List of Articles Intrusion Detection

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - Incentive reward mechanism for Participants to the human computing system of Intrusion Detection Based on Game Theory
  yahya lormohammad hasani esfandghe majid ghayori
  20.1001.1.27170414.1399.12.43.6.7
  Despite the tremendous advances in the design of human computing systems, most of them suffer from low participation or poor quality participation and a high percentage of them fail. To a large extent, the success of these systems depends on people who really behave in More

  Despite the tremendous advances in the design of human computing systems, most of them suffer from low participation or poor quality participation and a high percentage of them fail. To a large extent, the success of these systems depends on people who really behave in the system. Because human computing systems include small units of work, and each job yields little benefit to the participants, humans display a good behavior in the system if they are well-stimulated for doing so. In this paper, this issue investigated in the Intrusion Detection Human Computation system. Our purpose of creating the stimulus for increasing of employee participation is to do their jobs carefully and effortlessly with the lowest possible cost. After selecting the appropriate stimuli for this system, we designed the mechanism of rewarding incentives. The idea behind this mechanism is to use the skill of the staff in determining their rewards. After designing this mechanism, we used the theory of games to analyze and determine the game's balance. Then, we determine the minimum possible reward for each category of work using the results obtained from the mechanism analysis based on game theory. We validate of this mechanism using game theory and the results of implementation. Designing this mechanism will increase the accuracy of respondents in answering and as a result, increase the accuracy of the human intelligence detection system in identifying new attacks and reducing their erroneous alert rates. Also, by allocating the lowest financial resources required to employees based on the analysis obtained from the game theory and managing human computing system of Intrusion Detection, encourages participants to participate in the system and, as a result, prevent the failure of the human computing system of intrusion detection. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - Intrusion Detection Based on Cooperation on the Permissioned Blockchain Platform in the Internet of Things Using Machine Learning
  Mohammad Mahdi  Abdian majid ghayori Seyed Ahmad  Eftekhari
  Intrusion detection systems seek to realize several objectives, such as increasing the true detection rate, reducing the detection time, reducing the computational load, and preserving the resulting logs in such a way that they cannot be manipulated or deleted by unauth More

  Intrusion detection systems seek to realize several objectives, such as increasing the true detection rate, reducing the detection time, reducing the computational load, and preserving the resulting logs in such a way that they cannot be manipulated or deleted by unauthorized people. Therefore, this study seeks to solve the challenges by benefiting from the advantages of blockchain technology, its durability, and relying on IDS architecture based on multi-node cooperation. The proposed model is an intrusion detection engine based on the decision tree algorithm implemented in the nodes of the architecture. The architecture consists of several connected nodes on the blockchain platform. The resulting model and logs are stored on the blockchain platform and cannot be manipulated. In addition to the benefits of using blockchain, reduced occupied memory, the speed, and time of transactions are also improved by blockchain. In this research, several evaluation models have been designed for single-node and multi-node architectures on the blockchain platform. Finally, proof of architecture, possible threats to architecture, and defensive ways are explained. The most important advantages of the proposed scheme are the elimination of the single point of failure, maintaining trust between nodes, and ensuring the integrity of the model, and discovered logs. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - An Intrusion Detection System based on Deep Learning for CAN Bus
  Fatemeh Asghariyan Mohsen Raji
  20.1001.1.27170411.1402.15.57.2.7
  In recent years, with the advancement of automotive electronics and the development of modern vehicles with the help of embedded systems and portable equipment, in-vehicle networks such as the controller area network (CAN) have faced new security risks. Since the CAN bu More

