Cyber-XAI-Block:利用 xai 和区块链技术为启用了 iot 的智能组织提供端到端网络威胁检测和基于 fl 的风险评估框架

IF 3 4区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Multimedia Tools and Applications Pub Date : 2024-09-11 DOI:10.1007/s11042-024-20059-4
Omar Abboosh Hussein Gwassi, Osman Nuri Uçan, Enrique A. Navarro
{"title":"Cyber-XAI-Block:利用 xai 和区块链技术为启用了 iot 的智能组织提供端到端网络威胁检测和基于 fl 的风险评估框架","authors":"Omar Abboosh Hussein Gwassi, Osman Nuri Uçan, Enrique A. Navarro","doi":"10.1007/s11042-024-20059-4","DOIUrl":null,"url":null,"abstract":"<p>The growing integration of the Internet of Things (IoT) in smart organizations is increasing the vulnerability of cyber threats, necessitating advanced frameworks for effective threat detection and risk assessment. Existing works provide achievable results but lack effective solutions, such as detecting Social Engineering Attacks (SEA). Using Deep Learning (DL) and Machine Learning (ML) methods whereas they are limited to validating user behaviors. Like high false positive rates, attack reoccurrence, and increases in numerous attacks. To overcome this problem, we use explainable (DL) techniques to increase cyber security in an IoT-enabled smart organization environment. This paper firstly, implements Capsule Network (CapsNet) to process employee fingerprints and blink patterns. Secondly, the Quantum Key Secure Communication Protocol (QKSCP) was also used to decrease communication channel vulnerabilities like Man In The Middle (MITM) and reply attacks. After Dual Q Network-based Asynchronous Advantage Actor-Critic algorithm DQN-A3C algorithm detects and prevents attacks. Thirdly, employed the explainable DQN-A3C model and the Siamese Inter Lingual Transformer (SILT) transformer for natural language explanations to boost social engineering security by ensuring the Artificial Intelligence (AI) model and human trustworthiness. After, we built a Hopping Intrusion Detection &amp; Prevention System (IDS/IPS) using an explainable Harmonized Google Net (HGN) model with SHAP and SILT explanations to appropriately categorize dangerous external traffic flows. Finally, to improve global, cyberattack comprehension, we created a Federated Learning (FL)-based knowledge-sharing mechanism between Cyber Threat Repository (CTR) and cloud servers, known as global risk assessment. To evaluate the suggested approach, the new method is compared to the ones that already exist in terms of malicious traffic (65 bytes/sec), detection rate (97%), false positive rate (45%), prevention accuracy (98%), end-to-end response time (97 s), recall (96%), false negative rate (42%) and resource consumption (41). Our strategy's performance is examined using numerical analysis, and the results demonstrate that it outperforms other methods in all metrics.</p>","PeriodicalId":18770,"journal":{"name":"Multimedia Tools and Applications","volume":"58 1","pages":""},"PeriodicalIF":3.0000,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyber-XAI-Block: an end-to-end cyber threat detection & fl-based risk assessment framework for iot enabled smart organization using xai and blockchain technologies\",\"authors\":\"Omar Abboosh Hussein Gwassi, Osman Nuri Uçan, Enrique A. Navarro\",\"doi\":\"10.1007/s11042-024-20059-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The growing integration of the Internet of Things (IoT) in smart organizations is increasing the vulnerability of cyber threats, necessitating advanced frameworks for effective threat detection and risk assessment. Existing works provide achievable results but lack effective solutions, such as detecting Social Engineering Attacks (SEA). Using Deep Learning (DL) and Machine Learning (ML) methods whereas they are limited to validating user behaviors. Like high false positive rates, attack reoccurrence, and increases in numerous attacks. To overcome this problem, we use explainable (DL) techniques to increase cyber security in an IoT-enabled smart organization environment. This paper firstly, implements Capsule Network (CapsNet) to process employee fingerprints and blink patterns. Secondly, the Quantum Key Secure Communication Protocol (QKSCP) was also used to decrease communication channel vulnerabilities like Man In The Middle (MITM) and reply attacks. After Dual Q Network-based Asynchronous Advantage Actor-Critic algorithm DQN-A3C algorithm detects and prevents attacks. Thirdly, employed the explainable DQN-A3C model and the Siamese Inter Lingual Transformer (SILT) transformer for natural language explanations to boost social engineering security by ensuring the Artificial Intelligence (AI) model and human trustworthiness. After, we built a Hopping Intrusion Detection &amp; Prevention System (IDS/IPS) using an explainable Harmonized Google Net (HGN) model with SHAP and SILT explanations to appropriately categorize dangerous external traffic flows. Finally, to improve global, cyberattack comprehension, we created a Federated Learning (FL)-based knowledge-sharing mechanism between Cyber Threat Repository (CTR) and cloud servers, known as global risk assessment. To evaluate the suggested approach, the new method is compared to the ones that already exist in terms of malicious traffic (65 bytes/sec), detection rate (97%), false positive rate (45%), prevention accuracy (98%), end-to-end response time (97 s), recall (96%), false negative rate (42%) and resource consumption (41). Our strategy's performance is examined using numerical analysis, and the results demonstrate that it outperforms other methods in all metrics.</p>\",\"PeriodicalId\":18770,\"journal\":{\"name\":\"Multimedia Tools and Applications\",\"volume\":\"58 1\",\"pages\":\"\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2024-09-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Multimedia Tools and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s11042-024-20059-4\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Multimedia Tools and Applications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s11042-024-20059-4","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

