Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
Machine Learning for Cybersecurity: Threat Detection and Mitigation
share announcement

Machine Learning for Cybersecurity: Threat Detection and Mitigation

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: 15 November 2024 | Viewed by 4400

Special Issue Editors

Dr. Abdussalam Elhanashi

E-Mail Website
Guest Editor
Department of Information Engineering, University of Pisa, Pisa 56122, Italy
Interests: deep learning; machine Learning; video processing; image processing; Internet of Things; cybersecurity; embedded systems
Dr. Pierpaolo Dini

E-Mail Website
Guest Editor
Department of Information Engineering, University of Pisa, Pisa 56122, Italy
Interests: MATLAB Simulation; cybersecurity; control theory; system modeling; machine learning

Special Issue Information

Dear Colleagues,

Machine Learning for Cybersecurity: Threat Detection and Mitigation is a critical application of artificial intelligence that plays a pivotal role in safeguarding digital systems and data. This technology leverages advanced algorithms and models to analyze vast amounts of data, identifying and addressing potential security threats in real-time. By scrutinizing network traffic, user behavior, and system vulnerabilities, machine learning systems can detect anomalies and patterns that signify potential attacks, thereby enhancing overall cybersecurity measures. These systems continuously adapt and evolve, learning from new threats and updating their defense mechanisms to remain ahead of cybercriminals. This approach greatly reduces false positives and helps security teams prioritize and respond to the most significant threats swiftly. Machine learning also enhances threat mitigation by automating the incident response process, reducing human intervention, and allowing organizations to thwart attacks before they can inflict substantial damage. Furthermore, it facilitates predictive analysis, allowing organizations to foresee and prevent potential threats. In a rapidly evolving digital landscape, machine learning for cybersecurity is indispensable, fortifying the defense of sensitive information and critical systems against the ever-growing array of cyber threats. This Special Issue is aimed at addressing issues that are involved in the analysis, design, and implementation of the different machine learning advancements for security applications.

Dr. Abdussalam Elhanashi
Dr. Pierpaolo Dini
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cybersecurity
  • intrusion detection
  • threat intelligence
  • anomaly detection
  • network security
  • malware analysis
  • deep learning
  • natural language processing
  • privacy preservation
  • adversarial attacks
  • data encryption
  • security risk assessment
  • authentication
  • vulnerability assessment
  • blockchain security
  • IoT security
  • cloud security
  • biometric authentication
  • cyber threat hunting
  • machine learning frameworks
  • security-aware AI
  • security policies
  • explainable AI
  • security incident response
  • secure data sharing

Published Papers (5 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

12 pages, 1946 KiB  
Article
HotCFuzz: Enhancing Vulnerability Detection through Fuzzing and Hotspot Code Coverage Analysis
by Chunlai Du, Yanhui Guo, Yifan Feng and Shijie Zheng
Electronics 2024, 13(10), 1909; https://doi.org/10.3390/electronics13101909 - 13 May 2024
Viewed by 415
Abstract
Software vulnerabilities present a significant cybersecurity threat, particularly as software code grows in size and complexity. Traditional vulnerability-mining techniques face challenges in keeping pace with this complexity. Fuzzing, a key automated vulnerability-mining approach, typically focuses on code branch coverage, overlooking syntactic and semantic [...] Read more.
Software vulnerabilities present a significant cybersecurity threat, particularly as software code grows in size and complexity. Traditional vulnerability-mining techniques face challenges in keeping pace with this complexity. Fuzzing, a key automated vulnerability-mining approach, typically focuses on code branch coverage, overlooking syntactic and semantic elements of the code. In this paper, we introduce HotCFuzz, a novel vulnerability-mining model centered on the coverage of hot code blocks. Leveraging vulnerability syntactic features to identify these hot code blocks, we devise a seed selection algorithm based on their coverage and integrate it into the established fuzzing test framework AFL. Experimental results demonstrate that HotCFuzz surpasses AFL, AFLGo, Beacon, and FairFuzz in terms of efficiency and time savings. Full article
(This article belongs to the Special Issue Machine Learning for Cybersecurity: Threat Detection and Mitigation)
Show Figures

