ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة
REFEREED SCIENTIFIC AND ACADEMIC JOURNAL PUBLISHED BY CENTER OF RESEARCH, STUDIES AND PUBLICATIONS AL-KUT UNIVERSITY COLLEGE FOR SCIENTIFIC AND APPLIED SPECIALIZATIONS Chairman of Board-President of the Foundation Commission Dr. Talib Zedan Al Musawi Address: Iraq Wasit Province P.O. Box: 46137, Iraq
e – mail alkutcollege@gmail.com alkutjournal@gmail.com Website: www.kutcollegejournal.com Phone No:
00964 7712346303 00964 7711772288 I
ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة 00964 7812322300
Chief in Editor
Managing Editor
Assist. Prof. Dr. Ahlam Hussien Al Musawi
Assist. Prof. Dr. Natiq Abdullah Ali
Editorial Board Prof. Dr. Sharov Vadim Ivanovich
Russia - Biology
Prof. Dr. Marie M. El-Ajaily
Libya - Banghazi Uni. - Chemists
Prof. Dr. Omar Shhab Hamad Al-Obaidi
Iraq - Chemists
Prof. Dr. Nabil Mohie El-Deen Abdel-Hamid
Egypt - Kafr Al-Sheikh Uni. - Pharmacy
Prof. Dr. Mahmoud Ahmed Souror
Lebanon - Lebanon Uni.
Iraq - President of the A. Ch.S. Chapter of Iraq - Chemists
Prof. Dr. Taghreed Hashim Al-Noor Prof. Dr. Mohammed Saleh Mahdi
Iraq - Laser Eng.
Prof. Dr. Mohammed Abdulwahhab Munshid
Iraq - Laser Eng.
Prof. Dr. Ahab mohammed hussain
Iraq - Al-Kut Univ. College - Pharmacy
Prof. Dr. Adawih Jemaah Hiader
Iraq - Laser Phys.
Prof. Dr. Nassir Mohammed Fahad
Iraq - Al-Kut Univ. College
Prof. Dr. Hafid mohammed dhuyab
Iraq - Al-Kut Univ. College - Dentistry
Prof. Dr. Ali hussain rishak
U.K. - Derm Uni. - Physics
Assist. Prof. Dr. Nadiah Hashim Al-Noor Dr. Talib Zedan Al-Musawi
Iraq- Al-Mustansiriya Uni. – Mathematical Statistics Iraq - Al-Kut Univ. College - Laser Phys
Dr. Rabi Nori
Iraq - Al-Kut Univ. College - Laser Phys
Dr. Zaid Muslim
Iraq - Al-Kut Univ. College
Dr. Nagham Thamir Ali
Iraq - Ministry of Science & Technology - Laser Phys
Linguistic Evaluation
Prof. Dr. Fakher Jaber Mater – Arabic Language
Assist. Prof. Dr. Hasson Hashim Abbass – English Language
II
ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة
Instructions for Issuing Actually, AL-Kut University College is ambitious to be an independent college for the specialists and teaching committees in universities, institutions and other constitutions in sciences, modern know ledges and the scientific achievements in the specializations of the Journal. Meanwhile, the researches which are being accepted for the issuing will be taken for the scientific promotion. AL-Kut University College Journal welcomes and accepts the valuable and crucial and original researches according to the following principles and conditions. 1. 2. 3.
4. 5. 6.
7.
8.
The researches should be new ones and not being accepted for issuing in any other Journal and conference and being specialized within the specializations of the college. All the researches being presented for issuing should be submitted for the scientific evaluation and Turnitin program. The original research should be presented in three copies with a space (1.5) Between the lines on one face of the sheets with the measure (A4) in every line of 12-10 words and (24) lines for a single page and being printed by word program and the type of writing for the (simplified Arabic Language) and the (Times New Roman) for the English Language. The size of the line for the basic titles or to pics and the others is (16) on the one hand and the size of the line for the body of the research is (14) on the other hand and (12) for the margins. The references should be written according to the clock system. The number of the pages should not be more then (15) pages for the presented research for the evaluation including the tables and the illustrative materials with discounted amount of money Estimated (5000) Five thousand Iraqi Dinar for every Exceeding page from the limited number of the page of the research. Meanwhile, the page should include what follows: The title of the research, the email and the name (s) of the researches should be mentioned below. The abstract of the research should be written in the two standard languages namely Arabic Language and English Language respectively and the number of the words of the research abstract which should not be more that (250) words for the bode and the title of the research in both Languages namely Arabic and English which should be written in the middle of the meant. Abstract accompanied by the name of the author (s) and his/her addresses. lt can also be added that the problem of the research should be written with the introduction and the significance of the research. The aims of the research and the predicated presuppositions should be written together. The program of the research, i.e. the school being adopted within the body of the meant research. The findings of the research should be mentioned within the fourth part of the research through the tables only (without the analysis) The results The list of the references. The appendices (if they are available). All the figures and tables within the research should be numbered respectively and accompanied by illustrative titles. The researcher should be informed about the result of the required evaluation to be readjusted which has been mentioned or stated by the evaluator and ,in turn ,the researcher should take all the adjustments or the necessary changes into consideration and being delivered once more rapidly after the process of adjustment through a copy on CD containing the final adjusted copy for the purpose of issuing . All the researches should be neglected if and only if such researches do not take the above-mentioned instructions and rules should be taken into consideration in writing scientific and academic research (s). All the researches should not be given back to their authors whether they are accepted or being rejected. The costs of issuing should be discounted due to the rules and principles being adopted by the authorized and specialized authority.
III
ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة
The Guide of Authors 1. The Journal receives and accepts only the researches and studies which are in an agreement with the fields and trends of the Journal and its specialization restrictively 2. The research being presented to the Journal should not be issued or registered in any other previous Journals, but it should be issued for the first time. 3. The researcher should adopt the required Instructions of the Journal including and covering the process of paying the demanded money for the requirements of issuing such as, the electronic and paper distribution and for the use of the research by the Journal. 4. The number of the pages of the research should not be more than fifteen pages. 5. All the researches should be sent through the electronic mail of the Journal. 6. The research should be written by the word program or by the latex and (A4) size at two separate poles leaving a distance at 2cm for the four sides of paper and research should be written in the form "Times New Roman of (14) in size. 7. The researcher should preset an abstract in English language on an ordinary sheet of papers and it should not be more than (250) words. 8. The first page of the research should contain the following points or items: The title of the research. The authors name or the authors names and their official directorates and addresses. The electronic mail for the author or the authors respectively. The abstract. The symbolic and semantic words or abbreviations. 9. The title of the research should be written in the middle of the sheet with (Time New Roman) with a size of 16 Bold type. 10. The name(s) of the author or authors should be written in the middle of the sheet (paper) (Times New Roman) with a size of 12 bold. 11. The names and titles of the author(s) specifically their official directorates in (Times New Roman) type with 12 bold type of writing. 12. The electronic mails of the author(s) should be written with a bold type of writing which is (Times New Roman) with 12 bold type. 13. The abstract of the research should be written with (Times New Roman) with 12 bold type size, Italic. 14. The abbreviations should be written with (Times New Roman) of 11 bold size Italic, Justify. 15. The addresses of the author (s) should be as follows: (the Department, the college, the university, the city, the country, without any kind of abbreviations. 16. Actually, to be so far away from the abbreviations, and recitations in the process of writing of any academic humanitarian and scientific researches. 17. The names of the author (s) should never be written or referred to within the body of the research. 18. The name and the title of any shape or figure must be written below whereas the title and the name of the table should be written above the table. 19. The pictures, sketches, and drawings should be colorful, and clear being associated with a high level of accuracy and being placed within a square without using any stands. 20. The names of the references or sources should be written at the end of the meant research or what is called (the bibliography) with a full and complete form of the reference used within the body of the research .Methodologically speaking , the references should be arranged alphabetically, numerically or internationally according to Vancouver. 21. All the studies which are used in the citation process within the body of the research, i.e. the tables, pictures … etc., should be mentioned within the list of references or sources of the bibliography. 22. The author(s) should be consistent and fixed and they should keep the rules and principles of writing any academic research and not to private to ward both personal and financial relations which can be interpreted on the negative side of the adopted restrictions.
