FINAL PROJECTS:
Machine Learning-Based Attack Detection for Electric Vehicle Charging Infrastructure Security
Abstract:
The increasing reliance on Electric Vehicle Supply Equipment (EVSE) for electric vehicle charging has made these systems a critical infrastructure component, yet vulnerable to a variety of cyberattacks. This project aims to identify network and host-based attack scenarios on EV chargers from three distinct perspectives: network traffic, host events, and power consumption.
The EV charging systems are susceptible to threats like Reconnaissance and Denial-of-Service attacks from the network side, as well as host-based threats, including backdoor vulnerabilities and cryptojacking. As the adoption of electric vehicles grows, securing EVSE from these attacks is imperative to ensure both the stability of the charging infrastructure and the broader network. This proposal briefly outlines the experiments, methods, and datasets to evaluate the effectiveness of machine learning for the security of EV charging stations.
References:
[1] Buedi, Emmanuel Dana, et al., "Enhancing EV Charging Station Security Using a Multi-Dimensional Dataset: CICEVSE2024." IFIP Annual Conference on Data and Applications Security and Privacy. Cham: Springer Nature Switzerland, 2024.
[2] "EVSE Dataset 2024 | Datasets | Research | Canadian Institute for Cybersecurity." University of New Brunswick, https://www.unb.ca/cic/datasets/evse-dataset-2024.html. Accessed 5 October 2024.
[3] Vaswani, A. "Attention is All You Need." Advances in Neural Information Processing Systems (2017).
[4] Hochreiter, S., & Schmidhuber, J. "Long Short-Term Memory." Neural Computation, 9(8), 1735-1780. https://doi.org/10.1162/neco.1997.9.8.1735.
[5] Wang, Haomin, and Wei Li. "DDosTC: A transformer-based network attack detection hybrid mechanism in SDN." Sensors 21.15 (2021): 5047.
[6] Long, Zhenyue, et al. "A Transformer-based network intrusion detection approach for cloud security." Journal of Cloud Computing 13.1 (2024): 5.
Enhanced Detection of DDOS Attacks in IoT Networks Using Hybrid Machine Learning Models
Abstract:
The exponential growth of Internet of Things (IoT) networks has intensified the vulnerability of these systems to Distributed Denial-of-Service (DDoS) attacks, posing critical security threats to both individual devices and the larger network infrastructure. This project proposes an advanced detection framework leveraging hybrid machine learning models to address the unique challenges of DDoS detection in resource-constrained IoT environments. By integrating traditional machine learning algorithms with deep learning techniques, this hybrid approach capitalizes on the strengths of both methods-enhancing detection accuracy while maintaining computational efficiency. The model combines anomaly detection and signature-based techniques to effectively identify both known and emerging DDoS attack patterns, ensuring adaptability to evolving threats. The framework is trained and validated using large-scale IoT-specific datasets that simulate real-world attack scenarios, ensuring robustness and scalability. Performance evaluation focuses on key metrics such as detection accuracy, false positive rate, precision, recall, and system overhead, demonstrating significant improvements over conventional detection methods. This project highlights the potential of hybrid machine learning models to offer a more resilient and scalable defense mechanism for securing IoT networks against sophisticated DDoS attacks.
References:
[1] M. Roopak, G. Y. Tian and J. Chambers, "An Intrusion Detection System Against DDoS Attacks in IoT Networks," 2020 10th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA, 2020, pp. 0562-0567, doi: 10.1109/CCWC47524.2020.9031206.
[2] A. S. B. Sa'Idi and A. M. B. Jamil, "IoT DDoS Attack Detection System Using Machine Learning Classification Techniques," 2023 IEEE 21st Student Conference on Research and Development (SCOReD), Kuala Lumpur, Malaysia, 2023, pp. 234-239, doi: 10.1109/SCOReD60679.2023.10563925
[3] M. Al-Khafajiy, G. Al-Tameemi and T. Baker, "DDoS-FOCUS: A Distributed DoS Attacks Mitigation using Deep Learning Approach for a Secure IoT Network," 2023 IEEE International Conference on Edge Computing and Communications (EDGE), Chicago, IL, USA, 2023, pp. 393-399, doi: 10.1109/EDGE60047.2023.00062.
[4] J. Mwaura, S. Araki and K. Kakizaki, "A Study on DDoS Attacks Detection on IoT Devices Using Machine Learning for Microcontrollers," 2024 IEEE International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA, 2024, pp. 1-4, doi: 10.1109/ICCE59016.2024.10444344.
