{"title":"针对软件定义物联网的增强型深度学习威胁猎捕框架","authors":"","doi":"10.1016/j.cose.2024.104109","DOIUrl":null,"url":null,"abstract":"<div><p>The Software-Defined Networking (SDN) powered Internet of Things (IoT) offers a global perspective of the network and facilitates control and access of IoT devices using a centralized high-level network approach called Software Defined-IoT (SD-IoT). However, this integration and high flow of data generated by IoT devices raises serious security issues in the centralized control intelligence of SD-IoT. Motivated by the aforementioned challenges, we present a new Deep-Learning empowered Threat Hunting Framework named DLTHF to protect SD-IoT data and detect (binary and multi-vector) attack vectors. First, an automated unsupervised feature extraction module is designed that combines data perturbation-driven encoding and normalization-driven scaling with the proposed Long Short-Term Memory Contractive Sparse AutoEncoder (LSTMCSAE) method to filter and transform dataset values into the protected format. Second, using the encoded data, a novel Threat Detection System (TDS) using Multi-head Self-attention-based Bidirectional Recurrent Neural Networks (MhSaBiGRNN) is designed to detect cyber threats and their types. In particular, a unique TDS strategy is developed in which each time instances is analyzed and allocated a self-learned weight based on the degree of relevance. Further, we also design a deployment architecture for DLTHF in the SD-IoT network. The framework is rigorously evaluated on two new SD-IoT data sources to show its effectiveness.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167404824004140/pdfft?md5=de59ccc5221434c221b31d43e2a10a0f&pid=1-s2.0-S0167404824004140-main.pdf","citationCount":"0","resultStr":"{\"title\":\"An enhanced Deep-Learning empowered Threat-Hunting Framework for software-defined Internet of Things\",\"authors\":\"\",\"doi\":\"10.1016/j.cose.2024.104109\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The Software-Defined Networking (SDN) powered Internet of Things (IoT) offers a global perspective of the network and facilitates control and access of IoT devices using a centralized high-level network approach called Software Defined-IoT (SD-IoT). However, this integration and high flow of data generated by IoT devices raises serious security issues in the centralized control intelligence of SD-IoT. Motivated by the aforementioned challenges, we present a new Deep-Learning empowered Threat Hunting Framework named DLTHF to protect SD-IoT data and detect (binary and multi-vector) attack vectors. First, an automated unsupervised feature extraction module is designed that combines data perturbation-driven encoding and normalization-driven scaling with the proposed Long Short-Term Memory Contractive Sparse AutoEncoder (LSTMCSAE) method to filter and transform dataset values into the protected format. Second, using the encoded data, a novel Threat Detection System (TDS) using Multi-head Self-attention-based Bidirectional Recurrent Neural Networks (MhSaBiGRNN) is designed to detect cyber threats and their types. In particular, a unique TDS strategy is developed in which each time instances is analyzed and allocated a self-learned weight based on the degree of relevance. Further, we also design a deployment architecture for DLTHF in the SD-IoT network. The framework is rigorously evaluated on two new SD-IoT data sources to show its effectiveness.</p></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-09-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S0167404824004140/pdfft?md5=de59ccc5221434c221b31d43e2a10a0f&pid=1-s2.0-S0167404824004140-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824004140\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004140","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
An enhanced Deep-Learning empowered Threat-Hunting Framework for software-defined Internet of Things
The Software-Defined Networking (SDN) powered Internet of Things (IoT) offers a global perspective of the network and facilitates control and access of IoT devices using a centralized high-level network approach called Software Defined-IoT (SD-IoT). However, this integration and high flow of data generated by IoT devices raises serious security issues in the centralized control intelligence of SD-IoT. Motivated by the aforementioned challenges, we present a new Deep-Learning empowered Threat Hunting Framework named DLTHF to protect SD-IoT data and detect (binary and multi-vector) attack vectors. First, an automated unsupervised feature extraction module is designed that combines data perturbation-driven encoding and normalization-driven scaling with the proposed Long Short-Term Memory Contractive Sparse AutoEncoder (LSTMCSAE) method to filter and transform dataset values into the protected format. Second, using the encoded data, a novel Threat Detection System (TDS) using Multi-head Self-attention-based Bidirectional Recurrent Neural Networks (MhSaBiGRNN) is designed to detect cyber threats and their types. In particular, a unique TDS strategy is developed in which each time instances is analyzed and allocated a self-learned weight based on the degree of relevance. Further, we also design a deployment architecture for DLTHF in the SD-IoT network. The framework is rigorously evaluated on two new SD-IoT data sources to show its effectiveness.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