IV
ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة
Instructions for the Evaluators Before the process of evaluation, it is kindly requested from the evaluator to state basically whether the meant Research for the evaluation has a cohesive relationship with the accurate scientific specialization of the researcher or not. Then, if and only if the researcher has a Kind of relation with the research ’s scientific specialization then, does the evaluator have enough time for the competition of the evaluation process? meanwhile, the evaluation process should not be more then days. After the agreement of the evaluator for the Performance or the achievement of the evaluation process and its completition within the limited period of the evaluation, then the evaluator is being kindly requested to take the following instructions into consideration. 1. Is the research original and valuable to a certain degree for issuing in the Journal? 2. The research should be appropriate and in agreement with the general policy of the Journal, on the one hand, and the performative rules and principles of issuing in the meant Journal on the other. 3. Is the idea of the research has been tackled or presented in previous studies? Then if and only if the responsory the answer is being positive, i.e. by saying " yes ", then it is quite necessary to refer to such meant studies. 4. The scope of the association between the topic of research and its content should be taken into consideration. 5. It should be previously known or stated that the abstract of the research has thoroughly and clearly described the content and the basic objectives or aims of the research under the consideration. 6. Does the introduction of the research entirely and completely describe the intentions of the author and what he/she aims at arriving at and how it is clearly clarified accurately and precisely. Furthermore, the researcher clarified the problem of the research under consideration and how it is checked and studied respectively. 7. The author must fundamently discuss the main and basic results or findings that he/she had arrived at scientifically and accurately. 8. The process of evaluation should be done and performed secretly and the author or the researcher has no right to be acquainted and familiarized with any aspect or side of the process of the evaluation. 9. If and only if, the evaluator wishes or intends that the discussion of the research will be held with another evaluator, then the former should inform the chairman of the issuing as far as this subject is concerned. 10. There should be no addressing and discussions between the scientific evaluator and the author as far as the research of the latter is concerned to be issued. and the notes of the evaluator should be sent directly to the author through the chairman of issuing in the Journal. 11. If the evaluator finds out (discovers) that the actual and present research has been cited and quoted from other researches, then the evaluator should inform the chairman of the issuing in the Journal. 12. the scientific notes and observations and recommendation as well of the evaluator should be basically taken into consideration as far as the decision of the acceptance of the research is concerned. Meanwhile, the evaluator has to refer to and emphasize the points that demand and require accurate and simple adjustments or changes that can be achieved by the issuing committee on the one hand , and only if there are some crucial and very important changes or alternations , then they should be achieved or done by the author himself .
V
ISSN (E) : 2616 – 7808
I
ISSN (P) : 2414 - 7419
مجلة كلية الكوت الجامعة
Vol. 5
Issue 1
2020
5th Year
Papers in English
No: Title and the Name of Researchers
Pages
1
Determining of Robust Factors for Detecting IoT Attacks
2
Measuring and Analyzing the Impact of Net Exports on Economic Growth in Iraq:
Rawaa Ismael Farhan, Dr.Nidaa Flaih Hassan and Dr. Abeer Tariq Maolood
A study for the Period of 2000-2018
Dr.Sami Awad, Dr.Ahmed Abdulrazaq Abdulrudha and Dr.Rasha Kahled
VI
1-19
20-28
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
ISSN (E) : 2616 Construction …… – 7808
I
ISSN (P) : 2414 - 7419
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
مجلة كلية الكوت الجامعة
Vol. 5
Issue 1
2020
5th Year
Determining of Robust Factors for Detecting IoT Attacks
Rawaa Ismael Farhan
Dr. Nidaa Flaih Hassan
Dr. Abeer Tariq Maolood
Computer Science Collage
Computer Science Collage
Computer Science Collage
University of Technology
University of Technology
University of Technology
ralrikabi@uowasit.edu.iq
nidaaalalousi5@yahoo.com
110032@uotechnology.edu.iq
Abstract The detection of novel intrusion types is the target of cyber security, therefore best secured network is become very necessary. The Network Intrusion Detection Systems (NIDS) must address the real-time data, since security attacks are expected to be increased substantially in the future with the Internet of Things (IoT). Intrusion detection approaches in this time, which depends on matching patterns of packet header information have decreased their effectiveness. This paper is focused on anomaly-based intrusion detection system, where NIDS detects normal and malicious behavior by analyzing network traffic, this analysis has the potential to detect novel attacks. Robust factors are used for evaluating these attacks by covering previous researches, these factors are: "high accuracy rate", "high detection rate"(DR) and "low false alarm report"(FAR), these factors influence on NIDS performance. Keywords: Internet of Things (IoT), Intrusion Detection System (IDS), Deep learning (DL), Machine learning (ML). 1
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
خالصــة حاث بأت من الضاااي تو ي فايافضااا شااانآم ةم من ان اع كم كشااال الت ااا ب ااانب ي قعأت ف ديأال الاجكأت ايم ام بشاااآ كنايف الك ااات ن
يعد اكتشاااأن اع ال الت ااا الجديدة هدفًأ لألمن ال اااانياع
) يجب ان يتعأم مع الناأعأت ف ال قت الفعNIDS عنيالشااانآم )نIoT بأستخدام إعتيعت ايشاأء
ف هذا ال قت الت يعتكدع ى مطأب م اعكأط مع مأت تاس الحزمم ق ت فأع اتاأن ييكزهذل ال تقمع ى ع أم كشل
ا سألاب ك شل الت
هذاالتح ا لديه ال دتة
( ال ا ا العأاو الضااأتمن خالل يح ا حيكم مي تالشاانآمNIDS) الت ا ال أ ع ع ى الحأ ت الشااأ ة حاث
معدل اقم عألام: هذل
ع ى اكتشااااااأن الاجكأت الجديدةن ي ااااااتخدم ع ام ق يم لت ااع هذل الاجكأت من خالل ي طام ايبحأ ال ااااااأب م نNIDS معدل اكتشأن مييفع ي يييإعذاتخأطئ م خفض يؤثيهذل الع ام ع ى اااء
1. Introduction
allows to physical devices to be connected to each other over the Internet [1], Figure 1 depicts
Internet of Things (IoT) is a revolutional
the main architecture of it.
development in Internet and communication, that
Application layer
Network layer
IDS
Perception layer Figure 1. Architecture of IoT [1].
Future of the IoT in the integration with the
The potential unauthorized access to information
Artificial intelligence (AI), both are making
and new attacks will increase by 2020, when up
human life more comfortable, since they made
to 50 billion devices may be connected according
everything smart and there is no need for human
to Gartner. Weaknesses in Internet protocols and
intervention [2].
the loss of sufficiently robust mathematical analysis methods have led to increased attacks as systems are adopted in IoT [3].
2
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
Security is considered the main challenge of IoT,
to the lack of rich dataset [4]. Typically, the
and Real –time data generated from IOT need
traffic of network is picked up in both packet and
analysis. Deep learning which improves neural
stream format, traffic of network is typically
networks is considered the best for analyzing
picked up at the packet level by copying ports on
real-time solutions in (IoT), it mimics the human
network
mind
information of payload, stream -based data is
for
its
ability
to
self-learn
from
accumulated experiences.
devices,
and
its
data
contains
contained metadata of network connections only [5].
In this paper, many researches are discussed with their challenges, in addition, a research agenda is
Firewalls and authentication methods are used to
proposed to address these challenges and
protect and prevent unauthorized access to the
highlighted the robust factors in the detection of
systems, but these methods are lost the abilities
IoT attacks.
to monitor the network traffic, where most of the
2. Network
Intrusion
Detection
attacks are existing. These attacks may be created
System
by disgruntled employees who have legitimate
(NIDS)
network access then used the privilege to destruct Network Intrusion detection systems (NIDS) are
[6]. Figure 2 depicts the location of Intrusion
the first line of defense in the network, its often
Detection System in the network after firewall.
suffer from practical testing and evaluation due
Figure 2. Intrusion Detection System [6]. There are two types of IDSs, these two types are
1. Anomaly-Based Detection: ID Search network
classified according to the detection technique,
traffic to detect abnormal traffic.
they are: 3
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
2.
Misuse
Detection
Or
Signature-Based
Figure 3 presents a general classification of an
Detection: It is a method that uses unauthorized
Intrusion
Detection System
behavior as known patterns that are called
Implementation
signatures to detect similar attempts [7].