Figure 1

19 pages, 349 KiB  
Article
Sampling-Based Machine Learning Models for Intrusion Detection in Imbalanced Dataset
by Zongwen Fan, Shaleeza Sohail, Fariza Sabrina and Xin Gu
Electronics 2024, 13(10), 1878; https://doi.org/10.3390/electronics13101878 - 11 May 2024
Viewed by 355
Abstract
Cybersecurity is one of the important considerations when adopting IoT devices in smart applications. Even though a huge volume of data is available, data related to attacks are generally in a significantly smaller proportion. Although machine learning models have been successfully applied for [...] Read more.
Cybersecurity is one of the important considerations when adopting IoT devices in smart applications. Even though a huge volume of data is available, data related to attacks are generally in a significantly smaller proportion. Although machine learning models have been successfully applied for detecting security attacks on smart applications, their performance is affected by the problem of such data imbalance. In this case, the prediction model is preferable to the majority class, while the performance for predicting the minority class is poor. To address such problems, we apply two oversampling techniques and two undersampling techniques to balance the data in different categories. To verify their performance, five machine learning models, namely the decision tree, multi-layer perception, random forest, XGBoost, and CatBoost, are used in the experiments based on the grid search with 10-fold cross-validation for parameter tuning. The results show that both the oversampling and undersampling techniques can improve the performance of the prediction models used. Based on the results, the XGBoost model based on the SMOTE has the best performance in terms of accuracy at 75%, weighted average precision at 82%, weighted average recall at 75%, weighted average F1 score at 78%, and Matthews correlation coefficient at 72%. This indicates that this oversampling technique is effective for multi-attack prediction under a data imbalance scenario. Full article
(This article belongs to the Special Issue Machine Learning for Cybersecurity: Threat Detection and Mitigation)
Show Figures

Figure 1

18 pages, 510 KiB  
Article
Learn-IDS: Bridging Gaps between Datasets and Learning-Based Network Intrusion Detection
by Minxiao Wang, Ning Yang, Yanhui Guo and Ning Weng
Electronics 2024, 13(6), 1072; https://doi.org/10.3390/electronics13061072 - 14 Mar 2024
Viewed by 654
Abstract
In an era marked by the escalating architectural complexity of the Internet, network intrusion detection stands as a pivotal element in cybersecurity. This paper introduces Learn-IDS, an innovative framework crafted to bridge existing gaps between datasets and the training process within deep learning [...] Read more.
In an era marked by the escalating architectural complexity of the Internet, network intrusion detection stands as a pivotal element in cybersecurity. This paper introduces Learn-IDS, an innovative framework crafted to bridge existing gaps between datasets and the training process within deep learning (DL) models for Network Intrusion Detection Systems (NIDS). To elevate conventional DL-based NIDS methods, which are frequently challenged by the evolving cyber threat landscape and exhibit limited generalizability across various environments, Learn-IDS works as a potent and adaptable platform and effectively tackles the challenges associated with datasets used in deep learning model training. Learn-IDS takes advantage of the raw data to address three challenges of existing published datasets, which are (1) the provided tabular format is not suitable for the diversity of DL models; (2) the fixed traffic instances are not suitable for the dynamic network scenarios; (3) the isolated published datasets cannot meet the cross-dataset requirement of DL-based NIDS studies. The data processing results illustrate that the proposed framework can correctly process and label the raw data with an average of 90% accuracy across three published datasets. To demonstrate how to use Learn-IDS for a DL-based NIDS study, we present two simple case studies. The case study on cross-dataset sampling function reports an average of 30.3% OOD accuracy improvement. The case study on data formatting function shows that introducing temporal information can enhance the detection accuracy by 4.1%.The experimental results illustrate that the proposed framework, through the synergistic fusion of datasets and DL models, not only enhances detection precision but also dynamically adapts to emerging threats within complex scenarios. Full article
(This article belongs to the Special Issue Machine Learning for Cybersecurity: Threat Detection and Mitigation)
Show Figures

