BU CS Thesis Omar Edited 2023 2.en - Ar

‫ﻣﺘﺮﺟﻢ ﻣﻦ ﺍﻹﻧﺠﻠﻴﺰﻳﺔ ﺇﻟﻰ ﺍﻟﻌﺮﺑﻴﺔ ‪www.onlinedoctranslator.
com -‬‬
‫ﺍﻟﻤﻤﻠﻜﺔﺍﻟﻌﺮﺑﻴﺔ ﺍﻟﺴﻌﻮﺩﻳﺔ‬
‫ﻭﺯﺍﺭﺓﺍﻟﺘﻌﻠﻴﻢ‬
‫ﺟﺎﻣﻌﺔﺍﻟﺒﺎﺣﺔ‬
‫ﻛﻠﻴﺔﻋﻠﻮﻡ ﺍﻟﺤﺎﺳﻮﺏ ﻭﺗﻘﻨﻴﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻗﺴﻢ ﻋﻠﻮﻡ ﻭﻫﻨﺪﺳﺔ‬
‫ﺍﻟﺤﺎﺳﻮﺏ‬
‫ﻣﻨﻬﺠﻴﺔﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﺘﻨﺒﺆ‬

‫ﻫﺠﻤﺎﺕﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺑﻮﺍﺳﻄﺔ‬
‫ﻋﻤﺮﻋﺰﻳﺐ ﺍﻟﺨﺪﻳﺪﻱ‬
‫ﻣﺴﺘﺸﺎﺭ‬
‫ﺍﺳﻢﺍﻟﻤﺸﺮﻑ‬
‫ﺩ‪.‬ﻣﻌﺎﺫﻣﺤﻤﻮﺩ ﺣﺴﻦ‬
‫ﺍﺳﻢﺍﻟﻤﺸﺮﻑ‬
‫ﺩ‪.‬ﺃﻧﺲﺍﻟﻐﺎﻣﺪﻱ‬
‫ﺭﺳﺎﻟﺔﻣﻘﺪﻣﺔ ﻟﻤﺘﻄﻠﺒﺎﺕ ﺩﺭﺟﺔ ﺍﻟﻤﺎﺟﺴﺘﻴﺮ ﻓﻲ‬

‫ﺍﻟﻌﻠﻮﻡﻓﻲ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫‪3‬ﺑﺤﺚ ﻭﺗﻄﻮﻳﺮﻧﺼﻒ ﺍﻟﺴﻨﺔ‬
‫ﻟﻠﻌﺎﻡﺍﻟﺠﺎﻣﻌﻲ ‪1444/2023‬ﻡ‬
‫ﺍﻟﻤﻤﻠﻜﺔﺍﻟﻌﺮﺑﻴﺔ ﺍﻟﺴﻌﻮﺩﻳﺔ‬
‫ﻭﺯﺍﺭﺓﺍﻟﺘﻌﻠﻴﻢ‬
‫ﺟﺎﻣﻌﺔﺍﻟﺒﺎﺣﺔ‬
‫ﻋﻤﺎﺩﺓﺍﻟﺪﺭﺍﺳﺎﺕ ﺍﻟﻌﻠﻴﺎ‬
‫ﺍﻟﻠﺠﻨﺔﻝ‬
‫ﻋﻤﺮﻋﺰﻳﺐ ﺍﻟﺨﺪﻳﺪﻱ‬ ‫ﺃﺳﻢﺍﻟﻄﺎﻟﺐ‬

‫‪443040465‬‬ ‫ﻫﻮﻳﺔﺍﻟﻄﺎﻟﺐ‬
‫ﻛﻠﻴﺔﻋﻠﻮﻡ ﺍﻟﺤﺎﺳﺐ ﻭﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬
‫ﻛﻠﻴﺔ‬
‫ﺗﻜﻨﻮﻟﻮﺟﻴﺎ‬
‫ﻗﺴﻢﻋﻠﻮﻡ ﻭﻫﻨﺪﺳﺔ ﺍﻟﺤﺎﺳﻮﺏ‬ ‫ﻗﺴﻢ‬
‫‪443040465‬‬ ‫ﺳﻨﺔ‬ ‫ﻳﺘﻘﻦ‬ ‫ﺩﺭﺟﺔ‬
‫ﻭﺍﻟﺘﻲﺗﻢ ﺗﺸﻜﻴﻠﻬﺎ ﺑﺎﻟﻘﺮﺍﺭ ﺭﻗﻢ ‪ xx‬ﻟﺸﻬﺮ ﺩ ﺩ‪ ،2023 ،‬ﺗﺸﻬﺪ ﺃﻥ ﻫﺬﺍ ﻫﻮ‬

‫ﻧﺴﺨﺔﻣﻌﺘﻤﺪﺓ ﻣﻦ ﺍﻷﻃﺮﻭﺣﺔ ﺍﻟﺘﺎﻟﻴﺔ‪ ،‬ﻭﻣﻘﺒﻮﻟﺔ ﺟﻮﺩﺓ ﻭﺷﻜﻼً‬
‫ﺍﻟﻨﺸﺮ‪:‬‬
‫ﻋﻨﻮﺍﻥﻃﻮﻳﻞ ﻷﻃﺮﻭﺣﺔ ﺑﺤﺜﻴﺔ ﻳﺴﺘﻐﺮﻕ ﺳﻄﺮﻳﻦ ﻣﻦ ﺍﻟﻨﺺ ]ﺇﻧﺠﻠﻴﺰﻱ[‬
‫ﺃﻋﻀﺎءﻟﺠﻨﺔ ﺍﻷﻃﺮﻭﺣﺔ‪:‬‬
‫]ﺇﻣﻀﺎء[‬ ‫]ﺗﺎﺭﻳﺦ[‬ ‫]ﺍﺳﻢ[‬ ‫ﻣﺸﺮﻑﺍﻟﻠﺠﻨﺔ‬

‫ﺍﻟﻠﺠﻨﺔﺍﻟﻤﺸﺘﺮﻛﺔ‬
‫]ﺇﻣﻀﺎء[‬ ‫]ﺗﺎﺭﻳﺦ[‬ ‫]ﺍﺳﻢ[‬
‫ﻣﺸﺮﻑ)ﺇﺫﺍ ﻛﺎﻥ ﻗﺎﺑﻼ ﻟﻠﺘﻄﺒﻴﻖ(‬
‫ﺍﻟﻠﺠﻨﺔﺃﻭﻻ‬
‫ﻋﻀﻮ‬
‫ﺍﻟﻠﺠﻨﺔﺍﻟﺜﺎﻧﻴﺔ‬
‫ﻋﻀﻮ‬
‫ﺭﺋﻴﺲﺍﻟﻘﺴﻢ‬
‫ﻣﻮﺍﻓﻘﺔ‬
‫ﺟﺎﻣﻌﺔﺍﻟﺒﺎﺣﺔ‪2023 ،‬‬
‫‪1‬‬
‫● ﺗﺼﺮﻳﺢ‬
‫ﺃﻋﻠﻦﺭﺳﻤﻴﺎ ًﺃﻧﺎ ﻋﻤﺮ ﻋﺎﺯﺏ ﺍﻟﺨﻀﻴﺪﻱ ﺃﻥ ﺍﻟﻌﻤﻞ ﺍﻟﻤﻘﺪﻡ ﻓﻲ ﻫﺬﻩ ﺍﻷﻃﺮﻭﺣﺔ ﻫﻮ‬
‫ﻧﺘﻴﺠﺔﻟﺠﻬﻮﺩﻱ ﺍﻟﻤﺴﺘﻘﻠﺔ ﻭﻟﻢ ﻳﺘﻢ ﺗﻘﺪﻳﻤﻬﺎ ﻷﻱ ﺩﺭﺟﺔ ﺃﺧﺮﻯ‬
‫ﺃﻭﺍﻟﻤﺆﻫﻞ ﺍﻟﻤﻬﻨﻲ‪.‬‬
‫ﻭﻗﻌﺖ‪:‬‬
‫ﺗﺎﺭﻳﺦ‪:‬‬
‫‪2‬‬
3
‫● ﺷﻜﺮﻭﺗﻘﺪﻳﺮ‬
‫ﺑﺴﻢﺍﻟﻠﻪ ﺍﻟﺮﺣﻤﻦ ﺍﻟﺮﺣﻴﻢ‬
‫ﺃﻭﺩﺃﻥ ﺃﻋﺮﺏ ﻋﻦ ﺧﺎﻟﺺ ﺍﻣﺘﻨﺎﻧﻲ ﻟﻠﺪﻛﺘﻮﺭ ﻣﻌﺎﺫ ﻣﺤﻤﻮﺩ ﻭﺩ‪.‬‬
‫ﺃﻧﺲﺍﻟﻐﺎﻣﺪﻱ ﻟﺘﻮﺟﻴﻬﺎﺗﻬﻢ ﻭﺧﺒﺮﺍﺗﻬﻢ ﻭﺭﺅﺍﻫﻢ ﺍﻟﻘﻴﻤﺔ‬
‫ﻃﻮﺍﻝﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ‪ .‬ﻭﻛﺎﻥ ﺩﻋﻤﻬﻢ ﻭﺗﺸﺠﻴﻌﻬﻢ‬
‫ﺳﺎﻫﻢﻓﻲ ﺇﺗﻤﺎﻡ ﻫﺬﺍ ﺍﻟﻌﻤﻞ ﺑﻨﺠﺎﺡ‪.‬‬
‫ﻛﻤﺎﺃﻭﺩ ﺃﻥ ﺃﻋﺮﺏ ﻋﻦ ﺧﺎﻟﺺ ﺗﻘﺪﻳﺮﻱ ﻟﻮﺍﻟﺪﻱ ﻋﺰﻳﺐ ﺻﺎﻟﺢ‬
‫ﺍﻟﺨﻀﻴﺪﻱ‪،‬ﻭﻭﺍﻟﺪﺗﻲ‪ ،‬ﻋﻠﻰ ﺣﺒﻬﻢ ﻭﺩﻋﻤﻬﻢ ﺍﻟﺬﻱ ﻻ ﻳﺘﺰﻋﺰﻉ‬
‫ﺍﻟﻔﻬﻢﻃﻮﺍﻝ ﻫﺬﻩ ﺍﻟﺮﺣﻠﺔ‪ .‬ﺇﻳﻤﺎﻧﻬﻢ ﺑﻲ ﻭﺛﺎﺑﺖ‬
‫ﻛﺎﻥﺍﻟﺘﺸﺠﻴﻊ ﻫﻮ ﺍﻟﻘﻮﺓ ﺍﻟﺪﺍﻓﻌﺔ ﻭﺭﺍء ﻣﺴﻴﺮﺗﻲ ﺍﻷﻛﺎﺩﻳﻤﻴﺔ ﻭﺍﻟﺸﺨﺼﻴﺔ‬
‫ﻧﻤﻮ‪.‬‬
‫ﻋﻼﻭﺓﻋﻠﻰ ﺫﻟﻚ‪ ،‬ﺃﻭﺩ ﺃﻥ ﺃﻧﻮﻩ ﺑﺎﻟﺪﻋﻢ ﻭﺍﻟﻤﺴﺎﻋﺪﺓ ﺍﻟﺘﻲ ﺗﻠﻘﻴﺘﻬﺎ‬
‫ﻣﻦﺃﺻﺪﻗﺎﺋﻲ ﻭﺯﻣﻼﺋﻲ ﻭﺟﻤﻴﻊ ﺍﻟﻤﺸﺎﺭﻛﻴﻦ ﺍﻟﺬﻳﻦ ﺷﺎﺭﻛﻮﺍ ﻋﻦ ﻃﻴﺐ ﺧﺎﻃﺮ‬
‫ﻫﺬﻩﺍﻟﺪﺭﺍﺳﺔ‪ ،‬ﻭﺗﻘﺪﻳﻢ ﻣﺴﺎﻋﺪﺓ ﻗﻴﻤﺔ ﻭﺭﺅﻯ‪.‬‬
‫ﻭﺑﺪﻭﻥﻣﺴﺎﻫﻤﺎﺕ ﻭﺩﻋﻢ ﻫﺆﻻء ﺍﻷﻓﺮﺍﺩ‪ ،‬ﻓﺈﻥ ﻫﺬﺍ ﺍﻟﺒﺤﺚ ﺳﻴﻜﻮﻥ‬
‫ﻟﻢﻳﻜﻦ ﻣﻤﻜﻨﺎ‪ .‬ﺃﻧﺎ ﻣﻤﺘﻦ ﺣﻘﺎً ﻟﻮﺟﻮﺩﻫﻢ ﻓﻲ ﺣﻴﺎﺗﻲ ﻭﻣﻦ ﺃﺟﻠﻬﻢ‬
‫ﺍﻟﺘﺄﺛﻴﺮﺍﻟﻜﺒﻴﺮ؛ ﻟﻘﺪ ﻛﺎﻥ ﻟﺪﻳﻬﻢ ﻓﻲ ﺭﺣﻠﺘﻲ ﺍﻷﻛﺎﺩﻳﻤﻴﺔ‪.‬‬
‫ﻋﻤﺮﺍﻟﺨﺪﻳﺪﻱ‬
‫ﻳﻮﻧﻴﻮ‪2023‬‬
‫‪4‬‬
‫● ﺧﻼﺻﺔ‬
‫ﻭﻧﻈﺮﺍًﻟﻼﺭﺗﻔﺎﻉ ﺍﻟﻤﺘﺰﺍﻳﺪ ﻣﺆﺧﺮﺍً ﻓﻲ ﺷﺪﺓ ﻭﺗﻮﺍﺗﺮ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ‪،‬‬
‫ﻭﻗﺪﻃﺮﺡ ﺍﻟﻨﻤﻮ ﺍﻟﺴﺮﻳﻊ ﻓﻲ ﻋﺪﺩ ﻭﺗﻨﻮﻉ ﺍﻷﺷﻴﺎء ﺍﻟﺬﻛﻴﺔ‬
‫ﺗﻬﺪﻳﺪﺍﺕﻛﺒﻴﺮﺓ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻷﻣﻦ ﻫﻮ ﺍﻟﺸﺎﻏﻞ ﺍﻟﺮﺋﻴﺴﻲ‬
‫ﻳﺴﺘﻤﺮﺣﺠﻤﻬﺎ ﻭﺗﻄﺒﻴﻘﺎﺗﻬﺎ ﻓﻲ ﺍﻟﺘﻮﺳﻊ ﺑﺴﺮﻋﺔ‪ .‬ﺍﺗﺼﺎﻻﺕ ﻭﺍﺳﻌﺔ ﺍﻟﻨﻄﺎﻕ‬
‫ﺗﺸﻜﻞﺑﻴﺎﻧﺎﺕ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﺑﻴﻦ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء )‪ (IoT‬ﺃﻫﻤﻴﺔ ﻛﺒﻴﺮﺓ‬
‫ﺗﺤﺪﻱﺣﻤﺎﻳﺔ ﺍﻷﺟﻬﺰﺓ ﻣﻦ ﺍﻟﺘﺪﺧﻼﺕ ﺍﻷﻣﻨﻴﺔ ﺍﻟﻤﺤﺘﻤﻠﺔ‪ .‬ﻋﻼﻭﺓ ﻋﻠﻰ ﺫﻟﻚ‪،‬‬
‫ﺗﺨﻠﻖﺑﻴﺎﻧﺎﺕ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ ﺇﻟﻰ ﺣﺪ ﻛﺒﻴﺮ ﺗﺤﺪﻳﺎً ﺇﺿﺎﻓﻴﺎً‪ .‬ﺻﻨﺎﻋﻲ‬
‫ﺗﻌﺪﺗﻄﺒﻴﻘﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﺍﻟﻤﺴﺘﻨﺪﺓ ﺇﻟﻰ ﺍﻟﺬﻛﺎء )‪ (AI‬ﺃﻛﺜﺮ ﻓﻌﺎﻟﻴﺔ ﻓﻲ‬
‫ﺍﻟﻜﺸﻒﻋﻦ ﺃﺷﻜﺎﻝ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ‪ .‬ﺗﻘﻨﻴﺎﺕ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ‪ ،‬ﻣﺜﻞ ﺍﻵﻟﺔ ﻭ‬
‫ﻳﺘﻢﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ ﻟﺘﺤﺪﻳﺪ ﻭﺗﺨﻔﻴﻒ ﻣﺠﻤﻮﻋﺔ ﻭﺍﺳﻌﺔ ﻣﻦ ﺍﻟﻤﺸﺎﻛﻞ‬
‫ﺍﻟﺘﻬﺪﻳﺪﺍﺕﺍﻷﻣﻨﻴﺔ ﺿﺪ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﻓﻲﻫﺬﻩ ﺍﻷﻃﺮﻭﺣﺔ‪ ،‬ﻗﻤﻨﺎ ﺑﺘﺼﻤﻴﻢ ﻧﻤﻮﺫﺝ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕﻻﺳﺘﺨﺮﺍﺝ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺜﺎﻟﻴﺔ ﺑﺪﻗﺔ ﻋﺎﻟﻴﺔ‪ ،‬ﻭﺍﺧﺘﺒﺎﺭﻫﺎ‬
‫ﺗﻢﺗﻘﻴﻴﻤﻬﺎ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﻟﺤﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻮﺍﻗﻌﻴﺔ‪ .‬ﺍﻟﺘﺠﺮﻳﺒﻴﺔ‬
‫ﻧﺘﺎﺋﺞﺩﺭﺍﺳﺘﻨﺎ ﻟﺘﻘﻴﻴﻢ ﺗﻨﻔﻴﺬ ﻋﺸﺮﺓ ﺁﻻﺕ ﻣﻨﻔﺼﻠﺔ‬
‫ﻭﺗﻨﺎﻗﺶﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﺒﺮﺍﻣﺞ ﺍﻟﻀﺎﺭﺓ‪ .‬ﻭﺗﺸﻤﻞ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﺍﺛﻨﻴﻦ‬
‫ﻣﺼﻨﻔﺎﺕﻓﺮﺩﻳﺔ ﺗﺘﻌﻠﻖ ﺑـ ‪ KNN‬ﻭ‪ ،SVM‬ﻭﺛﻤﺎﻧﻴﺔ ﻣﺼﻨﻔﺎﺕ ﺟﻤﺎﻋﻴﺔ ﻣﺜﻞ‬
‫ﻭﺃﺭﺑﻌﺔﺃﺑﻨﻴﺔ ‪LGBM،‬ﻭ ‪AdaBoost،‬ﻭ ‪Extra Trees،‬ﻭ ‪Random Forest،‬‬
‫‪5‬‬
‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﺜﻞ ‪ LSTM‬ﻭ‪ GRU‬ﻭ‪ .RNN‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻧﺤﻦ‬
‫ﻣﻘﺎﺭﻧﺔﻓﻌﺎﻟﻴﺔ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﻣﻊ ﻭﺑﺪﻭﻥ ‪SMOTE‬‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔﻹﺩﺍﺭﺓ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ‪ .‬ﻣﺼﻨﻔﺎﺕ ‪ CatBoost‬ﻭ‪XGBoost‬‬
‫ﺣﻘﻘﺖﻣﻌﺪﻻﺕ ﺩﻗﺔ ‪ %98.19‬ﻭ‪ %98.50‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﺟﻬﻮﺩ ﺍﻟﺘﺠﺮﺑﺔ‬
‫ﻳﻤﻜﻦﺃﻥ ﻳﺴﺎﻋﺪ ﺍﻟﺨﺒﺮﺍء ﻓﻲ ﺗﺤﺪﻳﺪ ﻋﻤﻠﻴﺎﺕ ﺍﺧﺘﺮﺍﻕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻤﺨﺘﻠﻔﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﺃﻭﺧﻮﺍﺭﺯﻣﻴﺔ ﺑﺪﻳﻠﺔ ﺗﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻭﺍﻟﻌﻤﻴﻖ ‪SMOTE‬‬
‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕ‪.‬‬
‫ﺍﻟﻜﻠﻤﺎﺕﺍﻟﺪﺍﻟﺔ‪:‬ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ ،DoS، DDoS ،‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ ،‬ﺗﻌﻠﻢ ﻋﻤﻴﻖ‪،‬‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫‪6‬‬
‫‪:‬ﺻﻠﺨﺘﺴﻤﻼ‬
‫ءﺍﻳﺸﻼﺍﺗﺮﻧﺘﻨﺈ ﯨﻠﻊ ﻳﻨﺎﺭﺑﻴﺴﻼ ﻧﻤﻸﺍ ﺗﺎﻣﺠﻬﺐ ﺅﺑﻨﺘﻠﻞ ﻗﻴﻤﻌﻼ ﻣﻠﻌﺘﻼ ﺓﻳﺠﻬﻨﻢ‬
‫ﻋﻮﻧﺘﻮﺩﺩﻉ ﻳﻒ ﺓﻋﻴﺮﺳﻼ ﺓﺩﺍﻳﺰﻻ ﻧﺈﻑ ‪ ،‬ﻳﻨﺎﺭﺑﻴﺴﻼ ﺗﺎﻡ ﺟﻬﻼ ﺭﺍﺭﻛﺘﻮ ﺓﺭﻭﻃﺦ ﻳﻒ ﺩﻳﺎﺯﺗﻤﻼ ﻋﺎﻓﺘﺮﻻﻝ ﺍﺭﻇًﻦ‬
‫ﻳﺴﻼﺍﻣﺎﻣﺘﻬﻼﺍ ﻟﻈﻲ ﻧﺎ ﻣﻞءﺍ ﻧﺈﻑ ‪،‬ﻛﻠﺬ ﻋﻤﻮ ‪.‬ﻳﻨﺎﺭﺑﻴﺴﻼ ﻧﺎ ﻣﻞءﺍ ﯨﻠﻊ ﺍﺭﻳًﺒﻚ ﺍﺩﻳًﺪﻫﺖ ﻟﻜﺸﺖ ﻳﻜﺬﻻ ﺓﺯﻫﺠﻼﺍ‬
‫ﺗﺮﻧﺘﻨﻺﺍﻫﻬﺠﺄ ﻧﻴﺐ ﺓﻣﺨﻀﻼ ﺓﻳﻜﺒﻼ ﺗﺎﻧﻴﺒﻼ ﻗﻔﺪﺕ ﻟﻜﺸﻲ ‪.‬ﺓﻋﺮﺳﺐ ﻫﺎﻗﻴﺒﻄﺘﻮ ﻫﻘﺎﻃﻦ ﻳﻒ ﻋﺴﻮﺗﻼ ﺭﻣﺘﺴﻲ ﺛﻴﺢ‬
‫ﻟﻜﺸﺖ ‪،‬ﻛﻠﺬﯨﻠﻊ ﺓﻭﻻﻉ ‪.‬ﺓﻟﻤﺘﺤﻤﻼ ﺓﻳﻦ ﻣﻞءﺍ ﺗﺎﻗﺎﺭﺗﺨﻼﺍ ﻧﻢ ﺓﺯﻫﺠﻸﺍ ﺓﻳﺎﻣﺤﻞ ﺍﺭﻳًﺒﻚ ﺍﻳﺪًﺣﺖ )‪ (IoT‬ءﺍﻳﺸﻸﺍ ﻧﻢ‬
‫ﻳﻨﺎﺭﺑﻴﺴﻼﻧﺎ ﻣﻞءﺍ ﺗﺎﻗﻴﺖ ﻣﺪﺧﺘﺴﺖ ُ‪.‬ﺍﻳﻔًﺎﺿﺈ ﺍﻳﺪًﺣﺖ ﺭﻳﺒﻚ ﻟﻜﺸﺐ ﺓﻧﺰﺍﻭﺗﻤﻼ ﺭﻳﻎ ﺓﻳﻜﺒﺸﻼ ﺭﻭﺭﻣﻼ ﺓﻛﺮﺡ ﺗﺎﻧﻴﺐ‬
‫‪.‬ﺓﻳﻨﺎﺭﺑﻴﺴﻼ ﺗﺎﻣﺠﻬﻼ ﻧﻢ ﻓﻠﺘﺨﻢ ﻻﻛﺸﺄ ﻓﺎﺷﺘﻜﺎ ﻳﻒ ﺭﺑﻚ ﺓﻳﻼﻋﻔﺐ )‪ (AI‬ﻳﻌﺎﻧﻄﺼﻼ ءﺍﻛﺬﻻ ﯨﻠﻊ ﺓﻣﺌﺎﻗﻼ‬
‫ﺣﻤﺎﻣﺠﻢﻫﺠﺎﻭﻣﻮ ﻓﺸﺘﻜﻼ ﻋﺴﺎﻭ ﻟﻜﺸﺐ ﻗﻴﻤﻌﻼ ﻣﻠﻌﺘﻼﻭ ﻳﻠﻶﺍ ﻣﻠﻌﺘﻼ ﻟﺜﻢ ﻳﻌﺎﻧﻄﺼﻼﺍ ءﺍﻛﺬﻻ ﺗﻴﻨﻘﺖ ﻣﺪﺧﺘﺴﺖُ‬
‫ﺗﺎﻛﺒﺶﺩﺱ ﺓﻳﻦ ﻣﻞءﺍ ﺗﺎﺩﻳﻬﺘﻼ ﻧﻢ ﺓﻋﺴﺎﻭ‪IoT.‬‬
‫ﺗﺎﺯﻳﻢﺟﺎﺭﺧﺘﺴﻼ ﻗﻴﻤﻌﻼ ﻣﻠﻌﺘﻼﻭ ﻳﻠﻶﺍ ﻣﻠﻌﺘﻼ ﺗﺎﻳﻤﺰﺭﺍﻭﺥ ﯨﻺ ﺩﻧﺘﺴﻲ ﺟﺬﻭﻣﻦ ﻣﻴﻤﺼﺘﺐ ﺍﻧﻤﻖ ‪،‬ﺓﺣﻮﺭﻃﻼ ﻫﺬﻩ ﻳﻔﻲ‬
‫ﺓﺯﻫﺠﻸﺓﻳﻘﺎﻭﻻ ﺓﻛﺒﻼ ﺭﻭﺭﻡ ﺓﻛﺮﺡ ﺗﺎﻧﻴﺐ ﺓ ﺩﻭﻓﺠﻢ ﻣﺎﺩﺧﺘﺴﺎﺏ ﻫﻤﻴﻴﻘﺘﺐ ﺍﻧﻤﻘﻮ ﻫﺎﻧﺮﺑﺘﺨﺎﻭ ‪،‬ﻳﻴﻼﻉ ﺓﻗﺪﺏ ﻳﻠﺜﻢ‬
‫ﻓﺎﺷﺘﻜﺎﻳﻒ ﻳﻠﻶﺍ ﻣﻠﻌﺘﻠﻞ ﻟﺼﻔﻨﻢ ﺟﺬﺍﻣﻦ ﺓﺭﺷﻊ ءﺍﺩﻯ ﻣﻴﻲ ﻗﺘﻞ ﺍﻧﺘﺴﺎﺭﺩ ﻳﻒ ﺑﺮﺍﺟﺘﻼ ﺟﺌﺎﺗﻦ ﻫﺸﻘﺎﻧﻢ ﻣﺘﻲ ‪BoT IoT.‬‬
‫ﺓﻳﻔﻴﻦﺗﻨﺼﺖ ﺟﺬﺍﻣﻦ ﺓﻳﻨﺎﻣﺜﻮ ‪ SVMo KNN،‬ﺻﻮﺻﺨﺐ ﻧﻴﺪﺭﻑ ﻧﻴﻄﻤﻦ ﺟﺬﺍﻣﻨﻼ ﻫﺬﻩ ﻟﻤﺸﺖ ‪.‬ﺓﺭﺍﺿﻲ ﺟﻤﺎﺭﺏ‬
‫ﺗﺎﻳﻤﺰﺭﺍﻭﺧﻞﻟﻜﺎﻳﻪ ﺓﻋﺒﺮﺃﻭ ‪LGBM،‬ﻭ ‪AdaBoosto Extra Trees‬ﻭ ‪ Random Forest‬ﻟﺜﻢ ﺓﻋﻤﺠﻢ‬
‫ﻧﻮﺩﺑﻮﻋﻢ ﺟﺬﺍﻣﻨﻼ ﻫﺬﻩ ﺓﻳﻼﻋﻒ ﺓﻧﺮﺍﻗﻤﺐ ﺍﻧﻤﻖ ‪،‬ﻛﻠﺬ ﯨﻺ ﺓﻓﺎﺿﻺﺍﺏ ‪RNNO GRU.‬ﻭ ‪ LSTM‬ﻟﺜﻢ ﻗﻴﻤﻌﻼ ﻣﻠﻌﺘﻼ‬
‫ﺗﻼﺩﻋﻢ‪XGBoost‬ﻭ ‪ CatBoost‬ﺗﺎﻓﻴﻦ ﺍﻟﺘﻨﺼﺖ ﺗﻘﻘﺢ ‪.‬ﺓﻧﺰﺍﻭﺗﻤﻼ ﺭﻳﻎ ﺗﺎﻧﺎﻳﺒﻼ ﺓﺭﺍﺩﻝ ‪ SMOTE‬ﺓﻳﻤﺰﺭﺍﻭﺥ‬
‫ﺩﻳﺪﺣﺖﻳﻒ ءﺍﺭﺑﺨﻼ ﺓﺩﻋﺎﺳﻢ ﻳﻒ ﺑﺮﺍﺟﺘﻼ ﺩﻭﻫﺞ ﻣﻬﺎﺳﺖ ﻧﺄ ﻧﻜﻤﻲ ‪.‬ﻳﻼﻭﺗﻼ ﯨﻠﻊ ‪98.50%‬ﻭ ‪ 98.19%‬ﻏﻠﺒﺖ ﻗﺪ ﻗﺪ‬
‫‪7‬‬
‫ﻣﻠﻌﺘﻼﺗﻴﻤﺮﺍﻭﺥ ﯨﻠﻊ ﺩﻣﺘﻌﺖ ﺓﻟﻴﺪﺏ ﺓﻳﻤﺰﺭﺍﻭﺥ ﻭﺃ ‪ SMOTE‬ﻣﺎﺩﺧﺘﺴﺎﺏ ﺓﻓﻠﺘﺨﻤﻼ ‪ IoT‬ﺗﺎﻛﺒﺶ ﺗﺎﻗﺎﺭﺗﺨﺎ‬
‫‪.‬ﻗﻴﻤﻼ ﻣﻠﻌﺘﻼﻭ ﻳﻠﻶﺍ‬
‫‪8‬‬
‫● ﺟﺪﻭﻝﺍﻟﻤﺤﺘﻮﻳﺎﺕ‬
‫ﺗﺼﺮﻳﺢ ‪2........ .................................................. .................................................‬‬ ‫●‬
‫ﺧﻼﺻﺔ ‪5............. .................................................. .................................................‬‬ ‫●‬
‫ﺟﺪﻭﻝﺍﻟﻤﺤﺘﻮﻳﺎﺕ ‪9 .................................................. ...............................................‬‬ ‫●‬
‫ﻗﺎﺋﻤﺔﺍﻷﺷﻜﺎﻝ‪11 ..... .................................................. ...............................................‬‬ ‫●‬
‫ﻗﺎﺋﻤﺔﺟﺪﺍﻭﻝ ‪12 ...... .................................................. ...............................................‬‬ ‫●‬
‫ﻗﺎﺋﻤﺔﺍﻟﻤﺨﺘﺼﺮﺍﺕ ‪13 ................................................ ...........................................‬‬ ‫●‬
‫ﺍﻟﻔﺼﻞ‪ 1‬ﻣﻘﺪﻣﺔ ‪1 .............................................. ..............................................‬‬
‫‪1.1‬ﻧﻈﺮﺓ ﻋﺎﻣﺔ ﻭﺧﻠﻔﻴﺔ ‪1 ........................................... ..............................................‬‬
‫‪1.2‬ﺍﻟﺪﺍﻓﻊ ‪2 ............ .................................................. ..............................................‬‬
‫‪1.3‬ﺑﻴﺎﻥ ﺍﻟﻤﺸﻜﻠﺔ ‪4 .................................................. ..............................................‬‬
‫‪1.4‬ﺃﻫﺪﺍﻑ ﺍﻟﺒﺤﺚ ‪6 ................................................ ...........................................................‬‬
‫‪1.5‬ﻣﺴﺎﻫﻤﺔ ﺍﻷﻃﺮﻭﺣﺔ ﻓﻲ ﺍﻟﻤﺠﺎﻝ ‪ /‬ﺃﻫﻤﻴﺔ ﻭ ‪ /‬ﺃﻭ ﺗﺄﺛﻴﺮ ﺍﻟﺒﺤﺚ ‪7 ...........‬‬
‫‪1.6‬ﻣﺨﻄﻂ ﺍﻷﻃﺮﻭﺣﺔ ‪9........... .................................................. ..............................................‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺜﺎﻧﻲ‪ :‬ﻣﺮﺍﺟﻌﺔ ﺍﻷﺩﺑﻴﺎﺕ‪11 ........................................... ................................................‬‬