Detection method [8].
method,
According
Architecture
to and
Figure 3. General Classification of Intrusion Detection System [8]
In
this
paper,
anomaly-based
NIDS
is
consist of streams with labeled anomalies, benchmark containing real-world data [10].
considered, because it is able to detect new threats which occur in IoT. The NIDS analyzed
Training and evaluating anomaly-based NIDS
network traffic and detected new and unknown
are used Labeled data sets. As in [11,12] datasets
attacks. The feature set design important to
for (NIDS) network based intrusion detection are
identify network traffic, and it is an ongoing
surveid, which presented in details with network
research problem [9].
data based on packet and flow, thesis researches
Restrictions of application systems are required
has presented 15 different
to process data in real- time, not batches. The
evaluating data sets for specific situations, the
nature of the stream data shows deviation,
presentation identified sources for network-
favoring algorithms that learn ongoing, by using
based data, like repositories of traffic with traffic
Numenta Anomaly Benchmark (NAB) which
generators.
4
properties for
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
3. Techniques to Design NIDS
methods, they developed two architectures that
In this section, number of machine learning
can detect and track progress of attacks in real-
techniques are discussed, these techniques are
time, database of HMM templates is developed,
consider as most common Machine Learning
which
Techniques (ML) , such as Decision Tree (DT),
complexity. The classifier is applied by using
Support Vector Machine (SVM), Bayesian
decision tree with "Feature grouping based on
Algorithm, K-Nearest Neighbor and Principal
linear
Component Analysis (PCA).In addition, Deep
algorithm and "cuttle fish algorithm" (CFA) is
Learning (DL) are also described such as(Auto
used in [16].
Encoder(AE),Variant Auto Encoder(VAE),Deep
To deal with heterogeneous and large-scale data,
Belief Networks (DBN), Convolutional neural
[17] proposed hybrid approach for intrusion
network (CNN), Recurrent
detection by using dimensionality reduction
neural network
(RNN), Long –Short term Recurrent
presented diverse
correlation
performance
coefficient"
and
(FGLCC)
neural
technique integrated with "information gain"
network (LSTM),Bi directional Recurrent neural
(IG) method and "principal component analysis"
network (BRNN), Gated Recurrent Units (GRU)
(PCA), classifier is ensemble by Applying
and Generative Adversarial Network (GAN)) .
"Support Vector Machine"(SVM), "Instance-
Finally, other NIDS techniques such as Data
based
mining
"Multilayer Perceptron"(MLP).
and Swarm intelligence
are also
learning
algorithms"
(IBK),
and
described. B. Deep learning Techniques (DL)
A. Machine Learning Techniques (ML)
Deep learning is artificial neural networks with
Embedded intelligence in the IoT devices and
multi-layers to produce best accuracy in many
networks are able to be supplemented by ML and
domains such as object detection, language
DL techniques to manage many security
translation and speech recognition, in this section
problems. In [13] some of recent ML/DL
recent researches are reviewed focusing on using
techniques with IoT are reviewed from security
DL.
point view. Due to big data challenges facing
As with [18] DL differs from classical ML
Intrusion Detection, [14] provided feature
methods due to the ability to self-learn from data
selection with high classification efficiency, this
without need to human's knowledge or coded
selection is educed computational costs. In [15]
commands, thus it could understand from raw
Hidden Markov Models (HMM) is used, which
data such as text, image and video because its
is one of statistical machine learning (ML)
5
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
flexible architectures, while DL is provided with
experiments showing the feasibility of the deep
more data, their predictive accuracy is increased.
learning in network traffic analysis.
Deep learning models can enhance performance
In [25] understanding how to use deep learning
of IDS as presented in [19], also all the IDS
are declared by overview some IDSs which
associated definitions are provided, with an
adopted deep learning approaches executed in
explanation of different IDS types, where
intrusion
detection module are puted and the used
advantages and disadvantages.
approach. According to [20] a sparse auto-
In [26,27,28], Modelling network traffic used
encoder and softmax regression based NIDS was
"long short-term memory" (LSTM) recurrent
implemented, they used benchmark network
neural networks as supervised learning method,
intrusion dataset - NSL-KDD to evaluate
used known normal and abnormal behavior,
anomaly detection accuracy.
improved intrusion detection.
In [21] SDN has given a potential to make strong
In [29], the Paper proposed a hybrid model, this
secured network and also made a dangerous
hybrid is composed from Recurrent Neural
increasing
Network (RNN) with Restricted Boltzmann
in
attacks
chances,
with
the
detection, with their
explanation of potential of using DL for anomaly
Machines
detection system based on flow. A survey about
malicious traffic detection as a classification task
IoT architecture presented in [22], emerging
without feature engineering.
security vulnerabilities with their relation to the
In [30] a method is suggested based on CNN to
layers of the IoT architecture are also presented.
execute intrusion detection, using CNN leads to
In [23] declared that deep learning techniques has
extract complex
the ability to handle big data. Big data and
continually changing environments, which is so
obtaining data reflected real challenges to IDS
necessary in network intrusion detection.
based on machine learning. It showed some IDSs
In [31] improved user trust by making the DNN-
limitations which used old machine methods
IDS more communicative, since the black-box
used to construct, extract and select features. To
nature of DNNs inhibits transparency of the
get rid these challenges, it showed some IDSs
DNN-IDS, which is essential for building trust.
with deep learning techniques.
The user declared input features which are most
An overview of the recent work of deep learning
relevant in detecting every type of intrusion by
techniques with network anomaly detection is
training DNN-IDS.
provided in [24], it also discussed their local
As in [32] described a new IDS called the "hierarchical
6
(RBM).
This
hybrid
limitations,
regarded
features automatically
spatial-temporal
in
features-based
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
intrusion detection system" (HAST-IDS). Firstly,
used to monitor traffic of network in real time
the traffic of network represented spatial features
and events in host-level effectively, this SHIA is
in
alert probable cyber-attacks.
low-level
which
learned
using
deep
"convolutional neural networks" (CNNs) then temporal features in high-level is learned using
C. Other (NIDS) Techniques
"long short-term memory" (LSTM).
Other techniques such as swarm intelligence,
[33] More deep learning approaches have been
data mining techniques and genetic algorithms
used for IDS, three models are evaluated on their
are used for designing NIDS, the following
accuracy and precision, a "vanilla deep neural net"
(DNN),
"Self-Taught
section is described most recent researches:
Learning"(STL)
In [38] Swarm intelligence has been combined
approach, and "Recurrent Neural Network"
with data mining techniques to configure strong
(RNN) based "Long Short Term Memory"
methods for detecting and identifying data flow
(LSTM).
efficiently. Since, Networks of IoT have been
[34] Proposed a new deep learning technique
secured
within the youth network for detecting attacks
ways
and
attacks of cyber, therefore detection based on
Recurrent Neural Network" (BLSTM RNN).
anomaly bear the liability to decrease risk of
[35] This paper proposed optimization on
attacks types. [39] The proposed work, used
structure of DBN’s network, at first " Particle
firefly algorithm for feature selection. The
Swarm Optimization" (PSO) is designed used
resulted features are submitted to the classifier
learning factor and adaptive inertia weight. Then
then provided C4.5 and "Bayesian Networks"
the fish swarm behavior provided to develop the
(BN) for attack classification. Paper [40] showed
PSO and found the optimization solution
an intrusion detection model based on Deep
initially.
Belief Network improved by Genetic Algorithm
[36] A proposed system used Deep Learning
into multiple iterations of the GA, have faced
technique which applied a combination fusion of
various types of attacks. This paper [41]
Random Forest (RF) Algorithm and Decision
suggested a fuzzy aggregation method used the
Tree (DT) Classifiers, which reduced irrelevant
deep belief networks (DBNs) and modified
features and detected attacks with a better
density peak clustering algorithm (MDPCA).
accuracy.
MDPCA is used to divide the training set into
In [37] It proposed hybrid framework of DNN "Scale-Hybrid-IDS-AlertNet"
authentication
encryption ways, but they are not secured versus
using "Bi-directional Long Short-Term Memory
called
using
various subsets to reduce the size and imbalanced
(SHIA)
7
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
samples with similar sets of attributes. Each
detection,
with
a
simplification
to
the
subset trained on its sub-DBNs classifier. [42]
collaboration between protocols used in IoT.
