• 5G Networks Security: Attack Detection Using the J48 and the Random Forest Tree Classifiers

      Kholidy, Hisham A.; Steele II, Bruce; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020)
      5G is the next generation of cellular networks succeeding and improving upon the last generation of 4G Long Term Evolution (LTE) networks. With the introduction of 5G comes significant improvements over the previous generation with the ability to support new and emerging technologies in addition to the growth in the number of devices. The purpose of this report is to give a broad overview of what 5G encompasses including the architecture, underlying technology, advanced features, use cases/applications, and security, and to evaluate the security of this new networks using existing machine learning classification techniques such as The J48 Tree Classifier and the Random Forest tree classifier. The evaluation is based on the UNSW-NB15 dataset that was created at the Cyber Range Lab of the Australian Centre for Cyber Security (ACCS) at the University of New South Wales. Since 5G datasets have yet to have been created, there is no publicly available dataset for the 5G systems. However, While the UNSW-NB15 dataset is built using a standard wireless computer network, we will use it to simulate the device-to-device (D2D) connections that 5G will support. In the case with the UNSW dataset, the J48 tree classifier fits more accurately than the Random Forest classifier. The J48 tree classifier achieved an 86.422% of correctly classified instances. On the other hand, the Random Forest tree classifier achieved 85.8451% of correctly classified instances.
    • An Analysis of a Signature-based Approach for an Intrusion Detection System in a Wireless Body Area Network (WBAN) using Data Mining Techniques

      Kholidy, Hisham A.; Medina, Serene Elisabeth; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020)
      Wireless Body Area Networks (WBANs) use biosensors worn on, or in the human body, which collect and monitor a patient’s medical condition. WBANs have become increasingly more beneficial in the medical field by lowering healthcare cost and providing more useful information that medical professionals can use for a more accurate, and faster diagnosis. Due to the fact that the data collected from a WBAN is transmitted over a wireless network, there are several security concerns involved. This research looks at the various attacks, and concerns involved with WBANs. A real physiological dataset, consisting of ECG signals obtained from a 25-year-old male, was used in this research to test accuracy of various decision tree classifiers. The Weka software was used to analysis the accuracy and detection rate results of this dataset in its original form, versus a reduced dataset consisting of less, more important attributes. The results concluded that the use of decision tree classifiers using data mining, is an efficient way to test the increased accuracy on a real dataset obtained from a WBAN once it has been altered. The original dataset produced results where the ROC curve ranged from 0.313 (31%) to 0.68 (68%), meaning their accuracy is not very high and the detection rate is low. Once an attribute selection feature was used on the dataset, the newly reduced set showed ROC curves ranging from 0.68 (68%) to 0.969 (97%) amongst the three classes. As a result, decision tree models were much more accurate with a higher detection rate when used on a real dataset that was reduced to function better as a detector for a WBAN.
    • Cyber Security Advantages of Optical Communications in SATCOM Networks

      Kholidy, Hisham A.; Baker, Cameron; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020-12)
      Space-based communications, whether it is ground-to-space or inter-satellite communications, have so far been primarily within the RF spectrum. With the increase in space missions and the need for larger amounts of data being sent to and from satellites, the near infrared or optical spectrum has started to become more widely used instead of RF. Higher bandwidth is not the only advantage of using optics for communications over RF, there is also an inherent security advantage as well. Currently, there is far too little enforcement of security standards for space communications networks, and the use of RF only worsens the problem due to its very large beam spread when compared to optics. This paper will seek to prove that optics is a far more superior technology to be used for space communications networks from a security standpoint as well as providing an increase in available bandwidth. These points will be proven by first introducing the technology by examining current Free Space Optics (FSO) systems and space optics systems being provided by manufacturers. Secondly, this paper will discuss the current state of space communications security, and issues space communications networks are facing using RF with the recent advancement into low-cost SmallSat operations that threaten existing space vehicles, and the lack of standard security practices within these networks. Lastly, this paper will provide evidence into why optics communications can improve the security of spaced based communications due to its lower beam spread and the ability to incorporate quantum key distribution into the communications channel.
    • An Empirical Wi-Fi Intrusion Detection System