‫‪2.1‬ﻣﻘﺪﻣﺔ‪11 ........... .................................................. ................................................‬‬
‫‪2.2‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ‪11 ........................................... ...........................................‬‬
‫‪2.3‬ﺍﻟﻤﻨﺎﻗﺸﺔ ‪18 ........... .................................................. ..............................................‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻟﻤﻨﻬﺠﻴﺔ ‪20 ........................................... ..............................................‬‬

‫‪3.1‬ﻣﻘﺪﻣﺔ‪20......... .................................................. ................................................‬‬
‫‪3.2‬ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺮﺟﻌﻴﺔ‪20 ................................................ ................................................‬‬
‫‪3.3‬ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﻘﺘﺮﺡ ‪25 ............................................... ...........................................‬‬
‫‪3.3.1‬ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ ‪25 ............................................ ...........................................‬‬
‫‪3.3.2‬ﺗﻘﻨﻴﺎﺕ ﺍﻟﻬﻨﺪﺳﺔ ﺍﻟﻤﻤﻴﺰﺓ ‪26 ............................ ...........................................‬‬
‫‪3.3.3‬ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ‪32 ........................................... ...........................................‬‬
‫‪3.3.4‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ‪38........................................... ..............................................‬‬
‫‪3.3.5‬ﻣﻘﺎﻳﻴﺲ ﺍﻟﺘﻘﻴﻴﻢ ‪42 ............................................ ..............................................‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺮﺍﺑﻊ‪ :‬ﺍﻟﻨﺘﺎﺋﺞ ‪44 ... .................................................. ..............................................‬‬
‫‪9‬‬
‫‪4.1‬ﺍﻹﻋﺪﺍﺩﺍﺕ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ ‪44 ................................................ ..............................................‬‬
‫‪4.2‬ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ ‪44 ................................................ ..............................................‬‬
‫‪4.2.1‬ﺍﻟﺘﺠﺎﺭﺏ ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪SMOTE. ................................................ 45‬‬
‫‪4.2.2‬ﺍﻟﺘﺠﺎﺭﺏ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪SMOTE. .................................................. .... 51‬‬
‫‪4.3‬ﻣﻨﺎﻗﺸﺔ ﺍﻟﻨﺘﺎﺋﺞ ‪57 .................................................. ..............................................‬‬
‫‪4.4‬ﻣﻠﺨﺺ‪61 ............ .................................................. ................................................‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺨﺎﻣﺲ‪ :‬ﺍﻟﻤﻘﺎﺭﻧﺔ ‪62 ................................................ ...........................................‬‬

‫‪5.1‬ﺍﻟﻤﻨﺎﻗﺸﺔ ‪62 ........... .................................................. ..............................................‬‬
‫‪5.2‬ﻣﻠﺨﺺ‪65 ............ .................................................. ................................................‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺴﺎﺩﺱ‪ :‬ﺍﻟﺨﺎﺗﻤﺔ ﻭﺍﻟﻌﻤﻞ ﺍﻟﻤﺴﺘﻘﺒﻠﻲ ‪65 ................................ ...........................................‬‬
‫ﻣﺮﺍﺟﻊ ‪67....... .................................................. .................................................‬‬ ‫●‬
‫‪10‬‬
‫● ﻗﺎﺋﻤﺔﺍﻷﺷﻜﺎﻝ‬
‫‪26‬‬ ‫ﺍﻟﺸﻜﻞ‪ 3.1‬ﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﻔﻘﻮﺩﺓ ﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT IoT‬‬
‫‪27‬‬
‫ﺍﻟﺸﻜﻞ‪ 3.2‬ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺑﻴﻦ ﻣﻴﺰﺍﺕ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .BoT IoT‬ﺍﻟﺸﻜﻞ ‪ 3.3‬ﺗﺤﻠﻴﻞ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT.29‬ﺍﻟﺸﻜﻞ ‪ 3.4‬ﺗﻮﺯﻳﻌﺎﺕ ﻓﺌﺔ ﺍﻟﻬﺠﻮﻡ‬
‫‪31‬‬ ‫ﻟﻤﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ‪.BoT IoT‬‬
‫ﺍﻟﺸﻜﻞ‪ 3.5‬ﺗﻮﺯﻳﻌﺎﺕ ﻓﺌﺔ ﺍﻟﻬﺠﻮﻡ ﺑﻌﺪ ﺃﺧﺬ ﻋﻴﻨﺎﺕ ﻣﻦ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ‬
‫‪32‬‬ ‫‪.Smote‬‬
‫‪33‬‬ ‫ﺍﻟﺸﻜﻞ‪ 3.6‬ﻋﻴﻨﺔ ﻣﻦ ﺍﻟﺒﻨﻴﺔ ﺍﻷﺳﺎﺳﻴﺔ ﻟﺸﺒﻜﺎﺕ [‪ .ANN ]36‬ﺍﻟﺸﻜﻞ‬
‫‪35‬‬ ‫‪:3.7‬ﻋﻴﻨﺔ ﻣﻦ ﺑﻨﻴﺔ ﺷﺒﻜﺔ [‪.RNN ]38‬‬
‫‪36‬‬ ‫ﺍﻟﺸﻜﻞ‪ :3.8‬ﺍﻟﺬﺍﻛﺮﺓ ﺍﻟﻄﻮﻳﻠﺔ ﻗﺼﻴﺮﺓ ﺍﻟﻤﺪﻯ )‪ .[40] (LSTM‬ﺍﻟﺸﻜﻞ‬
‫‪38‬‬ ‫‪:3.9‬ﺍﻹﺩﺭﺍﻙ ﺍﻟﺤﺴﻲ ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ )‪.[44] (MLP‬‬
‫ﺍﻟﺸﻜﻞ‪ :4.1‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ‬
‫‪48‬‬ ‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪.SMOTE‬‬
‫ﺍﻟﺸﻜﻞ‪ 4.2‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺩﻭﻥ‬
‫‪49‬‬ ‫ﺍﺳﺘﺨﺪﺍﻡﺧﻮﺍﺭﺯﻣﻴﺔ ‪.SMOTE‬‬
‫ﺍﻟﺸﻜﻞ‪ 4.3‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ‬
‫‪53‬‬ ‫‪.SMOTE‬‬
‫ﺍﻟﺸﻜﻞ‪ 4.4‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫‪54‬‬ ‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪.SMOTE‬‬
‫ﺍﻟﺸﻜﻞ‪ :4.5‬ﻧﺘﺎﺋﺞ ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﻓﻀﻞ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻤﺠﻤﻌﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ Smote‬ﻭﺑﺪﻭﻧﻬﺎ‪.‬‬
‫‪58‬‬
‫ﺍﻟﺸﻜﻞ‪ 4.6‬ﻣﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﻊ ﻭﺑﺪﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.Smote‬‬
‫‪59‬‬
‫ﺍﻟﺸﻜﻞ‪ 4.7‬ﻣﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﻤﺼﻨﻔﺎﺕ ﺍﻟﻔﺮﺩﻳﺔ ﻣﻊ ﻭﺑﺪﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.Smote‬‬
‫‪60‬‬
‫‪11‬‬
‫● ﻗﺎﺋﻤﺔﺟﺪﺍﻭﻝ‬
‫‪17‬‬ ‫ﺍﻟﺠﺪﻭﻝ‪ 1-2‬ﻣﺮﺍﺟﻌﺔ ﻣﻘﺎﺭﻧﺔ ﻷﺣﺪﺙ ﺣﻠﻮﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺟﺪﻭﻝ‪ 1-4‬ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪SMOTE‬‬
‫‪46‬‬ ‫ﻣﻦﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT-IoT‬‬
‫ﺟﺪﻭﻝ‪ 2-4‬ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪SMOTE‬‬
‫‪52‬‬ ‫ﻣﻦﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT-IoT‬‬
‫‪64‬‬ ‫ﺍﻟﺠﺪﻭﻝ‪ :1-5‬ﺗﺤﻠﻴﻞ ﻣﻘﺎﺭﻥ ﻷﺣﺪﺙ ﺣﻠﻮﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫‪12‬‬
‫● ﻗﺎﺋﻤﺔﺍﻻﺧﺘﺼﺎﺭﺍﺕ‬
‫ﺍﻟﺬﻛﺎءﺍﻻﺻﻄﻨﺎﻋﻲ‬ ‫ﻣﻨﻈﻤﺔﺍﻟﻌﻔﻮ ﺍﻟﺪﻭﻟﻴﺔ‬
‫ﺍﻟﻤﻨﻄﻘﺔﺗﺤﺖ ﺍﻟﻤﻨﺤﻨﻰ‬ ‫ﺍﻟﺠﺎﻣﻌﺔﺍﻷﻣﺮﻳﻜﻴﺔ ﺑﺎﻟﻘﺎﻫﺮﺓ‬
‫ﺷﺒﻜﺔﺍﻋﺼﺎﺏ ﺻﻨﺎﻋﻴﺔ‬ ‫ﺁﻥ‬

‫ﻭﺍﺟﻬﺔﺑﺮﻣﺠﺔ ﺗﻄﺒﻴﻖ‬ ‫ﻭﺍﺟﻬﺔﺑﺮﻣﺠﺔ ﺍﻟﺘﻄﺒﻴﻘﺎﺕ‬
‫ﺗﺠﻤﻴﻊ‪Bootstrap‬‬ ‫ﺍﻟﺘﻌﺒﺌﺔ‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﺘﻼﻓﻴﻔﻴﺔ‬ ‫ﺳﻲﺇﻥ ﺇﻥ‬
‫ﻭﺣﺪﺓﻣﻌﺎﻟﺠﺔ ﻣﺮﻛﺰﻳﺔ‬ ‫ﻭﺣﺪﺓﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ‬
‫ﻗﻴﻢﻣﻔﺼﻮﻟﺔ ﺑﻔﻮﺍﺻﻞ‬ ‫‪CSV‬‬

‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫ﺩﻱﺇﻝ‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻌﻤﻴﻘﺔ‬ ‫ﺩﻱﺇﻥ ﺇﻥ‬
‫ﺷﺠﺮﺓﺍﻟﻘﺮﺍﺭ‬ ‫ﺩ‪.‬ﺕ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﺠﻤﺎﻋﻲ‬ ‫ﺇﻝ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻮﺣﺪ‬ ‫‪FDL‬‬
‫ﺳﻠﺒﻲﺧﻄﺄ‬ ‫ﺍﻟﺠﺒﻬﺔﺍﻟﻮﻃﻨﻴﺔ‬
‫ﺇﻳﺠﺎﺑﻴﺔﻛﺎﺫﺑﺔ‬ ‫‪FP‬‬
‫ﻣﻌﺪﻝﺇﻳﺠﺎﺑﻲ ﻛﺎﺫﺏ‬ ‫‪FPR‬‬
‫ﺁﻟﺔﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ‬ ‫ﺟﻲﺑﻲ ﺇﻡ‬
‫ﻭﺣﺪﺓﻣﻌﺎﻟﺠﺔ ﺍﻟﺮﺳﻮﻣﺎﺕ‬ ‫‪GPU‬‬

‫ﻭﺣﺪﺓﻣﺘﻜﺮﺭﺓ ﻣﺴﻮﺭﺓ‬ ‫‪GRU‬‬
‫ﻧﻈﺎﻡﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ‬ ‫ﻣﻌﺮﻓﺎﺕ‬
‫ﻧﻈﺎﻡﻣﻨﻊ ﺍﻻﺧﺘﺮﺍﻕ‬ ‫‪IPS‬‬

‫ﺍﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء‬ ‫ﺇﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء‬
‫ﺟﺎﻓﺎﺳﻜﺮﻳﺒﺖ ﺗﺪﻭﻳﻦ ﻛﺎﺋﻦ‬ ‫‪JSON‬‬

‫ﺃﻗﺮﺏﺍﻟﺠﻴﺮﺍﻥ‪K-‬‬ ‫ﻛﻲﺇﻥ ﺇﻥ‬
‫ﺍﻟﺬﺍﻛﺮﺓﺍﻟﻄﻮﻳﻠﺔ ﻭﻗﺼﻴﺮﺓ ﺍﻟﻤﺪﻯ‬ ‫‪LSTM‬‬

‫ﺍﻟﺘﻌﻠﻢﺍﻻﻟﻲ‬ ‫ﻣﻞ‬
‫ﻣﺘﻌﺪﺩﺍﻟﻄﺒﻘﺎﺕ ﺍﻟﻤﺴﺘﻘﺒﻼﺕ‬ ‫‪MLP‬‬
‫ﺳﺎﺫﺝﺑﺎﻳﺰ‬ ‫ﻣﻠﺤﻮﻇﺔ‪:‬‬
‫ﺗﺤﻠﻴﻞﺍﻟﻤﻜﻮﻧﺎﺕ ﺍﻟﺮﺋﻴﺴﻴﺔ‬ ‫‪PCA‬‬
‫‪13‬‬
‫ﻏﺎﺑﺔﻋﺸﻮﺍﺋﻴﺔ‬ ‫ﺍﻟﺘﺮﺩﺩﺍﺕﺍﻟﻼﺳﻠﻜﻴﺔ‬
‫ﺧﺼﺎﺋﺺﺍﻟﻤﺴﺘﻘﺒﻞ ﺍﻟﺘﺸﻐﻴﻠﻴﺔ‬ ‫ﺟﻤﻬﻮﺭﻳﺔﺍﻟﺼﻴﻦ‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ‬ ‫‪RNN‬‬

‫ﺗﻘﻨﻴﺔﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﺍﻟﻌﻴﻨﺎﺕ ﻟﻸﻗﻠﻴﺎﺕ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ‬ ‫ﺿﺮﺑﺔ‬
‫ﺩﻋﻢﺷﺎﺣﻨﺎﺕ ﺍﻟﻨﻘﻞ‬ ‫‪SVM‬‬
‫ﺻﺤﻴﺢﺳﻠﺒﻲ‬ ‫ﺗﻴﻨﻴﺴﻲ‬
‫ﺍﻹﻳﺠﺎﺑﻴﺔﺍﻟﺤﻘﻴﻘﻴﺔ‬ ‫‪TP‬‬
‫ﻣﻌﺪﻝﺇﻳﺠﺎﺑﻲ ﺣﻘﻴﻘﻲ‬ ‫ﻧﻈﺎﻡﺍﻟﺤﻤﺎﻳﺔ ﺍﻟﻤﺆﻗﺖ‬
‫ﺗﻌﺰﻳﺰﺍﻟﺘﺪﺭﺝ ﺍﻟﻤﺪﻗﻊ‬ ‫‪XGBoost‬‬
‫‪14‬‬
‫ﻣﻘﺪﻣﺔ‬ ‫ﺍﻟﻔﺼﻞ‪:1‬‬
‫‪1.1‬ﻧﻈﺮﺓ ﻋﺎﻣﺔ ﻭﺧﻠﻔﻴﺔ‬
‫ﺇﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء )‪ (IoT‬ﻫﻮ ﺭﺑﻂ ﺍﻟﻌﻨﺎﺻﺮ ﺍﻟﻤﺘﺤﺮﻛﺔ ﻣﺎﺩﻳﺎً‬
‫ﻣﺰﺭﻭﻉﺑﺂﻟﺔ ﺫﻛﻴﺔ ﻭﺍﺳﺘﺸﻌﺎﺭ ﻭﻣﻌﺪﺍﺕ ﺃﺧﺮﻯ‬
‫ﻣﺘﺼﻞﺑﺎﻹﻧﺘﺮﻧﺖ ]‪ .[1‬ﻳﻘﻮﻡ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺮﺑﻂ ﺍﻷﻧﻈﻤﺔ ﻭﺍﻟﺘﻄﺒﻴﻘﺎﺕ ﻭﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺍﻟﺘﺨﺰﻳﻦﻭﺍﻟﺨﺪﻣﺎﺕ‪ ،‬ﻭﺍﻟﺘﻲ ﻗﺪ ﺗﻮﻓﺮ ﻧﻘﻄﺔ ﺩﺧﻮﻝ ﺟﺪﻳﺪﺓ ﻟـ‬
‫ﺍﻟﻬﺠﻤﺎﺕﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻷﻧﻬﺎ ﺗﻘﺪﻡ ﺑﺎﺳﺘﻤﺮﺍﺭ ﺍﻟﺨﺪﻣﺎﺕ ﺩﺍﺧﻞ ﺍﻟﻤﺆﺳﺴﺔ ]‪.[2‬‬
‫ﻋﻼﻭﺓﻋﻠﻰ ﺫﻟﻚ‪ ،‬ﻟﻠﺤﻔﺎﻅ ﻋﻠﻰ ﺃﻣﻦ ﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺸﻜﻞ ﻣﺴﺘﻤﺮ‬
‫ﺍﻟﻤﺮﺍﻗﺒﺔﻭﺍﻟﺘﻘﻴﻴﻢ ﻣﻄﻠﻮﺑﺔ‪ .‬ﺍﻟﺘﻨﺒﺆ ﺑﺄﻧﻮﺍﻉ ﺍﻟﻬﺠﻤﺎﺕ ﻫﻮ‬
‫ﺿﺮﻭﺭﻱﻟﺘﺤﻠﻴﻞ ﺍﻟﺪﻓﺎﻉ ﻭﺗﺘﺒﻊ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ]‪ .[3‬ﻫﺬﺍ‬
‫ﻳﺴﻤﺢﻟﻠﺘﻜﻴﻒ ﻣﻊ ﺍﻟﻈﺮﻭﻑ ﻏﻴﺮ ﺍﻟﻤﺘﻮﻗﻌﺔ‪ ،‬ﻭﺃﺧﺬ‬
‫ﺗﺪﺍﺑﻴﺮﺍﻟﺴﻼﻣﺔ‪ ،‬ﻭﺣﻤﺎﻳﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،‬ﻭﺗﻮﻓﻴﺮ ﺍﻻﺳﺘﻘﺮﺍﺭ‪ ،‬ﻭ‬
‫ﺍﻟﺘﻘﻠﻴﻞﻣﻦ ﺍﻟﻤﺨﺎﻃﺮ ﺍﻟﻤﺨﺘﻠﻔﺔ‪ .‬ﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻨﺒﺆ ﺑﺎﻟﻬﺠﻮﻡ ﺍﻟﺤﺎﻟﻴﺔ ﻫﻲ‬
‫ﻏﻴﺮﻗﺎﺩﺭ ﻋﻠﻰ ﻣﻮﺍﻛﺒﺔ ﺍﻟﻌﺪﺩ ﺍﻟﻬﺎﺋﻞ ﻭﺍﻟﻤﺘﻨﻮﻉ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ؛‬
‫ﻭﻟﺬﻟﻚ‪،‬ﻳﺒﻘﻰ ﻫﺬﺍ ﺗﺤﺪﻳﺎ ﻟﻠﺪﺭﺍﺳﺔ ﺍﻟﻤﺴﺘﻤﺮﺓ‪ .‬ﺑﺴﺒﺐ ﺻﻼﺣﻬﻢ‬
‫ﺍﻷﺩﺍءﻓﻲ ﻣﺠﻤﻮﻋﺔ ﻣﻦ ﺍﻟﻤﺠﺎﻻﺕ ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ ﺍﻟﺘﻨﺒﺆ‪ ،‬ﻭﻗﺪ ﺗﻮﺻﻞ ﺍﻟﺒﺎﺣﺜﻮﻥ‬
‫ﺭﻛﺰﺕﻣﺆﺧﺮﺍً ﻋﻠﻰ ﻣﻨﻬﺠﻴﺎﺕ ﺗﻌﻠﻢ ﺍﻵﻟﺔ‪ ،‬ﻭﺧﺎﺻﺔ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﺘﻘﻨﻴﺎﺕ]‪.[4‬‬
‫ﻓﻲﺳﻴﺎﻕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﻣﺜﻞ ‪ ML‬ﻭ‪DL‬‬
‫ﻗﺪﺗﻮﻓﺮ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﻃﺮﻳﻘﺔ ﻓﻌﺎﻟﺔ ﻟﻼﺳﺘﻔﺎﺩﺓ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻟﻠﺘﻨﺒﺆ‬
‫ﻭﺗﺤﺪﻳﺪﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﻤﺤﺘﻤﻠﺔ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ]‪ .[5‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫‪1‬‬
‫ﺗﺘﺰﺍﻳﺪﺷﻌﺒﻴﺔ ﻫﺬﺍ ﺍﻟﻨﻬﺞ ﻛﺎﺳﺘﺮﺍﺗﻴﺠﻴﺔ ﻟﺘﺤﺪﻳﺪ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ‬
‫ﺑﺴﺮﻋﺔﺃﻛﺒﺮ ﻣﻦ ﺍﻟﻄﺮﻕ ﺍﻟﺴﺎﺑﻘﺔ‪ ،‬ﻣﻤﺎ ﻳﺘﻴﺢ ﺍﻟﻤﺰﻳﺪ ﻣﻦ ﺍﻟﻜﻔﺎءﺓ‬
‫ﺗﺨﻔﻴﻒ‪.‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻫﻮ ﻓﺌﺔ ﻓﺮﻋﻴﺔ ﻣﻦ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﺗﺮﻛﺰ ﻋﻠﻰ‬
‫ﻣﻌﺎﻟﺠﺔﺗﻄﺒﻴﻘﺎﺕ ﺁﻟﺔ ﺍﻟﺤﻮﺳﺒﺔ ﺍﻟﺘﻲ ﻳﻤﻜﻦ ﺍﻟﺘﻌﺮﻑ ﻋﻠﻴﻬﺎ‬
‫ﺃﻧﻤﺎﻁﻣﻌﻘﺪﺓ ﻭﻏﻴﺮ ﺧﻄﻴﺔ ﺛﻢ ﺍﻻﺳﺘﻔﺎﺩﺓ ﻣﻦ ﺗﻠﻚ ﺍﻷﻧﻤﺎﻁ ﻓﻲ ﺇﻧﺸﺎﺋﻬﺎ‬
‫ﺍﻟﺘﻨﺒﺆﺍﺕ]‪ .[6‬ﻓﻲ ﻋﺎﻟﻢ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ ،‬ﺗﻮﺟﺪ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺃﺻﺒﺤﺖﺃﺩﺍﺓ ﺫﺍﺕ ﺷﻌﺒﻴﺔ ﻣﺘﺰﺍﻳﺪﺓ‪ ،‬ﻭﺳﺮﻋﺎﻥ ﻣﺎ ﺃﺻﺒﺤﺖ ﺃﺩﺍﺓ‬
‫ﻋﻨﺼﺮﺃﺳﺎﺳﻲ ﻓﻲ ﺍﺳﺘﺮﺍﺗﻴﺠﻴﺎﺕ ﺍﻟﺪﻓﺎﻉ ﺍﻟﻔﻌﺎﻟﺔ ﺿﺪ ﺍﻟﻀﺎﺭﺓ‬
‫ﺍﻻﻋﺘﺪﺍءﺍﺕ]‪ .[8] ،[7‬ﻳﻤﻜﻦ ﻟﻬﺬﻩ ﺍﻟﺘﻜﻨﻮﻟﻮﺟﻴﺎ ﺍﻛﺘﺸﺎﻑ ﻧﻄﺎﻕ ﻭﺍﺳﻊ ﻭﺍﻟﺮﺩ ﻋﻠﻴﻪ ﻭﻣﻨﻌﻪ‬
‫ﻣﺠﻤﻮﻋﺔﻣﺘﻨﻮﻋﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺘﻲ ﻳﺘﻢ ﺷﻨﻬﺎ ﻋﻠﻰ ﺍﻟﻌﻨﺎﺻﺮ ﺍﻟﻤﺮﺗﺒﻄﺔ‪ ،‬ﻣﺜﻞ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫]‪ .[9‬ﻧﻈﺮﺍً ﻷﻥ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺃﺻﺒﺤﺖ ﺃﻛﺜﺮ ﺍﺗﺼﺎﻻ ًﺑﺎﻟﺸﺒﻜﺔ‪ ،‬ﻓﻘﺪ ﺯﺍﺩﺕ ﺍﺣﺘﻤﺎﻟﻴﺔ ﺍﻻﺧﺘﺮﺍﻕ‬
‫ﻳﺰﻳﺪ‪.‬ﻳﻤﻜﻦ ﺗﻄﺒﻴﻖ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﻤﺴﺎﻋﺪﺓ ﻓﻲ ﺍﻛﺘﺸﺎﻑ ﺍﻷﺷﻴﺎء ﺍﻟﻀﺎﺭﺓ‬
‫ﺍﻻﻋﺘﺪﺍءﺍﺕﻋﻠﻰ ﺍﻷﺟﻬﺰﺓ ﺍﻟﻤﺘﺼﻠﺔ‪ ،‬ﻭﺍﻟﺘﺨﻔﻴﻒ ﻣﻦ ﻫﺬﻩ ﺍﻟﻤﺨﺎﻃﺮ‪ ،‬ﻭ‬
‫ﺍﻟﻮﻗﺎﻳﺔﺍﻻﺳﺘﺒﺎﻗﻴﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﻤﺴﺘﻘﺒﻠﻴﺔ‪.‬‬
‫‪1.2‬ﺍﻟﺪﺍﻓﻊ‬
‫ﺍﻟﺪﺍﻓﻊﺍﻷﺳﺎﺳﻲ ﻟﻬﺬﻩ ﺍﻟﻤﻬﻤﺔ ﻫﻮ ﺗﻄﻮﻳﺮ ﺃﻛﺜﺮ ﻛﻔﺎءﺓ‬
‫ﻧﻤﻮﺫﺝﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻗﺎﺩﺭ ﻋﻠﻰ ﺗﺄﻣﻴﻦ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﻨﺎء ًﻋﻠﻰ ﺗﻘﻨﻴﺎﺕ ‪DL‬‬
‫ﻟﺘﻮﻗﻊﺃﻧﻮﺍﻉ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﺘﻬﺪﻳﺪﺍﺕ‪ .‬ﻭﻳﻨﻄﻮﻱ ﻫﺬﺍ ﺍﻟﻤﻔﻬﻮﻡ ﻋﻠﻰ‬
‫ﻧﺸﺎﻁﺑﻨﺎء ﺣﻞ ﺃﻣﻨﻲ ﺁﻟﻲ ﻳﺘﻨﺒﺄ ﺑﻤﺨﺘﻠﻒ‬
‫ﺃﻧﻮﺍﻉﺍﻟﻬﺠﻤﺎﺕ‪ .‬ﺳﻴﺘﻢ ﺗﻘﻴﻴﻢ ﻫﺬﺍ ﺍﻟﻨﻤﻮﺫﺝ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺼﺪﺭ ﻣﻔﺘﻮﺡ‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﺗﺤﺘﻮﻱ ﻋﻠﻰ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺃﻧﻤﺎﻁ ﺍﻟﻬﺠﻮﻡ ﺍﻟﺨﺎﺻﺔ ﺑﺈﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺨﺘﻠﻒ‬
‫‪2‬‬
‫ﺗﺪﺍﺑﻴﺮﺍﻟﻤﻘﺎﻳﻴﺲ‪ .‬ﻭﺳﺘﻮﻓﺮ ﻧﺘﻴﺠﺔ ﻫﺬﺍ ﺍﻟﺠﻬﺪ ﺍﻟﻀﻮء ﻋﻠﻰ‬
‫ﺟﺪﻭﻯﺗﻮﻇﻴﻒ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﺘﻮﻗﻊ ﻭ‬
‫ﺍﻟﺤﺪﻣﻦ ﺍﻟﻤﺨﺎﻃﺮ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﻤﺤﺘﻤﻠﺔ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺗﻘﺘﺮﺡﻫﺬﻩ ﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﺳﺘﺨﺪﺍﻡ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﻣﻦ ﺃﺟﻞ‬
‫ﺗﺤﻠﻴﻞﻛﻤﻴﺎﺕ ﻫﺎﺋﻠﺔ ﻣﻦ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻭﺍﻟﻜﺸﻒ ﻋﻦ ﺍﻷﻧﻤﺎﻁ ﺍﻟﺘﻲ‬
‫ﺍﻟﻤﻨﺴﻮﺑﺔﺇﻟﻰ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ‪ .‬ﺑﻌﺾ ﻫﺬﻩ ﺍﻟﺘﻘﻨﻴﺎﺕ ﺗﺸﻤﻞ [‪،LSTM ]10‬‬
‫ﻃﺮﻕﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ‪ANNs ]13[.‬ﻭ ‪RNN ]11[، MLP ]12[،‬‬
‫ﺗﻢﺗﺪﺭﻳﺴﻬﺎ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﺮﺻﺪﻳﺔ‪ ،‬ﻭﻧﺘﻴﺠﺔ ﻟﺬﻟﻚ‪،‬‬
‫ﻓﻬﻢﻗﺎﺩﺭﻭﻥ ﻋﻠﻰ ﺗﺤﺪﻳﺪ ﺍﻟﺘﻐﻴﻴﺮﺍﺕ ﻓﻲ ﺍﻟﺴﻠﻮﻙ ﺍﻟﻤﺮﺗﺒﻄﺔ ﺑﻬﺎ‬
‫ﺍﻷﻧﺸﻄﺔﺍﻟﻀﺎﺭﺓ‪ .‬ﻭﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻓﺈﻧﻪ ﻳﻤﻜﻦ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﻓﻬﻢ‬
‫ﻣﺼﺎﺩﺭﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﺘﻲ ﺗﺴﺘﺨﺪﻣﻬﺎ ﻭﺗﺴﺘﺨﺪﻡ ﻫﺬﺍ ﺍﻟﻔﻬﻢ ﻟﺘﺼﻨﻴﻒ ﻭ‬
‫ﺍﻟﺘﻨﺒﺆﺑﺎﻷﺣﺪﺍﺙ ﺍﻟﻘﺎﺩﻣﺔ‪ .‬ﻳﻤﻜﻦ ﺍﺳﺘﺨﺪﺍﻡ ﻫﺬﻩ ﺍﻟﺘﻘﻨﻴﺔ ﻻﻛﺘﺸﺎﻑ‬
‫ﺍﻟﻤﺨﺎﻟﻔﺎﺕﻓﻲ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﻭﻛﺬﻟﻚ ﺍﻛﺘﺸﺎﻑ ﺍﻷﺷﻜﺎﻝ ﺍﻟﻤﻌﺘﺮﻑ ﺑﻬﺎ‬
‫ﺍﻻﻋﺘﺪﺍءﺍﺕ‪.‬ﻳﻤﻜﻦ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﺃﻥ ﻳﻔﺼﻞ ﺑﻴﻦ ﺍﻟﻌﺎﺩﻱ ﻭﺍﻟﻀﺎﺭ‬
‫ﺍﻟﻨﺸﺎﻁ‪،‬ﻭﺗﻘﻠﻴﻞ ﻋﺪﺩ ﺍﻟﻨﺘﺎﺋﺞ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺍﻟﻜﺎﺫﺑﺔ‪ ،‬ﻭﺗﻤﻜﻴﻦ ﺍﺗﺨﺎﺫ ﺍﻟﻘﺮﺍﺭ‪-‬‬
‫ﺻﻨﻊﺫﻟﻚ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﻤﺨﺎﻃﺮﺓ‪.‬‬
‫‪3‬‬
‫‪1.3‬ﺑﻴﺎﻥ ﺍﻟﻤﺸﻜﻠﺔ‬
‫ﺃﺩﺕﺍﻟﺰﻳﺎﺩﺓ ﺍﻟﻮﺍﺳﻌﺔ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺇﻟﻰ ﻇﻬﻮﺭ ﻗﺪﺭ ﻛﺒﻴﺮ ﻣﻦ ﺍﻷﻣﺎﻥ‬
‫ﺍﻟﻤﺨﺎﻭﻑﺍﻟﻤﺘﻌﻠﻘﺔ ﺑﺎﻷﺟﻬﺰﺓ ﺍﻟﻤﺘﺮﺍﺑﻄﺔ‪ .‬ﻫﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﺿﺪﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺗﺸﻜﻞ ﻣﺨﺎﻃﺮ ﺟﺴﻴﻤﺔ‪ ،‬ﻣﺜﻞ ﺍﻟﻮﺻﻮﻝ ﻏﻴﺮ ﺍﻟﻤﺼﺮﺡ ﺑﻪ‪،‬‬
‫ﻓﺸﻞﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،‬ﻭﺍﻧﻘﻄﺎﻉ ﺍﻟﺨﺪﻣﺔ‪ .‬ﻋﻠﻰ ﺍﻟﺮﻏﻢ ﻣﻦ ﻛﺜﺮﺓ‬
‫ﺗﻢﺗﻄﻮﻳﺮ ﺣﻠﻮﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻭﺗﺤﺪﻳﺪﻫﺎ ﻭﺍﻟﺘﻨﺒﺆ ﺑﻬﺎ‬
‫ﻭﺗﻈﻞﻫﺬﻩ ﺍﻟﻬﺠﻤﺎﺕ ﺻﻌﺒﺔ ﺑﺴﺒﺐ ﺍﻟﺘﻐﻴﺮ ﻭﺍﻟﻮﺟﻮﺩ ﺍﻟﻤﻌﻘﺪ‬
‫ﺑﻴﺌﺎﺕﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﻭﻟﻤﻌﺎﻟﺠﺔﻫﺬﻩ ﺍﻟﻤﺸﻜﻠﺔ‪ ،‬ﻫﻨﺎﻙ ﻣﻨﻬﺠﻴﺔ ﻓﻌﺎﻟﺔ ﻭﻗﻮﻳﺔ ﻗﺎﺩﺭﺓ ﻋﻠﻰ‬
‫ﺃﺻﺒﺢﺍﻟﺘﻨﺒﺆ ﺑﺪﻗﺔ ﺑﻬﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺃﻣﺮﺍً ﻣﻠﺤﺎً‬
‫ﻣﻄﻠﻮﺏ‪.‬ﻟﻘﺪ ﺗﻢ ﺍﺳﺘﺨﺪﺍﻡ ﻣﺼﻨﻔﺎﺕ ‪ ML‬ﺍﻟﻔﺮﺩﻳﺔ ﻟﻬﺬﺍ ﺍﻟﻬﺪﻑ‪ ،‬ﻭﻟﻜﻦ‬
‫ﻏﺎﻟﺒﺎًﻣﺎ ﻳﻜﻮﻥ ﺍﻷﺩﺍء ﻣﻘﻴﺪﺍً ﺑﻌﻮﺍﻣﻞ ﺗﺸﻤﻞ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺍﻟﺨﺼﺎﺋﺺﻭﺍﻟﻀﻮﺿﺎء ﻭﺍﻟﺘﺤﻴﺰﺍﺕ ﺍﻟﻨﻤﻮﺫﺟﻴﺔ‪ .‬ﻭﻧﺘﻴﺠﺔ ﻟﺬﻟﻚ‪ ،‬ﻫﻨﺎﻙ‬
‫ﺯﻳﺎﺩﺓﺍﻟﺠﻬﺪ ﺑﻴﻦ ﺍﻟﺒﺎﺣﺜﻴﻦ ﻓﻲ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‬
‫ﻃﺮﻳﻘﺔﻣﺤﺘﻤﻠﺔ ﻟﺘﻌﺰﻳﺰ ﺍﻟﺪﻗﺔ ﻭﺍﻻﻋﺘﻤﺎﺩﻳﺔ‬
‫ﺗﺤﺪﻳﺪﻫﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺍﻟﻐﺮﺽﺍﻟﺮﺋﻴﺴﻲ ﻣﻦ ﺍﻷﻃﺮﻭﺣﺔ ﻫﻮ ﺗﺼﻤﻴﻢ ﻭﺗﻘﻴﻴﻢ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﺠﻤﺎﻋﻲ ﻭﻣﻨﻬﺠﻴﺔ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﺘﻨﺒﺆ‬
‫ﻫﺠﻤﺎﺕﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺗﺒﺤﺚ ﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ﻓﻲ ﻓﻌﺎﻟﻴﺔ‬
‫ﺩﻣﺞﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺗﻌﻠﻢ ﺍﻵﻟﺔ ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﺘﻌﺪﺩﺓ ﻟﺘﻄﻮﻳﺮ ﻧﻤﻮﺫﺝ‬
‫ﻗﺎﺩﺭﻋﻠﻰ ﺍﻟﺘﻌﺮﻑ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ ﺃﻧﻮﺍﻉ ﺍﻟﻬﺠﻤﺎﺕ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺗﺼﻨﻴﻔﻬﺎ‬
‫‪4‬‬
‫ﺍﻟﺒﻴﺌﺎﺕ‪.‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﺳﻮﻑ ﻳﺒﺤﺚ ﺍﻟﺒﺤﺚ ﻓﻲ ﺍﻟﺘﻜﺎﻣﻞ‬
‫ﺃﺳﺎﻟﻴﺐﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺘﻨﻮﻋﺔ ﻭﺗﻘﻨﻴﺎﺕ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ‬
‫ﻟﺘﻌﺰﻳﺰﺃﺩﺍء ﻧﻤﻮﺫﺝ ﺍﻟﻤﺠﻤﻮﻋﺔ ﻭﻗﺎﺑﻠﻴﺘﻪ ﻟﻠﺘﻌﻤﻴﻢ‪.‬‬
‫ﻫﻨﺎﻙﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻷﺳﺌﻠﺔ ﺍﻟﺒﺤﺜﻴﺔ ﻟﻬﺬﻩ ﺍﻟﺮﺳﺎﻟﺔ‪ :‬ﻣﻘﺘﺮﺣﺎﺕ ﻣﺜﻞ‪:‬‬
‫● ﻛﻴﻒﻳﻤﻜﻦ ﻟﻠﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺃﻥ ﻳﺒﻨﻲ ﻧﻤﻮﺫﺟﺎً ﺃﻣﻨﻴﺎً ﻓﻌﺎﻻ؟ً‬
‫ﻣﺼﻤﻤﺔﺧﺼﻴﺼﺎً ﻟﺘﺤﺪﻳﺪ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﻤﺴﺘﻘﺒﻠﻴﺔ ﻋﻠﻰ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء؟‬
‫● ﻛﻴﻒﻳﻤﻜﻦ ﺗﻮﻓﻴﺮ ﺗﻘﻨﻴﺎﺕ ﺍﻟﻬﻨﺪﺳﺔ ﺍﻟﻤﻤﻴﺰﺓ ﺍﻟﺘﻲ ﻳﻤﻜﻦ ﺍﺳﺘﺨﺪﺍﻣﻬﺎ ﻟﺘﺤﺪﻳﺪ‬
‫ﺍﻟﻬﺠﻤﺎﺕﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﻭﺍﻟﺤﺪ ﻣﻦ ﺍﻟﺘﺤﺪﻳﺎﺕ ﺍﻟﻨﻤﻮﺫﺟﻴﺔ؟‬
‫● ﻟﻤﺎﺫﺍﻳﻌﺪ ﻧﻤﻮﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻗﻮﻳﺎً ﻓﻲ ﻧﺘﺎﺋﺞ ﺍﻟﻜﺸﻒ ﻋﻦ ﺍﻟﺘﻬﺪﻳﺪﺍﺕ‬
‫ﻋﺒﺮﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺪﻻ ًﻣﻦ ﺍﺳﺘﺨﺪﺍﻡ ﻧﻤﻮﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ؟‬
‫● ﻣﺎﻫﻲ ﺃﻓﻀﻞ ﺍﻟﻄﺮﻕ ﻻﺳﺘﺨﺪﺍﻡ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﻓﻲ ﺍﻟﻔﻀﺎء ﺍﻹﻟﻜﺘﺮﻭﻧﻲ؟‬
‫ﻧﻤﻮﺫﺝﺍﻷﻣﺎﻥ ﻟﺸﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء؟‬
‫● ﻛﻴﻒﻳﻤﻜﻦ ﺗﻮﻓﻴﺮ ﻧﻤﻮﺫﺝ ﺣﺴﺎﺳﻴﺔ ﻓﻲ ﺍﻟﻮﻗﺖ ﺍﻟﻔﻌﻠﻲ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ‬
‫ﺷﺒﻜﺔﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺗﺘﻌﺎﻣﻞ ﻣﻊ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻜﺒﻴﺮﺓ؟‬
‫● ﻛﻴﻔﻴﺔﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﺗﺤﺪﻳﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﺜﻞ ﺍﻟﻤﻔﻘﻮﺩﻳﻦ ﻭﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ‬
‫ﻹﻧﺸﺎءﺣﻞ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻻﻛﺘﺸﺎﻑ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻟﺘﻬﺪﻳﺪﺍﺕ؟‬
‫● ﻛﻴﻒﻳﻤﻜﻦ ﺍﺳﺘﺨﺪﺍﻡ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪ ،‬ﻣﺜﻞ ‪ ،RNNs‬ﺑﺸﻜﻞ ﻓﻌﺎﻝ‬
‫ﻛﻤﺼﻨﻔﺎﺕﻟﻠﺘﻨﺒﺆ ﺑﻬﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻟﺒﻴﺌﺎﺕ؟‬
‫‪5‬‬
‫● ﻣﺎﻫﻲ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ﺍﻟﺘﻲ ﻳﻤﻜﻦ ﺍﺳﺘﺨﺪﺍﻣﻬﺎ ﻟﻠﺠﻤﻊ‬
‫ﺍﻟﻘﺪﺭﺍﺕﺍﻟﺘﻨﺒﺆﻳﺔ ﻟﻨﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﺘﻌﺪﺩﺓ‬
‫ﺗﺤﺴﻴﻦﻗﻮﺓ ﺍﻟﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ‬
‫ﺇﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء؟‬
‫● ﻣﺎﻫﻲ ﺍﻟﻘﻴﻮﺩ ﺍﻟﺘﻲ ﻳﻔﺮﺿﻬﺎ ﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء؟‬
‫ﻣﺠﻤﻮﻋﺎﺕﺑﻴﺎﻧﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ ،‬ﻭﻛﻴﻒ ﻳﻤﻜﻦ ﺗﻄﺒﻴﻖ ﺗﻘﻨﻴﺔ ‪SMOTE‬‬
‫ﻟﻤﻮﺍﺟﻬﺔﻫﺬﻩ ﺍﻟﺘﺤﺪﻳﺎﺕ ﻭﺗﺤﺴﻴﻦ ﻓﻌﺎﻟﻴﺔ ﺗﻌﻠﻢ ﺍﻵﻟﺔ‪،‬‬
‫ﻭﻧﻤﺎﺫﺝﺍﻟﺘﻌﻠﻢ ﺍﻟﻔﺮﻗﺔ؟ ‪DL،‬‬
‫‪1.4‬ﺃﻫﺪﺍﻑ ﺍﻟﺒﺤﺚ‬
‫ﺍﻟﻬﺪﻑﺍﻟﺮﺋﻴﺴﻲ ﻣﻦ ﻫﺬﻩ ﺍﻷﻃﺮﻭﺣﺔ ﻫﻮ ﺑﻨﺎء ﻧﻤﻮﺫﺝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺃﺳﺎﺱ‬
‫ﺗﻘﻨﻴﺎﺕ‪ ML‬ﻭ‪ DL‬ﺍﻟﻤﺨﺘﻠﻔﺔ ﻗﺎﺩﺭﺓ ﻋﻠﻰ ﺍﻛﺘﺸﺎﻑ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺃﻧﻮﺍﻉ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺘﻲ‬
‫ﺗﺤﺪﺙﻣﻦ ﻣﻴﺰﺍﺗﻬﺎ ﺍﻟﺘﻲ ﺗﻈﻬﺮﻫﺎ ﻣﻦ ﺗﺪﻓﻖ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﻣﺤﺎﻭﻟﺔﺍﻟﻮﺻﻮﻝ ﺇﻟﻰ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺑﻌﺪﺗﺤﺪﻳﺪ ﻫﺬﻩ ﺍﻷﻧﻤﺎﻁ ﻭﻫﺬﻩ ﺍﻟﻤﻴﺰﺍﺕ‪ ،‬ﻓﺈﻥ ﺍﻟﺨﻄﻮﺓ ﺍﻟﺘﺎﻟﻴﺔ ﻫﻲ ﺍﻟﺘﻄﻮﻳﺮ‬
‫ﻧﻤﻮﺫﺝﻣﻨﺎﺳﺐ ﻟﻠﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺴﺎﺑﻘﺔ ﻟﻠﻜﺸﻒ‬
‫ﻭﺍﻟﺮﺩﻋﻠﻰ ﻫﺬﺍ ﺍﻟﻨﺸﺎﻁ‪ .‬ﺗﺴﺘﺨﺪﻡ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﺷﺒﻜﺎﺕ ﻋﺼﺒﻴﺔ ﻋﻤﻴﻘﺔ‬
‫ﺍﻟﺘﻲﻳﻤﻜﻦ ﺗﺪﺭﻳﺒﻬﺎ ﻋﻠﻰ ﺍﻛﺘﺸﺎﻑ ﺃﻧﻮﺍﻉ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪،‬‬
‫ﺍﻟﻨﻤﻮﺫﺝﺍﻟﻤﻘﺘﺮﺡ ﻳﻤﻜﻦ ﺃﻥ ﻳﻜﻮﻥ ﻗﺎﺩﺭﺍ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﺴﺎﺑﻘﺔ ﻟﺘﻌﺰﻳﺰﻩ‬
‫ﺍﻷﺩﺍءﻣﻊ ﻣﺮﻭﺭ ﺍﻟﻮﻗﺖ‪ .‬ﻭﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻟﻨﻤﻮﺫﺝ ﻗﺎﺩﺭ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﻣﻨﻪ‬
‫ﺍﻟﺨﺒﺮﺓﻭﺗﻘﺪﻳﻢ ﺍﻟﻤﻼﺣﻈﺎﺕ ﻟﻠﻨﻈﺎﻡ ﻟﻤﻨﻊ ﺍﻻﻋﺘﺪﺍءﺍﺕ ﺍﻟﻤﺴﺘﻘﺒﻠﻴﺔ‪.‬‬
‫‪6‬‬
‫‪1.5‬ﻣﺴﺎﻫﻤﺔ ﺍﻷﻃﺮﻭﺣﺔ ﻓﻲ ﺍﻟﻤﺠﺎﻝ ‪ /‬ﺃﻫﻤﻴﺔ ﻭ ‪ /‬ﺃﻭ ﺗﺄﺛﻴﺮ‬
‫ﺍﻟﺒﺤﺚ‬
‫ﺗﺮﻛﺰﺍﻟﺪﺭﺍﺳﺔ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﺍﺳﺘﺨﺪﺍﻡ ‪ DL‬ﻭﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻤﺠﻤﻌﺔ‬
‫ﻟﻠﻜﺸﻒﻋﻦ ﻫﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء )‪ (IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﺗﻨﻔﻴﺬ‪ SMOTE‬ﻟﺪﻳﻪ ﺍﻟﻘﺪﺭﺓ ﻋﻠﻰ ﺇﻧﺘﺎﺝ ﻋﺪﺩ ﻛﺒﻴﺮ ﻣﻦ ﺍﻷﺷﻴﺎء‬
‫ﻧﺘﺎﺋﺞ‪.‬‬
‫ﺍﻟﻬﺪﻑﺍﻷﺳﺎﺳﻲ ﻣﻦ ﺍﻟﺒﺤﺚ ﻫﻮ ﺗﺤﺴﻴﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻟﺜﻘﺔ‬
‫ﺍﻛﺘﺸﺎﻑﻫﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺑﻴﺌﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﻣﻦ ﺧﻼﻝ ﺍﺳﺘﻐﻼﻝ‬
‫ﺍﻟﻘﺪﺭﺍﺕﺍﻟﺘﻨﺒﺆﻳﺔ ﻟﻨﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‬
‫ﻭﻣﻦﺍﻟﻤﺘﻮﻗﻊ ﺃﻥ ﺗﻨﺘﺞ ﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﻟﻤﻄﻮﺭﺓ ﺍﻟﻤﺰﻳﺪ‬
‫ﺗﻮﻗﻌﺎﺕﺩﻗﻴﻘﺔ ﻭﻗﻮﻳﺔ‪ .‬ﻫﺬﺍ ﺍﻻﺑﺘﻜﺎﺭ ﻳﻤﻜﻦ ﺃﻥ ﻳﺴﺎﻫﻢ ﺑﺸﻜﻞ ﻛﺒﻴﺮ ﻓﻲ‬
‫ﺗﺤﺴﻴﻦﺃﻣﺎﻥ ﻧﻈﺎﻡ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻭﻣﻨﻊ ﺍﻟﻮﺻﻮﻝ ﻏﻴﺮ ﺍﻟﻤﺼﺮﺡ ﺑﻪ ﺇﻟﻰ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺍﻟﺨﺮﻭﻗﺎﺕﻭﺍﻧﻘﻄﺎﻉ ﺍﻟﺨﺪﻣﺔ‪.‬‬
‫ﺛﺎﻧﻴﺎ‪ً:‬ﻳﻬﺪﻑ ﺍﻟﺒﺤﺚ ﺇﻟﻰ ﺗﻌﺰﻳﺰ ﻗﺪﺭﺍﺕ ﺍﻟﺘﻌﻤﻴﻢ‬
‫ﻧﻤﺎﺫﺝﻣﻄﻮﺭﺓ ﻣﻦ ﺧﻼﻝ ﻣﻌﺎﻟﺠﺔ ﻣﺸﻜﻼﺕ ﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ ﺍﻟﺘﻲ ﻳﺘﻢ ﻣﻼﺣﻈﺘﻬﺎ ﺑﺸﻜﻞ ﺷﺎﺋﻊ‬
‫ﻓﻲﻣﺠﻤﻮﻋﺎﺕ ﺑﻴﺎﻧﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻣﻦ ﺧﻼﻝ ﺗﻄﺒﻴﻖ ‪ .SMOTE‬ﺍﻟﺘﻔﺎﻭﺕ ﺍﻟﻄﺒﻘﻲ‬
‫ﻛﺜﻴﺮﺍﻣﺎ ﻳﻌﻴﻖ ﺗﻨﻔﻴﺬ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺗﻌﻠﻢ ﺍﻵﻟﺔ‪ ،‬ﻣﻤﺎ ﻳﺆﺩﻱ ﺇﻟﻰ ﺍﻻﻧﺤﻴﺎﺯ‬
‫ﺍﻟﺘﻨﺒﺆﺍﺕ‪.‬ﺩﻣﺞ ‪ ،SMOTE‬ﻭﻫﻲ ﺗﻘﻨﻴﺔ ﻣﺴﺘﺨﺪﻣﺔ ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ‬
‫ﻳﺴﻌﻰﺗﺠﻤﻴﻊ ﻋﻴﻨﺎﺕ ﻓﺌﺔ ﺍﻷﻗﻠﻴﺔ ﺇﻟﻰ ﺗﺼﺤﻴﺢ ﻫﺬﺍ ﺍﻟﺘﻔﺎﻭﺕ ﻭﺗﻤﻜﻴﻨﻪ‬
‫ﺍﻟﻨﻤﺎﺫﺝﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﻭﺍﻟﺘﻨﺒﺆ ﺑﻬﺎ ﻋﺒﺮ ﺟﻤﻴﻊ ﺍﻟﻔﺌﺎﺕ ﺑﺸﻜﻞ ﺃﻛﺜﺮ ﺩﻗﺔ‪ .‬ﻫﺬﺍ‬
‫‪7‬‬
‫ﻭﻣﻦﺍﻟﻤﺘﻮﻗﻊ ﺃﻥ ﻳﺆﺩﻱ ﺟﺎﻧﺐ ﺍﻟﺒﺤﺚ ﺇﻟﻰ ﺇﻧﺘﺎﺝ ﺃﻛﺜﺮ ﺩﻗﺔ ﻭﺇﻧﺼﺎﻓﺎً‬
‫ﺗﻮﻗﻌﺎﺕﻟﺠﻤﻴﻊ ﺃﺷﻜﺎﻝ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻓﻲ ﺑﻴﺌﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺑﺎﻹﺿﺎﻓﺔﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﻧﺘﺎﺋﺞ ﺍﻟﺒﺤﺚ ﺳﺘﺠﻠﺐ ﻓﻬﻤﺎً ﻟﻸﻓﻀﻞ‬
‫ﺗﻄﺒﻴﻖﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ‪ DL‬ﻭﺍﻟﻤﺠﻤﻮﻋﺔ ﻛﻬﺠﻮﻡ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﻣﺼﻨﻔﺎﺕﺍﻟﺘﻨﺒﺆ ﻭﻫﺬﺍ ﺍﻟﺠﻬﺪ ﺳﻴﺠﻠﺐ ﺍﻟﻤﻌﺮﻓﺔ ﻓﻲ ﻣﺠﺎﻻﺕ‬
‫ﺍﻷﻣﻦﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻭﺃﻣﻦ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻣﻦ ﺧﻼﻝ ﺍﻟﺘﺤﻘﻴﻖ ﻓﻲ ﺃﺩﺍء ﻭﻓﻌﺎﻟﻴﺔ‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ﺍﻟﻤﺨﺘﻠﻔﺔ ﺑﺎﻟﺘﺰﺍﻣﻦ ﻣﻊ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪.‬‬
‫ﻳﻤﻜﻦﻟﻬﺬﻩ ﺍﻷﻓﻜﺎﺭ ﺃﻥ ﺗﺴﺎﻋﺪ ﺍﻟﻤﻤﺎﺭﺳﻴﻦ ﻭﺍﻟﺒﺎﺣﺜﻴﻦ ﻓﻲ ﺗﻄﻮﻳﺮ ﺍﻟﻤﺰﻳﺪ‬
‫ﺣﻠﻮﻝﺃﻣﻨﻴﺔ ﻗﻮﻳﺔ ﻭﻓﻌﺎﻟﺔ ﻷﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء )‪،(IoT‬‬
‫ﻭﺑﺎﻟﺘﺎﻟﻲﺯﻳﺎﺩﺓ ﻣﺮﻭﻧﺘﻬﺎ ﺿﺪ ﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﻨﺎﺷﺌﺔ‪.‬‬
‫ﻫﺬﻩﺍﻟﺪﺭﺍﺳﺔ ﻟﺪﻳﻬﺎ ﺍﻟﻘﺪﺭﺓ ﻋﻠﻰ ﺗﻌﺰﻳﺰ ﺍﻟﺠﻬﻮﺩ ﺍﻟﺤﺎﻟﻴﺔ ﻓﻲ ﻣﺠﺎﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﺍﻟﺘﻨﺒﺆﺑﺎﻟﻬﺠﻮﻡ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻬﺪﻑ ﻣﻦ ﺍﻟﺒﺤﺚ ﻫﻮ ﺗﻌﺰﻳﺰ‬
