively new dataset that contains a large amount of network traffic data with nine categories of network attacks. The results show that the classification models achieved the highest accuracy of 89.29% by applying the Random Forest algorithm. Further improvement in the accuracy of classification models is observed when Synthetic Minority Oversampling Technique (SMOTE) is applied to address the class imbalance problem. After applying the SMOTE, the Random Forest classifier showed an accuracy of 95.1% with 24 selected features from the Principal Component Analysis method.
RESUMO
BACKGROUND: After the last outbreak of wild polio infection in Baghdad, April 2014, the Iraqi response to the outbreak was activated through solid surveillance of Acute Flaccid Paralysis (AFP) case detection in all governorates to interrupt the circulation of poliovirus in addition to the strengthening of Expanded Program on Immunization. This response to the last outbreak has to be evaluated independently to ensure effective mopping and surveillance to stop further outbreak all over the country including the holy province Karbala. We aimed to evaluate the response to the last polio outbreak by evaluating surveillance activities of acute flaccid paralysis cases whether they meet the recommended standards. METHODS: Observational evaluation study conducted through August 15-25, 2015. Checking of Acute Flaccid Paralysis surveillance (AFP) activity through detection of nonPolio acute flaccid paralysis rate and immediate reporting with adequate stool sampling, and 60 days follow-up examination four districts of the province. The reviewing checked whether the surveillance system in Karbala met the global standards required for stopping wild poliovirus circulation. The evaluation included immunization coverage rates and active National Immunization days of oral polio vaccine campaigns. RESULTS: During the period of review, the core surveillance indicators in Karbala met the globally set standards. Percent of acute flaccid paralysis cases with specimens reached to the reference laboratory within 3 days was 100%. Nonpolio cases was 4.2 per 100000 population under 15 years of age through week 33 of the year 2015. Eleven AFP cases were reported from all districts of Karbala among Population of children under 15 years of age. The percentage of cases with adequate specimens was 100% in 2015 versus 93% in 2014. The percent of AFP Cases notified within 7 days of paralysis onset (during first 33 weeks) was 100% in 2015 versus 87% in 2014. CONCLUSIONS: As Karbala response to polio outbreak met the target global indicators and standards of polio surveillance. The circulation of the virus in this locality was interrupted and further transmission of the disease is unlikely.
RESUMO
Neuroleptics can induce not only physical adverse effects but also mental effects that produce deficit status in thought, affect, cognition, and behavior. This condition is known as neuroleptic-induced deficit syndrome (NIDS), which includes apathy, lack of initiative, anhedonia, indifference, blunted affect, and reduced insight into disease. Although this old concept now appears almost forgotten, neuroleptics, whether typical or atypical, can make depression or bipolar disorder resemble other more refractory conditions, readily leading to mistaken diagnosis and inappropriate treatment. The authors describe three cases of NIDS superimposed on depressive phase in bipolar disorder with psychosis, where the attending psychiatrist's failure to recognize NIDS prevented patients from receiving effective treatment and achieving remission. All cases achieved remission after reduction of neuroleptics and intensive therapy, including electroconvulsive therapy, for bipolar depression. The concept of NIDS was originally introduced for schizophrenia, and it has rarely been highlighted in other diseases. In recent years, however, atypical antipsychotics are being more often administered to patients with bipolar disorder. Psychiatrists, therefore, should also remember and exercise caution regarding NIDS in the pharmacotherapy of bipolar disorder with and without psychosis. The authors believe that the concept of NIDS needs to be reappraised in current psychiatry.