Network Security in Artificial Intelligence Systems

A special issue of Mathematics (ISSN 2227-7390). This special issue belongs to the section "Network Science".

Deadline for manuscript submissions: 10 May 2025 | Viewed by 17392

Special Issue Editors


E-Mail Website
Guest Editor
Department of Computer Sciences and Information Engineering, National Chiayi University, Chiayi City 600355, Taiwan
Interests: antisproofing; information security; multimedia application; secret sharing application; security and privacy issues

E-Mail Website
Guest Editor
Division of Information Science, Graduate School of Science and Technology, Nara Institute of Science and Technology, Nara 630-0192, Japan
Interests: social computing; geo-social media; spatio-temporal database; crowd-sourced data analysis; medical informatics

E-Mail Website
Guest Editor
Program of Artificial Intelligence and Information Security, Fu Jen Catholic University, New Taipei City 242062, Taiwan
Interests: information and network security; wireless sensor networks; mobile computing security; Internet of Things security; cloud computing security; blockchain security and its application; RFID security and its application; telemedicine information system security; security protocols for ad hoc networks; information retrieval and dictionary search
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Information Management, Yuan Ze University, Taoyuan City 32003, Taiwan
Interests: information security; artificial intelligence; image processing; medical image; cloud computing

Special Issue Information

Dear Colleagues,

AI network security refers to the measures taken to protect artificial intelligence (AI) systems and their networks from unauthorized access, theft, damage, and disruption. With the increasing use of AI in various industries and applications, the need for secure AI networks has become more critical. This is due to the sensitive nature of AI data (big data), which may contain confidential information, as well as the potential consequences of AI systems being compromised, such as the loss of data, reduced system availability, and reputational damage, among others. Encryption is one of the most important methods used in AI network security. Another important method is the use of firewalls, which are hardware or software systems that block unauthorized access to a network. Firewalls can be configured to allow only approved traffic to enter the network, reducing the risk of cyberattacks.

Intrusion detection and prevention systems are also used in AI network security. These systems monitor network activity and identify suspicious behavior, allowing administrators to respond quickly to potential threats. Access control systems, which limit access to sensitive data based on user roles and permissions, are another important part of AI network security. By ensuring that only authorized users can access sensitive data, the risk of unauthorized access or theft is reduced. Editors are invited to submit original and high-quality papers on the application of network security in artificial intelligence systems.

Dr. Chi-Yao Weng
Dr. Shoko Wakamiya
Prof. Dr. Chun-Ta Li
Dr. Cheng-Ta Huang
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Mathematics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • intrusion detection systems
  • decentralized AI systems
  • access control
  • cybersecurity
  • encryption
  • AI network security
  • machine learning
  • application of information security

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (7 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

27 pages, 5309 KiB  
Article
A Hybrid Optimization Model for Efficient Detection and Classification of Malware in the Internet of Things
by Ijaz Ahmad, Zhong Wan, Ashfaq Ahmad and Syed Sajid Ullah
Mathematics 2024, 12(10), 1437; https://doi.org/10.3390/math12101437 - 7 May 2024
Cited by 2 | Viewed by 1360
Abstract
The proliferation of Internet of Things (IoT) devices and their integration into critical infrastructure and business operations has rendered them susceptible to malware and cyber-attacks. Such malware presents a threat to the availability and reliability of IoT devices, and a failure to address [...] Read more.
The proliferation of Internet of Things (IoT) devices and their integration into critical infrastructure and business operations has rendered them susceptible to malware and cyber-attacks. Such malware presents a threat to the availability and reliability of IoT devices, and a failure to address it can have far-reaching impacts. Due to the limited resources of IoT devices, traditional rule-based detection systems are often ineffective against sophisticated attackers. This paper addressed these issues by designing a new framework that uses a machine learning (ML) algorithm for the detection of malware. Additionally, it also employed sequential detection architecture and evaluated eight malware datasets. The design framework is lightweight and effective in data processing and feature selection algorithms. Moreover, this work proposed a classification model that utilizes one support vector machine (SVM) algorithm and is individually tuned with three different optimization algorithms. The employed optimization algorithms are Nuclear Reactor Optimization (NRO), Artificial Rabbits Optimization (ARO), and Particle Swarm Optimization (PSO). These algorithms are used to explore a diverse search space and ensure robustness in optimizing the SVM for malware detection. After extensive simulations, our proposed framework achieved the desired accuracy among eleven existing ML algorithms and three proposed ensemblers (i.e., NRO_SVM, ARO_SVM, and PSO_SVM). Among all algorithms, NRO_SVM outperforms the others with an accuracy rate of 97.8%, an F1 score of 97%, and a recall of 99%, and has fewer false positives and false negatives. In addition, our model successfully identified and prevented malware-induced attacks with a high probability of recognizing new evolving threats. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