This paper showed a hybrid method for an
[47] Presented an online anomaly learning using
anomaly network-based IDS by using AdaBoost
the reversible-jump MCMC learning, forecasting
algorithms and Artificial Bee Colony (ABC), this
mechanism, then Network Utility Maximization
hybrid method gained a low false positive rate
(NUM) theory is used for structural analysis of it.
(FPR) and high detection rate (DR).
[48] Risk Analysis and examined the security threats for each layer, related to this process,
4. Intrusion Detection System (IDS) and IoT
suitable procedures and their limitations of IoT
The
protocols are specified.
implementation
of
classical
IDS
technologies on the IoT environment showed
In paper [49] a new model for intrusion detection
obvious complexity, due to the nature of
is suggested, which is used Principal Component
resources constrained in IoT devices and their
Analysis (PCA) to reduce dataset dimensions
use of special protocols. Attackers exploit the big
from a great number of features to a small
IoT potential to develop methods to threaten
number, also online machine learning algorithm
privacy and security [43].
is used as a classifier.
In [44] presented a complete study of current
According to [50] determined that current data
intrusion detection systems, according to three
sets (KDD99 and NSLKDD) do not provide
factors: cost of computation, consumption of
acceptable results, because of three main issues,
energy and privacy. [45] Based on accurate
it lost the modern attack patterns, it lost modern
analysis of the existing intrusion detection
scenarios of traffic streams and distributed sets of
methods. The paper divided into two parts: part
training and testing is difficult. Therefore,
one contained algorithm of mining anomaly to
UNSW-NB15 dataset has been generated to
detect anomalous data in perception layer, which
address these issues.
the second part contained a distributed scheme of
In [51] the system uses a structured Self-
intrusion detection of the detected anomalies.
Organizing Maps (SOM) to classify real-time
The great dynamic distribution in IoT made an
Ethernet network data. [52] Proposed that
online manner of anomaly detection so difficult,
"variant-gated recurrent units" are learned packet
thus in [46] proposed a new IDS, which is used
payload with header features of network
ML algorithms for detection anomaly in IoT , the
automatically, E-GRU and E-BinGRU are new
platform provided "security as a service " for
techniques never used for network intrusion detection previously. The E-BinGRU reduces the
8
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
required size of memory and used bit-wise
because increasing threats on banking services
calculations in most arithmetic operations.
and financial sectors. The proposed system uses the latest IDS Dataset in 2018 which isa real time
5. NIDS on IoT using Deep Learning
dataset (CSE-CIC-IDS2018), created by the Canadian Institute for Cyber Security (CIC) on
The improvement in CPU work and neural
the environment
network algorithms made the application of DL
Services). As in [57] show a new deep learning
more practical. The use of DL for attack
technique within the youth network for detecting
detection in the IOT could be a flexible to novel
attacks using" Bi-directional Long Short-Term
attacks due to of its capability of feature
Memory Recurrent Neural Network" (BLSTM
extraction in high-level. [53] showed that
RNN). In [58] light-weight distributed security
centralized detection system is assessed versus
solution is presented to improve IoT architecture,
the distributed attack detection based IoT/Fog.
analyzing the approaches of ML and DL on the
The experiments proved that distributed attack
IoT and
detection system is better than centralized
evaluated according to Accuracy, Detection Rate
data set of German credit card, Data set of 12
(DR), False Alarm Rate (FAR).
months taken from Temperature sensor, Images of persons walkways). According to [55] a new detection framework is presented using simulation for proving its scalability and real-network traffic for proving the concept. The detection options provided and
evaluating
explain the approach used on the data set and
the resulted data from IoT are bulk. It used UCI
service"
and
Comparative analysis of existing NIDS for IOT
problems based on a home automated systems,
a
Security,
architecture of IDS dataset. Table1. Show the
[54] this paper aims to solve some smart city
as
Cyber
Networks (LSTM and GRU) for each layer in the
detection systems using deep learning model. In
"security
of AWS (Amazon Web
simplifies
interoperability between IoT protocols. In [56] suggested system is created by applying artificial intelligence on a Detect botnet attacks
9
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
TABLE (1): Comparative analysis of existing NIDS for IOT Ref.
Approach
Descriptive Concepts
Dataset
Accuracy
DR
FAR
25
LSTM
Network trained with 8 features
DARPA/
NA
0.993
0.072
and all attacks with the lowest
KDDCup'99
NA
DOS
MSE on test data. 27
RNN
This reference Usedrecurrent
NSL-KDD
neural network
83.49
2.06
R2L 0.80
24.69
U2R 0.07
11.50
Prop
50
23
DT
Four existing classifiers are
LR
used to evaluate the complexity
UNSW-B15
85.56
2.16
83.40
NA
15.78
83.15
18.48
NB
82.07
18.56
ANN
81.34
21.13
1.AK16a
1.use SAE for classifying and
"Aegean Wi-
(ANN)
clustering approaches.
2.AK16b
65.178
0.143
Fi Intrusion
92.674
2.500
2. Adopted a feature selection
Dataset "
92.180
4.400
(Softmax
by ANN.
(AWID)
99.918
0.012
Regression)
3. SAE extractions and
22.008
0.021
NA
NA
3.AK17
(K-
NA
weighted selection are
means
combined.
Clustering)
4. SAE improved the IDS
4.ACTYK17
performance than to KKSG15.
(SVM, DT, ANN) 5.KKSG15 24
Fully
Train+/Test+
NSL-KDD
connected
Train20/Test+
R2L 90.4
Train+/Test−
U2R 83.0
10
DOS 89.4
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
neural network
Train20/Test−
Prob 84.2
model(FCN)
49
(PCA)&k-
This reference used Principal
Nearest
Component Analysis (PCA) to
KDDCup 99
84.406
99.312
1.116
97.618
NA
0.0257
kDDCUP99
0.97
0.9
0.99
ISCX 2012
1.IG-PCA0.988
0.011
0.986
0.011
0.987
0.014
reduce the dimensions of the datasetand to develop the classifier.Softmax regression and k-nearest applied 58
(LSTM and
Improveits architecture and
DARPA/KD
GRU)
proposed a light-weighted and
DCup '99
multi-layered design of an IoT network 9
ANN
Backpropagation algorithmis used.
17
IG-PCA
Proposed a new hybrid
Ensemble
technique for dimensionality
SVM 98.82
method
reduction that
2.IG-PCA-
combiningprincipal component
IBK 98.72
analysis (PCA) &information
3.IG-PCA-
gain (IG),(MLP) ,(SVM)&
MLP 98.66
Instance-based learning
4.IG-PCA-
algorithms (IBK) approaches .
28
NSL-KDD
ensemble
Kyoto2006+.
99.01
0.991
0.010
(RNN) &
Proposed a hybrid model that
ISCX-2012
98.61
94.90
0.07
(RBM)
combines a recurrent neural
DARPA1998
97.82
95.21
0.17
NA
NA
NA
network (RNN) with restricted Boltzmann machines (RBM) 29
RNN
Using different models of deep Recurrent Neural Network
NSL-KDD
(BLSTM, LSTM, BRNN, RNN)
11
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
30
CNN & LSTM
Hierarchical spatial-temporal
DARPA1998
41.7
0.00
0.00
features-based on intrusion
ISCX2012
97.2
0.00
0.00
detection system (HAST-IDS) by using (CNNs) to learn the low-level spatial features of network traffic and then learns high-level temporal features using (LSTM) networks 31
(MLP)
Binary and multi-class
KDD-NSL
94.83
NA
NA
UNSWNB15
0.9571
2.19
0.00
KDDCUP 99
NA
17.24
0.00
KDDCup 99
99.85
99.84
0.19
91.50
39.60
0.40
NA
7.46X107
classification was carried out on the dataset 33
BLSTM.
It used Deep Learning Neural Network of multi-layer.
39
Firefly
The firefly algorithm to select
algorithm,(BN)
the features. Then resulted
and C4.5
features are submitted to Bayesian Networks (BN)and C4.5
15
(FGLCC)&(CF
IDS used feature grouping
A)
based on "linear correlation coefficient (FGLCC) " &"algorithm and cuttlefish algorithm (CFA)"
18
26
CorrCorr a
Features selected with a
UNSW-
feature
Principal Component Analysis
NB15
selection
(PCA) and a Pearson class label
NSL-KDD
method
correlation
LSTM
Proposed newmechanism to
ISCX2012
99.99
extract "packet semantic
USTC-
99.99
meanings "with LSTM to learn
TFC2016
"the temporal relation among fields in the packet header ".