      Kholidy, Hisham A.; Basnet, Diwash Bikram; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020-05)
      Today, the wireless network devices are growing rapidly, and it is of utmost importance for securing those devices. Attackers or hackers use new methods and techniques to trick the system and steal the most important data. Intrusion Detection Systems detect the attacks by inspecting the network traffics or logs. The work demonstrated the effectiveness of detecting the attacks using machine learning techniques on the AWID dataset, which is produced from real wireless network logging. The author of the AWID dataset may have used several supervised learning models to successfully detect the intrusions. In this paper, we propose a newer approach for intrusion detection model based on dense neural networks, and long short-term memory networks (LSTM) and evaluate the model against the AWID-CLS-R subset. To get the best results from the model, we applied feature selection by replacing the unknown data with the value of “none”, getting rid of all repeated values, and kept only the important features. We did preprocess and feature scaling of both training and testing dataset, additional we also change the 2-dimensional to the 3- dimensional array because LSTM takes an input of 3-dimensional array, and later we used flatten layers to change into a 2-dimensional array for output. A comprehensive evaluation of DNN and LSTM networks are used to classify and predict the attacks and compute the precision, recall, and F1 score. We perform binary classification and multiclass classification on the dataset using neural networks and achieve accuracy ranging from 86.70 % to 96.01%.
    • Evaluating Variant Deep Learning and Machine Learning Approaches for the Detection of Cyberattacks on the Next Generation 5G Systems

      Kholidy, Hisham A.; Borgesen, Michael E.; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020)
      5G technology promises to completely transform telecommunication networks, introducing a wealth of benefits such as faster download speeds, lower download times, low latency, high network capacity. These benefits will pave the way for additional new capabilities and support connectivity for applications like smart homes and cities, industrial automation, autonomous vehicles, telemedicine, and virtual/augmented reality. However, attackers use these resources in their advantages to speed up the attacking process. This report evaluates four different machine learning and deep learning approaches namely the Naïve Bayes model, the logistic regression model, the decision tree model, and the random forest model. The performance evaluation and the validation of these approaches are discussed in details in this report.
    • ?Generic Datasets, Beamforming Vectors Prediction of 5G Celleular Networks

      Kholidy, Hisham A.; Singh, Manjit; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020)
      The early stages of 5G evolution revolves around delivering higher data speeds, latency improvements and the functional redesign of mobile networks to enable greater agility, efficiency and openness. The millimeter-wave (mmWave) massive multiple-input-multiple-output (massive MIMO) system is one of the dominant technology that consistently features in the list of the 5G enablers and opens up new frontiers of services and applications for next-generation 5G cellular networks. The mmWave massive MIMO technology shows potentials to significantly raise user throughput, enhances spectral and energy efficiencies and increases the capacity of mobile networks using the joint capabilities of the huge available bandwidth in the mmWave frequency bands and high multiplexing gains achievable with massive antenna arrays. In this report, we present the preliminary outcomes of research on mmWave massive MIMO (as research on this subject is still in the exploratory phase) and study two papers related to the Millimeter Wave (mmwave) and massive MIMO for next-gen 5G wireless systems. We focus on how a generic dataset uses accurate real-world measurements using ray tracing data and how machine learning/Deep learning can find correlations for better beam prediction vectors through this ray tracing data. We also study a generated deep learning model to be trained using TensorFlow and Google Collaboratory.
    • A Wireless Intrusion Detection for the Next Generation (5G) Networks

      Kholidy, Hisham A.; Ferrucci, Richard; Kholidy, Hisham A.; Advisor (SUNY Polytechnic Institute, 2020-05)
      5G data systems are closed to delivery to the public. The question remains how security will impact the release of this cutting edge architecture. 5G data systems will be sending massive amounts of personal data due to the fact that everybody in the world is using mobile phones these days. With everyone using a 5G device, this architecture will have a huge surface area for attackers to compromise. Using machine learning techniques previously applied to 802.11 networks. We will show that improving upon these previous works, we can have a better handle on security when it comes to 5G architecture security. We find that using a machine learning classifier known as LogIT boost, combined with a selected combination of feature selection, we can provide optimal results in identifying three different classes of traffic referred to as normal, flooding, and injection traffic. We drastically decrease the time taken to perform this classification while improving the results. We simulate the Device2Device (D2D) connections involved in the 5G systems using the AWID dataset. The evaluation and validation of the classification approach are discussed in details in this thesis.