14 pages, 5340 KiB  
Article
Improvement of Distributed Denial of Service Attack Detection through Machine Learning and Data Processing
by Fray L. Becerra-Suarez, Ismael Fernández-Roman and Manuel G. Forero
Mathematics 2024, 12(9), 1294; https://doi.org/10.3390/math12091294 - 25 Apr 2024
Cited by 4 | Viewed by 3016
Abstract
The early and accurate detection of Distributed Denial of Service (DDoS) attacks is a fundamental area of research to safeguard the integrity and functionality of organizations’ digital ecosystems. Despite the growing importance of neural networks in recent years, the use of classical techniques [...] Read more.
The early and accurate detection of Distributed Denial of Service (DDoS) attacks is a fundamental area of research to safeguard the integrity and functionality of organizations’ digital ecosystems. Despite the growing importance of neural networks in recent years, the use of classical techniques remains relevant due to their interpretability, speed, resource efficiency, and satisfactory performance. This article presents the results of a comparative analysis of six machine learning techniques, namely, Random Forest (RF), Decision Tree (DT), AdaBoost (ADA), Extreme Gradient Boosting (XGB), Multilayer Perceptron (MLP), and Dense Neural Network (DNN), for classifying DDoS attacks. The CICDDoS2019 dataset was used, which underwent data preprocessing to remove outliers, and 22 features were selected using the Pearson correlation coefficient. The RF classifier achieved the best accuracy rate (99.97%), outperforming other classifiers and even previously published neural network-based techniques. These findings underscore the feasibility and effectiveness of machine learning algorithms in the field of DDoS attack detection, reaffirming their relevance as a valuable tool in advanced cyber defense. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

26 pages, 6145 KiB  
Article
Next–Generation Intrusion Detection for IoT EVCS: Integrating CNN, LSTM, and GRU Models
by Dusmurod Kilichev, Dilmurod Turimov and Wooseong Kim
Mathematics 2024, 12(4), 571; https://doi.org/10.3390/math12040571 - 14 Feb 2024
Cited by 7 | Viewed by 2531
Abstract
In the evolving landscape of Internet of Things (IoT) and Industrial IoT (IIoT) security, novel and efficient intrusion detection systems (IDSs) are paramount. In this article, we present a groundbreaking approach to intrusion detection for IoT-based electric vehicle charging stations (EVCS), integrating the [...] Read more.
In the evolving landscape of Internet of Things (IoT) and Industrial IoT (IIoT) security, novel and efficient intrusion detection systems (IDSs) are paramount. In this article, we present a groundbreaking approach to intrusion detection for IoT-based electric vehicle charging stations (EVCS), integrating the robust capabilities of convolutional neural network (CNN), long short-term memory (LSTM), and gated recurrent unit (GRU) models. The proposed framework leverages a comprehensive real-world cybersecurity dataset, specifically tailored for IoT and IIoT applications, to address the intricate challenges faced by IoT-based EVCS. We conducted extensive testing in both binary and multiclass scenarios. The results are remarkable, demonstrating a perfect 100% accuracy in binary classification, an impressive 97.44% accuracy in six-class classification, and 96.90% accuracy in fifteen-class classification, setting new benchmarks in the field. These achievements underscore the efficacy of the CNN-LSTM-GRU ensemble architecture in creating a resilient and adaptive IDS for IoT infrastructures. The ensemble algorithm, accessible via GitHub, represents a significant stride in fortifying IoT-based EVCS against a diverse array of cybersecurity threats. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