‫ﻓﻌﺎﻟﻴﺔﻭﻣﻮﺛﻮﻗﻴﺔ ﻭﺗﻌﻤﻴﻢ ﻫﺠﻮﻡ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﻧﻤﺎﺫﺝﺍﻟﻜﺸﻒ ﻣﻦ ﺧﻼﻝ ﺍﻻﺳﺘﻔﺎﺩﺓ ﻣﻦ ﻗﻮﺓ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻭﺍﻟﺘﺠﻤﻴﻊ‬
‫ﺍﻟﺘﻌﻠﻢﻭﺍﻟﺘﺨﻔﻴﻒ ﻣﻦ ﺗﺤﺪﻳﺎﺕ ﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ ﺑﺎﺳﺘﺨﺪﺍﻡ ‪ .SMOTE‬ﻫﺬﺍ ﺍﻟﺒﺤﺚ‬
‫ﻟﺪﻳﻪﺍﻟﻘﺪﺭﺓ ﻋﻠﻰ ﺗﻌﺰﻳﺰ ﻭﺿﻊ ﺍﻟﺤﻤﺎﻳﺔ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺸﻜﻞ ﻛﺒﻴﺮ‪،‬‬
‫ﺣﻤﺎﻳﺔﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺍﻟﺨﺪﻣﺎﺕ ﺍﻟﻬﺎﻣﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﻀﺎﺭﺓ‪ ،‬ﻭﺗﺴﻬﻴﻞ‬
‫ﺗﻄﻮﻳﺮﺑﻨﻴﺎﺕ ﺗﺤﺘﻴﺔ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺃﻛﺜﺮ ﻣﺮﻭﻧﺔ ﻭﺃﻣﺎﻧﺎً‪.‬‬
‫‪8‬‬
‫‪1.6‬ﺍﻟﺨﻄﻮﻁ ﺍﻟﻌﺮﻳﻀﺔ ﻟﻸﻃﺮﻭﺣﺔ‬
‫ﺗﻘﺪﻡﻣﻘﺪﻣﺔ ﺍﻟﻔﺼﻞ ﻟﻤﺤﺔ ﻋﺎﻣﺔ ﻋﻦ ﺃﻫﻤﻴﺔ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﺍﻟﺘﻨﺒﺆﺑﺎﻟﻬﺠﻮﻡ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﻳﺤﺪﺩ ﺃﻫﺪﺍﻑ ﺍﻟﺒﺤﺚ‪.‬‬
‫ﻓﻲﻓﺼﻞ ﻣﺮﺍﺟﻌﺔ ﺍﻷﺩﺑﻴﺎﺕ‪ ،‬ﻧﻘﻮﻡ ﺑﺈﺟﺮﺍء ﻣﺴﺢ ﻟﻸﺩﺑﻴﺎﺕ ﺍﻟﻤﻮﺟﻮﺩﺓ ﺣﻮﻝ‬
‫ﻫﺠﻤﺎﺕﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﻳﺮﺍﺟﻊ ﺍﻷﺳﺎﻟﻴﺐ ﺍﻟﺤﺎﻟﻴﺔ‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ ﺍﻷﺳﺎﻟﻴﺐ ﺍﻟﻌﻤﻴﻘﺔ‬
‫ﻧﻤﺎﺫﺝﺍﻟﺘﻌﻠﻢ ﻭﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‪.‬‬
‫ﻭﻓﻲﻫﺬﺍ ﺍﻟﻔﺼﻞ ﺍﻟﺜﺎﻟﺚ ﺗﻢ ﺗﻔﺼﻴﻞ ﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ ﻓﻲ ﺍﻟﺒﺤﺚ‪،‬‬
‫ﺗﻐﻄﻲﺟﻤﻊ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻭﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﻨﻤﺎﺫﺝ‪،‬ﻭﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‪ ،‬ﻭﺗﻜﺎﻣﻞ ‪ SMOTE‬ﻟﺤﻠﻬﺎ‬
‫ﺗﺤﺪﻳﺎﺕﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ‪.‬‬
‫ﺃﻣﺎﺍﻟﻔﺼﻞ ﺍﻟﺮﺍﺑﻊ ﻓﻴﻌﺮﺽ ﻧﺘﺎﺋﺞ ﺍﻟﺘﺠﺎﺭﺏ ﺍﻟﺘﻲ ﺃﺟﺮﻳﺖ‬
‫ﺑﻤﺎﻓﻲ ﺫﻟﻚ ﺗﻘﻴﻴﻢ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻔﺮﺩﻳﺔ‪،‬‬
‫ﻧﻤﺎﺫﺝﺍﻟﺘﻌﻠﻢ ﺍﻟﻤﺠﻤﻌﺔ ﻭﺗﺄﺛﻴﺮ ‪ SMOTE‬ﻋﻠﻰ ﺩﻗﺔ ﺍﻟﺘﻨﺒﺆ‬
‫ﻭﺗﺨﻔﻴﻒﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ‪.‬‬
‫ﻭﻓﻲﺍﻟﻔﺼﻞ ﺍﻟﺨﺎﻣﺲ ﺗﻢ ﺗﺤﻠﻴﻞ ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ ﺑﺸﻜﻞ ﺷﺎﻣﻞ‬
‫ﻣﻘﺎﺭﻧﺔﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻣﻊ ﺃﺣﺪﺙ ﺍﻟﺘﻘﻨﻴﺎﺕ‬
‫ﺃﺳﺎﻟﻴﺐﺍﻟﺘﻨﺒﺆ ﺑﻬﺠﻤﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﻫﻮ ‪ -‬ﻫﻲ‬
‫ﻳﺤﻠﻞﻧﻘﺎﻁ ﺍﻟﻘﻮﺓ ﻭﺍﻟﻤﺴﺎﻫﻤﺎﺕ ﺍﻟﺠﺪﻳﺪﺓ ﻟﻠﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﺘﻘﺪﻡ‬
‫ﻭﺗﺠﻤﻴﻊﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﻣﻊ ﺗﻜﺎﻣﻞ ‪.SMOTE‬‬
‫‪9‬‬
‫ﻭﻳﻠﺨﺺﺍﻟﻔﺼﻞ ﺍﻷﺧﻴﺮ ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺮﺋﻴﺴﻴﺔ‪ ،‬ﻭﻳﺴﻠﻂ ﺍﻟﻀﻮء ﻋﻠﻰ ﺍﻟﻤﺴﺎﻫﻤﺎﺕ ﻓﻴﻬﺎ‬
‫ﻳﻮﻓﺮﻫﺬﺍ ﺍﻟﻤﺠﺎﻝ ﺁﺛﺎﺭﺍً ﻋﻤﻠﻴﺔ ﻭﻣﺠﺎﻻﺕ ﻣﺤﺘﻤﻠﺔ ﻟﻠﻤﺴﺘﻘﺒﻞ‬
‫ﺍﻟﺒﺤﺚ‪،‬ﻭﻳﺨﺘﺘﻢ ﺑﺎﻟﻤﻼﺣﻈﺎﺕ ﺍﻟﻨﻬﺎﺋﻴﺔ‪.‬‬
‫ﺍﻟﻔﺼﻞﺍﻟﺴﺎﺑﻊ‪ :‬ﺍﻟﻤﺮﺍﺟﻊ ﻫﻲ ﻗﻮﺍﺋﻢ ﺍﻟﻤﺼﺎﺩﺭ ﺍﻟﻤﺬﻛﻮﺭﺓ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ ﻓﻲ ﺟﻤﻴﻊ ﺃﻧﺤﺎء ﺍﻟﻜﺘﺎﺏ‬
‫ﺑﺤﺚ‪.‬‬
‫‪10‬‬
‫ﻋﺮﺽﺍﻻﺩﺏ‬ ‫ﺍﻟﻔﺼﻞ‪:2‬‬
‫‪2.1‬ﻣﻘﺪﻣﺔ‬
‫ﻳﻘﺪﻡﻫﺬﺍ ﺍﻟﻘﺴﻢ ﻣﺮﺍﺟﻌﺔ ﺷﺎﻣﻠﺔ ﻟﻸﺑﺤﺎﺙ ﺍﻟﺘﻲ ﺃﺟﺮﻳﺖ ﻓﻲ ﻫﺬﺍ ﺍﻟﻤﺠﺎﻝ‬
‫ﺑﺨﺼﻮﺹﺍﻻﻋﺘﺪﺍءﺍﺕ ﺍﻷﻣﻨﻴﺔ‪ .‬ﺃﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺘﻌﻠﻘﺔ ﺑﺈﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻭﻣﺨﺘﻠﻒ‬
‫ﻃﺮﻕﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﻤﻄﺒﻘﺔ ﻋﻠﻰ ﺃﻧﻈﻤﺔ ﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ‬
‫ﻓﻲﺍﻟﺠﺪﻭﻝ ‪.2.1‬‬
‫ﻟﻘﺪﺗﻢ ﺇﺟﺮﺍء ﺗﺤﻘﻴﻘﺎﺕ ﻓﻲ ﻣﺪﻯ ﺍﻟﻤﻼءﻣﺔ ﻭﺍﻟﻔﻮﺍﺋﺪ ﻭﺳﻬﻮﻟﺔ ﺍﻻﺳﺘﺨﺪﺍﻡ‬
‫ﺗﺄﺛﻴﺮﺗﻄﺒﻴﻘﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ .‬ﻳﺘﻌﺎﻣﻞ ﺟﺰء ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻣﻊ‬
‫ﺍﻟﺸﺬﻭﺫﻭﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﻤﺮﻭﺭﻳﺔ‪ .‬ﺍﻟﻔﻮﺍﺋﺪ ﺍﻟﻨﺴﺒﻴﺔ ﻟﻬﺬﻩ ﺍﻟﺘﻘﻨﻴﺎﺕ‬
‫ﻭﻳﺘﻢﺗﺴﻠﻴﻂ ﺍﻟﻀﻮء ﻋﻠﻰ ﺍﻟﻮﺿﻊ ﺍﻟﺤﺎﻟﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻓﻲ ﺍﻟﺸﺒﻜﺎﺕ ﻣﻦ ﺧﻼﻝ ﺗﺤﻠﻴﻞ ﺷﺎﻣﻞ‬
‫ﻣﻦﻫﺬﻩ ﺍﻟﺤﻠﻮﻝ‪ .‬ﻣﻘﺎﺭﻧﺔ ﻣﻘﺎﺭﻧﺔ ﻟﻠﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﺤﺎﻟﻲ‪-‬‬
‫ﺗﻢﺗﻨﻔﻴﺬ ﺃﻧﻈﻤﺔ ﺍﻷﻣﺎﻥ ﺍﻟﻤﺴﺘﻨﺪﺓ ﺇﻟﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫‪2.2‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‬
‫ﺍﻗﺘﺮﺣﺖﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ﻃﺮﻕ ‪ ML‬ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﺒﺮﺍﻣﺞ ﺍﻟﻀﺎﺭﺓ ﻋﻠﻰ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﻻﺗﺤﺘﺎﺝ ﺇﻟﻰ ﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ ]‪ .[13‬ﻣﻨﻬﺠﻴﺘﻬﻢ ﺍﻟﻤﻘﺘﺮﺣﺔ ﺑﺸﻜﻞ ﻣﻠﺤﻮﻅ‬
‫ﻳﻌﻤﻞﻋﻠﻰ ﺗﺴﺮﻳﻊ ﺣﺎﻓﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺄﻗﻞ ﺍﺳﺘﻬﻼﻙ ﻟﻠﻄﺎﻗﺔ‪ .‬ﺗﻢ ﺗﻮﻓﻴﺮ ‪FEL-ML‬‬
‫ﺣﻤﺎﻳﺔﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﻋﺒﺮ ﺍﻹﻧﺘﺮﻧﺖ ﺍﻟﺤﺴﺎﺳﺔ ﻟﻠﻤﻮﺍﺭﺩ ﻣﻊ ﻣﻴﺰﺓ ﺇﺿﺎﻓﻴﺔ ﺗﺘﻤﺜﻞ ﻓﻲ‬
‫‪11‬‬
‫ﺗﺠﻨﺐﺍﻟﺠﻬﺪ ﺍﻟﻜﺒﻴﺮ ﺍﻟﺬﻱ ﻳﺒﺬﻟﻪ ﺧﺒﺮﺍء ﺍﻟﻤﻮﺍﺩ ﻏﻴﺮ ﺍﻟﻀﺮﻭﺭﻳﺔ ﻓﻲ ﺍﻟﻤﻴﺰﺓ‬
‫ﻫﻨﺪﺳﺔ‪.‬‬
‫ﺑﺴﺒﺐﻋﺪﻡ ﺍﻟﻤﻮﺛﻮﻗﻴﺔ ﺍﻟﻤﺘﺄﺻﻠﺔ ﻓﻲ ﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻣﺜﻞ ﺍﻟﺪﻳﻨﺎﻣﻴﻜﻴﺔ‬
‫ﺍﻻﺗﺼﺎﻻﺕﺍﻟﺘﻲ ﻗﺪ ﺗﺤﺪﺙ ﺑﻴﻦ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻤﺨﺘﻠﻔﺔ‪ ،‬ﻫﺬﻩ ﺍﻷﻧﻈﻤﺔ‬
‫ﺑﻬﺎﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﻌﻴﻮﺏ ﺍﻷﻣﻨﻴﺔ‪ .‬ﻭﺑﻌﺪ ﺫﻟﻚ‪ ،‬ﺍﻗﺘﺮﺡ ﻫﺬﺍ ﺍﻟﻌﻤﻞ ﺩﻣﺞ ﺛﻼﺛﺔ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕ‪ ،DL‬ﻣﺜﻞ ‪ RNN‬ﻭ‪ LSTM-RNN‬ﻭ‪ ،CNN‬ﻹﻧﺸﺎء ﺷﺒﻜﺔ ‪ CNN‬ﺛﻨﺎﺋﻴﺔ ﺍﻻﺗﺠﺎﻩ‪.‬‬
‫ﻧﻤﻮﺫﺝﻛﺸﻒ [‪ .BiLSTM DDoS ]14‬ﻫﺬﻩ ﺍﻟﻄﺮﻕ ﻫﻲ ‪ RNN‬ﻭ‪ LSTM-RNN‬ﻭ‬
‫ﺳﻲﺇﻥ ﺇﻥ‪ .‬ﺗﻢ ﺍﺧﺘﺒﺎﺭ ﻧﻤﺎﺫﺝ ‪ RNN‬ﻭ‪ CNN‬ﻭ‪ LSTM‬ﻭ‪CNN-BiLSTM‬‬
‫ﻟﺘﺤﺪﻳﺪﺃﻱ ﻭﺍﺣﺪ ﻫﻮ ﺃﻓﻀﻞ ﻧﻤﻮﺫﺝ ﻓﻌﺎﻝ ﻟﻠﺪﻓﺎﻉ ﺿﺪ ‪DDoS‬‬
‫ﺍﻟﻬﺠﻤﺎﺕﻭﺍﻟﻘﺪﺭﺓ ﻋﻠﻰ ﺗﺤﺪﻳﺪ ﻭﺗﻤﻴﻴﺰ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ‪ DDoS‬ﺑﺸﻜﻞ ﻓﻌﺎﻝ‬
‫ﺣﺮﻛﺔﺍﻟﻤﺮﻭﺭ ﺍﻟﻌﺎﺩﻳﺔ‪ .‬ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ‪ CICIDS2017‬ﻹﻋﻄﺎء ﻛﺸﻒ ﺃﻛﺜﺮ ﻭﺍﻗﻌﻴﺔ‪ .‬ﺃ‬
‫ﺗﻢﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﻣﻌﺪﻝ ﺩﻗﺔ ‪ %99.00‬ﻣﻦ ﺃﺩﺍء ﺍﻟﻨﻤﺎﺫﺝ‪،‬‬
‫ﺑﺎﺳﺘﺜﻨﺎءﻧﻤﻮﺫﺝ ‪ CNN‬ﺍﻟﺬﻱ ﺣﺼﻞ ﻋﻠﻰ ﻧﺴﺒﺔ ﺩﻗﺔ ‪ .%98.82‬ﺍﻝ‬
‫ﺗﻢﻗﻴﺎﺱ ﺩﻗﺔ ‪ CNN-BiLSTM‬ﺑﻨﺴﺒﺔ ‪ ،%99.76‬ﺑﻴﻨﻤﺎ ﺑﻠﻐﺖ ﺩﻗﺘﻪ‬
‫ﻗﻴﺎﺱ‪.%98.90‬‬
‫ﻓﻲﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ]‪ ،[15‬ﺗﻢ ﺗﻨﻔﻴﺬ ﻧﻤﻮﺫﺝ ‪ DL‬ﻟﻠﺘﻨﺒﺆ ﺑﺎﻷﻛﺜﺮ ﺍﻧﺘﺸﺎﺭﺍً‬
‫ﺍﻋﺘﺪﺍءﺍﺕﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ .‬ﻣﻘﺎﻳﻴﺲ ﺍﻟﺘﻘﻴﻴﻢ ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﺃﺳﺎﺱ ‪SET‬‬
‫ﺗﻢﺗﻘﻴﻴﻢ ﺍﻟﻨﻤﻮﺫﺝ‪ ،‬ﻭﺣﻘﻖ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﻘﺘﺮﺡ ﻓﻌﺎﻟﻴﺔ ‪%0.99‬‬
‫ﻣﻊﻣﺪﺓ ﺍﺧﺘﺒﺎﺭ ‪ 2.29‬ﻣﻠﻠﻲ ﺛﺎﻧﻴﺔ‪.‬‬
‫‪12‬‬
‫ﻓﻲﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ]‪ ،[16‬ﻗﺪﻡ ﺍﻟﻤﺆﻟﻔﻮﻥ ﺩﺭﺍﺳﺔ ﺍﺳﺘﻜﺸﺎﻓﻴﺔ ﻟﻞ‪ DL‬ﺍﻟﻤﻮﺣﺪ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺗﻘﻨﻴﺎﺕ ‪ .DL‬ﻟﻘﺪ ﻗﺎﻣﻮﺍ ﺑﻔﺤﺺ ﻓﻌﺎﻟﻴﺔ ﺛﻼﺙ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﻗﻮﺍﻋﺪﺑﻴﺎﻧﺎﺕ ﻟﻀﻤﺎﻥ ﺧﺼﻮﺻﻴﺔ ﺑﻴﺎﻧﺎﺕ ﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺗﻌﺰﻳﺰ‬
‫ﺩﻗﺔﺍﻟﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻮﻡ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪.DL‬‬
‫ﻓﻲﻫﺬﺍ ﺍﻟﻌﻤﻞ ]‪ ،[17‬ﺍﻗﺘﺮﺡ ﺍﻟﻤﺆﻟﻔﻮﻥ ‪ FDL‬ﻟﻠﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺍﻟﻴﻮﻡ ﺻﻔﺮ‬
‫ﻟﻤﻨﻊﺗﺴﺮﺏ ﺧﺼﻮﺻﻴﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻓﻲ ﺃﺟﻬﺰﺓ ‪ .IoT edge‬ﺍﺳﺘﺨﺪﺍﻡ ‪ DNN‬ﺍﻟﻤﺜﺎﻟﻲ‬
‫ﺍﻟﻬﻨﺪﺳﺔﺍﻟﻤﻌﻤﺎﺭﻳﺔ‪ ،‬ﻭﻫﺬﺍ ﺍﻟﻨﻬﺞ ﻳﺼﻨﻒ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ‪ .‬ﺧﺎﺩﻡ ﺣﺪﻭﺩﻱ‬
‫ﻳﻨﺴﻖﻋﻦ ﺑﻌﺪ ﺍﻟﺘﺪﺭﻳﺐ ﺍﻟﻤﻨﻔﺼﻞ ﻟﻨﻤﺎﺫﺝ ‪ DNN‬ﻓﻲ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺣﺎﻓﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻷﺟﻬﺰﺓ‪،‬ﺑﻴﻨﻤﺎ ﺗﻘﻮﻡ ﻃﺮﻳﻘﺔ ﺍﻟﻤﺘﻮﺳﻂ ﺍﻟﻤﻮﺣﺪ )‪ (FedAvg‬ﺑﺘﺠﻤﻴﻊ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺤﻠﻴﺔ‬
‫ﺗﺤﺪﻳﺜﺎﺕﺍﻟﻨﻤﻮﺫﺝ‪ .‬ﺑﻌﺪ ﺳﻠﺴﻠﺔ ﻣﻦ ﺩﻭﺭﺍﺕ ﺍﻻﺗﺼﺎﻝ ﺑﻴﻦ ﺍﻟﻤﻌﻠﻤﺔ‬
‫ﺍﻟﺨﺎﺩﻡﻭﺃﺟﻬﺰﺓ ﺣﺎﻓﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﺗﻢ ﺇﻧﺸﺎء ﻧﻤﻮﺫﺝ ‪ DNN‬ﻋﺎﻟﻤﻲ‪.‬‬
‫ﻓﻲﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ]‪ ،[18‬ﺍﻗﺘﺮﺡ ﺍﻟﻤﺆﻟﻔﻮﻥ ﺍﺳﺘﺨﺪﺍﻡ ﻣﺮﺣﻠﺔ ﺍﻟﺘﺸﻔﻴﺮ ﻟـ ‪LSTM‬‬
‫ﺍﻟﺘﺸﻔﻴﺮﺍﻟﺘﻠﻘﺎﺋﻲ ﻟﺘﻘﻠﻴﻞ ﺃﺑﻌﺎﺩ ﺍﻟﻤﻴﺰﺓ ﻟﺸﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﺳﻌﺔ ﺍﻟﻨﻄﺎﻕ‬
‫ﺑﻴﺎﻧﺎﺕﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ )‪ .(LAE‬ﻭﻭﻓﻘﺎ ﻟﻠﻨﺘﺎﺋﺞ‪ ،‬ﻛﺎﻧﺖ ﻫﻨﺎﻙ ﺣﺎﺟﺔ ﺇﻟﻰ ﺫﺍﻛﺮﺓ ﺃﻗﻞ ﺑﻨﺴﺒﺔ ‪٪91.89‬‬
‫ﻟﺘﺨﺰﻳﻦﺑﻴﺎﻧﺎﺕ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ ﺑﺴﺒﺐ ‪.LAE‬‬
‫ﻟﻠﺤﺪﻣﻦ ﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﻤﺤﺘﻤﻠﺔ ﺍﻟﺘﻲ ﺗﺸﻜﻠﻬﺎ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﺃﺻﺒﺢ ﻣﻦ ﺍﻟﻀﺮﻭﺭﻱ ﺍﻵﻥ ﺍﻟﻘﻴﺎﻡ ﺑﺬﻟﻚ‬
‫ﺗﻢﺗﺤﺪﻳﺪ ‪ DDoS‬ﺑﺴﺮﻋﺔ‪ .‬ﺃﻓﻀﻞ ﺧﻮﺍﺭﺯﻣﻴﺔ ﺑﺎﺕ ﻣﺤﻠﻴﺔ ﻭﻋﺎﻟﻤﻴﺔ ﻟﻸﻋﺼﺎﺏ‬
‫ﺗﻢﺗﻘﺪﻳﻢ ﺷﺒﻜﺎﺕ )‪ (LGBA-NN‬ﻓﻲ ﻫﺬﺍ ﺍﻟﺒﺤﺚ ]‪ [19‬ﻻﺧﺘﻴﺎﺭ ﻛﻠﻴﻬﻤﺎ‬
‫ﺍﻟﻤﻴﺰﺍﺕﻭﺍﻟﻤﻌﻠﻤﺎﺕ ﺍﻟﻔﺎﺋﻘﺔ ﺍﻟﻤﺤﺪﺩﺓ ﻟﻐﺮﺽ ﺍﻟﻜﺸﻒ ﺍﻟﻔﻌﺎﻝ ﻋﻦ‬
‫ﻫﺠﻤﺎﺕﺍﻟﺮﻭﺑﻮﺗﺎﺕ‪ ،‬ﻭﺍﻟﺘﻲ ﺗﻢ ﺍﺳﺘﻨﺘﺎﺟﻬﺎ ﻣﻦ ‪ 9‬ﺃﻧﻈﻤﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺘﺠﺎﺭﻳﺔ‪ .‬ﺍﻝ‬
‫‪13‬‬
‫ﺗﻢﺣﺴﺎﺏ ﺳﺮﻋﺔ ﺍﻟﺨﻔﺎﻓﻴﺶ ﺍﻟﻤﺤﺪﺛﺔ ﻓﻲ ﺍﻟﺴﺮﺏ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺃﻓﻀﻞ ﺳﺮﻋﺔ ﻣﺤﻠﻴﺔ ﻭﻋﺎﻟﻤﻴﺔ‪.‬‬
‫ﻭﺯﻥﺍﻟﻘﺼﻮﺭ ﺍﻟﺬﺍﺗﻲ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ﺃﺳﺎﺱ‪ ،‬ﻭﺍﻟﺬﻱ ﺗﻢ ﻗﺒﻮﻟﻪ ﻣﻦ ﻗﺒﻞ ﺧﻮﺍﺭﺯﻣﻴﺔ ﺑﺎﺕ )‪ (BA‬ﺍﻟﺬﻱ ﻛﺎﻥ‬
‫ﻣﺘﻄﻮﺭ‪.‬ﻭﺍﻗﺘﺮﺣﻮﺍ ﻣﻦ ﺃﺟﻞ ﻣﻌﺎﻟﺠﺔ ﻣﺴﺄﻟﺔ ﺗﻨﻮﻉ ﺳﺮﺏ ﻣﻜﺘﺒﺔ ﺍﻹﺳﻜﻨﺪﺭﻳﺔ‬
‫ﺍﺳﺘﺨﺪﺍﻡﺗﻮﺯﻳﻊ ﻏﺎﻭﺳﻲ ﻟﺘﻬﻴﺌﺔ ﺍﻟﺴﻜﺎﻥ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪،‬‬
‫ﺗﻢﺗﻨﻔﻴﺬ ﺍﺳﺘﺮﺍﺗﻴﺠﻴﺔ ﺍﻟﺒﺤﺚ ﺍﻟﻤﺤﻠﻴﺔ ﺑﻮﺍﺳﻄﺔ ﺩﺍﻟﺔ ﺍﻟﻜﺜﺎﻓﺔ ﺍﻟﻐﻮﺳﻴﺔ ﻭ‬
‫ﺃﻓﻀﻞﻭﻇﻴﻔﺔ ﻣﺤﻠﻴﺔ ﻭﻋﺎﻟﻤﻴﺔ ﻣﻦ ﺃﺟﻞ ﺗﺤﺴﻴﻦ ﺍﻻﺳﺘﻜﺸﺎﻑ ﻓﻲ ﻛﻞ ﺗﻜﺮﺍﺭ‪ .‬ﻫﺬﺍ‬
‫ﺗﻢﺍﺗﺨﺎﺫ ﺍﻹﺟﺮﺍءﺍﺕ ﺍﻟﻼﺯﻣﺔ ﻟﺘﺤﻘﻴﻖ ﺃﻛﺒﺮ ﺍﻟﻨﺘﺎﺋﺞ‪ .‬ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ‬
‫ﺗﻢﺑﻌﺪ ﺫﻟﻚ ﺗﺤﺴﻴﻦ ﺍﻟﻤﻌﻠﻤﺎﺕ ﺍﻟﻔﺎﺋﻘﺔ ﻭﺍﻷﻭﺯﺍﻥ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻧﻈﺮﻳﺔ ﺑﺎﻳﺰﻱ ﺍﻟﻤﺤﺴﻨﺔ‬
‫ﺗﺤﻠﻴﻞﻟﺘﺼﻨﻴﻒ ‪ 10‬ﻫﺠﻤﺎﺕ ﻣﺨﺘﻠﻔﺔ ﻟﺸﺒﻜﺎﺕ ﺍﻟﺮﻭﺑﻮﺕ ﻭﻓﺌﺔ ﻣﺴﺘﻬﺪﻓﺔ ﺣﻤﻴﺪﺓ ﻭﺍﺣﺪﺓ‪ .‬ﻥ‪-‬‬
‫ﺗﻢﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BaIoT‬ﺍﻟﺘﻲ ﺗﺘﻜﻮﻥ ﻣﻦ ﺑﻴﺎﻧﺎﺕ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﻓﻌﻠﻴﺔ ﻛﺒﻴﺮﺓ ﻟﻠﺘﻘﻴﻴﻢ‬
‫ﻃﺮﻳﻘﺔ‪ LGBA-NN‬ﺍﻟﻤﻘﺘﺮﺣﺔ‪ .‬ﺗﻀﻤﻨﺖ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻫﺬﻩ ﻛﻼ ًﻣﻦ ﺍﻟﺤﻤﻴﺪﺓ ﻭ‬
‫ﺍﻟﻔﺌﺎﺕﺍﻟﻤﺴﺘﻬﺪﻓﺔ ﺍﻟﺨﺒﻴﺜﺔ‪ .‬ﺗﻢ ﺗﻘﻴﻴﻢ ﻓﻌﺎﻟﻴﺔ ‪ LGBA-NN‬ﻓﻲ‬
‫ﻣﻘﺎﺭﻧﺔﺑﺎﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻷﺳﺎﻟﻴﺐ ﺍﻟﻤﺘﻘﺪﻣﺔ ﺍﻟﺘﻲ ﺗﻢ ﺗﻄﻮﻳﺮﻫﺎ ﻣﺆﺧﺮﺍً‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ‬
‫ﺗﺤﺴﻴﻦﺍﻟﻮﺯﻥ ﻋﻦ ﻃﺮﻳﻖ ﺗﺤﺴﻴﻦ ﺳﺮﺏ ﺍﻟﺠﺴﻴﻤﺎﺕ )‪ (PSO-NN‬ﻭ ‪-BA‬‬
‫ﻥ‪.‬ﺃﻇﻬﺮﺕ ﻧﺘﺎﺋﺞ ﺍﻟﺘﺠﺎﺭﺏ ﺃﻥ ‪ LGBA-NN‬ﺃﻓﻀﻞ ﻣﻦ ‪BA-NN‬‬
‫ﻭ‪ PSO-NN‬ﻓﻲ ﺗﺤﺪﻳﺪ ﻫﺠﻤﺎﺕ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ ﻣﺘﻌﺪﺩﺓ ﺍﻟﻔﺌﺎﺕ‪LGBA-NN ،‬‬
‫ﻭﺻﻠﺖﺍﻟﺪﻗﺔ ﺇﻟﻰ ‪.%90‬‬
‫ﺗﻘﺪﻡﻫﺬﻩ ﺍﻟﻤﻘﺎﻟﺔ ]‪ [20‬ﺷﺒﻜﺔ ‪ NN‬ﻋﺸﻮﺍﺋﻴﺔ ﻋﻤﻴﻘﺔ ﻫﺠﻴﻨﺔ ﻓﺮﻳﺪﺓ )‪ (HDRaNN‬ﻟـ‬
‫ﺍﻟﻜﺸﻒﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺼﻨﺎﻋﻴﺔ )‪ .(IIoT‬ﺍﻟﻌﻤﻴﻖ‬
‫ﻛﺎﻧﺖﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﺍﻟﻤﻨﺘﻈﻤﺔ ﺍﻟﻤﺘﺴﺮﺑﺔ )‪ (HDRaNN‬ﻧﻤﻮﺫﺟﺎً ﻫﺠﻴﻨﺎً‬
‫‪14‬‬
‫ﺍﻟﺬﻱﻳﺠﻤﻊ ﺑﻴﻦ ﺷﺒﻜﺔ ﻋﺼﺒﻴﺔ ﻋﺸﻮﺍﺋﻴﺔ ﻋﻤﻴﻘﺔ ﻭﺇﺩﺭﺍﻙ ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ‪ .‬ﺍﻝ‬
‫ﺗﻢﺗﻘﻴﻴﻢ ﺍﻟﻨﻬﺞ ﺍﻟﺬﻱ ﺗﻢ ﺍﻗﺘﺮﺍﺣﻪ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺘﻴﻦ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﻣﺮﺗﺒﻄﺔﺑﺄﻣﺎﻥ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺗﻢ ﺍﺳﺘﺨﺪﺍﻡ ﻣﻘﺎﻳﻴﺲ ﺍﻷﺩﺍء ﺍﻟﻤﺨﺘﻠﻔﺔ ﻹﺟﺮﺍء‬
‫ﺗﺤﻠﻴﻞﺍﻷﺩﺍء ﻟﻠﺨﻄﺔ ﺍﻟﻤﻘﺘﺮﺣﺔ‪ .‬ﻛﺎﻥ ‪ HDRaNN‬ﻗﺎﺩﺭﺍً ﻋﻠﻰ ﺫﻟﻚ‬
‫ﺗﺼﻨﻴﻒﻣﺎ ﻣﺠﻤﻮﻋﻪ ﺳﺘﺔ ﻋﺸﺮ ﻓﺌﺔ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﺑﺪﻗﺔ‬
‫‪0.98‬ﺇﻟﻰ ‪.0.99‬‬
‫ﻓﻲﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ ]‪ ،[21‬ﺍﻗﺘﺮﺡ ﺍﻟﻤﺆﻟﻔﻮﻥ ﻫﺠﻮﻡ ﺛﻐﺮﺓ ‪ ،RPL‬ﺍﻟﺬﻱ ﻳﺴﺘﻬﺪﻑ‬
‫ﺑﺮﻭﺗﻮﻛﻮﻝﺗﻮﺟﻴﻪ ‪ IPv6‬ﺷﺎﺋﻊ ﺍﻻﺳﺘﺨﺪﺍﻡ ﻓﻲ ﺍﻷﻧﻈﻤﺔ ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺃﻣﻦ‬
‫ﺗﻢﻭﺻﻒ ﺍﻟﺘﻘﻨﻴﺔ ﺍﻟﻤﺒﻨﻴﺔ ﻋﻠﻰ ‪ .ML‬ﺗﻘﻴﻴﻢ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺠﻤﻌﺔ‬
‫ﻭﻛﺸﻒﺃﻥ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺗﺤﺪﺩ ﺍﻟﺜﻐﺮﺓ‬
‫ﺍﻟﻬﺠﻮﻡﺑﺸﻜﻞ ﺻﺤﻴﺢ‪.‬‬
‫ﻟﻠﺘﻐﻠﺐﻋﻠﻰ ﺍﻟﺼﻌﻮﺑﺎﺕ ﺍﻟﻤﺮﺗﺒﻄﺔ ﺑﺤﻤﺎﻳﺔ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻭﻫﻲ‬
‫ﺗﻀﺨﻴﻤﻬﺎﺣﺠﻢ ﻭﺗﻨﻮﻉ ﺍﻟﻨﺸﺮ‪ ،‬ﻭﺍﻟﺘﻐﻴﺮ ﺍﻟﺴﺮﻳﻊ‬
‫ﺑﻴﺌﺔﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ‪ .‬ﻗﺎﻡ ﻣﺆﻟﻔﻮ ]‪ [22‬ﺑﺘﻄﻮﻳﺮ ﺗﻘﻨﻴﺔ‬
‫ﻳﺴﺘﺨﺪﻡﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻘﻮﻱ ﻟﺘﺤﺪﻳﺪ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﻤﻮﺟﻬﺔ‬
‫ﺿﺪﻣﻌﺪﺍﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺗﺘﻀﻤﻦ ﻃﺮﻳﻘﺘﻬﻢ ﺩﻣﺞ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪LSTM‬‬
‫ﻓﻲﺍﻟﺤﻠﻮﻝ ﺍﻟﻘﺎﺋﻤﺔ‪ .‬ﻭﺑﻌﺪ ﺫﻟﻚ‪ ،‬ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ﺷﺠﺮﺓ ﺍﻟﻘﺮﺍﺭ ﻟﻠﺠﻤﻊ‬
‫ﻫﺬﻩﺍﻟﻮﺣﺪﺍﺕ ﺍﻟﻔﺮﺩﻳﺔ‪ ،‬ﺑﺤﻴﺚ ﻳﻤﻜﻦ ﺇﻧﺘﺎﺝ ﻧﺘﻴﺠﺔ ﻣﺠﻤﻌﺔ‪ .‬ﻫﻢ‬
‫ﺣﻘﻘﺖﻣﻌﺪﻝ ﺩﻗﺔ ﻳﺰﻳﺪ ﻋﻦ ‪ %99‬ﻋﻨﺪﻣﺎ ﻳﺘﻌﻠﻖ ﺍﻷﻣﺮ ﺑﺘﺤﺪﻳﺪ ﺍﻟﻬﻮﻳﺔ‬
‫‪15‬‬
‫ﺍﻟﺘﻬﺪﻳﺪﺍﺕﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺿﺪ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻣﻦ ﺧﻼﻝ ﺗﻘﻴﻴﻢ ﻓﻌﺎﻟﻴﺔ ﺗﻘﻨﻴﺎﺗﻬﺎ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.Modbus‬‬
‫ﻗﺪﻡﺍﻟﺒﺎﺣﺜﻮﻥ ﻓﻲ ﻫﺬﻩ ﺍﻟﻮﺭﻗﺔ ]‪ [23‬ﻧﻤﻮﺫﺟﺎً ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ‬
‫ﺗﻘﻨﻴﺎﺕﺗﻌﻠﻢ ﺍﻵﻟﺔ‪ .‬ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT-IoT، KNN‬ﻭ‪ Naive Bayes‬ﻭ‪MLP ANN‬‬
‫ﺗﻢﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﻨﻤﺎﺫﺝ ﻟﺒﻨﺎء ﻧﻤﻮﺫﺝ‪ .‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﺮﻗﻢ ﺍﻷﻭﻟﻲ ﻭﻓﻘﺎ ﻝ‬
‫ﺍﻟﻜﻔﺎءﺓﻭﻧﺘﻴﺠﺔ ‪ ،ROC AUC‬ﺗﻢ ﺗﺤﺪﻳﺪ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔ ﺍﻷﻣﺜﻞ‪.‬‬
‫ﺩﻣﺞﺃﺳﺎﻟﻴﺐ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻣﻊ ﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ ﻭ‬
‫ﻣﻨﻬﺠﻴﺔﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﺍﻟﻌﻴﻨﺎﺕ )‪ .(SMOTE‬ﻋﻠﻰ ﺍﻟﻄﺒﻘﺔ ﻏﻴﺮ ﻣﺘﻮﺍﺯﻧﺔ ﻭﻣﺘﻮﺍﺯﻧﺔ ﺍﻟﻄﺒﻘﺔ‬
‫ﻣﺠﻤﻮﻋﺎﺕﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،‬ﺗﻢ ﺗﻘﻴﻴﻢ ﺃﺩﺍء ﺛﻼﺙ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ‪.‬‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺃﺳﺎﻟﻴﺐ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ ،‬ﻛﺎﻧﺖ ﻫﻨﺎﻙ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‬
‫ﺍﻟﻤﻨﺘﻈﺮﻓﻲ ﻫﺬﻩ ﺍﻟﻤﺎﺩﺓ ]‪ . [24‬ﻧﻈﺎﻡ ﺗﻨﺒﺆﻱ ﺟﺪﻳﺪ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‬
‫ﺗﻢﺗﻄﻮﻳﺮ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ )‪ .(RaNN‬ﻭﻛﺎﻧﺖ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﻣﻌﺎﻳﻴﺮ ﺍﻟﺘﻘﻴﻴﻢ‬
‫ﺗﻢﺗﻄﻮﻳﺮﻩ ﻟﻴﺘﻢ ﺍﺧﺘﺒﺎﺭﻩ ﺑﺎﺳﺘﺨﺪﺍﻡ ‪ ANN‬ﻭ‪ SVM‬ﻭﺷﺠﺮﺓ ﺍﻟﻘﺮﺍﺭ ﻟﺘﺤﺪﻳﺪ‬
‫ﺩﻗﺔﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﺘﻨﺒﺆﻱ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪ .RaNN‬ﻭﻓﻘﺎ ﻟﻠﺘﻘﻴﻴﻢ‬
‫ﺍﻟﻨﺘﺎﺋﺞ‪،‬ﺣﻘﻖ ﻧﻤﻮﺫﺝ ‪ RaNN‬ﺍﻟﻤﻘﺘﺮﺡ ﻛﻔﺎءﺓ ﻗﺪﺭﻫﺎ ‪ %99.20‬ﻣﻊ ﺃ‬
‫ﻣﻌﺪﻝﺍﻟﺘﻌﻠﻢ ‪ 0.01‬ﻭﻃﻮﻝ ﺯﻣﻨﻲ ‪ 34.51‬ﻣﻠﻠﻲ ﺛﺎﻧﻴﺔ‪.‬‬
‫‪.‬‬
‫‪16‬‬
‫ﺍﻟﺠﺪﻭﻝ‪1-2‬ﻣﺮﺍﺟﻌﺔ ﻣﻘﺎﺭﻧﺔ ﻷﺣﺪﺙ ﺣﻠﻮﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﻳﺆﺩﻱﺍﻟﻰ )‪(٪‬‬ ‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ‬ ‫ﺍﻟﻤﻨﻬﺠﻴﺔﺍﻟﻤﺴﺘﺨﺪﻣﺔ‬ ‫ﺍﻟﺒﻴﺎﻧﺎﺕﺍﻟﻤﺴﺘﺨﺪﻣﺔ‬ ‫ﺳﻨﺔ‬ ‫ﺍﻟﻤﺮﺟﻊ‬
‫‪99‬ﺩﻗﺔ‬ ‫ﺇﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء‪ ،23-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻟﻤﺆﺳﺴﺔ ﺍﻟﺘﺪﺭﻳﺐ ﺍﻷﻭﺭﻭﺑﻴﺔ‬
‫)ﻓﻴﻞ‪-‬ﻣﻞ(‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫]‪2023 [13‬‬

