Ensemble sparse representation-based cyber threat hunting for security of smart cities

The ever-growing expansion of smart cities and the Internet of Things (IoT) offer a promising solution to many contemporary urban challenges. However, this digital transformation also results in cyber-security loopholes which can be exploited by malicious hackers to wreak substantial digital and phy...

Full description

Saved in:
Bibliographic Details
Published in:Computers & electrical engineering 2020-12, Vol.88, p.106825, Article 106825
Main Authors: Fard, Seyed Mehdi Hazrati, Karimipour, Hadis, Dehghantanha, Ali, Jahromi, Amir Namavar, Srivastava, Gautam
Format: Article
Language:English
Subjects:
Cyber-security
Ensemble learning
Malware hunting
Multi-view learning
Sparse representation
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The ever-growing expansion of smart cities and the Internet of Things (IoT) offer a promising solution to many contemporary urban challenges. However, this digital transformation also results in cyber-security loopholes which can be exploited by malicious hackers to wreak substantial digital and physical damage. Malware is the primary tool of cyber-criminals for attacking digital systems. In this paper, a multi-view ensemble threat hunting model based on Sparse Representation based Classifier (SRC) is proposed to use in IoT systems that are finding domain space in the advent of Smart Cities. An ensemble of SRCs is considered where every individual SRC classifies malware by Opcode, Bytecode and system call views of several standard IoT and Ransomware datasets. The final decision is made through weighted majority voting. SRC is employed to alleviate the complexity of the base classifiers. Experimental results verify the efficiency and robustness of the proposed model in different balanced and imbalanced environments. The proposed model outperforms all base classifiers and several well-known works in current literature. [Display omitted] •Proposing a multi-view ensemble model that combines the results of individual classifiers.•Modifying a low-cost lazy algorithm considering different views for threat hunting.•Proposing a robust threat hunting framework that is not sensitive to imbalanced data.
ISSN:0045-7906
1879-0755
DOI:10.1016/j.compeleceng.2020.106825