24 pages, 3023 KiB  
Article
An Optimized Hybrid Deep Intrusion Detection Model (HD-IDM) for Enhancing Network Security
by Iftikhar Ahmad, Muhammad Imran, Abdul Qayyum, Muhammad Sher Ramzan and Madini O. Alassafi
Mathematics 2023, 11(21), 4501; https://doi.org/10.3390/math11214501 - 31 Oct 2023
Cited by 3 | Viewed by 1678
Abstract
Detecting cyber intrusions in network traffic is a tough task for cybersecurity. Current methods struggle with the complexity of understanding patterns in network data. To solve this, we present the Hybrid Deep Learning Intrusion Detection Model (HD-IDM), a new way that combines GRU [...] Read more.
Detecting cyber intrusions in network traffic is a tough task for cybersecurity. Current methods struggle with the complexity of understanding patterns in network data. To solve this, we present the Hybrid Deep Learning Intrusion Detection Model (HD-IDM), a new way that combines GRU and LSTM classifiers. GRU is good at catching quick patterns, while LSTM handles long-term ones. HD-IDM blends these models using weighted averaging, boosting accuracy, especially with complex patterns. We tested HD-IDM on four datasets: CSE-CIC-IDS2017, CSE-CIC-IDS2018, NSL KDD, and CIC-DDoS2019. The HD-IDM classifier achieved remarkable performance metrics on all datasets. It attains an outstanding accuracy of 99.91%, showcasing its consistent precision across the dataset. With an impressive precision of 99.62%, it excels in accurately categorizing positive cases, crucial for minimizing false positives. Additionally, maintaining a high recall of 99.43%, it effectively identifies the majority of actual positive cases while minimizing false negatives. The F1-score of 99.52% emphasizes its robustness, making it the top choice for classification tasks requiring precision and reliability. It is particularly good at ROC and precision/recall curves, discriminating normal and harmful network activities. While HD-IDM is promising, it has limits. It needs labeled data and may struggle with new intrusion methods. Future work should find ways to handle unlabeled data and adapt to emerging threats. Also, making HD-IDM work faster for real-time use and dealing with scalability challenges is key for its broader use in changing network environments. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

18 pages, 6078 KiB  
Article
Robust DDoS Attack Detection Using Piecewise Harris Hawks Optimizer with Deep Learning for a Secure Internet of Things Environment
by Mahmoud Ragab, Sultanah M. Alshammari, Louai A. Maghrabi, Dheyaaldin Alsalman, Turki Althaqafi and Abdullah AL-Malaise AL-Ghamdi
Mathematics 2023, 11(21), 4448; https://doi.org/10.3390/math11214448 - 27 Oct 2023
Cited by 5 | Viewed by 1729
Abstract
The Internet of Things (IoT) refers to the network of interconnected physical devices that are embedded with software, sensors, etc., allowing them to exchange and collect information. Although IoT devices have several advantages and can improve people’s efficacy, they also pose a security [...] Read more.
The Internet of Things (IoT) refers to the network of interconnected physical devices that are embedded with software, sensors, etc., allowing them to exchange and collect information. Although IoT devices have several advantages and can improve people’s efficacy, they also pose a security risk. The malicious actor frequently attempts to find a new way to utilize and exploit specific resources, and an IoT device is an ideal candidate for such exploitation owing to the massive number of active devices. Especially, Distributed Denial of Service (DDoS) attacks include the exploitation of a considerable number of devices like IoT devices, which act as bots and transfer fraudulent requests to the services, thereby obstructing them. There needs to be a robust system of detection based on satisfactory methods for detecting and identifying whether these attacks have occurred or not in a network. The most widely used technique for these purposes is artificial intelligence (AI), which includes the usage of Deep Learning (DL) and Machine Learning (ML) to find cyberattacks. The study presents a Piecewise Harris Hawks Optimizer with an Optimal Deep Learning Classifier (PHHO-ODLC) for a secure IoT environment. The fundamental goal of the PHHO-ODLC algorithm is to detect the existence of DDoS attacks in the IoT platform. The PHHO-ODLC method follows a three-stage process. At the initial stage, the PHHO algorithm can be employed to choose relevant features and thereby enhance the classification performance. Next, an attention-based bidirectional long short-term memory (ABiLSTM) network can be applied to the DDoS attack classification process. Finally, the hyperparameter selection of the ABiLSTM network is carried out by the use of a grey wolf optimizer (GWO). A widespread simulation analysis was performed to exhibit the improved detection accuracy of the PHHO-ODLC technique. The extensive outcomes demonstrated the significance of the PHHO-ODLC technique regarding the DDoS attack detection technique in the IoT platform. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