12
1.1 X107
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
35
DBN&PSO&
Optimizing the structure of
NSL-KDD
NA
Pro
fish algorithm
DBN(Deep BelieveNetwork).
p
Execute a PSO (Particle Swarm
3.55
Optimization) which depends on
DO
learning factor &weight. Then,
S
is used the fish swarm for
87.2
clustering.
U2 R
0.77
5.64
0.17
3.02
84.0 R2L 80.4 37
40
41
DNN
DBN & GA
Hyper parameter selection
NSL-KDD
0.789
NA
NA
methods used to select optimal
UNSW-
0.761
parameters and topologies for
NB15 Kyoto
0.885
DNNsare chosen
WSN-DS
0.982
CICIDS2017
0.931
NSL-KDD
DoS 99.45
99.7
0.8
(DBN)with
Prob99.37
99.4
0.7
improving on Genetic
R2L 97.78
93.4
7.3
Algorithm (GA).
U2R 98.68
98.2
1.8
82.08
NA
2.62
0.99975
NA
NA
Proposed Deep Belief Network
(MDPCA)and
Fuzzy aggregation approach
NSL-KDD
deep belief
using modified density peak
UNSW-
networks
clustering algorithm (MDPCA)
NB15
(DBNs).
and deep belief networks (DBNs).
56
ANN
Detect a classification of botnet
IDS2018
attack 84.0
Conclusion
applications (NIDS),0 because of its ability to analyze big data with high accuracy which
The DL outperformed traditional machine
resulting from its potential in self-learn from
learning methods in network intrusion detection
real-time data. In addition, DL mimics the ability
13
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
of human mind to learn by accumulated
[3] Glenn A. Fink, Dimitri V. Z., Thomas E.
experiences, thus its enable to discover zero-day
Caroll,
attacks. However, there are challenges of (NIDS)
Challenges for the Internet of things", IEEE,
in IoT, such as globally accessible, restricted
2015.
resources
Grand
Bandwidth), in addition using recent protocols
intrusion detection system in a computer
such as (COAP, Zigbee, PRL and 6LoWPAN).
network",
to
make
CPU
Privacy
[4] Babatunde, R.S., et al.," development an of
order
Battery,
and
and
In
(Memory,
"Security
NIDS
on
"Packet and Flow Based Network Intrusion Dataset ", 2012.
nature of IoT.
[6] Ho, Swee Yenn (George), "Intrusion
Optimization must be made on Deep learning
Detection - Systems
technique by using feature selection methods to
1.2e.
data sets. This optimization will reduce false detection rate
for today and
tomorrow", SANS Institute 2019, Version
select the most relevant features in the large real
alarm rate and increase
of
[5] Prasanta Gogoi, Monowar H. Bhuyan,
recommended to obtain real results that are to the dynamic
journal
computers & technology, Vol 12, No. 5.
IOT
environment more effective, real data sets are
relevant
international
[7]
and
Eric Li, "Intrusion Detection Systems ", ACC 621: IT Assurance & Computer
accuracy.
Assisted Auditing,2010. [8] A. NisIoTi, A. Mylonas, V. Katos,"From Intrusion Detection to Attacker Attribution:
References
A Comprehensive Survey of Unsupervised [1] Somayya Madakam, R. Ramaswarmy, S.
Methods", IEEE 2018.
Tripathi, "Internet of things (IOT): A
[9] Shawq M. Mehibs, Soukaena H. Hashim,
Literature Review ", Journal of computer
"Proposed Network Intrusion Detection
and communications, 2015, 3, 164-173.
System in Cloud Environment Based on Back Propagation Neural Network", Journal
[2] Akash Shukla, Himansho Sharma, Ankita
of Babylon university/Pure and Applied
Singh, "Future of Internet of Things: Trends, Challenges Intelligence",
&
Insight
International
to
Sciences / No. (1)/ Vol. (26): 2018.
Artificial Journal
[10] Subutai Ahmad, Alexander Lavin, Scott Purdy,
of
Zuha Agha," Unsupervised real-time anomaly
Advanced Research in Computer: Volume
detection for streaming data", ELSEVIER,
9, special issue No. 2, April 2018.
Neurocomputing 262 (2017) 134–147. 14
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
[11] Markus Ring, Sarah W., Deniz Scheuring,
Intrusion Detection, Computer Networks
Dieter Landes," A Survey of Network-based
(2018),
Intrusion
doi:https://doi.org/10.1016/j.comnet.2018.
Detection
Data
Sets",arXiv:
1903.02460 v1 [Cs. CR] 6 Mar 2019.
11.010
[12] Hanan Hindy, David Brosset, Ethan Bayne,
[18] Florian Gottwalt, Elizabeth Chang, Tharam
"A Taxonomy and Survey of Intrusion
Dillon, Corr: A Feature Selection Method for
Detection
Techniques,
Multivariate Correlation Network Anomaly
Network Threats and Datasets", arXiv:
Detection Techniques, Computers & security,
1806.03517 v1 [Cs. CR] 9 Jun 2018.
doi:https://doi.org/10.1016/j.cose.2019.
System
Design
[13] Mohammed Ali Al-Garadi, et al. , "A Survey
02.008
of Machine and Deep Learning Methods for
[19] Kwangjo Kim, Muhamad Erza, Harry
Internet of Things (IoT) Security".
Chaandra, "Network Intrusion Detection
[14] Richard Zuech and Taghi M. Khosh goftaar,
using Deep Learning: A Feature Learning
"A survey on feature selection for intrusion
Approach", Springer Briefs on Cyber
detection",
21st
ISSAT
International
Security Systems and Networks, ISBN
Conference on Reliability and Quality in
978-981-13-1444-5,2018.
Design August 6-8, 2015 - Philadelphia,
[20] Quamar N., Weiqing Sun, Ahmad Y Javaid,
Pennsylvania, U.S.A.
and Mansoor Alam,
"A Deep Learning
[15] Tawfeeq Shawly, Ali Elghariani, Jason
Approach for Network Intrusion Detection
Kobes and Arif Ghafoor, "Architectures for
System", Conference Paper in Security and
Detecting Real-time Multiple Multi-stage
Safety, December 2015.
Network Attacks Using Hidden Markov
[21] Tang, TA, Mhamdi, L, McLernon, D et al.
Model "
"Deep Learning Approach for Network
[16] Sara Mohammadi, Mostafa
Hamid
Mirvaziri,
Ghazizadeh-Ahsaee,
Intrusion Detection in Software Defined
Hadis
Networking, International Conference on
Karimipour " Cyber intrusion detection by
Wireless
combined feature selection algorithm",
Communications (WINCOM). 26-29 Oct
Journal of Information Security and
2016, Fez, Morocco IEEE.
Applications 44 (2019) 80–88, Elsevier.
Networks
and
Mobile
[22] Mohamed Faisal Elrawy, Ali Ismail Awad
[17] Fadi Salo, Ali Bou Nassif, Aleksander
and Hesham F. A. Hame, "Intrusion
Essex, Dimensionality Reduction with IG-
detection systems for IoT-based smart
PCA and Ensemble Classifier for Network
environments: a survey", Journal of Cloud 15
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
Computing:
Advances,
Systems
and
[29] Chaopeng Li1, 2, Jinlin Wang1, Xiaozhou
Applications, Springer ,2018.
Ye1," Using a Recurrent Neural Network
[23] Kwangjo Kim, Muhamad Erza Aminanto,
and Restricted Boltzmann Machines for
"Deep Learning in Intrusion Detection
Malicious
Perspective:
Quantology, May 2018, Volume 16 Issue
Overview
and
Further
Challenges", 2017 IEEE.
Traffic
Detection",
Neuro
5 Page 823-831,
[24] Dongh woon Kwon, Hyunjoo Kim, Jinoh
doi: 10.14704/nq.2018.16.5.1391.
Kim, Sang C. Suh, Ikkyun Kim , Kuinam J.
