Member of Yazd Province Computer Guild System No. 35030274-Graphic Designer, Consultant in promotions, Photographer Computer Engineering Software Employee, Islamic Azad University of Yazd
Description: In DDoS attacks, a large amount of false traffic is sent by botnets against network application services. The goal off Ddos is to prevent the application service from providing services to users. One of the methods of DDoS attacks on distributed services to the network is using machine learning methods. Although machine learning methods can detect zero-day attacks, they face challenges with the large volume of IoT traffic and the imbalance in the data set. This manuscript presents a distributed intrusion detection system in the fog layer to detect network attack traffic in a decentralized manner. In the proposed method, each fog node plays the role of an intrusion detection system, and exchanges blacklists with the blockchain to increase confidentiality in detecting attacks. In the proposed method, each fog node detects the essential characteristics of the network traffic with the Coati optimization algorithm(COA) and then uses these characteristics to learn the multilayer neural network. Selecting the feature reduces traffic congestion and increases the accuracy and speed of attack detection. In the proposed method for network traffic balancing, GAN method based on game theory is used. Tests performed in the MATLAB and on the NSL-KDD show that the proposed system has accuracy, sensitivity, and precision of 98.67%, 98.52%, and 98.34%, respectively. The proposed method is more accurate in detecting network attacks than the feature selection methods such as the WOA, GWO, and HHO algorithms. The proposed method in detecting attacks is more accurate than LSTM and CNN in detecting network attacks.
Description: Internet of Things nodes infected with various types of malware and any smart device can appear as a botnet attacking node. The challenge of most intrusion detection systems in the Internet of Things is the need for intelligent feature selection and the imbalance of the training data set and centralization. In this article, an efficient intrusion detection system for the Internet of Things based on the distributed architecture of the SDN network is presented. In the proposed method, the data set is balanced using the SMOTE method in the first stage. Then in the second stage, the essential features are selected using the African vulture optimization algorithm. In the third step, the LSTM deep learning method is trained in the SDN controller so that the switches of the SDN network use this trained model to detect attacks. In the proposed method, the addresses of attacking nodes are shared between SDN switches so that the attacking node is recognized as an attacking node in all switches and DDoS attacks are stopped. Experiments running in the MATLAB environment and the NSL-KDD dataset and the results of the experiments show that the proposed method in detecting attacks has accuracy, sensitivity, and precision of 99.34%, 99.16%, and 98.93%. The proposed method is more accurate in detecting DDoS attacks than the feature selection methods based on WOA, HHO, and AO algorithms. The proposed method for detecting DDoS attacks is more accurate than deep learning methods such as LSTM, RNN, and CNN.
Description: By promoting service-oriented architecture in e-services of organizations and inter-organizational relationships, service quality is more focused. To provide high quality combined service, it is necessary to identify quality requirements of users and offer service in line with those. Service users tend to choose a combined service among the huge collection of available services based on quality of service. When in competition among rivals, service providers must customize features of service as one of the key strategies. Customization involves the combination of service features based on user requests, these strategies raise new problems on the expression and dissemination of quality information, service identification and setting qualitative offers to service users. In the previous methods, pre-processing step was not performed in the services set, and false service suggestions to the user were possible. In this study, nearest neighbor algorithm was offered to identify consumers and customize their quality of service. Also, Isodata has been used to cluster and filter the services. At the end, a case study was presented to illustrate the proposed method. The results of the evaluation show that the proposed method has tried to solve the existing shortcomings.