Tag Archive for: network

Ensemble averaging deep neural network for botnet detection in heterogeneous Internet of Things devices

/in


In this section, the results of the simulation modeling and benchmarking study are presented and discussed. The findings of this research are discussed in the context of their impact on ensemble averaging for NIDS in heterogeneous IoT devices. Additionally, potential areas for future research in this field are highlighted.

Experiment environment

This research used a server with the following specifications: Processor 2.3 GHz 16-Core Intel(R) Xeon(R) CPU E5-2650 v3 and 128 GB memory. The operating system used was Ubuntu 22.04.2 LTS. Python version 3.10.6 and Keras version 2.12 were employed as the machine learning library for conducting the DNN experiments. Jupyter notebook version 6.5.3 was used for presenting the experiment and simulation results.

Preliminaries analysis

In this section, the explanation of results from both Scenario 1 and Scenario 2 is provided. The main objective of Scenario 1 was to assess the performance of individual DNN models constructed using device-specific traffic for the purpose of detecting botnet attacks occurring within the traffic of each respective device.

Table 7 Scenario 1 result.

The results of Scenario 1 are presented in Table 7. The findings indicate that the DNN models within each device exhibited robust performance when analyzing the traffic generated by that specific device. Notably, accuracy for each device reached 100%, signifying accurate identification of both true positive and true negative instances of botnet attacks within the corresponding device’s traffic. Precision and recall metrics also demonstrated performance exceeding 99%, implying the models’ ability to minimize misclassifications of normal traffic while accurately recognizing positive instances. Moreover, the DNN models achieved a high F1-score in detecting botnet attacks, highlighting their proficiency in both precision and recall aspects. Both training and prediction times for each model were influenced by dataset volume, with larger datasets leading to longer training and prediction durations. Remarkably, the model size remained consistent at around 70 Kb for each DNN model, indicating a stable size unaffected by variations in training data volume.

Figure 6
figure 6

Average accuracy,…

Source…

We’re Slowly Learning About China’s Extensive Hacking Network

/in


The first two months of 2024 featured several revelations on the extent of China’s extensive hacking network. A joint cybersecurity advisory alert was recently posted from the CISA (Cybersecurity and Infrastructure Security Agency), the NSA, and the FBI on the extent to which Chinese state-backed hackers have had access to key U.S. infrastructures over the past five years, and planted malware that could trigger widespread disruptions to society. It was co-authored by the U.S. Department of Energy, the EPA, and the Transportation Security Administration, as well as by Canada’s, Australia’s, New Zealand’s and the United Kingdom’s cybersecurity centers.

Computer code on a screen with a skull representing a computer virus / malware attack.

I’ve reported in the past on China’s massive intellectual property theft and cyberespionage here and here. These activities included obtaining emails and communications from government officials.

The recent high-level alert escalates tensions

China’s state-backed hackers have embedded malware within critical U.S. infrastructure, such as programs used to manage clean drinking water, the power grid, and air traffic, among others. According to CISA director Jen Easterly at a hearing on the House Select Committee on the Chinese Communist Party,

This is truly an Everything Everywhere, All at Once scenario. And it’s one where the Chinese government believes that it will likely crush American will for the U.S. to defend Taiwan in the event of a major conflict there.

FBI Director Christopher Wray said that Chinese state-backed hackers have been lying dormant in critical U.S. infrastructure for five years, pre-positioning malware. In the event that there is a U.S.–China conflict, China can enact a cyberattack that will weaken U.S. operations. Intelligence analysts link this threat to a potential conflict over Taiwan, which the U.S. has promised to defend in the event China attacks the island. Taiwan operates as a de facto nation but is claimed by Beijing as part of the People’s Republic of China.

Wray has described China’s hacking program as larger than that of every nation combined:

In fact, if you took every single one of the F.B.I.’s cyberagents and intelligence analysts and focused…

Source…

AT&T says outage triggered by company work on network, not hack – Orange County Register

/in


By Jillian Deutsch, Todd Shields, Jake Bleiberg and Jennifer Jacobs | Bloomberg

AT&T Inc. said a widespread outage that took hours to resolve Thursday was caused by “an incorrect process” while expanding the wireless network.

The software issue interrupted wireless service for hundreds of thousands of subscribers and prompted the FBI and US Department of Homeland Security to investigate the outage.

“Based on our initial review, we believe that today’s outage was caused by the application and execution of an incorrect process used as we were expanding our network, not a cyber attack,” an AT&T spokesman said in a statement. “We are continuing our assessment of today’s outage to ensure we keep delivering the service that our customers deserve.”

AT&T said all wireless service was restored Thursday afternoon, capping a day of frustration that began in the early hours of the morning New York time. AT&T customers filed more than 1.5 million outage reports on service-tracking website Downdetector.

The federal government began investigating whether the network failure was caused by a cyberattack, according to two US officials familiar with the situation, who requested anonymity to discuss sensitive information.

The Federal Communications Commission also has been in touch with AT&T to try and ascertain the cause, White House spokesman John Kirby told reporters earlier. “DHS and the FBI are looking into this as well, working with the tech industry, these network providers, to see what we can do from a federal perspective to enhance their investigative efforts to figure out what happened here,” Kirby said.

Early Thursday, mobile-phone customers from multiple carriers started reporting problems, but it soon became clear that AT&T’s network was the culprit. Outages were reported from cities including New York, Houston, Atlanta, Miami, Chicago and Dallas. The service disruption upended communications with emergency responders, and officials took to social media urging AT&T customers to use landlines to call 911 for emergencies.

With about 87 million subscribers, AT&T is the third-largest US retail wireless carrier, behind Verizon Communications Inc. and T-Mobile US…

Source…

How Google Chrome Plans to Block Hacking Attempts on Users’ Network |

/in


Google has been adding features to Chrome to keep users safe. In a bid to strengthen the security of the web browser, the company is working on a feature that will detect and block hacking attempts to gain control of the target’s network.
How Google Chrome will block hacking attempts
Web browsers act as the medium between a user and the internet, hence, it becomes important for it to have safety features to protect users from hackers and take control of your network. By gaining the control of the network, hackers can monitor all the unencrypted traffic to and fro from all the devices that are connected to that particular internet connection.
For example, if your Wi-Fi is hacked, cybercriminals can spy on all the computers, laptops and mobile phones connected to the Wi-Fi. This can also provide access to personal information like name, address, and even financial information.
The upcoming feature will scan connection attempts to user network devices and stop any suspicious activity. Before a website A navigates to another site B in the user’s private network, the feature will “check whether the request has been initiated from a secure context” and “whether B responds with a header that allows private network access.”
“The above checks are made to protect the user’s private network. Since this feature is the ‘warning-only’ mode, we do not fail the requests if any of the checks fails. Instead, a warning will be shown in the DevTools, to help developers prepare for the coming enforcement,” Google said on the Chrome Platform Status website.
Google Chrome Tracking Protection
Earlier this year, Google started to roll out the Tracking Protection feature that will limit cross-site tracking by restricting website access to third-party cookies by default. The move is aimed at making browsing on Chrome more safe and secure. Google plans to phase out third-party cookies for everyone in the second half of 2024.

Source…