[30]
Lin Zhang, Meng Li, Xiaoming Wang,
Kim, "A survey of deep learning-based
Yan Huang," An Improved Network
network anomaly detection", published
Intrusion Detection Based on Deep
online: 27 Sep 2017, Springer.
Neural", Network IOP Conference Series:
[25] Kwangjo Kim, Muhamad Erza Aminanto,
Materials Science and Engineering. ,2019
"Deep Learning in Intrusion Detection Perspective:
Overview
and
.
Further
[31]
Challenges", 2017 IEEE.
Kasun
Amarasinghe,
Milos
Manic,
"Improving User Trust on Deep Neural
[26] Ralf C. Staudemeyer, "Applying long short-
Networks Based
Intrusion
Detection
term memory recurrent neural networks to
Systems", Conference Paper November
intrusion detection", SACJ No. 56, July
2018 IEEE.
2015.
[32] Wei Wang, Yiqiang Sheng, Jinlin Wang,
[27] Ren-Hung Hwang, Min-Chun Peng, Van-
"HAST-IDS: Learning Hierarchical Spatial-
Linh Nguyen and Yu-Lun Chang, "An
Temporal Features using Deep Neural
LSTM-Based Deep Learning Approach
Networks to Improve Intrusion Detection",
for Classifying Malicious Traffic at the
IEEE December 2017,
Packet Level", Applied Science, MDPI.
DOI:10.1109/ACCESS.2017.2780250.
2019, doi: 10.3390/app 9163414
[33] Lee, Brian; Amaresh, Sandhya; Green,
[28] Gyuwan Kim, Hayoon Yi, Jangho Lee,
Clifford;
and
Engels,
Daniel
(2018)
Yunheung Paek, Sungroh Yoon, "Lstm-
"Comparative Study of Deep Learning
Based System-Call Language Modeling
Models for Network Intrusion Detection,"
Nd
SMU Data Science Review: Vol. 1: No. 1,
Robust
Ensemble
Method
for
Designing Host-Based Intrusion Detection
Article 8.
Systems",ar Xiv:1611.01726v1 [Cs.CR] 6
[34] Bipraneel Roy, Dr. Hon Cheung, "A Deep
Nov 2016.
Learning Approach for Intrusion Detection 16
K.U.C.J
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
in Internet of Things using Bi-Directional
https://doi.org/10.1016/j.cose.
Long
2018.11.005.
Short-Term Memory
Recurrent
Neural Network", 2018 28th international Telecommunication
[40] Ying Zhang, Peisong Li and Xinheng Wang,
Network
"Intrusion Detection for IoT Based on
Communication Conference (ITANC).
Improved Genetic Algorithm and Deep
[35] Peng Wei, Yufeng Li, Zhen Zhang, Tao Hu, ZiyongLi,
and
Optimization
Diyang Method
Liu for
"
Belief
An
Network",
DOI
:10.1109/ACCESS.2019.2903723, IEEE.
Intrusion
[41] Yanqing Yang, Kangfeng Zheng, Chunhua
Detection Classification Model based on
Wu, Xinxin
Deep
"Building an Effective Intrusion Detection
Belief
Network",
DOI
10.1109/ACCESS. 2019.2925828, IEEE.
Niu and Yixian
Yang,
System Using the Modified Density Peak
[36] V. Kanimozhi, Prem Jacob,"UNSW-NB15
Clustering Algorithm and Deep Belief
Dataset Feature Selection and Network
Networks ",Applied Science, MDPI. 2019,
Intrusion Detection using Deep Learning ",
9, 238; doi:10.3390/app 9020238.
International Journal of Recent Technology
[42]
MaziniM., Shirazi B., Mahdavi, I.,
and Engineering (IJRTE) ISSN: 2277-
Anomaly
3878, Volume-7 Issue-5S2, January 2019.
detection system using a reliable hybrid
[37] Vinaya kumar R, Mamoun Alazab, Soman
network-based
intrusion
artificial bee colony and Ada Boost
K. p., Prabaharan P., Ameer Al-Nemrat
algorithms,
"Deep Learning Approach for Intelligent
University – Computer and Information
Intrusion
Sciences
Detection
System",
DOI:
10.1109/ACCESS.2019.2895334, IEEE.
Niketa
Gandhi
King
(2018),
Saud
doi:
2018.03.011.
Swarm
[43] Bruno Bogaz Zarpelão, Rodrigo Sanches
Intelligence in anomaly detection systems:
Miani, Cláudio Toshio Kawakani and Sean
an overview, International Journal of
Carlisto, " A Survey of Intrusion Detection
Computers
in I internet of Things", Journal of Network
and
(2018):
of
https://doi.org/10.1016/j.jksuci.
[38] Sanju Mishra, Rafid Sagban, Ali Yakoob &
Journal
Applications,
DOI:
10.1080/1206212X.2018.1521895.
and
[39] Selvakumar B., Muneeswaran K.," Firefly
2017.02.009.
Network Intrusion Detection", Computers Security
(2018),
applications,
http://dx.doi.org/10.1016/j.jnca.
algorithm based Feature Selection for
&
Computer
[44] Junaid Arshad, Muhammad A. Azad, Khaled
doi:
Salah, Wei Jie, RaziIqbal, Mamoun Alazab, 17
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
"Review of Performance, Energy and Privacy
Systems:
of Intrusion Detection Systems for IoT",
UNSW-NB15 data set and the comparison
arXiv:1812.09160v1 [Cs. CR] 21 Dec 2018.
with the KDD99 data set, Information
[45] Rongrong Fu, Kang Feng Zheng, Dongmei
Security Journal: A Global Perspective,
Zheng,
Yixian
Yang,
"An
Intrusion
Chawla,
the
A Real-Time Network-Based Intrusion
Geetha
priya
Detection System Using Self-Organizing
Thamilarasu,"Security as a Service: Real-
Maps".
time Intrusion Detection in Internet of
[52] Yiran Hao, Yiqiang Sheng, Jinlin Wang,
Things", ACM ISBN 978-1-4503-6406-
"Variant Gated Recurrent Units with
5/18/04, https:// doi.org/10.1145/3212687.
Encoders to Preprocess Packets for
3212872,2018.
Payload-Aware
[47] Jun Ping Wang, Shihui Duan, "An Online
Intrusion
Detection",
IEEE April 25, 2019..
Anomaly Learning and Forecasting Model
[48]
of
[51] Khaled Labib and Rao Vemuri, " NSOM:
Mining in Internet of Things". Sheven
analysis
DOI:10.1080/19393555.2015.1125974.
Detection Scheme Based on Anomaly
[46]
Statistical
[53] A.A. Diro, N. Chilamkurti, "Distributed
for Large-Scale Service of Internet of
attack detection scheme
Thing", 2014 International Conference on
learning approach for Internet of Things",
Identification, Information and Knowledge
Future Generation Computer Systems
in the Internet of Things.
(2017),
Panag IoT is I., Panag IoT is G., Ioannis
http://dx.doi.org/10.1016/j.future.2017.08
D., " Securing the Internet of Things:
.043
Challenges,
threats
and
solutions",
[54]
using deep
N. Rakesh, "Performance analysis of
Internet of Things 5 (2019) 41–70,
Anomaly
Elsevier.
datasets using cloud micro services".
[49] Shengchu Zhao, Wei Li, Tanveer Zia and
[55]
detection of different
Geetha priya Thamilarasu
IoT
and Shiven
Albert Y. ," A Dimension Reduction
Chawla, "Towards Deep-Learning-Driven
Model and Classifier for Anomaly-Based
Intrusion Detection for the Internet of
Intrusion Detection in Internet of Things",
Things", MDPI, Sensors 2019, 19, 1977;
2017 IEEE. 15th Intl Conf on Dependable,
doi:10.3390/s19091977.
Autonomic and Secure Computing.
[56] V. Kanimozhi and T.P. Jacob, "Artificial
[50] Nour Moustafa & Jill Slay (2016): The
Intelligence
evaluation of Network Anomaly Detection
Detection 18
based Network Intrusion with
hyper-parameter
Rawaa, Dr. Nidaa and Dr. Abeer – Determining of Robust …
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 1-19
Construction ……
optimization tuning on the realistic cyber
Network
dataset CSE-CIC-IDS2018 using cloud
(ITANC).
computing", ICT Express (2019), https://
Communication
Conference
[58] Manoj Kumar Putchala, " Deep Learning
doi.org/10.1016/j.icte.2019.03.003.