  In recent years, with the advancement of automotive electronics and the development of modern vehicles with the help of embedded systems and portable equipment, in-vehicle networks such as the controller area network (CAN) have faced new security risks. Since the CAN bus lacks security systems such as authentication and encryption to deal with cyber-attacks, the need for an intrusion detection system to detect attacks on the CAN bus seem to be very necessary. In this paper, a deep adversarial neural network (DACNN) is proposed to detect various types of security intrusions in CAN buses. For this purpose, the DACNN method, which is an extension of the CNN method using adversarial learning, detects intrusion in three stages; In the first stage, CNN acts as a feature descriptor and the main features are extracted, and in the second stage, the discriminating classifier classifies these features and finally, the intrusion is detected using the adversarial learning. In order to show the efficiency of the proposed method, a real open source dataset was used in which the CAN network traffic on a real vehicle during message injection attacks is recorded on a real vehicle. The obtained results show that the proposed method performs better than other machine learning methods in terms of false negative rate and error rate, which is less than 0.1% for DoS and drive gear forgery attack and RPM forgery attack while this rate is less than 0.5% for fuzzy attack. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  4 - Improvement of intrusion detection system on Industrial Internet of Things based on deep learning using metaheuristic algorithms
  mohammadreza zeraatkarmoghaddam majid ghayori
  20.1001.1.27170411.1402.15.57.12.7
  Due to the increasing use of industrial Internet of Things (IIoT) systems, one of the most widely used security mechanisms is intrusion detection system (IDS) in the IIoT. In these systems, deep learning techniques are increasingly used to detect attacks, anomalies or i More

  Due to the increasing use of industrial Internet of Things (IIoT) systems, one of the most widely used security mechanisms is intrusion detection system (IDS) in the IIoT. In these systems, deep learning techniques are increasingly used to detect attacks, anomalies or intrusions. In deep learning, the most important challenge for training neural networks is determining the hyperparameters in these networks. To overcome this challenge, we have presented a hybrid approach to automate hyperparameter tuning in deep learning architecture by eliminating the human factor. In this article, an IDS in IIoT based on convolutional neural networks (CNN) and recurrent neural network based on short-term memory (LSTM) using metaheuristic algorithms of particle swarm optimization (PSO) and Whale (WOA) is used. This system uses a hybrid method based on neural networks and metaheuristic algorithms to improve neural network performance and increase detection rate and reduce neural network training time. In our method, considering the PSO-WOA algorithm, the hyperparameters of the neural network are determined automatically without the intervention of human agent. In this paper, UNSW-NB15 dataset is used for training and testing. In this research, the PSO-WOA algorithm has use optimized the hyperparameters of the neural network by limiting the search space, and the CNN-LSTM neural network has been trained with this the determined hyperparameters. The results of the implementation indicate that in addition to automating the determination of hyperparameters of the neural network, the detection rate of are method improve 98.5, which is a good improvement compared to other methods. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  5 - Intrusion Detection Based on Cooperation on the Permissioned Blockchain Platform in the Internet of Things Using Machine Learning
  Mohammad Mahdi  Abdian majid ghayori Seyed Ahmad  Eftekhari
  Intrusion detection systems seek to realize several objectives, such as increasing the true detection rate, reducing the detection time, reducing the computational load, and preserving the resulting logs in such a way that they cannot be manipulated or deleted by unauth More

  Intrusion detection systems seek to realize several objectives, such as increasing the true detection rate, reducing the detection time, reducing the computational load, and preserving the resulting logs in such a way that they cannot be manipulated or deleted by unauthorized people. Therefore, this study seeks to solve the challenges by benefiting from the advantages of blockchain technology, its durability, and relying on IDS architecture based on multi-node cooperation. The proposed model is an intrusion detection engine based on the decision tree algorithm implemented in the nodes of the architecture. The architecture consists of several connected nodes on the blockchain platform. The resulting model and logs are stored on the blockchain platform and cannot be manipulated. In addition to the benefits of using blockchain, reduced occupied memory, the speed, and time of transactions are also improved by blockchain. In this research, several evaluation models have been designed for single-node and multi-node architectures on the blockchain platform. Finally, proof of architecture, possible threats to architecture, and defensive ways are explained. The most important advantages of the proposed scheme are the elimination of the single point of failure, maintaining trust between nodes, and ensuring the integrity of the model, and discovered logs. Manuscript profile