[5] A. Gaurav, B. B. Gupta, C. -H. Hsu, D. Perakovic and F. J. Garcia Penalvo, "Deep Learning Based Approach for Secure Web of Things (WoT)," 2021 IEEE International Conference on Communications Workshops (ICC Workshops), Montreal, QC, Canada, 2021, pp. 1-6, doi: 10.1109/ICCWorkshops50388.2021.9473677.
Abstract:
The rise of sophisticated cyber threats, particularly Denial of Service (DoS) and User to Root (U2R) attacks, underscores the need for advanced intrusion detection systems (IDS) capable of real-time threat detection and mitigation. Traditional IDS methods often struggle to recognize complex, temporal patterns in network traffic, presenting an opportunity for deep learning models to improve accuracy and adaptability. This study investigates the performance of various recurrent neural network (RNN) architectures-namely Long Short-Term Memory (LSTM), Gated Recurrent Units (GRU), and Bidirectional LSTMs-for the detection of DoS and U2R attacks. By evaluating these architectures across key metrics such as accuracy, precision, recall, and computational efficiency, we aim to identify the most effective model for real-time deployment in network security systems. Using the NSL-KDD dataset, we conduct experiments to compare model performance, fine-tune hyperparameters, and assess each architecture's suitability for real-time application.
References:
[1] Salmi, S., Oughdir, L. Performance evaluation of deep learning techniques for DoS attacks detection in wireless sensor network. J Big Data 10, 17 (2023). https://doi.org/10.1186/s40537-023-00692-w.
[2]. Mariam Ibrahim, Ruba Elhafiz, Modeling an intrusion detection using recurrent neural networks, Journal of Engineering Research,Volume 11, Issue 1,2023,100013,ISSN 2307-1877, https://doi.org/10.1016/j.jer.2023.100013.
[3] Jullian, O., Otero, B., Rodriguez, E. et al. Deep-Learning Based Detection for Cyber-Attacks in IoT Networks: A Distributed Attack Detection Framework. J Netw Syst Manage 31, 33 (2023). https://doi.org/10.1007/s10922-023-09722-7.
[4] R. Doshi, N. Apthorpe and N. Feamster, "Machine Learning DDoS Detection for Consumer Internet of Things Devices," 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 2018, pp. 29-35, doi: 10.1109/SPW.2018.00013.
[5] C. Yin, Y. Zhu, J. Fei and X. He, "A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks," in IEEE Access, vol. 5, pp. 21954-21961, 2017, doi: 10.1109/ACCESS.2017.2762418.
[6] Data Set: NSL-KDD Data Set [Online]. Available: https://web.archive.org/web/ 20150205070216/http://nsl.cs.unb.ca/NSL-KDD/.
Abstract:
The project implement the distributed denial of service attack and simulate how queuing algorithm fairs in system under attack.An attacker may initiate a "flood" to diminish legitimate user bandwidth, obstruct service access, or disrupt specific systems. This study investigates denial of service attack methods and potential defenses. Utilizing the ns-3 network simulator, we analyze the performance of various queuing algorithms during an attack.
References:
[1] F. Lau, S. H. Rubin, M. H. Smith, and Lj. Trajkovic, "Distributed denial of service attacks," (invited paper) in Proc. IEEE Int. Conf. on Systems, Man, and Cybernetics, Nashville, TN, Oct. 2000, pp. 2275-2280.
[2] CERT® Coordination Center, "Results of the distributed systems intruder tools workshop," Nov. 1999, http://www.cert.org/reports/dsit_workshop.pdfLinks to an external site..
[3] D. Dittrich, "The DoS project's 'Trinoo' distributed denial of service attack tool," Oct. 1999; "The 'Stacheldraht' distributed denial of service attack tool," Dec. 1999; "The 'Tribe Flood Network’ distributed denial of service attack tool," Oct. 1999, http://www.washington.edu/People/dadLinks to an external site..
[4] J. Barlow and W. Thrower, "TFN2K - an analysis," Feb. 2000, http://packetstorm.securify.com/distributed/TFN2k_ Analysis.htm.
[5] Cisco Systems, Inc., "Defining strategies to protect against TCP SYN denial of service attacks," July 1999, http://www.cisco.com/warp/public/707/4.html.