14 matches found
Botnet Detection on CTU-13 Using Lightweight Machine Learning Models
Botnets are among the most persistent cyber threats, enabling large-scale attacks such as spam, credential theft, and distributed denial-of-service DDoS. While deep learning approaches have recently been applied to botnet detection, they are computationally intensive and often lack...
A Comparative Analysis of Machine Learning Models for Intrusion Detection in Intelligent Transport Systems
AI-powered edge computing security is moving Intelligent Transportation Systems ITS from passive, rule-based protections to proactive, smart, zero-touch, self-sufficient safeguards that neutralize threats in milliseconds. As transportation becomes more connected with edge computing, massive IoT,...
Detecting Concept Drift in Evolving Malware Families Using Rule-Based Classifier Representations
This work proposes a structural approach to concept drift detection in malware classification using decision tree rulesets. Classifiers are trained across temporal windows on the EMBER2024 dataset, and drift is quantified by comparing extracted rule representations using feature importance,...
An Optimized Decision Tree-Based Framework for Explainable IoT Anomaly Detection
The increase in the number of Internet of Things IoT devices has tremendously increased the attack surface of cyber threats thus making a strong intrusion detection system IDS with a clear explanation of the process essential towards resource-constrained environments. Nevertheless, current IoT ID...
Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway
As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...
Adaptive Dual-Layer Web Application Firewall (ADL-WAF) Leveraging Machine Learning for Enhanced Anomaly and Threat Detection
Web Application Firewalls are crucial for protecting web applications against a wide range of cyber threats. Traditional Web Application Firewalls often struggle to effectively distinguish between malicious and legitimate traffic, leading to limited efficacy in threat detection. To overcome these...
Binary and Multiclass Cyberattack Classification on GeNIS Dataset
The integration of Artificial Intelligence AI in Network Intrusion Detection Systems NIDS is a promising approach to tackle the increasing sophistication of cyberattacks. However, since Machine Learning ML and Deep Learning DL models rely heavily on the quality of their training data, the lack of...
Securing IoT Communications Via Anomaly Traffic Detection: Synergy of Genetic Algorithm and Ensemble Method
The rapid growth of the Internet of Things IoT has transformed industries by enabling seamless data exchange among connected devices. However, IoT networks remain vulnerable to security threats such as denial of service DoS attacks, anomalous traffic, and data manipulation due to decentralized...
Pilot Contamination Attacks Detection with Machine Learning for Multi-User Massive MIMO
Massive multiple-input multiple-output MMIMO is essential to modern wireless communication systems, like 5G and 6G, but it is vulnerable to active eavesdropping attacks. One type of such attack is the pilot contamination attack PCA, where a malicious user copies pilot signals from an authentic us...
AI-Based Vulnerability Analysis of NFT Smart Contracts
With the rapid growth of the NFT market, the security of smart contracts has become crucial. However, existing AI-based detection models for NFT contract vulnerabilities remain limited due to their complexity, while traditional manual methods are time-consuming and costly. This study proposes an...
Scalable APT Malware Classification Via Parallel Feature Extraction and GPU-Accelerated Learning
This paper presents an underlying framework for both automating and accelerating malware classification, more specifically, mapping malicious executables to known Advanced Persistent Threat APT groups. The main feature of this analysis is the assembly-level instructions present in executables whi...
OpCode-Based Malware Classification Using Machine Learning and Deep Learning Techniques
This technical report presents a comprehensive analysis of malware classification using OpCode sequences. Two distinct approaches are evaluated: traditional machine learning using n-gram analysis with Support Vector Machine SVM, K-Nearest Neighbors KNN, and Decision Tree classifiers; and a deep...
What is Stakeholder-Specific Vulnerability Categorization?
By Waqas It’s a decision tree that’s all about you and your company. That’s a bit of an oversimplification, but… This is a post from HackRead.com Read the original post: What is Stakeholder-Specific Vulnerability Categorization?...
CISA Releases SSVC Methodology to Prioritize Vulnerabilities
Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization SSVC, a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular...