http://uoajournal.com/index.php/tk/issue/feed Tech-Knowledge 2021-01-31T10:01:40+01:00 Dr. Mohamed Khalid AlOmar mohd.alomar@uoa.edu.iq Open Journal Systems <p>Tech-Knowledge Journal is a peer-reviewed journal published by AlMaarif University College (AUC), Ramadi, Iraq. It was found and published the first issue in January 2021. </p> <p>The journal receives original scientific research articles in all applied sciences. This comes in consistence with the academic specializations circulated at AlMaarif University College (AUC) such as Computer and Electronics Engineering, Civil Engineering, Nursing, Pharmacy, Dental, Medical Laboratory. </p> <p>The journal is multi-disciplinary, open access, peer-reviewed, and bi-annual aims to publish original research with an active contribution to the scientific and academic society. The journal mutually adopts Arabic and English languages to publish research and is careful to use scientific terminology in both languages while adhering to a clear and balanced writing style.</p> <p>The Journal has an editorial board comprising specialists in various sciences and knowledge at a considerable level and from different countries of the world. </p> <p>The journal publication policy is diamond open access (Free of Charge). </p> http://uoajournal.com/index.php/tk/article/view/312 Anomaly Intrusion Detection Based on Recurrent Neural Networks 2020-10-18T22:46:25+02:00 Bilal Mohammed bilalmohammed732@gmail.com Ekhlas K. Gbashi cs.19.65@grad.uotechnology.edu.iq <p>Security is the main issue within computer networks. Intrusion Detection Systems (IDS) are major ways to guarantee information security and to identify attacks before causing any harm. As a reasonable supplement of the firewall, intrusion detection technology can assist the system to deal with attacks and intrusions. There are numerous problems with the existing intrusion detection systems (IDSs) like the inability to detect unknown attacks and too many false positive rates. So, this work was suggested to implement IDS based on Recursive Feature Elimination (RFE) methodology to select features and to use Recurrent Neural Networks (RNN) for classification. RNN was used in the classifications for ten classes such as Fuzzers, DoS, Backdoors, Exploits, Analysis, Generic, Reconnaissance, Shellcode, Worms and Normal. The proposed work has achieved a high accuracy of 98%. </p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge http://uoajournal.com/index.php/tk/article/view/323 Fraud Classification and Detection Model Using Different Machine Learning Algorithm 2020-10-17T23:04:42+02:00 Noor Khalid Hussein noorhussein02020@gmail.com Ayad Rodhan Abbas ayad.r.abbas@uotechnology.edu.iq Bashar Saadoon Mahdi 110043@uotechnology.edu.iq <p>Recently, fraud technologies have become more advanced and easier to fraud. Therefore, different machine learning techniques have been applied and developed to recognize fraudulent credit card transactions. The main problem to fail any detection techniques on any fraud operation is the accuracy of results. This paper discusses how to improve fraud detection performance using machine learning algorithms by choosing the most appropriate algorithm for inclusion in fraud detection systems. It also provides a comprehensive study of Taiwan's customer database and how classifiers interact with it by applying 30 different classification algorithms. Moreover, using the WEKA tool for applying machine learning algorithms with the voting method to choose the right classification. The experimental results reveal that using the LMT algorithm will be the best one where achieved 82.0867 % accuracy.</p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge http://uoajournal.com/index.php/tk/article/view/339 Improving Intrusion Detection System Based On Long Short-Term Memory and Principal Component Analysis 2020-11-21T19:58:36+01:00 Bilal Mohammed bilalmohammed732@gmail.com Ekhlas K. Gbashi cs.19.65@grad.uotechnology.edu.iq <p>Intrusion detection system is responsible for monitoring the systems and detect attacks, whether on (host or on a network) and identifying attacks that could come to the system and cause damage to them, that’s mean an IDS prevents unauthorized access to systems by giving an alert to the administrator before causing any serious harm. As a reasonable supplement of the firewall, intrusion detection technology can assist systems to deal with offensive, the Intrusions Detection Systems (IDSs) suffers from high false positive which leads to highly bad accuracy rate. So, this work is suggested to implement (IDS) by using a Principal component analysis to select features and Long short-term memory for classification, the suggested model gives good results with accuracy rate reaching 81% was used in the classifications for the five classes (Normal, Dos, Probe, R2L, U2R). The system was implemented by using (NSL-KDD) dataset, which was very efficient for offline analyses systems for IDS.</p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge http://uoajournal.com/index.php/tk/article/view/360 A Survey On Fraud Detection Techniques in E-Commerce 2021-01-08T21:02:29+01:00 Suha M. Najem cs.14.96@grad.uotechnology.edu.iq Suhad M. Kadeem 110102@uotechnology.edu.iq <p>Electronic commerce or e-commerce is a business model that lets companies and persons over the internet buy and sell anything. Recently, in the age of the Internet and forwarding to E-commerce, lots of data are stored and transferred from one location to another. Data that transferred can be exposed to danger by fraudsters. There is a massive increase in fraud which is leading to the loss of many billions of dollars worldwide every year. There are various modern ways of detecting fraud that is regularly proposed and applied to several business fields. The main task of Fraud detection is to observe the actions of tons of users to detect unwanted behavior. To detect these various kinds, data mining methods &amp; machine learning to have been proposed and implemented to lessen down the attacks. A long time ago, many methods are utilized for fraud detection system such as Support Vector Machine (SVM), K-nearest Neighbor (KNN), neural networks (NN), Fuzzy Logic, Decision Trees, and many more. All these techniques have yielded decent results but still needing to improve the accuracy even further, by developing the techniques themselves or by using a hybrid learning approach for detecting frauds. In this paper, a review to describe the latest studies on fraud detection in e-commerce between (2018-2020), and a general analysis of the results- achieved and upcoming challenges for further researches. This will be useful for giving us complete visualization about how can we present the most suitable, most accurate methods for fraud detection in e-commerce transactions.</p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge http://uoajournal.com/index.php/tk/article/view/325 Insider Attacker Detection Based On Body Language and Technical Behavior Using Light Gradient Boosting Machine (LightGBM) 2020-10-19T11:42:11+02:00 Mohammed A. Mohammed mabdallazez4@gmail.com Suhad M. Kadhem 110102@uotechnology.edu.iq Maisa'a A. Ali 110044@uotechnology.edu.iq <p>One of most important challenges in cyber security is detecting the insider attacker, where organizations security suffers from the insider attacker, which is an employee (person) with an authorized access to resources and data of an organization then used the access to harm the organization. The insiders are categorizing as active insiders (masquerade and cause physical damage) or passive insider (provide only information). The previous security systems focus on the technical anomaly of an employee to discover the active insider attacker and cannot discover it, if there is not technical anomaly (passive attacker). This paper propose approach to obtain early indicator to passive insider attacker before doing the crime, where body language-based approach used to give earlier alarm of insider attacker. By using three of negative body language gestures (Cross Arms, Clasped Hands, Covering the Mouth) which referred to feeling of insecure, ready for an attack, doubt and a lack of self-confidence, these feelings are the closest to the feelings of the internal attacker. These gestures obtained by use skeleton features from video stream provided by Orbbec Astra Pro camera after passed to rule based classifier to recognize each one of the three body language gestures. Then determined the degree of trust based on the duration of the gesture and the number of occurrences of the same gesture or different gestures and depending on the degree of trust, the organization is alerted to the questionable employees. The test performs on ten of employees, four insider attackers were planted among them, and the results show 70% accuracy of detects the insiders, this approach will detect insider attacker before started his malicious work. Also this paper solves the active attacker, where in reality, the number of malicious events is very small in relation to the number of normal events of the employee, so it was necessary to use a method that accurately characterized this number of harmful behaviors. Several previous studies used complex methods such as deep learning to solve this problem. In this thesis, we used a simpler and faster solution that gave accurate results, where an intelligent approach for detecting insider attacker using Light Gradient Boosting Machine (LightGBM) applied, the cert r4.2 data set used to build and evaluate the model. The results showed the model’s ability to distinguish malicious events from data set in its original unbalanced state with accuracy 99.47%.</p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge http://uoajournal.com/index.php/tk/article/view/324 Insider Attacker Detection Using Light Gradient Boosting Machine 2020-10-19T09:31:28+02:00 Mohammed A. Mohammed mabdallazez4@gmail.com Suhad M. Kadhem 110102@uotechnology.edu.iq Maisa'a A. Ali 110044@uotechnology.edu.iq <p>Organizations security suffer from the insider attacker, which is an employee (person) with an authorized access to resources and data of an organization then used the access to harm the organization. In reality, the number of malicious events is very small in relation to the number of normal events of the employee, so it was necessary to use a method that accurately characterized this number of harmful behaviors. Several previous studies used complex methods such as deep learning to solve this problem. In this paper, we used a simpler and faster solution that gave accurate results, where an intelligent approach for detecting insider attacker using Light Gradient Boosting Machine (LightGBM) applied, the cert r4.2 data set used to build and evaluate the model. The results showed the model’s ability to distinguish malicious events from data set in its original unbalanced state with accuracy 99.47%.</p> 2021-01-31T00:00:00+01:00 Copyright (c) 2021 Tech-Knowledge