Approach For Intrusion Detection System
[57] Bipraneel Roy, Dr. Hon Cheung, "A Deep
(IDS) in the Internet of Things (IOT)
Learning
Approach
For
Intrusion
Network Using Gated Recurrent Neural
Detection In Internet Of Things Using Bi-
Networks (GRU)", Thesis Submitted to
Directional Long Short-Term Memory
Wright State University 2017.
Recurrent Neural Network", 2018 28th International
Telecommunication
19
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
ISSN (E) : 2616 Construction …… – 7808
I
ISSN (P) : 2414 - 7419
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
مجلة كلية الكوت الجامعة
Vol. 5
Issue 1
2020
5th Year
Measuring and Analyzing the Impact of Net Exports on Economic Growth in Iraq: A study for the Period of 2000-2018
Dr. Sami Awad
Dr. Ahmed Abdulrazaq Abdulrudha
Dr. Rasha Kahled
Wasit University
Middle Technical University
Wasit University
Faculty of Administration
Kut Technical Institute
Faculty of Administration
& Economics
& Economics
Abstract: The research aims to estimate the impact of exports on the economic growth of Iraq, as previous studies are still controversial about the relationship between export performance and economic growth, especially in the analysis of time series, so this study used time series data for the period 2000-2018 to estimate the relationship . ARDL estimate is used To diagnose this relationship, the data series were chosen on the basis of data availability as the results of the investigation showed a positive long-term relationship between economic growth and export performance, this research confirms the use of the necessary measures to increase the export of products with added value to the Iraqi economy. Keywords: Export, Economic Growth, GDP, Iraq.
20
K.U.C.J
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
2018 - 2000 دراسة للمده:قياس وتحليل صافي الصادرات على النمو االقتصادي في العراق :المستخلص للثرا ت ايث ا تااا الدعابااااتى اللااااتحقل ير لل دا اقا، يهدف البحث إلى تقدير تأثير الصاااات عاى الى الاالق ااديصاااات ت وختصل في تحليل اللالبل الا ايلت لذلك ابيخد ت هذه الدعابل حيتنتى اللالبل الا ايل، الثالدل حين أ اء الصت عاى والاالق ااديصت تقافر
ليشااخيه هذه الثالدلت ودد تا اخييتع بااللاالل البيتنتى الى أبااتARDL يلاايخدت تقدير. ليقدير الثالدل2000 - 2018 للفير
وأ اء اليصاااديرت ويا د هذا البحث ابااايخدات، البيتنتى ايث أظهرى نيتئج اليح قيق وجق االدل إي تحيل طقيلل األجل حين الاالق ااديصااات .اليداحير الالز ل لايت تصدير الالاي تى ذاى القيالل الالضتفل لالديصت الثرادي . . ت الاتتج الالحلي اإلجالتليت الثرا، الصت عاىت الاالق ااديصت: الكلمات المفتاحية
Introduction: Exports contribute significantly to building the
become urgent today in relation to The national
economy of any country, and it is one of the
economy in order to cause a fundamental change
important mechanisms for increasing the rates of
in the structure of exports outside the oil sector,
GDP
general
as the sharp decline recorded in the proportion of
frameworks of the market range (Khan and
non-oil exports and the imbalance of the export
Saqib, 1993;). which is the most important
structure is still a source of concern and
element of access to abroad (Michaely, 1977).
insecurity for the state, which requires urgent
The expansion of exports in general helps to
measures to develop these exports and advance
reduce the many obstacles that stand in the way
the economy Iraqi forward.
growth
by
expanding
the
of the development process (Tyler, 1981). Economic and the importance of export is clear The Importance:
from his ability to repair the deficit in the balance of payments and work to attract domestic and foreign
investment
and
create
new
The importance of the study is embodied in
job
clarifying the positive relationship between
opportunities (Balassa, 1985 ). achieving high
economic growth and exports in pushing forward
growth rates (Krueger, 1990). the necessity has
21
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
the Iraqi economy forward through diversifying
Economist Ekanayake (1999) explained in one of
its sources of income.
his research how exports affect economic growth in
underdeveloped
countries.
The
results
revealed a significant correlation between export The Problem:
growth and economic growth in South Asian countries. As the study results showed no strong
The main research problem is embodied in
evidence of causation was found in the short
reducing the level of exports of goods and
term.
services very seriously in the Iraqi economy, and
An
observational
estimate
of
the
investigation between export performance and
the dependence of its exports on the rentier
economic growth using the Johansen co-
resource (oil),which caused a large deficit in the
integration test and the test of the causal
trade balance, and thus caused a decline in the
relationship to the Grager found that there was a
level of economic growth of the country in
one-way relationship
general.
between exports and
turbulent economic performance (2004). Qadous and Saeed (2005) illustrate the relationship between exports and economic growth and
The Aim:
emphasized that the results indicate a positive The research aims to study the relationship
causal
between
economic growth. Export growth could expand
economic
growth
and
export
relationship
between
exports
and
performance of the Iraqi economy, and gross
economic
domestic product has been used as an indicator to
currencies. In this regard, previous studies on the
measure economic growth in the country.
"subjective" growth hypothesis that focuses on
returns
by
multiplying
foreign
the dynamic flow of exports and increasing return to volume have confirmed. Exports may Previous studies:
increase long-term growth by enabling the economy to specialize in export products with
Export growth may increase the degree of
economies
economies of scale. From the above, we review
of scale.
despite
the positive
relationship between economic growth and high
the most important previous studies in this
export
regard: -
rates,
the
empirical
evidence
by
researchers (Greenaway and Sapsford, 1994a, 1994b; Khan and Saqib, 1993; Ahmad and
22
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
GDP = f(E,I,P,T)
Kwan, 1991; Ghartey, 1993; Jung and Marshall, 1985; Love, 1994; Edwards, 1993). More
from 2000 to 2018 extracted from World Bank
export in providing uniform results confirmed relationship’s
failure
while
(1)
Annual time series data for all these variables
recently on the relationship between growth and the
……………….
open database and WIND database. The ARDL
important
model is applied on this study to investigate the
literature on cross-sectional studies promotes a
proposed framework proposed by Pesaran et al.
relationship between exports and economic
(2001). This approach is useful for small samples
growth. Conclusively, therefore, this proposal
and variables with heterogeneous order on
must be validated to demonstrate the legitimacy
integration for regresses.
of the impact of export performance on economic
Furthermore, an
unbiased results are estimated using ARDL
growth (Ghatak et al., 1995; Kugler, 1991; Dutt
method for long run relationship (Odhiambo,
and Ghosh, 1994; Afxentiou and Serletis,
2009).
1991b). In this vein, past results generally do not suggest a real correlation between long-term export performance and economic growth. The main
Results and discussion:
prerequisite for causality testing is Before applying ARDL framework, a standard
verification of a common integration proposal.
procedure has followed to estimate the level of integration. For this purpose, Augmented Dickey Fuller has applied. The unit root test is applied
Methodology:
using Baum’s (2015) modified methodology for To look at the connection among exports and
time series data. The results are presented in
economic growth, the present paper utilizes
Table 1. It is note that GDP is integrated at I(1)
ARDL model. The model to determine the
while
relationship of economic growth is determined
independent
variables
have
missed
integration levels I(0) and I(1). Hence, the first
by Gross Domestic Product (GDP), Exports (E),
condition has fulfilled that none of the variable is
Imports (I), Consumer Price Index (P) and Terms
integrated at I(2) (Kouakou, 2011).
of Trade (T). The model can be written in the following form
23
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ‌‌
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ‌‌
Table 1: ADF Estimation
*, ** and *** denote significance level at 1%, 5%
This procedure is useful to determine the long run
and 10%, respectively.
relationship using unrestricted ECM. This helps to estimate lagged level of variables and their respective significance. The ECM equation is
To estimate the relationship among variables the
given below to estimate the relationship among
preliminary step is ADL bound test estimation.
economic growth and exports.
đ?‘?