‫‪96‬ﺩﺭﺟﺔ ‪f-1‬‬ ‫ﺍﻟﺮﻭﺑﻮﺗﺎﺕ‬
‫ﺩﻗﺔ‪98.82‬‬ ‫‪RNN، )LSTM(-RNN،‬‬
‫ﺩﻗﺔ‪99.76‬‬ ‫ﺳﻲﺇﻥ ﺇﻥ‪ ،‬ﺑﻴﻠﺴﺘﻢ )ﺳﻲ ﺇﻥ ﺇﻥ‪(-‬‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫‪CICID2017‬‬ ‫]‪2023 [14‬‬
‫ﺩﻗﺔ‪98.90‬‬ ‫ﺑﻴﻠﺴﺘﻢ(‬
‫‪98‬‬ ‫ﺩﻗﺔ‬
‫ﺃﺫﻛﺮ‪97‬‬ ‫‪DS2OS،‬‬
‫ﻧﻤﻮﺫﺝﻗﺎﺋﻢ ﻋﻠﻰ ‪SET‬‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫]‪2022 [15‬‬
‫ﺍﻟﺪﻗﺔ‪95‬‬ ‫‪CICIDS2017‬‬
‫‪95‬‬ ‫ﻗﻴﺎﺱ‪F‬‬
‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪,‬‬
‫‪ ،98.87،99.98‬ﻭ‬
‫ﺁﺭﺇﻥ ﺇﻥ‪ ،‬ﺳﻲ ﺇﻥ ﺇﻥ‪ ،‬ﻭ ﺩﻱ ﺇﻥ ﺇﻥ‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫]‪ 2021 [16‬ﻣﻜﻮﺗﺴﻴﺖ‪,‬‬
‫‪99.68‬‬
‫‪TON_IoT‬‬
‫ﻫﺠﻮﻡ‪DDos‬‬
‫ﺩﻗﺔ‪99.83‬‬
‫ﺑﻮﺕ‪-N،‬‬
‫ﺍﻟﺪﻗﺔ‪99.98‬‬ ‫‪FDL‬‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫]‪2021 [17‬‬
‫ﺑﺎﻳﻮﺕ‬
‫ﺃﺫﻛﺮ‪99.70‬‬
‫ﺩﺭﺟﺔﺍﻟﻔﻮﺭﻣﻮﻻ ‪99.84 1‬‬
‫ﻻﻱﻝ‬
‫ﺇﻃﺎﺭ‪ DL‬ﺍﻟﻬﺠﻴﻦ‬ ‫ﺍﻷﺑﻌﺎﺩ‬
‫‪91.89‬‬ ‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬ ‫]‪2020 [18‬‬
‫(‪)LAE-BLSTM‬‬ ‫ﺗﺨﻔﻴﺾﻭ‬
‫ﺍﻟﻤﺼﻨﻒ‪BLSTM‬‬
‫ﺩﻗﺔ‪90‬‬ ‫‪LGBA-NN‬‬ ‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﻌﺼﺒﻴﺔ‬ ‫]‪ 2021 [19‬ﺇﻥ‪-‬ﺑﺎﻳﻮﺕ‬
‫‪17‬‬
‫ﺍﻟﻬﺠﻴﻦﺍﻟﻌﻤﻴﻖ‬
‫‪98‬‬ ‫‪DS2OS،‬‬
‫‪HDRaNN‬‬ ‫ﻋﺼﺒﻴﺔﻋﺸﻮﺍﺋﻴﺔ‬ ‫]‪2021 [20‬‬
‫‪99‬‬ ‫‪UNSW-NB15‬‬
‫ﺍﻟﺸﺒﻜﺎﺕ‬
‫‪98.99‬‬ ‫ﺩﻗﺔ‬ ‫ﺇﻝﺇﺱ ﺗﻲ ﺇﻡ ﻭ‬ ‫ﻣﻮﺩﺑﻮﺱ‪/‬ﺗﻜﺐ‬

