利用机器学习对用户和设备进行情境认证

IF 3.3 3区 计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS Computing Pub Date : 2024-09-13 DOI:10.1007/s00607-024-01333-7
Divyans Mahansaria, Uttam Kumar Roy
{"title":"利用机器学习对用户和设备进行情境认证","authors":"Divyans Mahansaria, Uttam Kumar Roy","doi":"10.1007/s00607-024-01333-7","DOIUrl":null,"url":null,"abstract":"<p>At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.</p>","PeriodicalId":10718,"journal":{"name":"Computing","volume":"183 1","pages":""},"PeriodicalIF":3.3000,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Contextual authentication of users and devices using machine learning\",\"authors\":\"Divyans Mahansaria, Uttam Kumar Roy\",\"doi\":\"10.1007/s00607-024-01333-7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.</p>\",\"PeriodicalId\":10718,\"journal\":{\"name\":\"Computing\",\"volume\":\"183 1\",\"pages\":\"\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-09-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s00607-024-01333-7\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00607-024-01333-7","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

摘要

在进行身份验证时,用户/设备与身份验证服务器之间会交换机密数据,以确定请求身份验证来源的合法性。防止身份验证过程受到安全攻击是最重要的,根据系统的要求有各种身份验证方法。然而,没有任何一种身份验证过程能保证完全安全。这项研究旨在利用用户和设备在身份验证过程中的上下文来检测异常情况和与安全相关的攻击。特别是,利用上下文信息详细分析了拒绝服务(DoS)/分布式拒绝服务(DDoS)攻击和暴力破解攻击。使用 Weka 工具在基准 CIC-IDS2017 数据集上进行了大量模拟。针对不同的数据拆分组合和数据特征组,计算了四种机器学习分类器--J48、随机森林、多层感知器和贝叶斯网的召回率、精确度、准确率、f-分数和建模时间等性能指标。对于 DoS/DDoS 和暴力破解攻击,部分实验结果显示召回率、精确率、准确率和 f 分数均超过 99%。实验、安全分析和威胁建模的结果表明,所提出的认证方案能有效提高安全系统的安全级别。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

摘要图片

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Contextual authentication of users and devices using machine learning

At the time of authentication, confidential data are exchanged between the user/device and the authentication server to determine the legitimacy of the source requesting authentication. Safeguarding the authentication process from security attacks is of utmost importance, and various authentication methods exist depending on the system’s requirements. However, no authentication process can guarantee full-proof security. This research aimed to use the context of users and devices during authentication to detect anomalies and security-related attacks. In particular, denial-of-service (DoS)/distributed denial-of-service (DDoS) attacks and brute-force attacks have been analyzed in detail using contextual information. Extensive simulations were conducted on the benchmark CIC-IDS2017 dataset using the Weka tool. The performance metrics of recall, precision, accuracy, f-score, and model-built time were computed for the four machine-learning classifiers—J48, Random Forest, Multi-Layer Perceptron, and Bayes Net—for different combinations of data splits and groups of data features. For both DoS/DDoS and brute-force attacks, some of the experimental results show a more than 99% value for recall, precision, accuracy, and f-score. The results of the experiments, security analysis, and threat modeling show that the proposed authentication scheme effectively enhances a secure system’s security level.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computing
Computing 工程技术-计算机:理论方法
CiteScore
8.20
自引率
2.70%
发文量
107
审稿时长
3 months
期刊介绍: Computing publishes original papers, short communications and surveys on all fields of computing. The contributions should be written in English and may be of theoretical or applied nature, the essential criteria are computational relevance and systematic foundation of results.
期刊最新文献
Mapping and just-in-time traffic congestion mitigation for emergency vehicles in smart cities Fog intelligence for energy efficient management in smart street lamps Contextual authentication of users and devices using machine learning Multi-objective service composition optimization problem in IoT for agriculture 4.0 Robust evaluation of GPU compute instances for HPC and AI in the cloud: a TOPSIS approach with sensitivity, bootstrapping, and non-parametric analysis
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1