Department of Computer Science and Information Systems

Permanent URI for this collectionhttp://localhost:4000/handle/123456789/1928

Browse

Subject: search.filters.subject.Anomaly detection

Search Results

Now showing 1 - 5 of 5
  • No Thumbnail Available
    Item
    Anomaly-based Intrusion Detection using GAN for Industrial Control Systems
    (IEEE, 2022) Viswanathan, Sangeetha
    In recent years, cyber-attacks on modern industrial control systems (ICS) have become more common and it acts as a victim to various kind of attackers. The percentage of attacked ICS computers in the world in 2021 is 39.6%. To identify the anomaly in a large database system is a challenging task. Deep-learning model provides better solutions for handling the huge dataset with good accuracy. On the other hand, real time datasets are highly imbalanced with their sample proportions. In this research, GAN based model, a supervised learning method which generates new fake samples that is similar to real samples has been proposed. GAN based adversarial training would address the class imbalance problem in real time datasets. Adversarial samples are combined with legitimate samples and shuffled via proper proportion and given as input to the classifiers. The generated data samples along with the original ones are classified using various machine learning classifiers and their performances have been evaluated. Gradient boosting was found to classify with 98% accuracy when compared to other
  • No Thumbnail Available
    Item
    Classifying DNS over HTTPS Malicious/Benign Traffic Using Deep Learning Models
    (IEEE, 2023) Viswanathan, Sangeetha
    As we live in an era where privacy over the Internet has become rudimentary, protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), which promote encryption, have become popular. While these protocols were introduced to overcome the drawbacks of DNS protocol, even DoH has some security issues that need to be tackled to prevent any misuse. Herein, we implemented deep learning models to classify DNS over HTTPS traffic and found the most efficient method in regard to time-required complexity and computational requirements. Previous studies have used a variety of features from datasets to identify malicious activities. Although machine learning and deep learning models are commonly used, they require more human intervention. These models are also more computationally complex, as one is required to tune the model and its parameters for accurate results. In comparison, some deep learning models are more efficient as they work well without any human intervention and are capable of parameter tuning by themselves. In this work, we used the CIRA-CIC-DoHBrw-2020 dataset and performed data imbalance handling, one hot encoding, and feature selection to create a model that can be used for a more generalized environment. We implemented long short-term memory (LSTM), bidirectional LSTM (BiLSTM), and gated recurrent unit (GRU) models to classify DoH traffic with high accuracy. Although the mentioned models produced good accuracy, the BiLSTM model performs better than the LSTM model in the time taken for prediction and accuracy; the GRU model outperformed both LSTM and BiLSTM models in terms of accuracy, computation time, and computation complexity. Hence, it is more efficient than both LSTM and BiLSTM models.
  • No Thumbnail Available
    Item
    DeepADV: A Deep Neural Network Framework for Anomaly Detection in VANETs
    (IEEE, 2021-09) Alladi, Tejasvi; Chamola, Vinay
    We are seeing a growth in the number of connected vehicles in Vehicular Ad-hoc Networks (VANETs) to achieve the goal of Intelligent Transportation System (ITS). This is leading to a connected vehicular network scenario with vehicles continuously broadcasting data to other vehicles on the road and the roadside network infrastructure. The presence of a large number of communicating vehicles greatly increases the number and types of possible anomalies in the network. Existing works provide solutions addressing specific anomalies in the network only. However, since there can be a multitude of anomalies possible in the network, there is a need for better anomaly detection frameworks that can address this unprecedented scenario. In this paper, we propose an anomaly detection framework for VANETs based on deep neural networks (DNNs) using a sequence reconstruction and thresholding algorithm. In this framework, the DNN architectures are deployed on the roadside units (RSUs) which receive the broadcast vehicular data and run anomaly detection tasks to classify a particular message sequence as anomalous or genuine. Multiple DNN architectures are implemented in this experiment and their performance is compared using key evaluation metrics. Performance comparison of the proposed framework is also drawn against the prior work in this area. Our best performing deep learning-based scheme detects anomalous sequences with an accuracy of 98%, a great improvement over the set benchmark.
  • No Thumbnail Available
    Item
    Edge Computing and Deep Learning Enabled Secure Multitier Network for Internet of Vehicles
    (IEEE, 2021-04) Alladi, Tejasvi; Chamola, Vinay; Singh, Dheerendra
    Internet of Vehicles (IoVs) are fast becoming the norm in our society, but such a trend also comes with its own set of challenges (e.g., new security and privacy risks due to the expanded attack vectors). In this work, we propose an edge-computing-based secure, efficient, and intelligent multitier heterogeneous IoVs network. We first discuss the functionality and objectives of such an architecture. Then, we demonstrate how unsupervised deep learning techniques can facilitate the identification of suspicious vehicle behavior and ensure the security of such an architecture. The findings from our evaluations demonstrate the learning spatiotemporal information and parameter efficiency of the proposed stacked long short-term memory (LSTM) model over single LSTMs.
  • No Thumbnail Available
    Item
    NovelADS: A Novel Anomaly Detection System for Intra-Vehicular Networks
    (IEEE, 2022-11) Alladi, Tejasvi; Chamola, Vinay
    Modern vehicular electronics is a complex system of multiple Electronic Control Units (ECUs) communicating to provide efficient vehicle functioning. These ECUs communicate using the well-known Controller Area Network (CAN) protocol. The increasing amount of research in the Intelligent Transportation System (ITS) domain has demonstrated that this protocol is vulnerable to various types of security attacks, compromising the safety of passengers and pedestrians on the roads. Hence, there is a need to develop novel anomaly detection systems to address this problem. This work presents a novel deep learning-based Intrusion Detection System incorporating thresholding and error reconstruction approaches. We train and explore multiple neural network architectures and compare their performance. The proposed anomaly detection system is tested on four kinds of attacks - Denial of Service (DoS), Fuzzy, RPM Spoofing and Gear Spoofing using evaluation metrics such as Precision, Recall and F1-Score. We also present reconstruction-error distribution plots to give a qualitative intuition about the proposed system’s ability to distinguish between genuine and anomalous sequences.