‫‪LSTM‬‬ ‫]‪2020 [22‬‬
‫‪99.41‬‬ ‫ﺩﻗﺔ‬ ‫ﺍﻟﺘﻌﻠﻢﺍﻟﺠﻤﺎﻋﻲ‬ ‫ﺍﺯﺩﺣﺎﻡﺍﻧﺘﺮﻧﺖ‬
‫‪ 99.4،99.6‬ﻭ‪،‬‬ ‫ﻛﻲﺇﻥ ﺇﻥ‪ ،‬ﻧﺎﻳﻒ ﺑﺎﻳﺰ‬

‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬ ‫]‪2021 [23‬‬
‫‪87.4‬‬ ‫ﻭ‪ MLP‬ﺁﻥ‬
‫ﺩﻗﺔ‪99.20‬‬
‫ﺍﻟﺪﻗﺔ‪99.11‬‬
‫ﺭﺍﻥ‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫‪DS2OS‬‬ ‫]‪2020 [24‬‬
‫ﺃﺫﻛﺮ‪99.13‬‬
‫ﺩﺭﺟﺔ‪F1 99.20‬‬
‫‪2.3‬ﺍﻟﻤﻨﺎﻗﺸﺔ‬
‫ﻓﻲﺍﻵﻭﻧﺔ ﺍﻷﺧﻴﺮﺓ‪ ،‬ﺗﻢ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻓﻲ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﺪﺭﺍﺳﺎﺕ‬
‫ﺗﻌﺰﻳﺰﻛﻔﺎءﺓ ﻧﻤﺎﺫﺝ ﺍﻟﺘﺪﺭﻳﺐ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ .2.1‬ﻟﻜﻦ‪،‬‬
‫ﻻﺗﺪﺭﺱ ﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺎﺕ ﺑﺸﻜﻞ ﻛﺎﻣﻞ ﺍﻟﺸﺒﻜﺎﺕ ﻓﻲ ﻣﺠﺎﻝ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻟﺘﺤﺪﻳﺪﻫﺎ‬
‫ﺍﻟﻤﺨﺎﻟﻔﺎﺕﺑﺴﺮﻋﺔ ﻭﺩﻗﺔ ﻟﻠﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﻟﺮﺩ ﻋﻠﻴﻬﺎ‪ .‬ﻭ‬
‫ﺍﻟﺘﻐﻠﺐﻋﻠﻰ ﻣﺸﻜﻼﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﺜﻞ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﺍﻟﻌﺪﺩ ﺍﻷﻣﺜﻞ ﻣﻦ‬
‫ﺍﻟﺨﻼﻳﺎﺍﻟﻌﺼﺒﻴﺔ ﻭﺍﻟﻤﻌﻠﻤﺎﺕ ﺍﻟﺘﻲ ﺗﺤﻘﻖ ﻫﺪﻑ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﺜﺎﻟﻲ‪.‬‬
‫ﺑﺎﺧﺘﺼﺎﺭ‪،‬ﻃﻮﺭ ﺍﻟﺒﺤﺚ ﻧﻤﺎﺫﺝ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺗﺘﻨﺎﻭﻝ ﻓﻘﻂ‬
‫ﺍﻟﻘﻴﻤﺔﺍﻟﺨﺎﺻﺔ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺑﺸﻜﻞ ﻋﺎﻡ‪ ،‬ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﺜﻞ ‪-Bot‬‬
‫ﻳﺘﻢﺍﺳﺘﺨﺪﺍﻡ ‪ IoT‬ﻭ‪ MQTTset‬ﻭ‪ TON IoT‬ﻭ‪ DS2OS‬ﻭ‪ CICIDS2017‬ﻟﺘﻘﻴﻴﻢ‬
‫ﻋﺎﺭﺿﺎﺕﺍﺯﻳﺎء‪ .‬ﻧﻈﺮﺍً ﻟﻠﻤﺘﻄﻠﺒﺎﺕ ﺍﻷﻣﻨﻴﺔ ﺍﻟﻤﺘﺰﺍﻳﺪﺓ ﻟﺸﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻓﻬﻲ ﻛﺬﻟﻚ‬
‫‪18‬‬
‫ﺿﺮﻭﺭﻱﻟﺘﻘﻴﻴﻢ ﻣﺠﻤﻮﻋﺎﺕ ﺑﻴﺎﻧﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻷﺣﺪﺙ‪ .‬ﺗﻢ ﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ DS2OS‬ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ‬
‫ﻟﻔﺸﻞﻧﻈﺎﻡ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﺳﺘﺨﺪﺍﻣﻬﺎ ﻓﻲ ﺍﻟﻤﻨﺸﻮﺭﺍﺕ ﺍﻟﻤﻤﺎﺛﻠﺔ ]‪ [22] [15‬ﻭ ]‪.[26‬‬
‫ﻟﻄﻴﻒﻭﺁﺧﺮﻭﻥ‪ [26] .‬ﺣﺼﻠﺖ ﻋﻠﻰ ﺩﻗﺔ ﺑﻨﺴﺒﺔ ‪ ٪99.2‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﻧﻤﻮﺫﺝ ﺍﻟﺘﻨﺒﺆ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪RaNN‬‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ‪ .DS2OS‬ﺑﻴﻨﻤﺎ ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ Bot-IoT‬ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺗﻘﻴﻴﻢﻧﻈﺎﻡ ﺍﻟﺸﺒﻜﺎﺕ ﻭﺍﺳﺘﺨﺪﺍﻣﻪ ﻓﻲ ﺍﻟﻤﻨﺸﻮﺭﺍﺕ ﺍﻟﻤﻤﺎﺛﻠﺔ ]‪،[16] [13‬‬
‫ﻭ]‪ ،[17‬ﻭ]‪ .[25‬ﻓﻴﺮﺍﺝ ﻭﺁﺧﺮﻭﻥ‪ [16] .‬ﺣﺼﻠﺖ ﻋﻠﻰ ﺩﻗﺔ ﺗﺰﻳﺪ ﻋﻦ ‪ %99‬ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﻧﻤﻮﺫﺝﺍﻟﺘﻨﺒﺆ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪ RaNN‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .Bot-IoT‬ﻭﺣﺘﻰ ﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻟﺘﺪﺭﻳﺐ‬
‫ﻭﻧﻤﺎﺫﺝﺍﻷﺩﺍء ﻓﻲ ﺍﻟﺪﺭﺍﺳﺎﺕ ﺍﻟﻤﺬﻛﻮﺭﺓ ﺃﻋﻼﻩ ﻻ ﺗﺰﺍﻝ ﻣﻌﻘﺪﺓ ﻭﻣﺤﺪﻭﺩﺓ‬
‫ﺃﺟﻬﺰﺓﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﻭﻋﻼﻭﺓ ﻋﻠﻰ ﺫﻟﻚ‪ ،‬ﻓﻤﻦ ﺍﻟﻀﺮﻭﺭﻱ ﺍﺳﺘﻜﺸﺎﻑ ﻣﺪﻯ ﺍﻟﺘﻮﺍﻓﻖ‬
‫ﺍﻟﻨﻤﺎﺫﺝﺍﻟﻤﺘﻮﻓﺮﺓ ﻓﻲ ﺍﻟﺒﺤﺚ ﺑﺄﺟﻬﺰﺓ ﻣﺤﺪﻭﺩﺓ ﺍﻟﻤﻮﺍﺭﺩ‪ .‬ﻫﻜﺬﺍ‪،‬‬
‫ﺗﻬﺪﻑﺩﺭﺍﺳﺘﻨﺎ ﺇﻟﻰ ﺣﻞ ﻫﺬﻩ ﺍﻟﻤﺸﻜﻠﺔ‪ ،‬ﻭﺗﻄﻮﻳﺮ ﺗﻨﺒﺆ ﻋﻤﻴﻖ ﻗﺎﺋﻢ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ‬
‫ﻟﻠﻜﺸﻒﻋﻦ ﺍﻟﻬﺠﻮﻡ ﻣﻦ ﺧﻼﻝ ﺑﻨﺎء ﻧﻤﻮﺫﺝ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺃﻣﻦ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﺜﻞ ‪ RNN‬ﻭ‪ LSTM‬ﻭﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ‪.‬‬
‫‪19‬‬
‫ﺍﻟﻤﻨﻬﺠﻴﺔ‬ ‫ﺍﻟﻔﺼﻞ‪:3‬‬
‫‪3.1‬ﻣﻘﺪﻣﺔ‬
‫ﻳﻘﺪﻡﻫﺬﺍ ﺍﻟﻌﻤﻞ ﻧﻤﻮﺫﺟﺎً ﺁﻟﻴﺎً ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﺸﺒﻜﺔ ﻹﻧﺘﺮﻧﺖ‬
‫ﺃﺷﻴﺎء‪.‬ﻳﺠﻤﻊ ﻧﻤﻮﺫﺟﻨﺎ ﺍﻟﻤﻘﺘﺮﺡ ﺑﻴﺎﻧﺎﺕ ﺍﻟﺘﺪﻓﻖ ﺍﻟﺘﻲ ﺗﻢ ﺟﻤﻌﻬﺎ ﺑﻮﺍﺳﻄﺔ ﺃﺟﻬﺰﺓ ﺍﻻﺳﺘﺸﻌﺎﺭ‪ ،‬ﻭﻫﻲ‬
‫ﺗﻢﻧﻘﻠﻬﺎ ﻻﺣﻘﺎً ﺇﻟﻰ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﻬﻨﺪﺳﻴﺔ ﺍﻟﻤﻤﻴﺰﺓ‪ .‬ﻓﺈﻧﻪ ﺳﻮﻑ‬
‫ﺍﻻﺳﺘﻔﺎﺩﺓﻣﻦ ﺗﻘﻨﻴﺎﺕ ﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ ﻣﺜﻞ ﺍﺧﺘﻴﺎﺭ ﺍﻟﻤﻴﺰﺓ ﻭﺍﻟﻤﻴﺰﺓ‬
‫ﺍﺧﺘﻼﻝﺍﻟﺘﻮﺍﺯﻥ‪ .‬ﺗﻘﻨﻴﺎﺕ ﺍﺧﺘﻴﺎﺭ ﺍﻟﻤﻴﺰﺓ‪ ،‬ﻣﺜﻞ ﺇﺯﺍﻟﺔ ﺍﻟﻤﻴﺰﺓ ﺍﻟﻌﻮﺩﻳﺔ‬
‫ﻭﺗﺤﻠﻴﻞﺍﻟﻤﻜﻮﻧﺎﺕ ﺍﻟﺮﺋﻴﺴﻴﺔ‪ ،‬ﻳﻤﻜﻦ ﺍﻟﺘﻐﻠﺐ ﻋﻠﻰ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﻣﺸﺎﻛﻞ ﺍﻟﺒﻴﺎﻧﺎﺕ‪،‬‬
‫ﻣﺜﻞﺗﻘﻠﻴﻞ ﺍﻟﺘﺠﻬﻴﺰ ﺍﻟﺰﺍﺋﺪ ﻭﻭﻗﺖ ﺍﻟﺘﺪﺭﻳﺐ ﻭﺗﺤﺴﻴﻦ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻌﺎﻡ‬
‫ﺩﻗﺔ‪.‬ﻓﻲ ]‪ [23‬ﻳﺴﺘﺨﺪﻡ ﺍﻟﻤﺆﻟﻔﻮﻥ ﻧﻬﺞ ‪ SMOTE‬ﻟﺘﺤﻘﻴﻖ ﺍﻟﺘﻮﺍﺯﻥ‬
‫ﻗﺪﻣﺖﺑﻴﺎﻧﺎﺕ ﻟﻤﻌﺎﻟﺠﺔ ﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﻄﺒﻘﻲ ﻓﻲ ﻧﻤﻮﺫﺟﻨﺎ‪ .‬ﺛﻢ‪ ،‬ﻋﺪﺓ ﻋﻤﻴﻘﺔ‬
‫ﺳﻴﺘﻢﺗﻨﻔﻴﺬ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﻟﺘﺤﺪﻳﺪ ﺍﻷﺩﺍء ﻭﺍﻟﻮﻗﺖ‬
‫ﺗﻌﻘﻴﺪﻛﻞ ﻧﻤﻮﺫﺝ ﻓﺮﻳﺪ ﻣﻦ ﻧﻮﻋﻪ‪.‬‬
‫‪3.2‬ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺮﺟﻌﻴﺔ‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬ ‫‪-‬‬
‫ﻳﺘﻢﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ﺗﻄﻮﻳﺮ ﺟﺪﻳﺪﺓ ‪ Bot-IoT‬ﻟﻐﺮﺽ ﺍﻟﺘﺤﻔﻴﺰ‬
‫ﺗﺤﺪﻳﺪﺍﻻﻋﺘﺪﺍء ﻓﻲ ﺍﻟﺘﺠﺮﺑﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ]‪ .[26] ،[25‬ﺍﻝ‬
‫ﺗﺘﻀﻤﻦﺍﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ﻣﻦ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺗﻢ ﺟﻤﻌﻬﺎ ﻣﻦ ‪Cyber Range‬‬
‫ﻣﺨﺘﺒﺮﺟﺎﻣﻌﺔ ﻧﻴﻮ ﺳﺎﻭﺙ ﻭﻳﻠﺰ ﻛﺎﻧﺒﻴﺮﺍ ]‪ ،[27‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺗﺪﻓﻘﺎﺕ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﺍﻟﻌﺎﺩﻳﺔ ﻭﺗﺪﻓﻘﺎﺕ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ‬
‫‪20‬‬
‫ﺍﻟﻨﺎﺟﻤﺔﻋﻦ ﺷﺒﻜﺎﺕ ﺍﻟﺮﻭﺑﻮﺕ ﺑﺴﺒﺐ ﺃﻧﻮﺍﻉ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ ]‪ .[28‬ﺍﺧﺘﺒﺎﺭ ﻭﺍﻗﻌﻲ‬
‫ﺍﻟﻤﺠﻬﺰﺑﺨﺼﺎﺋﺺ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺍﻟﻤﻔﻴﺪﺓ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ ﻓﻲ ﺍﻹﻧﺘﺎﺝ‬
‫ﻣﻦﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻫﺬﻩ ﺑﺤﻴﺚ ﻳﻤﻜﻦ ﺗﺘﺒﻊ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﺍﻟﺪﻗﻴﻘﺔ ﺃﺛﻨﺎء ﺇﻧﺘﺎﺝ ﻣﻠﻒ‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﻣﻔﻴﺪﺓ‪ .‬ﻭﺑﻄﺮﻳﻘﺔ ﻣﻤﺎﺛﻠﺔ‪ ،‬ﺗﻢ ﺍﺳﺘﺨﺮﺍﺝ ﺍﻟﻤﺰﻳﺪ ﻣﻦ ﺍﻟﻤﻴﺰﺍﺕ ﻭﺇﺿﺎﻓﺘﻬﺎ‬
‫ﻣﺠﻤﻮﻋﺔﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺴﺘﺨﺮﺟﺔ ﻣﺴﺒﻘﺎً ﻟﺘﺤﺴﻴﻦ ﺃﺩﺍء ﻣﻠﻒ‬
‫ﻧﻤﻮﺫﺝﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻭﺇﻧﺸﺎء ﻧﻤﻮﺫﺝ ﺗﻨﺒﺆ ﺩﻗﻴﻖ‪ .‬ﻭﻟﻜﻦ ﻻ ﻳﺰﺍﻝ‪ ،‬ﻝ‬
‫ﺗﺤﻘﻴﻖﻣﺴﺘﻮﻯ ﺃﻋﻠﻰ ﻣﻦ ﺍﻹﻧﺘﺎﺟﻴﺔ‪ ،‬ﻭﺍﻟﺼﻔﺎﺕ ﺍﻟﻤﺴﺘﺨﺮﺟﺔ‪ ،‬ﻭﺍﻟﺘﻲ ﺗﺸﻤﻞ‬
‫ﺗﻢﺇﻋﻄﺎء ﺗﺴﻤﻴﺎﺕ ﻟﺘﺪﻓﻖ ﺍﻟﻬﺠﻮﻡ ﻭﺍﻟﻔﺌﺎﺕ ﻭﺍﻟﻔﺌﺎﺕ ﺍﻟﻔﺮﻋﻴﺔ‪ .‬ﻣﻘﻠﺪ‬
‫ﺧﺪﻣﺎﺕﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻭﺑﻨﻴﺔ ﺍﻟﺸﺒﻜﺎﺕ‪ ،‬ﻭﺍﺳﺘﺨﺮﺍﺝ ﺍﻟﺨﺼﺎﺋﺺ‪ ،‬ﻭ‬
‫ﺍﻟﺘﺤﻠﻴﻼﺕﺍﻻﺳﺘﻘﺼﺎﺋﻴﺔ ﻫﻲ ﺍﻟﻤﻜﻮﻧﺎﺕ ﺍﻟﻔﺮﻋﻴﺔ ﺍﻟﺜﻼﺛﺔ ﻟﻼﺧﺘﺒﺎﺭ ﺍﻟﺘﻲ ﻛﺎﻧﺖ‬
‫ﺍﻟﻤﺴﺘﺨﺪﻣﺔ‪.‬ﻭﺇﻟﻰ ﺣﺪ ﻣﻤﺎﺛﻞ‪ ،‬ﻹﻋﺎﺩﺓ ﺇﻧﺸﺎء ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺬﻱ ﻳﻮﻟﺪ ﺩﻗﻴﻘﺔ ﺑﺪﻗﻴﻘﺔ‬
‫ﻣﻌﻠﻮﻣﺎﺕﺍﻷﺭﺻﺎﺩ ﺍﻟﺠﻮﻳﺔ‪ ،‬ﻣﺜﻞ ﺩﺭﺟﺔ ﺍﻟﺤﺮﺍﺭﺓ ﺍﻟﺤﺎﻟﻴﺔ ﻭﺍﻟﺮﻃﻮﺑﺔ ﻭﺍﻟﻬﻮﺍء‬
‫ﺿﻐﻂ‪.‬ﻣﺤﻄﺎﺕ ﻗﻴﺎﺱ ﺍﻟﻄﻘﺲ ﺃﻭ ‪ IoTs‬ﺍﻟﻤﻜﻮﻥ ﺍﻟﺜﺎﻧﻲ‬
‫ﻫﻲﺛﻼﺟﺔ ﺍﻟﺘﺒﺮﻳﺪ ﺍﻟﺬﻛﻴﺔ‪ ،‬ﺍﻟﺘﻲ ﺗﻨﻘﻞ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺣﻮﻝ ﺍﻟﺘﺒﺮﻳﺪ ﺃﻭ‬
‫ﺩﺭﺟﺔﺍﻟﺤﺮﺍﺭﺓ ﺇﻟﻰ ﺛﻼﺟﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺬﻛﻴﺔ ﺣﺘﻰ ﺗﺘﻤﻜﻦ ﻣﻦ ﺿﺒﻂ ﺩﺭﺟﺔ ﺣﺮﺍﺭﺗﻬﺎ‬
‫ﺑﺸﻜﻞﻣﻨﺎﺳﺐ‪ .‬ﺍﻟﻤﻜﻮﻥ ﺍﻟﺜﺎﻟﺚ ﻫﻮ ﺍﻟﺘﺤﻜﻢ ﻓﻲ ﺍﻹﺿﺎءﺓ ﻣﻦ ﺧﻼﻝ ﺟﻬﺎﺯ ﺫﻛﻲ‪.‬‬
‫ﻫﺬﻩﺍﻷﺿﻮﺍء ﻋﺒﺎﺭﺓ ﻋﻦ ﻧﺴﺦ ﻣﻌﻤﻤﺔ ﻣﻦ ﺍﻹﺷﺎﺭﺍﺕ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﺍﻟﺰﺍﺋﻔﺔ ﺍﻟﺘﻲ ﺗﺘﺤﺮﻙ‬
‫ﺗﻨﺘﺞﺃﺟﻬﺰﺓ ﺍﻟﻜﺸﻒ‪ .‬ﺳﻴﺘﻢ ﺗﺸﻐﻴﻞ ﺍﻟﻀﻮء ﺗﻠﻘﺎﺋﻴﺎً ﺇﺫﺍ ﺍﻛﺘﺸﻒ ﺍﻟﺤﺮﻛﺔ‪ ،‬ﻭﻟﻜﻦ‬
‫ﺳﻴﺒﻘﻰﺑﻌﻴﺪﺍً ﻋﻨﺪﻣﺎ ﻻ ﻳﺤﺪﺙ ﺫﻟﻚ‪ .‬ﻋﻨﺪﻣﺎ ﻻ ﻳﺘﻢ ﺍﻛﺘﺸﺎﻑ ﺃﻱ ﺣﺮﻛﺔ‪ ،‬ﻳﻀﻲء ﺍﻟﻀﻮء‬
‫ﺳﻮﻑﺗﺒﻘﻰ ﺧﺎﺭﺝ‪ .‬ﺍﻟﺒﺎﺏ ﺍﻟﺮﺍﺑﻊ ﻫﻮ ﺑﺎﺏ ﺫﻛﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺃﺑﻮﺍﺏ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺬﻛﻴﺔ ﺗﺄﺧﺬ‬
‫‪21‬‬
‫ﺍﻟﻤﺪﺧﻼﺕﺍﻻﺣﺘﻤﺎﻟﻴﺔ ﻓﻲ ﺍﻻﻋﺘﺒﺎﺭ‪ .‬ﻣﻨﻈﻢ ﺍﻟﺤﺮﺍﺭﺓ ﺍﻟﺬﻛﻲ ﻫﻮ ﺍﻟﺨﺎﻣﺲ ﻭ‬
‫ﺍﻟﻌﻨﺼﺮﺍﻷﺧﻴﺮ ﻓﻲ ﺍﻟﻘﺎﺋﻤﺔ‪ .‬ﻭﻫﻮ ﺟﻬﺎﺯ ﻳﻤﻜﻦ ﺍﺳﺘﺨﺪﺍﻣﻪ ﻟﺘﻐﻴﻴﺮ ﻭﺗﻨﻈﻴﻢ‬
‫ﺩﺭﺟﺔﺣﺮﺍﺭﺓ ﺍﻟﻤﻨﺰﻝ ﺗﻠﻘﺎﺋﻴﺎ‪ .‬ﻳﺼﻒ ﺍﻟﺠﺪﻭﻝ ‪ 3.1‬ﺍﻟﻬﺠﻮﻡ‬
‫ﺍﻟﺨﺼﺎﺋﺺﻟﻠﺒﻴﺎﻧﺎﺕ‪.‬‬
‫ﻃﺎﻭﻟﺔ‪1-3‬ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.Bot-IoT‬‬
‫ﻋﺪﺩ‬ ‫ﻫﺪﻑ‬ ‫ﻳﻜﺘﺐ‬
‫‪9543‬‬ ‫ﺣﻤﻴﺪﺓ‬ ‫ﺣﻤﻴﺪﺓ‬
‫‪19,547,603‬‬ ‫ﻫﺠﻮﻡ‬ ‫ﺩﻭﺱﺗﻲ ﺳﻲ ﺑﻲ‬
‫‪18,965,106‬‬ ‫ﻫﺠﻮﻡ‬ ‫‪DDoS UDP‬‬
‫‪19,771‬‬ ‫ﻫﺠﻮﻡ‬ ‫ﺩﻭﺱ‪HTTP‬‬
‫‪12,315,997‬‬ ‫ﻫﺠﻮﻡ‬ ‫ﺩﻭﺱﺗﻜﺐ‬
‫‪20,659,491‬‬ ‫ﻫﺠﻮﻡ‬ ‫ﺩﻭﺱﻳﻮ ﺩﻱ ﺑﻲ‬
‫‪29,706‬‬ ‫ﻫﺠﻮﻡ‬ ‫ﺩﻭﺱ‪HTTP‬‬
‫‪1469‬‬ ‫ﺗﺪﻭﻳﻦﺍﻟﻤﻔﺎﺗﻴﺢ‬ ‫ﺗﺪﻭﻳﻦﺍﻟﻤﻔﺎﺗﻴﺢ‬
‫‪118‬‬ ‫ﺳﺮﻗﺔﺍﻟﺒﻴﺎﻧﺎﺕ‬ ‫ﺳﺮﻗﺔﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫‪73,370,443‬‬ ‫‪-‬‬ ‫ﺍﻟﻤﺠﻤﻮﻉ‬
‫ﻳﺘﻢﻋﺮﺽ ﺍﻷﻫﺪﺍﻑ ﻟﻠﺘﻤﻴﻴﺰ ﺑﻴﻦ ﺍﻟﻔﺌﺎﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻟﺤﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ‬
‫ﺣﻤﻴﺪﺓﺃﻭ ﻛﺄﻧﻮﺍﻉ ﻣﺤﺪﺩﺓ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ‪ .‬ﻭﺗﺮﺗﺒﻂ ﺍﻷﻫﺪﺍﻑ ﺑﻤﺨﺘﻠﻒ‬
‫ﻓﺌﺎﺕﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﻭﺍﻷﻧﺸﻄﺔ ﺍﻟﻀﺎﺭﺓ ﺍﻟﺘﻲ ﻳﻤﻜﻦ ﺃﻥ ﺗﺤﺪﺙ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺑﻴﺌﺔ‪.‬ﺗﺼﻨﻴﻒ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﺇﻟﻰ ﻫﺪﻑ ﻣﺘﻤﻴﺰ‬
‫‪22‬‬
‫ﻓﺌﺎﺕﺗﺴﻬﻞ ﺗﺤﺪﻳﺪ ﻭﺍﻟﺘﻔﺮﻳﻖ ﺑﻴﻦ ﺣﻤﻴﺪﺓ ﻭ‬
‫ﺍﻷﻧﺸﻄﺔﺍﻟﻀﺎﺭﺓ ﺍﻟﻤﺤﺘﻤﻠﺔ‪.‬‬
‫ﻓﻴﻤﺎﻳﻠﻲ ﺍﻟﻔﺌﺎﺕ ﺍﻟﻤﺴﺘﻬﺪﻓﺔ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪:BoT IoT‬‬
‫ﺗﺮﻣﺰﻫﺬﻩ ﺍﻟﻔﺌﺔ ﺇﻟﻰ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﻏﻴﺮ ﺍﻟﻀﺎﺭﺓ‪ ،‬ﻭﺍﻟﺘﻲ ﺗﺘﻜﻮﻥ ﻣﻦ ﺣﺮﻛﺔ ﻋﺎﺩﻳﺔ‪،‬‬
‫ﺃﻧﺸﻄﺔﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻤﺸﺮﻭﻋﺔ‪ .‬ﻭﻫﻮ ﻳﻨﻄﻮﻱ ﻋﻠﻰ ﺍﻻﺗﺼﺎﻻﺕ ﻭﺗﺒﺎﺩﻝ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺑﻴﻦﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺸﻜﻞ ﻣﻨﺘﻈﻢ ﺩﻭﻥ ﺃﻱ ﻧﻴﺔ ﺧﺒﻴﺜﺔ‪.‬‬
‫ﺍﻟﺘﻲﺗﺴﺘﻬﺪﻑ ‪ DDoS‬ﻫﻲ ﻓﺌﺔ ﺗﺼﻒ ﻫﺠﻤﺎﺕ ‪DDoS TCP Attack‬‬
‫ﺑﺮﻭﺗﻮﻛﻮﻝﺍﻟﺘﺤﻜﻢ ﻓﻲ ﺍﻹﺭﺳﺎﻝ )‪ .(TCP‬ﺗﺘﻀﻤﻦ ﻫﺠﻤﺎﺕ ‪ DDoS TCP‬ﺇﻏﺮﺍﻕ‬
‫ﺷﺒﻜﺔﺃﻭ ﺟﻬﺎﺯ ﻣﺴﺘﻬﺪﻑ ﺑﻄﻠﺒﺎﺕ ﻣﺴﺘﻨﺪﺓ ﺇﻟﻰ ‪ TCP‬ﻟﺠﻌﻠﻪ ﻏﻴﺮ ﻗﺎﺑﻞ ﻟﻠﻮﺻﻮﻝ ﺇﻟﻴﻪ‬
‫ﺍﻟﻤﺴﺘﺨﺪﻣﻴﻦﺍﻟﻤﻌﺘﻤﺪﻳﻦ‪.‬‬
‫ﻫﺠﻮﻡ‪ :DDoS UDP‬ﻫﺠﻤﺎﺕ ‪ DDoS‬ﺍﻟﺘﻲ ﺗﺴﺘﻬﺪﻑ ﻣﺨﻄﻂ ﺑﻴﺎﻧﺎﺕ ﺍﻟﻤﺴﺘﺨﺪﻡ ﻋﻠﻰ ﻭﺟﻪ ﺍﻟﺘﺤﺪﻳﺪ‬
‫ﻳﻘﻊﺍﻟﺒﺮﻭﺗﻮﻛﻮﻝ )‪ (UDP‬ﺿﻤﻦ ﻫﺬﻩ ﺍﻟﻔﺌﺔ‪ .‬ﺗﺘﻀﻤﻦ ﻫﺠﻤﺎﺕ ‪ DDoS UDP‬ﺳﺎﺣﻘﺔ‬
‫ﺷﺒﻜﺔﺃﻭ ﺟﻬﺎﺯ ﻳﺤﺘﻮﻱ ﻋﻠﻰ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺣﺰﻡ ‪ ،UDP‬ﻣﻤﺎ ﻳﺆﺩﻱ ﺇﻟﻰ ﺣﺪﻭﺙ ﺍﺿﻄﺮﺍﺑﺎﺕ ﻭ‬
‫ﺍﺣﺘﻤﺎﻝﻋﺪﻡ ﺗﻮﻓﺮ ﺍﻟﺨﺪﻣﺔ‪.‬‬
‫ﻫﺠﻮﻡ‪ :DDoS HTTP‬ﻫﺠﻤﺎﺕ ‪ DDoS‬ﺍﻟﺘﻲ ﺗﺴﺘﻬﺪﻑ ﻧﻘﻞ ﺍﻟﻨﺺ ﺍﻟﺘﺸﻌﺒﻲ ﻋﻠﻰ ﻭﺟﻪ ﺍﻟﺘﺤﺪﻳﺪ‬
‫ﻳﻘﻊﺍﻟﺒﺮﻭﺗﻮﻛﻮﻝ )‪ (HTTP‬ﺿﻤﻦ ﻫﺬﻩ ﺍﻟﻔﺌﺔ‪ .‬ﺗﻬﺪﻑ ﻫﺠﻤﺎﺕ ‪ DDoS HTTP‬ﺇﻟﻰ‬
‫ﺇﺭﺑﺎﻙﺧﺎﺩﻡ ﺍﻟﻮﻳﺐ ﺍﻟﻤﺴﺘﻬﺪﻑ ﺑﺘﺪﻓﻖ ﻫﺎﺋﻞ ﻣﻦ ﻃﻠﺒﺎﺕ ‪،HTTP‬‬
‫ﻣﻤﺎﻳﺆﺩﻱ ﺇﻟﻰ ﺗﺪﻫﻮﺭ ﺍﻷﺩﺍء ﺃﻭ ﺍﻧﻘﻄﺎﻉ ﺍﻟﺨﺪﻣﺔ‪.‬‬
‫‪23‬‬
‫ﻫﺠﻮﻡ‪ :DoS TCP‬ﺗﻤﺜﻞ ﻫﺬﻩ ﺍﻟﻔﺌﺔ ﻫﺠﻤﺎﺕ ‪) DoS‬ﺭﻓﺾ ﺍﻟﺨﺪﻣﺔ( ﺍﻟﻤﺴﺘﻬﺪﻓﺔ‬
‫ﻓﻲﺑﺮﻭﺗﻮﻛﻮﻝ ‪ .TCP‬ﺗﺘﻀﻤﻦ ﻫﺠﻤﺎﺕ ‪ DoS TCP‬ﺍﺳﺘﻐﻼﻝ ﻧﻘﺎﻁ ﺍﻟﻀﻌﻒ ﻓﻲ ‪TCP‬‬
‫ﺍﻟﻤﻜﺪﺱﻻﺳﺘﻨﻔﺎﺩ ﻣﻮﺍﺭﺩ ﺍﻟﺠﻬﺎﺯ ﺃﻭ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻤﺴﺘﻬﺪﻓﺔ‪ ،‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺍﻟﻌﺮﺽ‬
‫ﺃﻧﻬﺎﻻ ﺗﺴﺘﺠﻴﺐ ﺃﻭ ﻏﻴﺮ ﻣﺘﻮﻓﺮﺓ‪.‬‬
‫ﻫﺠﻮﻡ‪ :DoS UDP‬ﺗﺘﻀﻤﻦ ﻫﺬﻩ ﺍﻟﻔﺌﺔ ﻫﺠﻤﺎﺕ ﺭﻓﺾ ﺍﻟﺨﺪﻣﺔ )‪ (DoS‬ﺍﻟﺘﻲ‬
‫ﺍﺳﺘﻬﺪﺍﻑﺑﺮﻭﺗﻮﻛﻮﻝ ‪ UDP‬ﻋﻠﻰ ﻭﺟﻪ ﺍﻟﺘﺤﺪﻳﺪ‪ .‬ﺗﺘﻀﻤﻦ ﻫﺠﻤﺎﺕ ‪ DoS UDP‬ﻗﺼﻒ‬
‫ﺍﻟﻬﺪﻑﻣﻊ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺣﺰﻡ ‪ ،UDP‬ﻣﻤﺎ ﻳﺆﺩﻱ ﺇﻟﻰ ﺍﺳﺘﻨﻔﺎﺩ ﺍﻟﻤﻮﺍﺭﺩ ﻭﺍﺣﺘﻤﺎﻝ ﺣﺪﻭﺙ ﺫﻟﻚ‬
‫ﺍﺿﻄﺮﺍﺑﺎﺕﺍﻟﺨﺪﻣﺔ‪.‬‬
‫ﻫﺠﻮﻡ‪ :DoS HTTP‬ﺗﺼﻒ ﻫﺬﻩ ﺍﻟﻔﺌﺔ ﻫﺠﻤﺎﺕ ﺭﻓﺾ ﺍﻟﺨﺪﻣﺔ )‪ (DoS‬ﺍﻟﺘﻲ‬
‫ﺍﺳﺘﻐﻼﻝﺍﻟﺜﻐﺮﺍﺕ ﺍﻷﻣﻨﻴﺔ ﻓﻲ ﺑﺮﻭﺗﻮﻛﻮﻝ ‪ .HTTP‬ﺗﻬﺪﻑ ﻫﺠﻤﺎﺕ ‪ DoS HTTP‬ﺇﻟﻰ ﺍﻟﺘﻐﻠﺐ ﻋﻠﻰ‬
‫ﺧﺎﺩﻡﺍﻟﻮﻳﺐ ﺍﻟﻤﺴﺘﻬﺪﻑ ﻣﻊ ﻃﻠﺒﺎﺕ ‪ HTTP‬ﺍﻟﻤﻔﺮﻃﺔ‪ ،‬ﻣﻤﺎ ﺗﺴﺒﺐ ﻓﻲ ﺗﺪﻫﻮﺭ‬
‫ﺍﻷﺩﺍءﺃﻭ ﻋﺪﻡ ﺍﻟﺘﻮﻓﺮ ﺍﻟﻌﺎﺑﺮ‪.‬‬
‫ﺗﻤﺜﻞﻫﺬﻩ ﺍﻟﻔﺌﺔ ﺍﻷﻧﺸﻄﺔ ﺍﻟﻤﺘﻌﻠﻘﺔ ﺑﺘﺪﻭﻳﻦ ﺍﻟﻤﻔﺎﺗﻴﺢ‪ ،‬ﻭﺍﻟﺘﻲ ﺗﻨﻄﻮﻱ ﻋﻠﻰ ﺍﻟﺴﺮﻳﺔ‬
‫ﻣﺮﺍﻗﺒﺔﻭﺗﺴﺠﻴﻞ ﺿﻐﻄﺎﺕ ﺍﻟﻤﻔﺎﺗﻴﺢ ﻋﻠﻰ ﺟﻬﺎﺯ ﻣﺨﺘﺮﻕ‪ .‬ﻟﻠﺨﺒﻴﺚ‬
‫ﻷﻏﺮﺍﺽﺃﺧﺮﻯ‪ ،‬ﻳﻘﻮﻡ ﺑﺮﻧﺎﻣﺞ ‪ Keyloggers‬ﺑﺴﺮﻗﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺍﻟﺤﺴﺎﺳﺔ ﻣﺜﻞ ﻛﻠﻤﺎﺕ ﺍﻟﻤﺮﻭﺭ ﻭ‬
‫ﺑﻴﺎﻧﺎﺕﺷﺨﺼﻴﺔ‪.‬‬
‫ﺍﻟﺘﻘﺎﻁﺍﻟﺒﻴﺎﻧﺎﺕ‪ :‬ﺗﻤﺜﻞ ﻫﺬﻩ ﺍﻟﻔﺌﺔ ﺍﻷﻧﺸﻄﺔ ﺍﻟﻀﺎﺭﺓ ﺍﻟﺘﻲ ﺗﻨﻄﻮﻱ ﻋﻠﻰ ﺃﻧﺸﻄﺔ ﻏﻴﺮ ﻣﺸﺮﻭﻋﺔ‬
‫ﺍﻟﺘﻘﺎﻁﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﻦ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺃﻧﻬﺎ ﺗﻨﻄﻮﻱ ﻋﻠﻰ ﺍﻟﻮﺻﻮﻝ ﻏﻴﺮ ﺍﻟﻤﺼﺮﺡ ﺑﻪ ﺇﻟﻰ ﻭ‬