24 pages, 2882 KiB  
Article
Detection of Unknown DDoS Attack Using Convolutional Neural Networks Featuring Geometrical Metric
by Chin-Shiuh Shieh, Thanh-Tuan Nguyen and Mong-Fong Horng
Mathematics 2023, 11(9), 2145; https://doi.org/10.3390/math11092145 - 3 May 2023
Cited by 16 | Viewed by 3590
Abstract
DDoS attacks remain a persistent cybersecurity threat, blocking services to legitimate users and causing significant damage to reputation, finances, and potential customers. For the detection of DDoS attacks, machine learning techniques such as supervised learning have been extensively employed, but their effectiveness declines [...] Read more.
DDoS attacks remain a persistent cybersecurity threat, blocking services to legitimate users and causing significant damage to reputation, finances, and potential customers. For the detection of DDoS attacks, machine learning techniques such as supervised learning have been extensively employed, but their effectiveness declines when the framework confronts patterns exterior to the dataset. In addition, DDoS attack schemes continue to improve, rendering conventional data model-based training ineffectual. We have developed a novelty open-set recognition framework for DDoS attack detection to overcome the challenges of traditional methods. Our framework is built on a Convolutional Neural Network (CNN) construction featuring geometrical metric (CNN-Geo), which utilizes deep learning techniques to enhance accuracy. In addition, we have integrated an incremental learning module that can efficiently incorporate novel unknown traffic identified by telecommunication experts through the monitoring process. This unique approach provides an effective solution for identifying and alleviating DDoS. The module continuously improves the model’s performance by incorporating new knowledge and adapting to new attack patterns. The proposed model can detect unknown DDoS attacks with a detection rate of over 99% on conventional attacks from CICIDS2017. The model’s accuracy is further enhanced by 99.8% toward unknown attacks with the open datasets CICDDoS2019. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

24 pages, 3645 KiB  
Article
CBFISKD: A Combinatorial-Based Fuzzy Inference System for Keylogger Detection
by Femi Emmanuel Ayo, Joseph Bamidele Awotunde, Olasupo Ahmed Olalekan, Agbotiname Lucky Imoize, Chun-Ta Li and Cheng-Chi Lee
Mathematics 2023, 11(8), 1899; https://doi.org/10.3390/math11081899 - 17 Apr 2023
Cited by 6 | Viewed by 2173
Abstract
A keylogger is a type of spyware that records keystrokes from the user’s keyboard to steal confidential information. The problems with most keylogger methods are the lack of simulated keylogger patterns, the failure to maintain a database of current keylogger attack signatures, and [...] Read more.
A keylogger is a type of spyware that records keystrokes from the user’s keyboard to steal confidential information. The problems with most keylogger methods are the lack of simulated keylogger patterns, the failure to maintain a database of current keylogger attack signatures, and the selection of an appropriate threshold value for keylogger detection. In this study, a combinatorial-based fuzzy inference system for keylogger detection (CaFISKLD) was developed. CaFISKLD adopted back-to-back combinatorial algorithms to identify anomaly-based systems (ABS) and signature-based systems (SBS). The first combinatorial algorithm used a keylogger signature database to match incoming applications for keylogger detection. In contrast, the second combinatorial algorithm used a normal database to detect keyloggers that were not detected by the first combinatorial algorithm. As simulated patterns, randomly generated ASCII codes were utilized for training and testing the newly designed CaFISKLD. The results showed that the developed CaFISKLD improved the F1 score and accuracy of keylogger detection by 95.5% and 96.543%, respectively. The results also showed a decrease in the false alarm rate based on a threshold value of 12. The novelty of the developed CaFISKLD is based on using a two-level combinatorial algorithm for keylogger detection, using fuzzy logic for keylogger classification, and providing color codes for keylogger detection. Full article
(This article belongs to the Special Issue Network Security in Artificial Intelligence Systems)
Show Figures

Figure 1

Back to TopTop