Showing 1–4 of 4 results for author: Alani, M M

Explainable AI-based Intrusion Detection System for Industry 5.0: An Overview of the Literature, associated Challenges, the existing Solutions, and Potential Research Directions

Authors: Naseem Khan, Kashif Ahmad, Aref Al Tamimi, Mohammed M. Alani, Amine Bermak, Issa Khalil

Abstract: Industry 5.0, which focuses on human and Artificial Intelligence (AI) collaboration for performing different tasks in manufacturing, involves a higher number of robots, Internet of Things (IoTs) devices and interconnections, Augmented/Virtual Reality (AR), and other smart devices. The huge involvement of these devices and interconnection in various critical areas, such as economy, health, educatio… ▽ More Industry 5.0, which focuses on human and Artificial Intelligence (AI) collaboration for performing different tasks in manufacturing, involves a higher number of robots, Internet of Things (IoTs) devices and interconnections, Augmented/Virtual Reality (AR), and other smart devices. The huge involvement of these devices and interconnection in various critical areas, such as economy, health, education and defense systems, poses several types of potential security flaws. AI itself has been proven a very effective and powerful tool in different areas of cybersecurity, such as intrusion detection, malware detection, and phishing detection, among others. Just as in many application areas, cybersecurity professionals were reluctant to accept black-box ML solutions for cybersecurity applications. This reluctance pushed forward the adoption of eXplainable Artificial Intelligence (XAI) as a tool that helps explain how decisions are made in ML-based systems. In this survey, we present a comprehensive study of different XAI-based intrusion detection systems for industry 5.0, and we also examine the impact of explainability and interpretability on Cybersecurity practices through the lens of Adversarial XIDS (Adv-XIDS) approaches. Furthermore, we analyze the possible opportunities and challenges in XAI cybersecurity systems for industry 5.0 that elicit future research toward XAI-based solutions to be adopted by high-stakes industry 5.0 applications. We believe this rigorous analysis will establish a foundational framework for subsequent research endeavors within the specified domain. △ Less

Submitted 21 July, 2024; originally announced August 2024.

Comments: 57 pages, 6 figures

Adversarial Explainability: Utilizing Explainable Machine Learning in Bypassing IoT Botnet Detection Systems

Authors: Mohammed M. Alani, Atefeh Mashatan, Ali Miri

Abstract: Botnet detection based on machine learning have witnessed significant leaps in recent years, with the availability of large and reliable datasets that are extracted from real-life scenarios. Consequently, adversarial attacks on machine learning-based cybersecurity systems are posing a significant threat to the practicality of these solutions. In this paper, we introduce a novel attack that utilize… ▽ More Botnet detection based on machine learning have witnessed significant leaps in recent years, with the availability of large and reliable datasets that are extracted from real-life scenarios. Consequently, adversarial attacks on machine learning-based cybersecurity systems are posing a significant threat to the practicality of these solutions. In this paper, we introduce a novel attack that utilizes machine learning model's explainability in evading detection by botnet detection systems. The proposed attack utilizes information obtained from model's explainability to build adversarial samples that can evade detection in a blackbox setting. The proposed attack was tested on a trained IoT botnet detection systems and was capable of bypassing the botnet detection with 0% detection by altering one feature only to generate the adversarial samples. △ Less

Submitted 29 September, 2023; originally announced October 2023.

Applications of Machine Learning in Cryptography: A Survey

Authors: Mohammed M. Alani

Abstract: Machine learning techniques have had a long list of applications in recent years. However, the use of machine learning in information and network security is not new. Machine learning and cryptography have many things in common. The most apparent is the processing of large amounts of data and large search spaces. In its varying techniques, machine learning has been an interesting field of study wi… ▽ More Machine learning techniques have had a long list of applications in recent years. However, the use of machine learning in information and network security is not new. Machine learning and cryptography have many things in common. The most apparent is the processing of large amounts of data and large search spaces. In its varying techniques, machine learning has been an interesting field of study with massive potential for application. In the past three decades, machine learning techniques, whether supervised or unsupervised, have been applied in cryptographic algorithms, cryptanalysis, steganography, among other data-security-related applications. This paper presents an updated survey of applications of machine learning techniques in cryptography and cryptanalysis. The paper summarizes the research done in these areas and provides suggestions for future directions in research. △ Less

Submitted 11 February, 2019; originally announced February 2019.

IoT Lotto: Utilizing IoT Devices in Brute-Force Attacks

Authors: Mohammed M. Alani

Abstract: The number of IoT devices in use is increasing rapidly and so is the number of IoT applications. As in any new technology, the rapid development means rapid increase in security threats and attack surfaces. IoT security has proven to be challenging throughout the past few years. However, another challenging task is to prevent IoT devices from becoming a tool used by malicious attackers to break in… ▽ More The number of IoT devices in use is increasing rapidly and so is the number of IoT applications. As in any new technology, the rapid development means rapid increase in security threats and attack surfaces. IoT security has proven to be challenging throughout the past few years. However, another challenging task is to prevent IoT devices from becoming a tool used by malicious attackers to break into other systems. In this paper, we present a conceptual design in which IoT devices are used as tools in brute-force attacks to break encryption keys of block ciphers. The proposed design shows that with adequate number of IoT devices employed in the attack, the attack can succeed in breaking large-key block ciphers. △ Less

Submitted 8 December, 2018; originally announced December 2018.

Comments: This is a pre-print version of the paper. The original paper is published by the ACM as part of the proceedings of the 2018 The 6th International Conference on Information Technology: IoT and Smart City (ICIT 2018)