đ?‘ž
∆đ??şđ??ˇđ?‘ƒđ?‘Ą = đ?œ—1 + đ?œ—2 đ??żđ?‘›đ??¸đ?‘Ąâˆ’1 + đ?œ—3 đ??żđ?‘›đ??źđ?‘Ąâˆ’1 + đ?œ—4 đ??żđ?‘›đ?‘ƒđ?‘Ąâˆ’1 + đ?œ—5 đ??żđ?‘›đ?‘‡đ?‘Ąâˆ’1 + ∑ đ?œ—đ?‘– ∆đ??żđ?‘›đ??¸đ?‘Ąâˆ’đ?‘– + ∑ đ?œ—đ?‘— ∆đ??żđ?‘›đ??źđ?‘Ąâˆ’đ?‘— đ?‘–=1 đ?‘&#x;
đ?‘
+ ∑ đ?œ—đ?‘˜ ∆đ??żđ?‘›đ?‘ƒđ?‘Ąâˆ’đ?‘˜ + ∑ đ?œ—đ?‘™ ∆đ??żđ?‘›đ?‘‡đ?‘Ąâˆ’đ?‘™ + đ?œ‡1đ?‘Ą đ?‘˜=0
đ?‘—=0
đ?‘™=0
24
‌ ‌ ‌.
(2)
K.U.C.J
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ‌‌
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ‌‌
∆đ??şđ??ˇđ?‘ƒđ?‘Ą = ď ¤1 + ď ¤2 đ??żđ?‘›đ??¸đ?‘Ąâˆ’1 + ď ¤3 đ??żđ?‘›đ??źđ?‘Ąâˆ’1 + ď ¤4 đ??żđ?‘›đ?‘ƒđ?‘Ąâˆ’1 + ď ¤5 đ??żđ?‘›đ?‘‡đ?‘Ąâˆ’1 đ?‘?
đ?‘ž
đ?‘&#x;
đ?‘
+ ∑ ď ¤đ?‘– ∆đ??żđ?‘›đ??¸đ?‘Ąâˆ’đ?‘– + ∑ ď ¤đ?‘— ∆đ??żđ?‘›đ??źđ?‘Ąâˆ’đ?‘— + ∑ ď ¤đ?‘˜ ∆đ??żđ?‘›đ?‘ƒđ?‘Ąâˆ’đ?‘˜ + ∑ ď ¤đ?‘™ ∆đ??żđ?‘›đ?‘‡đ?‘Ąâˆ’đ?‘™ + đ?œ‡2đ?‘Ą ‌ ‌ ‌ đ?‘–=1
đ?‘—=0
đ?‘˜=0
(3)
đ?‘™=0
In bound procedure, the joint significance of the
accepted. In contrast, if the computed F-statistic
lagged levels is tested using F-test that has non-
falls within the bounds, inference would be
standard asymptotic distribution. If the computed
inconclusive. Following Lee (2010), maximum
F-statistic falls above the upper value bound, the
lag length is determined by the Breusch-Godfrey
null is rejected, indicating co-integration. If the
LM test where it fails to reject the null hypothesis
computed F-statistic falls below the lower bound,
of serially uncorrelated residuals at 5% level of
the null hypothesis of no co-integration is
significance.
Table 2: ARDL Bound Test Estimation
Tables 3 illustrate the results of bound testing
relationship between economic growth and
approach. It is clearly detected from the results
exports. Further we estimate the long run
that it fails to reject the null hypothesis of no co-
coefficients for our model. The long run
integration. Hence the results state a long run
coefficient estimation is run by using the equation estimate co-integration.
25
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
Table 3. Coefficient Estimation for Long Run Relationship
*, ** and *** indicate significant at 1%, 5% and
bring 2.02% increase in economic growth. The
10% level respectively. Numbers in parenthesis
relationship is strong as well as significant.
are the t-statistics. The optimal lags are selected
Further the relationship among log imports,
based on AIC.
consumer price index and term of trade is negative. Henceforth, the results indicate that
The above result in table 3 confirms a positive relationship
among economic
exports growth has a strong influence on the
growth and
economic growth of Iraq.
exports. The 1% increase in log exports will
Table 4. Diagnostic Tests
26
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
K.U.C.J
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
Diagnostic test presented in table 4 supports the
Through these results, the researcher provides
model. JB test for normality failed to reject
some recommendations for policy makers to
normally distributed residuals. Further LM test is
focus on increasing the level of exports through:
applied autocorrelation and does not present any
1- Diversification of oil commodity production
problem with auto correlated residuals.
As long as the country is an oil-based economy, it is necessary to switch from crude oil exports to exports of value-added products.
Conclusions and Recommendations:
2. Reforming the banking sector: - Through
The study explained the relationship between
various monetary policy tools in order to
economic growth and export performance for
stimulate non-oil exports while providing the
Iraq. GDP is used as an agent of economic
necessary funding to support the industrial
growth. A binding ARDL test framework was
sector.
applied to estimate the long-term relationship between export performance and economic
3- Establishing export-free zones and industrial
growth. ECM was applied to determine the
zones: - The main objective of establishing these
common complementarity between the proposed
zones is to attract investment directed to export.
variables.
After
confirming
the
joint
4- Stimulating investment in industry, by linking
complementarity of the variables, determine the
grants
long-term relationship parameter. The results
and
incentives
provided
by
the
government to industries that enjoy special
confirmed a positive and significant long-term
advantages, such as the rise of the technological
relationship between economic growth and
component, or the increase of its production from
export performance. These findings mean some
production abroad.
suggestions for policymakers to pay attention to increasing the level of exports by producing more oil supplies. Since the country is an oil-based
References:
economy, it is necessary to switch from crude exports to exports of value-added products.
[1] Khan, A. and Saqib, N. (1993) Exports and
Moreover, other industries may increase export
economic growth: the Pakistan experience,
performance by adding value to the oil industry
International Economic Journal, 7 (3), 53-64.
by imitating higher management practices. This
[2] Michaely, M. (1977) Exports and growth: an
will boost the overall export level and achieve
empirical investigation, Journal of Economic
economic prosperity.
Development, 4, 49-53. 27
K.U.C.J
Dr. Sami, Dr. Ahmed and Dr. Rasha – Measuring and ……
Vol. 5 Issue 1 2020 5th Year
Pages 20-28
Construction ……
[3] Tyler, W. (1981) Growth and export
Growth: Empirical Evidence from Africa. Economics Letters 37 (3): 243-248.
expansion in developing countries, Journal of Development Economics, 9, 121-130.
[10] Ghartey, E. E. (1993). Causal Relationship
[4] Balassa, B. (1985) Exports, policy choices,
between Exports and Economic Growth:
and economic growth in developing countries
Some Empirical Evidence in Taiwan, Japan
after the 1973 oil shock, Journal of
and the US. Applied Economics 25(9):
Development Economics, 18, 23Ð35.
1145-1152.
[5] Krueger, A. (1990) Asian trade and growth
[11] Jung, W. S., and P. J. Marshall (1985).
lessons, AEA papers and Proceedings, 80,
Exports,
108-112.
Developing
Economic Growth in Asian Developing Cointegration
and
and
Countries.
Causality
in
Journal
of
Development Economics 18 (1): 1 - 12.
[6] Ekanayake, M. E (1999) “Export and
Countries:
Growth
[12] Love, J. (1994). Engines of Growth: The
Error-
Export and Government Sectors. The World
Correction Models” Journal of Economic
Economy 17(2): 203 -218.
Development. Vol 24, No 2,pp 43-56.
[13] Edwards, S. (1993). Openness, Trade
[7] 19-Quddus, A. M and Saeed, I (2005) “An
Liberalization, and Growth in Developing
analysis of Export and Growth in Pakistan”
Coun- tries. Journal of Economic Literature
The Pakistan Development Review.Vol 44
31 (3): 1358-1393.
No 4 pp 921-937.
[14] Dutt, S. D., and D. Ghosh (1994). An
[8] Greenaway, D., and D. Sapsford (1994a).
Empirical Investigation of the Export
What Does Liberalisation Do for Exports
Growth- Economic Growth Relationship.
and Growth? Weltwirtschaftliches Archiv
Applied Economics Letters 1 (3): 44-48.
130 (1): 152-174.
[15] Afxentiou, P. C., and A. Serletis (1991 a).
[9] Ahmad, J., and A. C. C. Kwan (1991).
Exports and GNP Causality in the Industrial
Causality between Exports and Economic
Countries: 1950-1985. Kyklos 44(2): 167179.
28