Figure 1

12 pages, 1510 KiB  
Article
EPA-GAN: Electric Power Anonymization via Generative Adversarial Network Model
by Yixin Yang, Wen Shen, Qian Guo, Qiuhong Shan, Yihan Cai and Yubo Song
Electronics 2024, 13(5), 808; https://doi.org/10.3390/electronics13050808 - 20 Feb 2024
Viewed by 630
Abstract
The contemporary landscape of electricity marketing data utilization is characterized by increased openness, heightened data circulation, and more intricate interaction contexts. Throughout the entire lifecycle of data, the persistent threat of leakage is ever-present. In this study, we introduce a novel electricity data [...] Read more.
The contemporary landscape of electricity marketing data utilization is characterized by increased openness, heightened data circulation, and more intricate interaction contexts. Throughout the entire lifecycle of data, the persistent threat of leakage is ever-present. In this study, we introduce a novel electricity data anonymization model, termed EPA-GAN, which relies on table generation. In comparison to existing methodologies, our model extends the foundation of generative adversarial networks by incorporating feature encoders and feedback mechanisms. This adaptation enables the generation of anonymized data with heightened practicality and similarity to the original data, specifically tailored for mixed data types, thereby achieving a deliberate decoupling from the source data. Our proposed approach initiates by parsing the original JSON file, encoding it based on variable types and features using distinct feature encoders. Subsequently, a generative adversarial network, enhanced with information, downstream, generator losses, and the Was + GP modification, is employed to generate anonymized data. The introduction of random noise fortifies privacy protection during the data generation process. Experimental validation attests to a conspicuous reduction in both machine learning utility and statistical dissimilarity between the data synthesized by our proposed anonymization model and the original dataset. This substantiates the model’s efficacy in replacing the original data for mining analysis and data sharing, thereby effectively safeguarding the privacy of the source data. Full article
(This article belongs to the Special Issue Machine Learning for Cybersecurity: Threat Detection and Mitigation)
Show Figures

Figure 1

Review

Jump to: Research

25 pages, 872 KiB  
Review
Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions
by Rawan Bukhowah, Ahmed Aljughaiman and M. M. Hafizur Rahman
Electronics 2024, 13(6), 1031; https://doi.org/10.3390/electronics13061031 - 9 Mar 2024
Viewed by 916
Abstract
The Internet of Things (IoT) is a rapidly growing network that shares information over the Internet via interconnected devices. In addition, this network has led to new security challenges in recent years. One of the biggest challenges is the impact of denial-of-service (DoS) [...] Read more.
The Internet of Things (IoT) is a rapidly growing network that shares information over the Internet via interconnected devices. In addition, this network has led to new security challenges in recent years. One of the biggest challenges is the impact of denial-of-service (DoS) attacks on the IoT. The Information-Centric Network (ICN) infrastructure is a critical component of the IoT. The ICN has gained recognition as a promising networking solution for the IoT by supporting IoT devices to be able to communicate and exchange data with each other over the Internet. Moreover, the ICN provides easy access and straightforward security to IoT content. However, the integration of IoT devices into the ICN introduces new security challenges, particularly in the form of DoS attacks. These attacks aim to disrupt or disable the normal operation of the ICN, potentially leading to severe consequences for IoT applications. Machine learning (ML) is a powerful technology. This paper proposes a new approach for developing a robust and efficient solution for detecting DoS attacks in ICN-IoT networks using ML technology. ML is a subset of artificial intelligence (AI) that focuses on the development of algorithms. While several ML algorithms have been explored in the literature, including neural networks, decision trees (DTs), clustering algorithms, XGBoost, J48, multilayer perceptron (MLP) with backpropagation (BP), deep neural networks (DNNs), MLP-BP, RBF-PSO, RBF-JAYA, and RBF-TLBO, researchers compare these detection approaches using classification metrics such as accuracy. This classification metric indicates that SVM, RF, and KNN demonstrate superior performance compared to other alternatives. The proposed approach was carried out on the NDN architecture because, based on our findings, it is the most used one and has a high percentage of various types of cyberattacks. The proposed approach can be evaluated using an ndnSIM simulation and a synthetic dataset for detecting DoS attacks in ICN-IoT networks using ML algorithms. Full article
(This article belongs to the Special Issue Machine Learning for Cybersecurity: Threat Detection and Mitigation)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-5
Back to TopTop