‫‪24‬‬
‫ﺳﺮﻗﺔﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺍﻟﺤﺴﺎﺳﺔ ﺃﻭ ﺍﻟﺴﺮﻳﺔ ﻣﻦ ﺍﻷﺟﻬﺰﺓ ﺍﻟﻤﺨﺘﺮﻗﺔ‬
‫ﺃﻭﺍﻷﻧﻈﻤﺔ‪.‬‬
‫‪3.3‬ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﻘﺘﺮﺡ‬
‫‪3.3.1‬ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ‬
‫ﺗﻌﺪﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ ﻋﻨﺼﺮﺍً ﺃﺳﺎﺳﻴﺎً ﻓﻲ ﺗﻄﻮﻳﺮ ﺍﻟﻨﻤﻮﺫﺝ‪ .‬ﻗﻤﻨﺎ ﺑﺘﻄﺒﻴﻖ ﺗﻘﻨﻴﺎﺕ‬
‫ﺍﻟﻤﻌﺎﻟﺠﺔﺍﻟﻤﺴﺒﻘﺔ ﺍﻟﺘﺎﻟﻴﺔ ﻟﺘﻌﺰﻳﺰ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﻘﺘﺮﺡ ﺧﻼﻝ ﻫﺬﺍ ﺍﻹﺟﺮﺍء‪:‬‬
‫‪.1‬ﺗﻨﻈﻴﻒ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﻓﻲﻣﺮﺣﻠﺔ ﻣﺎ ﻗﺒﻞ ﺍﻟﻤﻌﺎﻟﺠﺔ‪ ،‬ﺗﺸﺘﻤﻞ ﻋﻤﻠﻴﺔ ﺗﻨﻘﻴﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻋﻠﻰ ﺗﺼﻔﻴﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺗﺤﻮﻳﻠﻬﺎ‬
‫ﻟﻠﺒﻴﺎﻧﺎﺕ‪،‬ﻭﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﻔﻘﻮﺩﺓ ﻛﻤﺎ ﻫﻮ ﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ .3.1‬ﻓﻲ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﻣﺮﺣﻠﺔﺍﻟﺘﺮﺷﻴﺢ‪ ،‬ﻳﺘﻢ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﺍﻟﻘﻴﻢ ﺍﻟﻔﺎﺭﻏﺔ ﻭﺍﻟﻤﻜﺮﺭﺓ ﻭﺍﻟﻘﻀﺎء ﻋﻠﻴﻬﺎ‪.‬‬
‫ﻓﻲﺇﺟﺮﺍء ﺗﺤﻮﻳﻞ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،‬ﻳﺘﻢ ﺗﺤﻮﻳﻞ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺇﻟﻰ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﻨﺎﺳﺒﺔ‬
‫ﺍﻟﺘﻨﺴﻴﻖ‪،‬ﻣﺜﻞ ﻣﻦ ﻓﺌﺔ ﺇﻟﻰ ﺭﻗﻢ ﺭﻗﻤﻲ‪ .‬ﺗﺴﺎﻋﺪ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺃﺩﻭﺍﺕ ﺑﺎﻳﺜﻮﻥ ﺍﻟﻤﺴﺎﻋﺪﺓ‬
‫ﺇﻋﺪﺍﺩﺍﻟﺒﻴﺎﻧﺎﺕ ﻟﻠﺘﺤﻠﻴﻞ ﻋﻦ ﻃﺮﻳﻖ ﺗﻨﻈﻴﻔﻬﺎ‪.‬‬
‫‪25‬‬
‫ﺍﻟﺸﻜﻞ‪3.1‬ﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﻔﻘﻮﺩﺓ ﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT IoT‬‬
‫‪3.3.2‬ﺍﻟﺘﻘﻨﻴﺎﺕ ﺍﻟﻬﻨﺪﺳﻴﺔ ﺍﻟﻤﻤﻴﺰﺓ‬
‫‪.1‬ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ‬
‫ﻳﻘﻴﺲﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺍﻟﻌﻼﻗﺔ ﺑﻴﻦ ﺍﻟﻌﺎﻣﻠﻴﻦ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ﻣﻌﻴﻨﺔ‪ .‬ﻓﻲ ﻣﺠﻤﻮﻋﺔ‬
‫ﺑﻴﺎﻧﺎﺕ‪ ،BoT IoT‬ﻳﻤﻜﻦ ﺃﻥ ﻳﻮﻓﺮ ﺗﺤﻠﻴﻞ ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺭﺅﻯ ﻗﻴﻤﺔ ﺣﻮﻝ ﺍﻟﺘﺮﺍﺑﻂ‬
‫ﻭﺍﻻﺭﺗﺒﺎﻃﺎﺕﺑﻴﻦ ﺍﻟﻤﺘﻐﻴﺮﺍﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ‪ .‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺗﻌﺰﻳﺰ ﻓﻬﻢ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺃﻧﻤﺎﻃﻬﺎ‬
‫ﺍﻟﻤﺤﺘﻤﻠﺔﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪.3.2‬‬
‫‪26‬‬
‫ﺍﻟﺸﻜﻞ‪3.2‬ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺑﻴﻦ ﻣﻴﺰﺍﺕ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT IoT‬‬
‫ﺗﺤﺘﻮﻱﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﻋﻠﻰ ﻣﻌﻠﻮﻣﺎﺕ ﺣﻮﻝ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺘﻲ ﺗﻢ‬
‫ﺗﻢﺍﺧﺘﺮﺍﻗﻬﺎ ﺑﻮﺍﺳﻄﺔ ﺷﺒﻜﺎﺕ ﺍﻟﺮﻭﺑﻮﺕ‪ ،‬ﻭﻫﻲ ﺷﺒﻜﺎﺕ ﻣﻦ ﺍﻷﺟﻬﺰﺓ ﺍﻟﻤﺼﺎﺑﺔ ﺍﻟﺘﻲ ﻳﺘﻢ ﺍﻟﺘﺤﻜﻢ ﻓﻴﻬﺎ‬
‫ﺍﻟﺠﻬﺎﺕﺍﻟﻔﺎﻋﻠﺔ ﺍﻟﺨﺒﻴﺜﺔ‪ .‬ﺗﺤﺘﻮﻱ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻫﺬﻩ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ ﺍﻟﺴﻤﺎﺕ ﻭﺍﻟﺨﺼﺎﺋﺺ‬
‫ﻭﺻﻒﺳﻠﻮﻙ ﻭﺧﺼﺎﺋﺺ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻤﻌﺮﺿﺔ ﻟﻠﺨﻄﺮ‪.‬‬
‫ﺍﻟﺘﺄﻛﺪﻣﻦ ﺗﻨﺴﻴﻖ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺑﺸﻜﻞ ﺻﺤﻴﺢ ﻭﺃﻥ ﺃﻱ ﻗﻴﻢ ﻣﻔﻘﻮﺩﺓ ﺃﻭ‬
‫ﻳﺘﻢﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﺍﻟﻘﻴﻢ ﺍﻟﻤﺘﻄﺮﻓﺔ ﺑﺸﻜﻞ ﻣﻨﺎﺳﺐ‪ .‬ﻳﺠﺐ ﻣﻌﺎﻟﺠﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﺴﺒﻘﺎً ﻟﻠﺘﺄﻛﺪ‬
‫ﻧﺘﺎﺋﺞﺩﻗﻴﻘﺔ ﻭﻣﻮﺛﻮﻗﺔ‪.‬‬
‫ﺗﺤﺪﻳﺪﻣﺘﻐﻴﺮﺍﺕ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺍﻟﺘﻲ ﻳﻜﻮﻥ ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﻟﻬﺎ‬
‫ﻟﻴﺘﻢﺣﺴﺎﺑﻬﺎ‪ .‬ﻗﺪ ﺗﺘﻀﻤﻦ ﻫﺬﻩ ﺍﻟﻤﺘﻐﻴﺮﺍﺕ ﻧﻮﻉ ﺍﻟﺠﻬﺎﺯ ﻭﺍﻻﺗﺼﺎﻝ‬
‫ﺍﻟﺒﺮﻭﺗﻮﻛﻮﻻﺕﻭﺃﻧﻤﺎﻁ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ ﻭﺃﻱ ﻋﻮﺍﻣﻞ ﺃﺧﺮﻯ ﺫﺍﺕ ﺻﻠﺔ ﻗﺪ ﺗﻜﻮﻥ ﻛﺬﻟﻚ‬
‫ﻣﻮﺟﻮﺩﺓﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ .‬ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻤﻨﺎﺳﺐ‬
‫‪27‬‬
‫ﺍﻟﻄﺮﻳﻘﺔﺍﻹﺣﺼﺎﺋﻴﺔ ﺑﻤﺠﺮﺩ ﺍﺧﺘﻴﺎﺭ ﺍﻟﻤﺘﻐﻴﺮﺍﺕ‪ .‬ﺍﻟﺘﻌﺮﻑ ﻋﻠﻰ ﻛﻼ ﻣﻦ‬
‫ﺣﺠﻢﻭﺍﺗﺠﺎﻩ ﺍﻟﻌﻼﻗﺔ ﺑﻴﻦ ﺍﻟﻤﺘﻐﻴﺮﺍﺕ‬
‫ﺗﺤﻠﻴﻞﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺍﻟﻤﺤﺴﻮﺏ‪ .‬ﻭﻳﻈﻬﺮ ﻣﺴﺘﻮﻯ ﻋﺎﻝ ﻣﻦ ﺍﻻﺭﺗﺒﺎﻁ‬
‫ﺃﻧﻪﻛﻠﻤﺎ ﺍﺭﺗﻔﻊ ﺃﺣﺪ ﺍﻟﻌﻮﺍﻣﻞ‪ ،‬ﻋﺎﺩﺓ ﻣﺎ ﻳﺘﺰﺍﻳﺪ ﺍﻟﻌﺎﻣﻞ ﺍﻵﺧﺮ ﺃﻳﻀﺎً‪ .‬ﺑﻴﻨﻤﺎ ﻭﺍﺣﺪﺓ‬
‫ﻳﺮﺗﻔﻊﺍﻟﻌﺎﻣﻞ‪ ،‬ﻭﻳﻤﻴﻞ ﺍﻟﻌﺎﻣﻞ ﺍﻵﺧﺮ ﺇﻟﻰ ﺍﻻﻧﺨﻔﺎﺽ‪ ،‬ﻛﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﺫﻟﻚ ﺳﻠﺒﻴﺎ‬
‫ﻋﻼﻗﺔ‪.‬ﻳﺸﻴﺮ ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺍﻟﻘﺮﻳﺐ ﻣﻦ ‪ 0‬ﺇﻟﻰ ﻭﺟﻮﺩ ﻋﻼﻗﺔ ﻏﻴﺮ ﻣﻮﺟﻮﺩﺓ‬
‫ﺑﻴﻦﺍﻟﻤﺘﻐﻴﺮﺍﺕ‪ .‬ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﻳﺤﺪﺩ ﺍﻟﻌﻼﻗﺔ‬
‫ﺑﻴﻦﻣﺘﻐﻴﺮﻳﻦ ﺿﻤﻦ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ .‬ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،BoT IoT‬ﺗﻢ ﺗﺤﻠﻴﻞ‬
‫ﻳﻤﻜﻦﺃﻥ ﻳﻮﻓﺮ ﻣﻌﺎﻣﻞ ﺍﻻﺭﺗﺒﺎﻁ ﺭﺅﻯ ﻗﻴﻤﺔ ﺣﻮﻝ ﺍﻟﺘﺮﺍﺑﻂ‬
‫ﺑﻴﻦﺍﻟﻤﺘﻐﻴﺮﺍﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ‪ ،‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺗﻌﺰﻳﺰ ﺃﺩﺍء ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭ‬
‫ﺃﻧﻤﺎﻃﻬﺎﺍﻟﻤﺤﺘﻤﻠﺔ‪ .‬ﺗﺤﺘﻮﻱ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﻋﻠﻰ ﻣﻌﻠﻮﻣﺎﺕ ﺣﻮﻝ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻷﺟﻬﺰﺓﺍﻟﺘﻲ ﺗﻢ ﺍﺧﺘﺮﺍﻗﻬﺎ ﺑﻮﺍﺳﻄﺔ ﺷﺒﻜﺎﺕ ﺍﻟﺮﻭﺑﻮﺕ‪ ،‬ﻭﻫﻲ ﺷﺒﻜﺎﺕ ﻣﺼﺎﺑﺔ‬
‫ﺍﻷﺟﻬﺰﺓﺍﻟﺘﻲ ﺗﺴﻴﻄﺮ ﻋﻠﻴﻬﺎ ﺍﻟﺠﻬﺎﺕ ﺍﻟﻔﺎﻋﻠﺔ ﺍﻟﺨﺒﻴﺜﺔ‪ .‬ﺗﺤﺘﻮﻱ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻫﺬﻩ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ‬
‫ﺍﻟﺼﻔﺎﺕﻭﺍﻟﺨﺼﺎﺋﺺ ﺍﻟﺘﻲ ﺗﺼﻒ ﺳﻠﻮﻙ ﻭﺧﺼﺎﺋﺺ‬
‫ﺃﺟﻬﺰﺓﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻤﻌﺮﺿﺔ ﻟﻠﺨﻄﺮ‪.‬‬
‫‪28‬‬
‫‪.2‬ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‬
‫ﻳﻌﺪﺗﺤﻠﻴﻞ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻃﺮﻳﻘﺔ ﻓﻌﺎﻟﺔ ﻟـ‬
‫ﺗﺤﺪﻳﺪﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .BoT IoT‬ﻫﺬﺍ‬
‫ﻳﻜﺸﻒﺍﻟﺘﺤﻠﻴﻞ ﻋﻦ ﺍﻟﺨﺼﺎﺋﺺ ﺍﻟﺘﻲ ﻟﻬﺎ ﺍﻟﺘﺄﺛﻴﺮ ﺍﻷﻛﺒﺮ ﻋﻠﻰ‬
‫ﺍﻟﻤﺘﻐﻴﺮﺍﻟﺘﺎﺑﻊ‪ .‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺗﺴﻬﻴﻞ ﺗﺤﺪﻳﺪ ﺍﻟﻌﻮﺍﻣﻞ ﺍﻟﺤﺎﺳﻤﺔ ﺍﻟﺘﻲ‬
‫ﺍﻟﻤﺴﺎﻫﻤﺔﻓﻲ ﺳﻠﻮﻙ ﺗﺴﻤﻴﺔ ﺍﻟﻬﺠﻮﻡ ﺍﻟﺘﻲ ﺗﻬﺪﺩ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻣﺜﻞ‬
‫ﻫﻮﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺸﻜﻞ ‪.3.3‬‬
‫ﺍﻟﺸﻜﻞ‪3.3‬ﺗﺤﻠﻴﻞ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‪.‬‬
‫ﻋﻨﺪﺗﻄﺒﻴﻖ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﻋﺸﻮﺍﺋﻴﺔ‪.‬‬
‫ﻗﺎﻣﺖﺑﺘﻘﺴﻴﻢ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺇﻟﻰ ﻣﺠﻤﻮﻋﺎﺕ ﻓﺮﻋﻴﺔ ﻟﻠﺘﺪﺭﻳﺐ ﻭﺍﻻﺧﺘﺒﺎﺭ‪ .‬ﺍﻟﺘﺪﺭﻳﺐ‬
‫ﺳﻴﺘﻢﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﻔﺮﻋﻴﺔ ﻟﺒﻨﺎء ﻧﻤﻮﺫﺝ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﺃﺛﻨﺎء ﺍﻻﺧﺘﺒﺎﺭ‬
‫ﺳﺘﻘﻮﻡﺍﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﻔﺮﻋﻴﺔ ﺑﺘﻘﻴﻴﻢ ﺃﺩﺍء ﺍﻟﻨﻤﻮﺫﺝ ﻭﻗﺎﺑﻠﻴﺘﻪ ﻟﻠﺘﻌﻤﻴﻢ‪ .‬ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‬
‫ﺍﻟﻐﺎﺑﺔﻗﺎﺩﺭﺓ ﻋﻠﻰ ﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻋﺎﻟﻴﺔ ﺍﻷﺑﻌﺎﺩ ﻭﺗﻮﻓﺮ ﺣﻼ ًﺟﻮﻫﺮﻳﺎً‬
‫ﻣﻘﻴﺎﺱﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ‪ .‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﻧﻤﻮﺫﺝ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‪ ،‬ﻳﺘﻢ ﺍﻟﺤﺴﺎﺏ‬
‫‪29‬‬
‫ﺃﻫﻤﻴﺔﺍﻟﻤﻴﺰﺓ‪ .‬ﻭﻳﻤﻜﻦ ﺗﺤﻘﻴﻖ ﺫﻟﻚ ﻣﻦ ﺧﻼﻝ ﺍﻟﺘﺤﻘﻴﻖ ﻓﻲ ﺍﻟﻤﺘﻮﺳﻂ‬
‫ﺍﻧﺨﻔﺎﺽﺍﻟﻨﺠﺎﺳﺔ ﺃﻭ ﺃﻫﻤﻴﺔ ﺍﻟﺠﻴﻨﻲ‪ ،‬ﻭﺍﻟﺬﻱ ﻳﻘﻴﺲ ﺩﺭﺟﺔ ﻛﻞ ﻣﻨﻬﻤﺎ‬
‫ﺗﻌﻤﻞﺍﻟﻤﻴﺰﺓ ﻋﻠﻰ ﺗﻘﻠﻴﻞ ﺍﻟﺸﻮﺍﺋﺐ ﺃﻭ ﺍﻟﺘﺒﺎﻳﻦ ﻓﻲ ﺍﻟﻤﺘﻐﻴﺮ ﺍﻟﻤﺴﺘﻬﺪﻑ ﻋﺒﺮ‬
‫ﺃﺷﺠﺎﺭﺍﻟﻘﺮﺍﺭ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻟﻠﻐﺎﺑﺎﺕ ﻭﺑﺪﻻ ًﻣﻦ ﺫﻟﻚ‪ ،‬ﻳﻤﻜﻦ ﺃﻥ ﺗﻜﻮﻥ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ‬
‫ﻳﺘﻢﺗﻘﻴﻴﻤﻬﺎ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺃﻫﻤﻴﺔ ﺍﻟﺘﻘﻠﻴﺐ ﺃﻭ ﻣﺘﻮﺳﻂ ﺩﻗﺔ ﺍﻟﻨﻘﺼﺎﻥ‪ .‬ﺍﻝ‬
‫ﺗﻢﺣﺴﺎﺏ ﺩﺭﺟﺎﺕ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﻟـ ‪ ،Visualized‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺗﻘﻨﻴﺎﺕ ﻣﺜﻞ‬
‫ﺍﻟﻤﺨﻄﻄﺎﺕﺍﻟﺸﺮﻳﻄﻴﺔ ﻭﺍﻟﺨﺮﺍﺋﻂ ﺍﻟﺤﺮﺍﺭﻳﺔ‪ .‬ﻭﻫﺬﺍ ﻳﺴﻬﻞ ﺗﻔﺴﻴﺮ ﺍﻟﻨﺘﺎﺋﺞ ﻭ‬
‫ﻳﻮﻓﺮﻓﻬﻤﺎً ﻭﺍﺿﺤﺎً ﻟﻤﻴﺰﺍﺕ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ Botnet IoT‬ﺍﻷﻛﺜﺮ‬
‫ﻣﺆﺛﺮ‪.‬ﻭﻣﻦ ﺍﻟﻀﺮﻭﺭﻱ ﺃﻥ ﻧﻼﺣﻆ ﺃﻥ ﺍﻟﺘﻔﺴﻴﺮ ﻳﺠﺐ ﺃﻥ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﻤﺠﺎﻝ‪-‬‬
‫ﻣﻌﺮﻓﺔﻣﺤﺪﺩﺓ ﻭﺧﺼﺎﺋﺺ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ .‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻤﻴﺰﺓ‬
‫ﻳﺴﻤﺢﺗﺤﻠﻴﻞ ﺍﻷﻫﻤﻴﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪BoT IoT‬‬
‫ﺍﻟﺘﻌﺮﻑﻋﻠﻰ ﺍﻟﺨﺼﺎﺋﺺ ﺍﻟﻤﻬﻤﺔ ﺍﻟﺘﻲ ﺗﺆﺛﺮ ﻋﻠﻰ ﺳﻠﻮﻙ ﺍﻟﻤﺘﻀﺮﺭ‬
‫ﺃﺟﻬﺰﺓﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﺑﻨﺎء ًﻋﻠﻰ ﺗﺤﻠﻴﻞ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‪ ،‬ﻓﺈﻥ‬
‫ﺍﻟﺴﻤﺎﺕ"‪ "pkSeqID‬ﻭ"‪ "proto‬ﻭ"‪ "saddr‬ﻭ"‪ "sport‬ﻭ"‪ "daddr‬ﻭ"‪ "dport‬ﻭ"‪ "category‬ﻛﺎﻧﺖ‬
‫ﺗﻢﺇﺳﻘﺎﻃﻪ ﻭﺍﻟﺬﻱ ﻳﺤﺘﻮﻱ ﻋﻠﻰ ﻣﻴﺰﺍﺕ ﻣﻨﺨﻔﻀﺔ ﺍﻷﻫﻤﻴﺔ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .BoT IoT‬ﺑﻮﺍﺳﻄﺔ‬
‫ﻣﻊﺍﻷﺧﺬ ﻓﻲ ﺍﻻﻋﺘﺒﺎﺭ ﺗﺤﻠﻴﻞ ﺃﻫﻤﻴﺔ ﺍﻟﻤﻴﺰﺓ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ‬
‫ﻫﺬﻩﺍﻟﺴﻤﺎﺕ ﻓﻲ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺗﻘﻠﻞ ﻣﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻟﺪﻗﺔ‬
‫ﻓﻌﺎﻟﻴﺔﺍﻟﻨﻤﺎﺫﺝ ﺍﻟﺘﻨﺒﺆﻳﺔ‪ ،‬ﻭﺗﻘﻨﻴﺎﺕ ﺍﺧﺘﻴﺎﺭ ﺍﻟﻤﻴﺰﺓ‪ ،‬ﻭ‬
‫ﺍﻟﺘﺤﻠﻴﻼﺕﺍﻻﺳﺘﻜﺸﺎﻓﻴﺔ ﺍﻟﻤﻄﺒﻘﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.Botnet IoT‬‬
‫‪30‬‬
‫‪.3‬ﻧﻬﺞ ‪SMOTE‬‬
‫ﻃﺮﻳﻘﺔﻣﺤﺴﻨﺔ ﻟﻠﺘﻌﺎﻣﻞ ﻣﻊ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ ،3.4‬ﺗﻢ‬
‫ﺗﻘﺪﻳﻢﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﻷﻭﻝ ﻣﺮﺓ ﻓﻲ ]‪ .[34‬ﺗﻘﻮﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﺑﺈﻧﺸﺎء ﻋﻴﻨﺎﺕ‬
‫ﺟﺪﻳﺪﺓﻋﻦ ﻃﺮﻳﻖ ﺇﺟﺮﺍء ﺍﺳﺘﻴﻔﺎء ﺧﻄﻲ ﻋﺸﻮﺍﺋﻲ ﺑﻴﻦ ﻋﺪﺩ ﻣﺤﺪﺩ ﻣﻦ ﺍﻟﻌﻴﻨﺎﺕ ﻭﺍﻟﻌﻴﻨﺎﺕ‬
‫ﺍﻟﻤﻮﺟﻮﺩﺓﻓﻲ ﻣﻜﺎﻥ ﻗﺮﻳﺐ ]‪.[12‬‬
‫ﺍﻟﺸﻜﻞ‪3.4‬ﺗﻮﺯﻳﻌﺎﺕ ﻓﺌﺔ ﺍﻟﻬﺠﻮﻡ‪.‬‬
‫ﻟﺘﻌﺰﻳﺰﺗﺄﺛﻴﺮ ﺍﻟﺘﺼﻨﻴﻒ ﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ ﻭﺑﺎﻟﺘﺎﻟﻲ ﺭﻓﻌﻬﺎ‬
‫ﻧﺴﺒﺔﺍﺧﺘﻼﻝ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،‬ﻭﻋﺪﺩ ﻣﻌﻴﻦ ﻣﻦ ﻋﻴﻨﺎﺕ ﺍﻷﻗﻠﻴﺔ ﻛﺎﺫﺑﺔ‬
‫ﺗﻢﺇﻧﺸﺎﺅﻫﺎ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ .3.5‬ﻳﺆﺩﻱ ﻫﺬﺍ ﺇﻟﻰ ﺯﻳﺎﺩﺓ ﻧﺴﺒﺔ ﻋﺪﻡ ﺗﻮﺍﺯﻥ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺃﻥﺗﻜﻮﻥ ﺑﻴﺎﻧﺎﺕ ﻣﺘﻮﺍﺯﻧﺔ‪.‬‬
‫‪31‬‬
‫ﺍﻟﺸﻜﻞ‪3.5‬ﺗﻮﺯﻳﻌﺎﺕ ﻓﺌﺔ ﺍﻟﻬﺠﻮﻡ ﺑﻌﺪ ﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﻋﻴﻨﺎﺕ ﻣﻦ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ ‪Smote‬‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪.‬‬
‫‪3.3.3‬ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﻌﺼﺒﻴﺔ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ )‪(ANN‬‬
‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﻌﺼﺒﻴﺔ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ ﻫﻲ ﺷﺒﻜﺎﺕ ﻛﻬﺮﺑﺎﺋﻴﺔ ﻣﻦ ﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﺘﻲ ﺗﻢ‬
‫ﺗﺼﻤﻴﻤﻬﺎﻋﻠﻰ ﻏﺮﺍﺭ ﺍﻟﺒﻨﻴﺔ ﺍﻟﻌﺼﺒﻴﺔ ﻟﻠﺪﻣﺎﻍ؛ ﺇﻻ ﺃﻧﻬﻢ ﻣﺎ ﺯﺍﻟﻮﺍ ﻓﻲ ﻣﻬﺪﻫﻢ ]‪ .[35‬ﻳﻘﻮﻡ ﺍﻹﺟﺮﺍء‬
‫ﻓﻘﻂﺑﺘﺴﺠﻴﻞ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﻭﺍﺣﺪﺓ ﺗﻠﻮ ﺍﻷﺧﺮﻯ ﺛﻢ "ﺍﻟﺘﻌﻠﻢ" ﻋﻦ ﻃﺮﻳﻖ ﻣﻘﺎﺭﻧﺔ ﺗﺼﻨﻴﻒ‬
‫ﺍﻟﺴﺠﻞﻣﻊ ﺍﻟﺘﺼﻨﻴﻒ ﺍﻟﻔﻌﻠﻲ ﻟﻠﺴﺠﻞ ﺍﻟﻤﻌﺮﻭﻑ ﺑﺎﻟﻔﻌﻞ‪ .‬ﻳﺘﻢ ﺑﻌﺪ ﺫﻟﻚ ﺇﻋﺎﺩﺓ ﺍﻷﺧﻄﺎء ﺍﻟﺘﻲ‬
‫ﺣﺪﺛﺖﺃﺛﻨﺎء ﺍﻟﺘﺼﻨﻴﻒ ﺍﻷﻭﻝ ﻟﻠﺴﺠﻞ ﺍﻷﻭﻝ ﺇﻟﻰ ﺍﻟﺸﺒﻜﺔ‪ ،‬ﺣﻴﺚ ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻣﻬﺎ ﻟﻀﺒﻂ‬
‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔﺍﻟﺘﻲ ﺗﺴﺘﺨﺪﻣﻬﺎ ﺍﻟﺸﺒﻜﺔ ﻟﻠﺠﻮﻻﺕ ﺍﻟﻼﺣﻘﺔ‪ .‬ﻗﺎﻡ ﺑﺘﺮﺗﻴﺐ ﺍﻟﻄﺒﻘﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﻓﻲ‬
‫ﻃﺒﻘﺎﺕﺍﻹﺩﺧﺎﻝ ﻭﺍﻟﻤﺨﻔﻴﺔ ﻭﺍﻟﻤﺨﺮﺟﺎﺕ ]‪.[28‬‬
‫ﻻﺗﺘﻀﻤﻦ ﻃﺒﻘﺔ ﺍﻹﺩﺧﺎﻝ ﺧﻼﻳﺎ ﻋﺼﺒﻴﺔ ﺑﺄﻛﻤﻠﻬﺎ؛ ﺑﻞ ﻫﻲ ﻣﻜﻮﻧﺔ ﻣﻦ‬
‫ﻗﻴﻢﺍﻟﺴﺠﻞ ﺍﻟﺘﻲ ﻳﺘﻢ ﺗﻤﺮﻳﺮﻫﺎ ﺇﻟﻰ ﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﺘﻲ ﺗﺸﻜﻞ ﺍﻟﻄﺒﻘﺔ ﺃﺩﻧﺎﻩ‬
‫ﻫﻮ‪ -‬ﻫﻲ‪ .‬ﺍﻟﻄﺒﻘﺔ ﺍﻟﻤﺨﻔﻴﺔ ﻫﻲ ﺍﻟﺘﻲ ﺗﺄﺗﻲ ﺑﻌﺪ ﺫﻟﻚ‪ .‬ﺩﺍﺧﻞ ﻋﺼﺒﻴﺔ ﻭﺍﺣﺪﺓ‬
‫ﺍﻟﺸﺒﻜﺔ‪،‬ﻗﺪ ﻳﻜﻮﻥ ﻫﻨﺎﻙ ﻋﺪﺓ ﻃﺒﻘﺎﺕ ﻣﺨﻔﻴﺔ‪ .‬ﻃﺒﻘﺔ ﺍﻹﺧﺮﺍﺝ ﻫﻲ ﺍﻷﺧﻴﺮﺓ‬