物联网(IoT)在智能组织中的集成度越来越高,增加了网络威胁的脆弱性,因此需要先进的框架来进行有效的威胁检测和风险评估。现有作品提供了可实现的结果,但缺乏有效的解决方案,如检测社交工程攻击(SEA)。深度学习(DL)和机器学习(ML)方法仅限于验证用户行为。例如,误报率高、攻击重复发生以及攻击次数增多。为了克服这一问题,我们使用可解释(DL)技术来提高物联网智能组织环境中的网络安全性。本文首先实现了胶囊网络(CapsNet)来处理员工指纹和眨眼模式。其次,还使用了量子密钥安全通信协议(QKSCP)来减少中间人(MITM)和回复攻击等通信信道漏洞。在基于双 Q 网络的异步优势行动者批评算法 DQN-A3C 算法检测和防止攻击之后。第三,采用可解释的 DQN-A3C 模型和用于自然语言解释的 SILT 变换器(Siamese Inter Lingual Transformer),通过确保人工智能(AI)模型和人类的可信度来提高社会工程学的安全性。之后,我们利用可解释的统一谷歌网络(HGN)模型,结合 SHAP 和 SILT 解释,构建了一个跳转式入侵检测与防范系统(IDS/IPS),对危险的外部流量进行适当分类。最后,为了提高对全球网络攻击的理解能力,我们在网络威胁库(CTR)和云服务器之间创建了一种基于联合学习(FL)的知识共享机制,即全球风险评估。为了评估所建议的方法,我们将新方法与现有方法在恶意流量(65 字节/秒)、检测率(97%)、误报率(45%)、预防准确率(98%)、端到端响应时间(97 秒)、召回率(96%)、误报率(42%)和资源消耗(41)方面进行了比较。我们通过数值分析检验了该策略的性能,结果表明它在所有指标上都优于其他方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

摘要图片

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Cyber-XAI-Block: an end-to-end cyber threat detection & fl-based risk assessment framework for iot enabled smart organization using xai and blockchain technologies

The growing integration of the Internet of Things (IoT) in smart organizations is increasing the vulnerability of cyber threats, necessitating advanced frameworks for effective threat detection and risk assessment. Existing works provide achievable results but lack effective solutions, such as detecting Social Engineering Attacks (SEA). Using Deep Learning (DL) and Machine Learning (ML) methods whereas they are limited to validating user behaviors. Like high false positive rates, attack reoccurrence, and increases in numerous attacks. To overcome this problem, we use explainable (DL) techniques to increase cyber security in an IoT-enabled smart organization environment. This paper firstly, implements Capsule Network (CapsNet) to process employee fingerprints and blink patterns. Secondly, the Quantum Key Secure Communication Protocol (QKSCP) was also used to decrease communication channel vulnerabilities like Man In The Middle (MITM) and reply attacks. After Dual Q Network-based Asynchronous Advantage Actor-Critic algorithm DQN-A3C algorithm detects and prevents attacks. Thirdly, employed the explainable DQN-A3C model and the Siamese Inter Lingual Transformer (SILT) transformer for natural language explanations to boost social engineering security by ensuring the Artificial Intelligence (AI) model and human trustworthiness. After, we built a Hopping Intrusion Detection & Prevention System (IDS/IPS) using an explainable Harmonized Google Net (HGN) model with SHAP and SILT explanations to appropriately categorize dangerous external traffic flows. Finally, to improve global, cyberattack comprehension, we created a Federated Learning (FL)-based knowledge-sharing mechanism between Cyber Threat Repository (CTR) and cloud servers, known as global risk assessment. To evaluate the suggested approach, the new method is compared to the ones that already exist in terms of malicious traffic (65 bytes/sec), detection rate (97%), false positive rate (45%), prevention accuracy (98%), end-to-end response time (97 s), recall (96%), false negative rate (42%) and resource consumption (41). Our strategy's performance is examined using numerical analysis, and the results demonstrate that it outperforms other methods in all metrics.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Multimedia Tools and Applications
Multimedia Tools and Applications 工程技术-工程:电子与电气
CiteScore
7.20
自引率
16.70%
发文量
2439
审稿时长
9.2 months
期刊介绍: Multimedia Tools and Applications publishes original research articles on multimedia development and system support tools as well as case studies of multimedia applications. It also features experimental and survey articles. The journal is intended for academics, practitioners, scientists and engineers who are involved in multimedia system research, design and applications. All papers are peer reviewed. Specific areas of interest include: - Multimedia Tools: - Multimedia Applications: - Prototype multimedia systems and platforms
期刊最新文献
MeVs-deep CNN: optimized deep learning model for efficient lung cancer classification Text-driven clothed human image synthesis with 3D human model estimation for assistance in shopping Hybrid golden jackal fusion based recommendation system for spatio-temporal transportation's optimal traffic congestion and road condition classification Deep-Dixon: Deep-Learning frameworks for fusion of MR T1 images for fat and water extraction Unified pre-training with pseudo infrared images for visible-infrared person re-identification
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1