‫‪32‬‬
‫ﻭﺍﺣﺪﺓﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ ،3.2‬ﻫﻨﺎﻙ ﻋﻘﺪﺓ ﻭﺍﺣﺪﺓ ﺗﻤﺜﻞ ﻛﻞ ﻓﺌﺔ‪ .‬ﺑﻌﺪ‬
‫ﻋﻨﺪﺇﺟﺮﺍء ﻋﻤﻠﻴﺔ ﻣﺴﺢ ﻭﺍﺣﺪﺓ ﻓﻘﻂ ﻋﺒﺮ ﺍﻟﺸﺒﻜﺔ‪ ،‬ﻳﺘﻢ ﺇﻋﻄﺎء ﻗﻴﻤﺔ ﻟﻜﻞ ﻋﻘﺪﺓ ﺇﺧﺮﺍﺝ‪،‬‬
‫ﻭﻳﺘﻢﺇﺭﺳﺎﻝ ﺍﻟﺴﺠﻞ ﺇﻟﻰ ﻋﻘﺪﺓ ﺍﻟﻔﺌﺔ ﺍﻟﺘﻲ ﻟﻬﺎ ﺃﻛﺒﺮ ﻗﻴﻤﺔ‪.‬‬
‫ﺍﻟﺸﻜﻞ‪3.6‬ﻋﻴﻨﺔ ﻣﻦ ﺍﻟﺒﻨﻴﺔ ﺍﻷﺳﺎﺳﻴﺔ ﻟﺸﺒﻜﺎﺕ [‪.ANN ]36‬‬
‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺍﻟﻌﻤﻴﻘﺔ )‪(RNN‬‬
‫ﺷﺒﻜﺎﺕ‪ DRNN‬ﻫﻲ ﻧﻮﻉ ﻣﻦ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ DL‬ﺍﻟﺘﻲ ﺗﺠﻤﻊ ﺍﻟﺴﻠﻮﻙ ﺍﻟﺪﻳﻨﺎﻣﻴﻜﻲ ﻟﻠﺘﺴﻠﺴﻞ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺍﻻﺗﺼﺎﻻﺕ ﺍﻟﻤﺘﻜﺮﺭﺓ‪ ،‬ﻭﺍﻟﻤﻌﺮﻭﻓﺔ ﺃﻳﻀﺎً ﺑﺎﺳﻢ ﺍﻟﺪﻭﺭﺍﺕ ﻓﻲ ﺷﺒﻜﺔ ﻣﻦ ﺍﻟﻌﻘﺪ ]‪[10‬‬
‫‪، .‬ﻭﻫﻲ ﻋﺒﺎﺭﺓ ﻋﻦ ﺗﻄﺒﻴﻘﺎﺕ ﻳﻤﻜﻦ ﺍﻋﺘﺒﺎﺭ ﻫﺬﻩ ﺍﻟﺪﻭﺭﺍﺕ ﺑﻤﺜﺎﺑﺔ ﺃﻧﻤﺎﻁ ﻣﺘﻜﺮﺭﺓ‪ .‬ﻗﺪ ﻳﺘﻌﺎﺭﺽ‬
‫ﻫﺬﺍﻣﻊ ﻣﺎ ﻗﺪ ﺗﺘﻮﻗﻌﻪ ﻓﻲ ﺍﻟﺒﺪﺍﻳﺔ‪ .‬ﻭﻓﻲ ﺍﻟﻨﻬﺎﻳﺔ‪ ،‬ﻓﺈﻥ ﺣﻘﻴﻘﺔ ﺃﻥ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺗﺘﻐﺬﻯ‬
‫ﺑﻄﺒﻴﻌﺘﻬﺎﻫﻲ ﻣﺎ ﻳﻮﺿﺢ ﺍﻟﺘﺴﻠﺴﻞ ﺍﻟﺬﻱ ﻳﺘﻢ ﻣﻦ ﺧﻼﻟﻪ ﺇﺟﺮﺍء ﺍﻟﺤﺴﺎﺑﺎﺕ‪ .‬ﻭﻣﻦ ﻧﺎﺣﻴﺔ ﺃﺧﺮﻯ‬
‫ﻣﺘﻜﺮﺭﺓ‬
‫‪33‬‬
‫ﻳﺘﻢﺗﺤﺪﻳﺪ ﺍﻟﺤﻮﺍﻑ ﺑﻄﺮﻳﻘﺔ ﺩﻗﻴﻘﺔ ﻣﻤﺎ ﻳﻀﻤﻦ ﻋﺪﻡ ﺍﻟﻐﻤﻮﺽ ﻓﻲ ﺫﻟﻚ‬
‫ﺍﻟﻨﻮﻉﻟﻦ ﻳﺤﺪﺙ ﺃﺑﺪﺍ‪ .‬ﻳﺘﻢ ﺍﻟﺒﺴﻂ ﻋﻠﻰ ﻋﺪﺓ ﺧﻄﻮﺍﺕ ﺯﻣﻨﻴﺔ ﻓﻲ ‪ ،RNN‬ﻣﻊ‬
‫ﻳﺘﻢﺍﺳﺘﺨﺪﺍﻡ ﻧﻔﺲ ﺍﻟﻤﺘﻐﻴﺮﺍﺕ ﺍﻷﺳﺎﺳﻴﺔ ﻟﻜﻞ ﺧﻄﻮﺓ‪ .‬ﻭﻫﺬﺍ ﻳﺘﻨﺎﻗﺾ ﻣﻊ‬
‫ﺍﻻﺗﺼﺎﻻﺕﺍﻟﻘﻴﺎﺳﻴﺔ ﻛﺬﺑﺖ ﺑﻄﺮﻳﻘﺔ ﺗﺴﻠﺴﻠﻴﺔ‪ .‬ﻣﻦ ﺍﻟﻤﻤﻜﻦ ﺍﻟﺘﻔﻜﻴﺮ ﻓﻲ ‪RNNs‬‬
‫ﻛﺸﺒﻜﺎﺕﻋﺼﺒﻴﺔ ﻣﻐﺬﻳﺔ‪ ،‬ﻣﻊ ﺍﺧﺘﻼﻑ ﻣﻌﻠﻤﺎﺕ‬
‫ﺗﺘﻢﻣﺸﺎﺭﻛﺔ ﻛﻞ ﻃﺒﻘﺔ ﻋﺒﺮ ﺧﻄﻮﺍﺕ ﺯﻣﻨﻴﺔ‪ .‬ﻛﻞ ﺣﺎﻓﺔ ﻭﺭﺍﺑﻂ ﻟﻬﺎ‬
‫ﺍﻟﻮﺯﻥﺍﻟﻤﻘﺎﺑﻞ ﺍﻟﺬﻱ ﻳﺘﻌﻠﻖ ﺑﻪ‪ .‬ﻋﻨﺪﻣﺎ ﻳﺘﻢ ﺇﺩﺧﺎﻝ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺇﻟﻰ‬
‫ﺍﻟﺸﺒﻜﺔﻣﻦ ﺧﻼﻝ ﻫﺬﻩ ﺍﻟﻄﺒﻘﺔ‪ ،‬ﻭﻳﺸﺎﺭ ﺇﻟﻴﻬﺎ ﺑﺎﺳﻢ ﻃﺒﻘﺔ ﺍﻹﺩﺧﺎﻝ ﻟﻠﺘﻐﺬﻳﺔ ﺍﻷﻣﺎﻣﻴﺔ‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ‪ .‬ﺣﻴﺚ ﺇﻧﻬﺎ ﺍﻟﻄﺒﻘﺔ ﺍﻟﺘﻲ ﺗﻨﺘﺞ ﻣﺨﺮﺟﺎﺕ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻨﻬﺎﺋﻴﺔ‬
‫ﻳﺸﺎﺭﺇﻟﻰ ﻃﺒﻘﺔ ﺍﻟﺘﻐﺬﻳﺔ ﺍﻷﻣﺎﻣﻴﺔ ‪ NN‬ﺑﻄﺒﻘﺔ ﺍﻹﺧﺮﺍﺝ‪ .‬ﺍﻟﻤﺘﺒﻘﻲ‬
‫ﻏﺎﻟﺒﺎًﻣﺎ ﻳﺸُﺎﺭ ﺇﻟﻰ ﻣﺴﺘﻮﻳﺎﺕ ﺍﻟﺸﺒﻜﺔ ﻣﻌﺎً ﺑﺎﺳﻢ ﺍﻟﻄﺒﻘﺎﺕ ﺍﻟﻤﺨﻔﻴﺔ‪ .‬ﻋﻨﺪ ﺍﺳﺘﺨﺪﺍﻣﻬﺎ‬
‫ﻷﺩﺍءﻣﻬﺎﻡ ﺍﻟﺘﻌﻠﻢ ﺗﺤﺖ ﺍﻹﺷﺮﺍﻑ‪ ،‬ﻭﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﻐﺬﻳﺔ‬
‫ﺇﺛﺒﺎﺕﻓﺎﺋﺪﺗﻬﺎ ]‪ .[37‬ﺗﺼﻤﻴﻢ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﻐﺬﻳﺔ ﻛﻤﺎ ﺭﺃﻳﻨﺎ ﻓﻲ‬
‫ﺍﻟﺸﻜﻞ‪ .3.2‬ﻣﻊ ﻫﺬﻩ ﺍﻟﺒﻨﻴﺔ‪ ،‬ﺗﺴﺘﻤﺮ ﻛﻞ ﺧﻠﻴﺔ ﻋﺼﺒﻴﺔ ﻓﻲ ﺍﻟﺤﻔﺎﻅ ﻋﻠﻰ ﻧﺸﺎﻃﻬﺎ‬
‫ﺍﻻﺗﺼﺎﻻﺕﻣﻊ ﻛﻞ ﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻷﺧﺮﻯ ﻓﻲ ﺍﻟﻄﺒﻘﺔ ﺍﻟﺘﺎﻟﻴﺔ‪ .‬ﻋﺼﺒﻴﺔ ﻣﺘﺼﻠﺔ ﺑﺎﻟﻜﺎﻣﻞ‬
‫ﺍﻟﺸﺒﻜﺔﻫﻮ ﺍﻻﺳﻢ ﺍﻟﺬﻱ ﻳﻄﻠﻖ ﻋﻠﻰ ﻫﺬﺍ ﺍﻟﻨﻮﻉ ﻣﻦ ﺍﻟﺒﻨﻴﺔ‪.‬‬
‫‪34‬‬
‫ﺍﻟﺸﻜﻞ‪:3.7‬ﻋﻴﻨﺔ ﻣﻦ ﺑﻨﻴﺔ ﺷﺒﻜﺔ [‪.RNN ]38‬‬
‫ﺍﻟﺬﺍﻛﺮﺓﺍﻟﻄﻮﻳﻠﺔ ﻗﺼﻴﺮﺓ ﺍﻟﻤﺪﻯ )‪(LSTM‬‬
‫ﺃﺩﺕﺍﻟﺮﺅﻳﺔ ﺍﻟﺘﺎﻟﻴﺔ ﺇﻟﻰ ﺗﻄﻮﻳﺮ ‪ .LSTM‬ﺍﻟﺬﺍﻛﺮﺓ ﻃﻮﻳﻠﺔ ﺍﻟﻤﺪﻯ‬
‫ﺑﻤﺜﺎﺑﺔﺍﻷﻭﺯﺍﻥ ﻓﻲ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺍﻟﺒﺴﻴﻄﺔ‪ .‬ﺃﺛﻨﺎء ﺍﻟﺘﺪﺭﻳﺐ ﻫﻨﺎﻙ‬
‫ﻫﻮﺗﺤﻮﻝ ﺗﺪﺭﻳﺠﻲ ﻓﻲ ﺍﻷﻭﺯﺍﻥ‪ ،‬ﻣﻤﺎ ﻳﺸﻔﺮ ﻣﻌﻠﻮﻣﺎﺕ ﻋﺎﻣﺔ ﻋﻨﻪ‬
‫ﺍﻟﻤﺪﺧﻞ‪.‬ﻛﻤﺎ ﺃﻧﻬﺎ ﺗﺘﻤﻴﺰ ﺑﻌﻤﻠﻴﺎﺕ ﺗﻨﺸﻴﻂ ﺳﺮﻳﻌﺔ ﺍﻟﺰﻭﺍﻝ ﺗﻌﻤﻞ ﻋﻠﻰ ﺍﻟﻤﺪﻯ ﺍﻟﻘﺼﻴﺮ‬
‫ﺍﻟﺬﺍﻛﺮﺓﻭﺍﻟﻨﻘﻞ ﻣﻦ ﻋﻘﺪﺓ ﺇﻟﻰ ﺃﺧﺮﻯ ﻣﻊ ﺗﻘﺪﻡ ﺍﻟﺸﺒﻜﺔ‪ .‬ﺍﻝ‬
‫ﺗﺘﻤﺘﻊﺑﻨﻴﺔ ‪ LSTM‬ﺑﻤﺴﺘﻮﻯ ﺇﺿﺎﻓﻲ ﻣﻦ ﺍﻟﺘﺨﺰﻳﻦ‪ ،‬ﻭﺍﻟﺬﻱ ﻳﻤﻜﻦ ﺍﻟﻮﺻﻮﻝ ﺇﻟﻴﻪ ﻋﺒﺮ‬
‫ﺧﻠﻴﺔﺍﻟﺬﺍﻛﺮﺓ ]‪ . [9‬ﻓﻲ ﺣﻴﻦ ﺃﻥ ﻗﺺ ﺍﻟﺘﺪﺭﺝ ﻗﺪ ﻳﺴﺎﻋﺪ ﻓﻲ ﺍﻧﻔﺠﺎﺭ ﺍﻟﺘﺪﺭﺟﺎﺕ‪،‬‬
‫ﺗﺤﺘﺎﺝﺍﻟﺘﺪﺭﺟﺎﺕ ﺍﻟﻤﺘﻼﺷﻴﺔ ﺇﻟﻰ ﻃﺮﻳﻘﺔ ﺃﻛﺜﺮ ﺗﻌﻘﻴﺪﺍً ﻟﻴﺘﻢ ﺍﻟﺘﻌﺎﻣﻞ ﻣﻌﻬﺎ ﺑﺸﻜﻞ ﺻﺤﻴﺢ‪ .‬ﺍﻝ‬
‫ﻛﺎﻥﻧﻤﻮﺫﺝ ‪ LSTM‬ﻭﺍﺣﺪﺍً ﻣﻦ ﺃﻗﺪﻡ ﺍﻷﺳﺎﻟﻴﺐ ﻟﻠﺘﻌﺎﻣﻞ ﻣﻊ ﺍﻟﺘﺪﺭﺟﺎﺕ ﺍﻟﻤﺘﻼﺷﻴﺔ‪،‬‬
‫ﻭﻛﺎﻥﺃﻳﻀﺎً ﺃﺣﺪ ﺍﻷﺳﺎﻟﻴﺐ ﺍﻷﻛﺜﺮ ﻓﻌﺎﻟﻴﺔ‪ LSTMs .‬ﻫﻲ‬
‫ﺗﺸﺒﻪﺇﻟﻰ ﺣﺪ ﻛﺒﻴﺮ ﺷﺒﻜﺎﺕ ‪ RNN‬ﺍﻟﺘﻘﻠﻴﺪﻳﺔ؛ ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﻲ ‪ ،LSTMs‬ﻛﻞ ﺗﻘﻠﻴﺪﻳﺔ‬
‫ﻳﺘﻢﺍﺳﺘﺒﺪﺍﻝ ﺍﻟﻌﻘﺪﺓ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺑﺨﻠﻴﺔ ﺫﺍﻛﺮﺓ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ .3.3‬ﺃﻥ ﻛﻞ‬
‫ﺗﺤﺘﻮﻱﺧﻠﻴﺔ ﺍﻟﺬﺍﻛﺮﺓ ﻋﻠﻰ ﺣﺎﻟﺔ ﺩﺍﺧﻠﻴﺔ ﻭﻋﻘﺪﺓ ﻭﺣﺎﻓﺔ ﻣﺘﻜﺮﺭﺓ ﻣﺘﺼﻠﺔ ﺫﺍﺗﻴﺎً‬
‫‪35‬‬
‫ﻣﻊﻭﺯﻥ ﻭﺍﺣﺪ ﻳﺠﻌﻞ ﻣﻦ ﺍﻟﻤﻤﻜﻦ ﺃﻥ ﻳﺴﺘﻤﺮ ﺍﻟﺘﺪﺭﺝ ﻋﺒﺮ ﺍﻟﻌﺪﻳﺪ‬
‫ﺧﻄﻮﺍﺕﺯﻣﻨﻴﺔ ﺩﻭﻥ ﺃﻥ ﺗﺨﺘﻔﻲ ﺃﻭ ﺗﻨﻔﺠﺮ‪ .‬ﺗﺴﺘﺨﺪﻡ ﺷﺒﻜﺎﺕ ‪ LSTM‬ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ ﻓﻲ‬
‫ﺗﺆﺛﺮﺍﻟﺘﻬﺪﻳﺪﺍﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﻟﻠﻌﺪﻳﺪ ﻣﻦ ﺍﻟﺸﺒﻜﺎﺕ ﻋﻠﻰ ﺃﺟﻬﺰﺓ ﻣﺜﻞ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ]‪.[36] ،[9‬‬
‫ﺍﻟﺸﻜﻞ‪:3.8‬ﺍﻟﺬﺍﻛﺮﺓ ﺍﻟﻄﻮﻳﻠﺔ ﻗﺼﻴﺮﺓ ﺍﻟﻤﺪﻯ )‪.[40] (LSTM‬‬
‫ﻃﺒﻘﺔﺍﻟﻮﺣﺪﺓ ﺍﻟﻤﺘﻜﺮﺭﺓ )‪.(GRU‬‬
‫ﺗﻌﺪﻃﺒﻘﺔ ‪ GRU‬ﺗﺤﺴﻴﻨﺎً ﻋﻠﻰ ﻧﻤﺎﺫﺝ ‪ RNN‬ﺍﻟﺘﻘﻠﻴﺪﻳﺔ‪ ،‬ﻣﺜﻞ ‪ RNN‬ﺍﻟﺒﺴﻴﻂ ﻭ[‪.LSTM ]59‬‬
‫ﻭﻫﻮﻳﻮﻓﺮ ﻧﻈﺎﻡ ﺑﻮﺍﺑﺔ ﻳﺴﻤﺢ ﻟﻠﺸﺒﻜﺔ ﺑﻀﺒﻂ ﻭﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﻦ ﺍﻟﺨﻄﻮﺍﺕ ﺍﻟﺴﺎﺑﻘﺔ‬
‫ﺑﺸﻜﻞﺗﻔﻀﻴﻠﻲ‪ ،‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺍﻟﺘﺨﻔﻴﻒ ﻣﻦ ﻣﺸﻜﻠﺔ ﺍﻟﺘﺪﺭﺟﺎﺕ ﺍﻟﺘﻼﺷﻲ ]‪ .[60‬ﺗﻌﺪ ﺑﻮﺍﺑﺔ‬
‫ﺍﻟﺘﺤﺪﻳﺚﻭﺑﻮﺍﺑﺔ ﺇﻋﺎﺩﺓ ﺍﻟﺘﻌﻴﻴﻦ ﺍﻟﻤﻜﻮﻧﺎﺕ ﺍﻟﺮﺋﻴﺴﻴﺔ ﻟﻄﺒﻘﺔ ‪ .GRU‬ﻫﺬﻩ ﺍﻟﺒﻮﺍﺑﺎﺕ ﻣﺴﺆﻭﻟﺔ ﻋﻦ‬
‫ﺗﻨﻈﻴﻢﺣﺮﻛﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ﺩﺍﺧﻞ ﺍﻟﻄﺒﻘﺔ‪ .‬ﺗﻘﻮﻡ ﺑﻮﺍﺑﺔ ﺍﻟﺘﺤﺪﻳﺚ ﺑﺤﺴﺎﺏ ﻣﻘﺪﺍﺭ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬
‫ﺍﻟﺴﺎﺑﻘﺔﺍﻟﺘﻲ ﻳﻨﺒﻐﻲ ﺗﻘﺪﻳﻤﻬﺎ‪ ،‬ﺑﻴﻨﻤﺎ ﺗﺸﻴﺮ ﺑﻮﺍﺑﺔ ﺇﻋﺎﺩﺓ ﺍﻟﻀﺒﻂ ﺇﻟﻰ ﻣﻘﺪﺍﺭ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﺴﺎﺑﻘﺔ‬
‫ﺍﻟﺘﻲﻳﻤﻜﻦ ﺇﺯﺍﻟﺘﻬﺎ‪ .‬ﻳﺘﻴﺢ ﺫﻟﻚ ﻟﻠﺸﺒﻜﺔ ﻣﻌﺮﻓﺔ ﻣﺘﻰ ﻳﺠﺐ ﻋﻠﻴﻬﺎ ﺗﻌﺪﻳﻞ ﺃﻭ ﺇﻋﺎﺩﺓ ﺗﻌﻴﻴﻦ ﺍﻟﺤﺎﻟﺔ‬
‫ﺍﻟﺪﺍﺧﻠﻴﺔﺍﻟﻤﺨﻔﻴﺔ‪ ،‬ﺍﻟﺘﻲ ﺗﺨﺰﻥ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫‪36‬‬
‫ﺗﺎﺭﻳﺦﺃﻭ ﺫﺍﻛﺮﺓ ﻛﻞ ﺗﺴﻠﺴﻞ ﺣﺘﻰ ﺧﻄﻮﺓ ﺍﻟﻮﻗﺖ ﺍﻟﺤﺎﻟﻲ ]‪ .[61‬ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﺑﻮﺍﺑﺔﺇﻋﺎﺩﺓ ﺍﻟﻀﺒﻂ‪ ،‬ﻓﻬﻲ ﺗﺪﻣﺞ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﻦ ﺍﻟﻤﺪﺧﻼﺕ ﺍﻟﺤﺎﻟﻴﺔ ﻭﺍﻟﻤﺨﻔﻴﺔ ﺳﺎﺑﻘﺎً‬
‫ﻹﻧﺸﺎءﺣﺎﻟﺔ ﻣﺨﻔﻴﺔ ﻣﺘﻮﺳﻄﺔ‪ .‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺑﻮﺍﺑﺔ ﺍﻟﺘﺤﺪﻳﺚ‪ ،‬ﻫﺬﺍ ‪State‬‬
‫ﻳﺘﻢﺩﻣﺞ ﺍﻟﺤﺎﻟﺔ ﺍﻟﻤﺘﻮﺳﻄﺔ ﻣﻊ ﺍﻟﺤﺎﻟﺔ ﺍﻟﻤﺨﻔﻴﺔ ﺍﻟﺴﺎﺑﻘﺔ ﻹﻧﺘﺎﺝ‬
‫ﺗﻢﺗﺤﺪﻳﺚ ﺍﻟﺤﺎﻟﺔ ﺍﻟﻤﺨﻔﻴﺔ ﻟﻠﺨﻄﻮﺓ ﺍﻟﺰﻣﻨﻴﺔ ﺍﻟﺤﺎﻟﻴﺔ‪.‬‬
‫ﻣﺘﻌﺪﺩﺍﻟﻄﺒﻘﺎﺕ ﺑﻴﺮﺳﺒﺘﺮﻭﻥ )‪(MLP‬‬
‫ﻳﺘﻢﺇﻧﺸﺎء ﺷﺒﻜﺔ ‪ ANN‬ﺫﺍﺕ ﺗﻐﺬﻳﺔ ﺃﻣﺎﻣﻴﺔ ﻣﺮﺗﺒﻄﺔ ﺑﺎﻟﻜﺎﻣﻞ ﺗﺴﻤﻰ ﺍﻹﺩﺭﺍﻙ ﺍﻟﺤﺴﻲ ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ )‪.(MLP‬‬
‫ﻃﺒﻘﺎﺕﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ ]‪ .[38] ،[11‬ﻳﺘﻜﻮﻥ ‪ MLP‬ﻣﻦ ﺛﻼﺛﺔ ﻣﺪﺧﻼﺕ ﻭﻣﺨﺮﺟﺎﺕ ﻭ‬
‫ﻃﺒﻘﺔﻣﺨﻔﻴﺔ ﻭﺍﺣﺪﺓ ﺃﻭ ﺃﻛﺜﺮ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ .3.4‬ﻗﺪ ﻳﺘﻀﻤﻦ ‪ MLP‬ﺃﻳﻀﺎً ﺍﻟﻤﺰﻳﺪ‬
‫ﻣﻦﻃﺒﻘﺔ ﻭﺍﺣﺪﺓ ﻣﺨﻔﻴﺔ ]‪ .[23‬ﻭﻓﻲ ﺍﻟﺪﺭﺍﺳﺔ ﺍﻟﺘﻲ ﻗﺪﻣﺖ ﺃﺷﺎﺭﺕ ﺇﻟﻰ ﺍﻟﻤﺨﺮﺟﺎﺕ‬
‫ﻣﻦ‪ MLP ANN‬ﺇﻟﻰ ﺍﻟﻌﺪﺩ ﺍﻟﻤﺘﻮﻗﻊ ﻟﻠﻤﺮﺿﻰ‪ .‬ﻃﺒﻘﺔ ﺍﻹﺧﺮﺍﺝ ﻫﻲ‬
‫ﺗﺘﻜﻮﻥﻣﻦ ﺧﻠﻴﺔ ﻋﺼﺒﻴﺔ ﻭﺍﺣﺪﺓ‪ ،‬ﻗﻴﻤﺘﻬﺎ ﻫﻲ ﻧﺎﺗﺞ ‪MLP ANN‬‬
‫]‪ .[42‬ﻳﻌﺘﻤﺪ ﻋﺪﺩ ﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ ﻓﻲ ﻃﺒﻘﺔ ﺍﻹﺩﺧﺎﻝ ﻋﻠﻰ ﻋﺪﺩ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺳﻤﺎﺕ‪.‬ﺳﻮﻑ ﺗﺤﺘﻮﻱ ﻛﻞ ‪ MLPs‬ﻋﻠﻰ ﺛﻼﺙ ﺧﻼﻳﺎ ﻋﺼﺒﻴﺔ ﻓﻲ ﻃﺒﻘﺔ ﺍﻹﺩﺧﺎﻝ‪ ،‬ﻭﺍﺣﺪﺓ ﻣﻨﻬﺎ‬
‫ﺳﻮﻑﺗﺘﻮﺍﻓﻖ ﻣﻊ ﻛﻞ ﻧﻘﻄﺔ ﻣﻦ ﻧﻘﺎﻁ ﺑﻴﺎﻧﺎﺕ ﺍﻹﺩﺧﺎﻝ‪ .‬ﺑﺴﺎﻃﺔ ﻭﺿﻊ ﻣﺜﻞ ﻫﺬﺍ‬
‫ﻛﺎﻧﺖﺍﻷﺳﺎﻟﻴﺐ ﺍﻟﻤﺘﺒﻌﺔ ﻓﻲ ﺍﻟﻤﻤﺎﺭﺳﺔ ﻋﺎﻣﻼ ًﺭﺋﻴﺴﻴﺎ ًﻓﻲ ﻗﺮﺍﺭ ﺍﺳﺘﺨﺪﺍﻡ ‪ MLP‬ﺑﺎﻋﺘﺒﺎﺭﻩ ﺍﻟﺤﻞ ﺍﻷﻣﺜﻞ‬
‫ﺍﻟﻤﻨﻬﺠﻴﺔﻭﺭﺍء ﻫﺬﺍ ﺍﻟﺘﺤﻘﻴﻖ‪ .‬ﻫﻜﺬﺍ ﻫﻲ ﻗﻴﻢ ﺍﻟﺨﻼﻳﺎ ﺍﻟﻌﺼﺒﻴﺔ‬
‫ﻣﺤﺪﺩﻓﻲ ‪ .MLP‬ﻭﻳﺸﻴﺮ ﻣﺼﻄﻠﺢ "ﺍﻟﺘﻨﺸﻴﻂ" ﺇﻟﻰ ﺍﻟﻌﻤﻠﻴﺔ ﺍﻟﺘﻲ ﻳﺘﻢ ﻣﻦ ﺧﻼﻟﻬﺎ‬
‫ﻳﺘﻢﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﻤﺪﺧﻼﺕ ﺍﻟﻤﺮﺟﺤﺔ ﻛﻤﺪﺧﻼﺕ ﻟﻮﻇﻴﻔﺔ ﺗﻌﺮﻑ ﺑﺎﺳﻢ‬
‫"ﻭﻇﻴﻔﺔ ﺍﻟﺘﻨﺸﻴﻂ‪ ".‬ﺗﻘﻮﻡ ﻫﺬﻩ ﺍﻟﻮﻇﻴﻔﺔ ﺑﻨﻘﻞ ﺍﻹﺩﺧﺎﻝ ﺇﻟﻰ ﺍﻹﺧﺮﺍﺝ ﺃﻳﻀﺎً‬
‫‪37‬‬
‫ﻣﺒﺎﺷﺮﺓﺃﻭ ﻋﺒﺮ ﻭﻇﻴﻔﺔ ﻭﺳﻴﻄﺔ ﻣﺜﻞ ﺍﻟﺴﻴﻨﻲ‪ ،tanh ،‬ﺃﻭ [‪ReLU ]43‬‬
‫ﻳﺘﻢﺗﺤﺪﻳﺪ ﺃﻭﺯﺍﻥ ﺍﻟﻮﺻﻼﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺑﺸﻜﻞ ﻋﺸﻮﺍﺋﻲ ﻓﻲ ﺍﻟﺒﺪﺍﻳﺔ‪ ،‬ﻭﻟﻜﻨﻬﺎ‬
‫ﺗﻢﺗﻌﺪﻳﻠﻬﺎ ﻻﺣﻘﺎً ﻣﻦ ﺧﻼﻝ ﻋﻤﻠﻴﺔ ﺗﻌُﺮﻑ ﺑﺎﺳﻢ ﺍﻻﻧﺘﺸﺎﺭ ﺍﻟﻌﻜﺴﻲ‪ .‬ﺧﻼﻝ‬
‫ﻫﺬﻩﺍﻟﻌﻤﻠﻴﺔ‪ ،‬ﺍﻟﺨﻄﺄ ﺍﻟﺬﻱ ﺗﻢ ﺇﻧﺘﺎﺟﻪ ﺑﻮﺍﺳﻄﺔ ﺇﺻﺪﺍﺭ ﻣﻨﺘﺸﺮ ﻟﻸﻣﺎﻡ ﻣﻦ‬
‫ﻳﺘﻢﻧﺸﺮ ﻧﺘﺎﺋﺞ ‪ MLP‬ﺑﺸﻜﻞ ﻋﻜﺴﻲ‪ ،‬ﻭﻳﺘﻢ ﺗﻌﺪﻳﻠﻬﺎ ﺑﺸﻜﻞ ﻣﺘﻨﺎﺳﺐ‬
‫ﺍﻷﻭﺯﺍﻥﺇﻟﻰ ﺍﻟﺨﻄﺄ‪.‬‬
‫ﺍﻟﺸﻜﻞ‪:3.9‬ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ ﺑﻴﺮﺳﺒﺘﺮﻭﻥ )‪.[44] (MLP‬‬
‫‪3.3.4‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‬
‫‪-‬ﻣﺼﻨﻒ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ‬
‫ﺗﻌﺪﺧﻮﺍﺭﺯﻣﻴﺔ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ ﺃﺣﺪ ﺃﺷﻜﺎﻝ ﺧﻮﺍﺭﺯﻣﻴﺔ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‪ .‬ﺍﻝ‬
‫ﺗﻈُﻬﺮﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔ ﺃﻭﺟﻪ ﺗﺸﺎﺑﻪ ﻣﻊ ‪ ،Random Forests‬ﻋﻠﻰ ﺍﻟﺮﻏﻢ ﻣﻦ ﺇﺿﺎﻓﺔ ﺍﻟﻤﺰﻳﺪ‬
‫ﺍﻟﻌﺸﻮﺍﺋﻴﺔﻓﻲ ﺑﻨﺎء ﺃﺷﺠﺎﺭ ﺍﻟﻘﺮﺍﺭ ]‪ .[45‬ﻣﺼﻨﻒ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ‬
‫ﻳﺴﺘﺨﺪﻡﺗﻘﻨﻴﺔ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ﻣﻦ ﺧﻼﻝ ﺗﺠﻤﻴﻊ ﻗﺎﻋﺪﺓ ﻣﺘﻌﺪﺩﺓ‬
‫‪38‬‬
‫ﺍﻟﻤﺼﻨﻔﺎﺕﻟﺘﻮﻟﻴﺪ ﺍﻟﺘﻨﺒﺆﺍﺕ‪ ،‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﺗﺴﺨﻴﺮ ﺍﻟﺬﻛﺎء ﺍﻟﺠﻤﺎﻋﻲ‬
‫ﺍﻟﺠﻤﺎﻋﺔ]‪ . [46‬ﺇﻧﻬﺎ ﻃﺮﻳﻘﺔ ﺟﻤﺎﻋﻴﺔ ﺗﺠﻤﻊ ﻣﺨﺮﺟﺎﺕ‬
‫ﺍﻟﻌﺪﻳﺪﻣﻦ ﺍﻷﺷﺠﺎﺭ ﺍﻟﺘﻲ ﺗﻢ ﺗﺪﺭﻳﺒﻬﺎ ﺑﺸﻜﻞ ﻣﺴﺘﻘﻞ‪ .‬ﻫﺬﻩ ﺍﻟﺘﻘﻨﻴﺔ ﻳﻤﻜﻦ ﺃﻥ ﺗﻜﻮﻥ‬
‫ﺗﺴﺘﺨﺪﻡﻟﻤﻬﺎﻡ ﺍﻟﺘﺼﻨﻴﻒ‪ ،‬ﺣﻴﺚ ﻳﺘﻢ ﺗﺤﺪﻳﺪ ﺍﻟﺘﻨﺒﺆ ﺍﻟﻨﻬﺎﺋﻲ ﺑﺎﻷﻏﻠﺒﻴﺔ‬
‫ﺍﻟﺘﺼﻮﻳﺖ‪.‬ﻓﻲ ﺳﻴﺎﻗﻨﺎ ﺍﻟﻤﺤﺪﺩ‪ ،‬ﻳﺘﻢ ﺍﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﻣﺼﻨﻒ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ‬
‫ﺍﻟﻜﺸﻒﻋﻦ ﺃﻧﻮﺍﻉ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻟﻬﺠﻤﺎﺕ‪ .‬ﻳﻤﻜﻦ ﻟﻤﺼﻨﻒ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ ﺍﻟﺘﺨﻔﻴﻒ‬
‫ﺍﻟﺘﺠﻬﻴﺰﺍﻟﺰﺍﺋﺪ ﻭﺗﺤﺴﻴﻦ ﺩﻗﺔ ﺍﻟﺘﻌﻤﻴﻢ ﻋﻦ ﻃﺮﻳﻖ‬
‫ﺟﻤﻊﻧﺘﺎﺋﺠﻪ ]‪.[47‬‬
‫‪-‬ﻣﺼﻨﻒ ﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ﺍﻟﺮﺳﻢ ﺍﻟﺒﻴﺎﻧﻲ‬
‫ﻭﻫﻮﻳﻨﻄﻮﻱ ﻋﻠﻰ ﺍﺳﺘﺨﺪﺍﻡ ﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ‪ ،‬ﻭﺍﻟﺬﻱ ﻳﺘﻀﻤﻦ ﺍﻟﺘﺪﺭﻳﺐ ﺍﻟﻤﺘﻄﻮﺭ ﺑﺎﺳﺘﻤﺮﺍﺭ‬
‫ﻟﻤﺠﻤﻮﻋﺔﻣﻦ ﺍﻟﻤﺘﻌﻠﻤﻴﻦ ﺍﻟﻀﻌﻔﺎء ]‪ .[48‬ﺍﻟﻤﺘﻌﻠﻤﻮﻥ ﺍﻟﻀﻌﻔﺎء‬
‫ﺃﺷﺠﺎﺭﺍﻟﻘﺮﺍﺭ ﺷﺎﺋﻌﺔ ﺍﻻﺳﺘﺨﺪﺍﻡ ﻟﺘﺼﺤﻴﺢ ﻋﺪﻡ ﺩﻗﺔ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻟﺴﺎﺑﻘﺔ ]‪ .[49‬ﻭﺍﺳﺘﺨﺪﻣﺖ‬
‫ﺍﻟﻤﻨﻬﺠﻴﺔﺍﻟﺘﻲ ﺗﺴﺘﺨﺪﻡ ﺍﻟﺮﺳﻮﻡ ﺍﻟﺒﻴﺎﻧﻴﺔ ﻟﺘﻌﺰﻳﺰ ﻛﻠﻴﻬﻤﺎ‬
‫ﺍﻟﻜﻔﺎءﺓﺍﻟﺤﺴﺎﺑﻴﺔ ﻭﺍﻟﺪﻗﺔ ﺍﻟﺘﻨﺒﺆﻳﺔ‪.‬‬
‫ﻳﺘﻢﺇﻧﺸﺎء ﺍﻟﺮﺳﻮﻡ ﺍﻟﺒﻴﺎﻧﻴﺔ ﻟﺘﻮﻓﻴﺮ ﻣﻌﻠﻮﻣﺎﺕ ﺇﺣﺼﺎﺋﻴﺔ ﺑﺸﺄﻥ‬
‫ﺗﻮﺯﻳﻊﺍﻟﺒﻴﺎﻧﺎﺕ ﺩﺍﺧﻞ ﻛﻞ ﺻﻨﺪﻭﻕ ]‪ .[50‬ﻳﺘﻀﻤﻦ ﺫﻟﻚ ﻣﻘﺎﻳﻴﺲ ﻣﺜﻞ ﺍﻟﻌﺪﺩ‬
‫ﻣﻦﺍﻟﻌﻴﻨﺎﺕ ﻭﻣﺠﻤﻮﻉ ﺍﻟﺘﺪﺭﺟﺎﺕ ﺃﻭ ﺍﻟﺘﺪﺭﺟﺎﺕ ﺍﻟﻤﺮﺑﻌﺔ‪ .‬ﺍﻻﻧﺘﻔﺎﻉ‬
‫ﻣﻦﻫﺬﻩ ﺍﻹﺣﺼﺎﺋﻴﺎﺕ ﺗﺴﻬﻞ ﺍﻟﻜﻔﺎءﺓ ﻭﺍﻟﺤﺴﺎﺑﺎﺕ ﻃﻮﺍﻝ ﻓﺘﺮﺓ ﺍﻟﺘﺪﺭﻳﺐ‬
‫ﺍﻹﺟﺮﺍء‪،‬ﻣﻤﺎ ﺃﺩﻯ ﺇﻟﻰ ﺗﻌﺰﻳﺰ ﻗﺎﺑﻠﻴﺔ ﺍﻟﺘﻮﺳﻊ ﻭﺍﻷﺩﺍء‪ .‬ﺍﻟﺘﻘﺮﺏ‬
‫ﻳﺘﻀﻤﻦﺍﻟﺘﻄﺒﻴﻖ ﺍﻟﻤﺘﺴﻠﺴﻞ ﻟﻠﻤﺘﻌﻠﻤﻴﻦ ﺍﻟﻀﻌﻔﺎء ﻋﻠﻰ ﺍﻟﺘﺪﺭﺟﺎﺕ ﺍﻟﺴﻠﺒﻴﺔ ﻟﻠﺘﻌﻠﻢ‬
‫‪39‬‬
‫ﻭﻇﻴﻔﺔﺍﻟﺨﺴﺎﺭﺓ‪ ،‬ﻣﻤﺎ ﻳﺆﺩﻱ ﺇﻟﻰ ﺍﻧﺨﻔﺎﺽ ﺗﺪﺭﻳﺠﻲ ﻓﻲ ﺍﻷﺧﻄﺎء ﺍﻟﻤﺘﺒﻘﻴﺔ‪ .‬ﺍﻟﺘﻌﻠﻴﻢ‬
‫ﺗﻨﻈﻢﻣﻌﻠﻤﺔ ﺍﻟﻤﻌﺪﻝ ﺍﻟﻮﺯﻥ ﺍﻟﻤﺨﺼﺺ ﻟﻜﻞ ﻓﺮﺩ ﻣﺘﻌﻠﻢ ﺿﻌﻴﻒ‪،‬‬
‫ﻭﺑﺎﻟﺘﺎﻟﻲﺗﺤﻘﻴﻖ ﺗﻮﺍﺯﻥ ﺩﻗﻴﻖ ﺑﻴﻦ ﺗﻌﻘﻴﺪﺍﺕ ﺍﻟﻨﻤﻮﺫﺝ ﻭ‬
‫ﻧﺴﺒﺔﺍﻟﺘﻘﺎﺭﺏ ]‪.[51‬‬
‫‪-‬ﻣﺼﻨﻒ ﺍﻟﺘﻌﺰﻳﺰ ﺍﻟﺘﻜﻴﻔﻲ‬
‫ﻳﺠﻤﻊﺑﺮﻧﺎﻣﺞ (‪ Adaptive Boosting )AdaBoost‬ﺑﻴﻦ ﺍﻟﻤﺘﻌﻠﻤﻴﻦ ﺍﻟﻀﻌﻔﺎء ﺑﺸﻜﻞ ﻣﺘﻜﺮﺭ ﻹﻧﺘﺎﺝ‬
‫ﺍﻟﻤﺼﻨﻒﺍﻟﻘﻮﻱ ]‪ .[52‬ﻋﺎﺩﺓ ًﻣﺎ ﻳﻜﻮﻥ ﺍﻟﻤﺘﻌﻠﻤﻮﻥ ﺍﻟﻀﻌﻔﺎء ﻋﺒﺎﺭﺓ ﻋﻦ ﺃﺷﺠﺎﺭ ﻗﺮﺍﺭ‪ ،‬ﻭﻳﻜﻮﻥ‬
‫ﻟﺘﻮﻗﻌﺎﺗﻬﻢﺃﻭﺯﺍﻥ ﻭﻓﻘﺎً ﻟﻨﺘﺎﺋﺞ ﺗﺪﺭﻳﺒﻬﻢ‪ .‬ﺇﻧﻪ ﻳﻮﻓﺮ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﻤﺰﺍﻳﺎ ﺍﻟﺠﺪﻳﺮﺓ ﺑﺎﻟﻤﻼﺣﻈﺔ ﺍﻟﺘﻲ‬
‫ﺗﺴﺎﻫﻢﻓﻲ ﺷﻌﺒﻴﺘﻪ ﻭﻓﻌﺎﻟﻴﺘﻪ ﻓﻲ‬
‫ﻣﺠﺎﻝﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ .‬ﻳﺘﻤﺘﻊ ‪ AdaBoost‬ﺑﻘﺪﺭﺓ ﺍﺳﺘﺜﻨﺎﺋﻴﺔ ﻋﻠﻰ ﺗﻌﺰﻳﺰ ﺩﻗﺔ ﺍﻟﺘﺼﻨﻴﻒ ﻣﻘﺎﺭﻧﺔ‬
‫ﺑﻤﺘﻌﻠﻢﻭﺍﺣﺪ ﺿﻌﻴﻒ‪ .‬ﻳﺮﻛﺰ ‪ AdaBoost‬ﻋﻠﻰ‬
‫ﺗﺤﺪﻱﺍﻟﻌﻴﻨﺎﺕ ﻣﻦ ﺧﻼﻝ ﺗﺪﺭﻳﺐ ﺍﻟﻤﺘﻌﻠﻤﻴﻦ ﺍﻟﻀﻌﻔﺎء ﺑﺸﻜﻞ ﻣﺘﻜﺮﺭ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺎﺕ ﻓﺮﻋﻴﺔ‬
‫ﻣﺨﺘﻠﻔﺔﻣﻦ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺗﺨﺼﻴﺺ ﺃﻭﺯﺍﻥ ﺃﻋﻠﻰ ﻟﻠﺤﺎﻻﺕ ﺍﻟﻤﺼﻨﻔﺔ ﺑﺸﻜﻞ ﺧﺎﻃﺊ‪ ،‬ﻭﺑﺎﻟﺘﺎﻟﻲ‬
‫ﺗﻘﻠﻴﻞﺍﻟﺘﺤﻴﺰ ﻭﺯﻳﺎﺩﺓ ﺍﻟﺪﻗﺔ ﺍﻹﺟﻤﺎﻟﻴﺔ ]‪ AdaBoost .[53‬ﻣﺮﻥ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔﻗﺎﺑﻠﺔ ﻟﻠﺘﻄﺒﻴﻖ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ ﻣﺸﺎﻛﻞ ﺍﻟﺘﺼﻨﻴﻒ‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ‬
‫ﺍﻟﺘﺼﻨﻴﻒﺍﻟﺜﻨﺎﺋﻲ ﻭﺍﻟﺘﺼﻨﻴﻒ ﻣﺘﻌﺪﺩ ﺍﻟﻔﺌﺎﺕ‪ .‬ﻳﻤﻜﻨﻪ ﺇﺩﺍﺭﺓ ﻛﻞ ﻣﻦ ﺍﻟﻤﻨﻔﺼﻠﺔ ﻭ‬
‫ﺍﻟﺨﺼﺎﺋﺺﺍﻟﻤﺴﺘﻤﺮﺓ‪ ،‬ﻣﻤﺎ ﻳﺠﻌﻠﻬﺎ ﻗﺎﺑﻠﺔ ﻟﻠﺘﻄﺒﻴﻖ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﻭﺍﺳﻌﺔ ﻣﻦ ﻣﺠﻤﻮﻋﺎﺕ‬
‫ﺍﻟﺒﻴﺎﻧﺎﺕ]‪ .[54‬ﻳﻘﻮﻡ ‪ AdaBoost‬ﺑﺘﻌﻴﻴﻦ ﺃﻭﺯﺍﻥ ﺍﻟﻤﻴﺰﺍﺕ ﻭﻓﻘﺎً ﻟﺘﺼﻨﻴﻔﻬﺎ‬
‫ﻓﺎﺋﺪﺓ‪.‬ﺃﺛﻨﺎء ﺍﻟﺘﺪﺭﻳﺐ‪ ،‬ﻳﻘﻮﻡ ‪ AdaBoost‬ﺑﺘﻌﺪﻳﻞ ﺃﻭﺯﺍﻧﻪ ﻟﻴﻌﻄﻲ ﺗﺼﻨﻴﻔﺎً ﺧﺎﻃﺌﺎً‬
‫ﺍﻟﺤﺎﻻﺕﻭﺍﻟﻘﻴﻢ ﺍﻟﻤﺘﻄﺮﻓﺔ ﺃﻗﻞ ﻭﺯﻧﺎ‪ .‬ﻫﺬﻩ ﺍﻟﻤﺘﺎﻧﺔ ﺗﻤﻜﻦ ‪ AdaBoost‬ﻣﻦ ﺍﻹﺩﺍﺭﺓ‬
‫‪40‬‬
‫ﻣﺠﻤﻮﻋﺎﺕﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻔﻮﺿﻮﻳﺔ ﻭﺍﻟﻘﻴﻢ ﺍﻟﻤﺘﻄﺮﻓﺔ ﺍﻟﺘﻲ ﻣﻦ ﺷﺄﻧﻬﺎ ﺃﻥ ﺗﻌﻴﻖ ﺃﺩﺍء‬
‫ﺍﻟﻤﺼﻨﻔﺎﺕﺍﻟﺒﺪﻳﻠﺔ‬
‫‪-‬ﻣﺼﻨﻒ ‪LGBM‬‬
‫ﻳﻌﺪﻣﺼُﻨﻒ (‪ Light Gradient Boosting Machine )LightGBM‬ﺑﻤﺜﺎﺑﺔ ‪ ML‬ﻗﻮﻱ‬
‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔﺍﻟﺘﻲ ﺗﻨﺪﺭﺝ ﺿﻤﻦ ﻓﺌﺔ ﺃﻃﺮ ﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ ]‪ .[55‬ﻫﻮ ‪ -‬ﻫﻲ‬
‫ﺗﻢﺗﺼﻤﻴﻤﻪ ﺧﺼﻴﺼﺎً ﻟﺘﻘﺪﻳﻢ ﺍﻷﺩﺍء ﺍﻟﻌﺎﻟﻲ ﻭﺍﻟﻜﻔﺎءﺓ ﻭﺍﻟﺪﻗﺔ‬
‫ﺣﻞﻣﻬﺎﻡ ﺍﻟﺘﺼﻨﻴﻒ‪ .‬ﻳﻌﺘﻤﺪ ﻣﺼﻨﻒ ‪ LGBM‬ﻋﻠﻰ ﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ‬
‫ﺍﻹﻃﺎﺭ‪،‬ﺍﻟﺬﻱ ﻳﺘﻀﻤﻦ ﺗﺪﺭﻳﺒﺎً ﻣﺘﻜﺮﺭﺍً ﻟﻤﺠﻤﻮﻋﺔ ﻣﻦ ﺍﻟﻤﺘﻌﻠﻤﻴﻦ ﺍﻟﻀﻌﻔﺎء‪،‬‬
‫ﻋﺎﺩﺓﺃﺷﺠﺎﺭ ﺍﻟﻘﺮﺍﺭ‪ ،‬ﻟﺘﺼﺤﻴﺢ ﺍﻷﺧﻄﺎء ﺍﻟﺘﻲ ﺍﺭﺗﻜﺒﺘﻬﺎ ﺍﻟﺴﺎﺑﻘﺔ ﺑﺸﻜﻞ ﺗﺴﻠﺴﻠﻲ‬
‫ﻋﺎﺭﺿﺎﺕﺍﺯﻳﺎء‪ .‬ﻟﺪﻯ ‪ LightGBM‬ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﺘﺤﺴﻴﻨﺎﺕ ﺍﻟﻔﺮﻳﺪﺓ ﻟﺘﺤﺴﻴﻦ ﺍﻟﻤﺴﺘﻮﻯ ﺍﻟﻌﺎﻡ‬
‫ﻛﻔﺎءﺓﻭﻓﻌﺎﻟﻴﺔ ﻋﻤﻠﻴﺔ ﺍﻟﺘﻌﺰﻳﺰ‪ .‬ﻭﻳﺴﺘﺨﺪﻡ ﺍﻟﺮﺳﻢ ﺍﻟﺒﻴﺎﻧﻲ‪-‬‬
‫ﺍﻟﻨﻬﺞﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪ binning‬ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺴﺘﻤﺮﺓ‪ ،‬ﻣﻤﺎ ﻳﻘﻠﻞ ﺑﺸﻜﻞ ﻛﺒﻴﺮ‬
‫ﺑﺼﻤﺔﺍﻟﺬﺍﻛﺮﺓ ﻭﺗﺴﺮﻳﻊ ﻋﻤﻠﻴﺔ ﺍﻟﺘﺪﺭﻳﺐ ]‪ .[56‬ﺇﻧﻪ ﻳﺒﻨﻲ‬
‫ﺭﺳﻮﻡﺑﻴﺎﻧﻴﺔ ﻟﻜﻞ ﻣﻴﺰﺓ ﻭﺗﺴﺘﺨﺪﻡ ﻫﺬﻩ ﺍﻟﺮﺳﻮﻡ ﺍﻟﺒﻴﺎﻧﻴﺔ ﻟﻠﻌﺜﻮﺭ ﻋﻠﻰ ﺃﻓﻀﻞ ﺍﻻﻧﻘﺴﺎﻣﺎﺕ ﻟﻬﺎ‬
‫ﺑﻨﺎءﺃﺷﺠﺎﺭ ﺍﻟﻘﺮﺍﺭ ﺑﻜﻔﺎءﺓ‪.‬‬
‫‪-‬ﻣﺼﻨﻒ ‪CatBoosting‬‬
‫ﻫﻲﺗﻘﻨﻴﺔ ﻗﻮﻳﺔ ﻟﻠﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻣﺼﻤﻤﺔ ﺧﺼﻴﺼﺎً ﻟﺬﻟﻚ ‪CatBoost‬‬
‫ﻣﻬﺎﻡﺍﻟﺘﺼﻨﻴﻒ ]‪ .[57‬ﻳﺘﻌﻠﻖ ﺍﻷﻣﺮ ﺑﻔﺌﺔ ﺍﻟﻬﻴﺎﻛﻞ ﺍﻟﻤﻌﺰﺯﺓ ﺍﻟﻤﺘﺪﺭﺟﺔ‬
‫ﻭﻳﻮﻓﺮﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﺨﺼﺎﺋﺺ ﺍﻟﻔﺮﻳﺪﺓ ﺍﻟﺘﻲ ﺗﺤﺪﺙ ﻓﺮﻗﺎً ﻓﻴﻪ‬
‫ﺍﻟﻜﻔﺎءﺓﻭﺍﻟﻔﻌﺎﻟﻴﺔ‪ .‬ﺇﻧﻬﺎ ﺗﺴﺘﺨﺪﻡ ﺗﻘﻨﻴﺔ ﻓﺮﻳﺪﺓ ﺗﺠﻤﻊ ﺑﻴﻦ ﺍﻟﺘﺪﺭﺝ‪-‬‬
‫‪41‬‬
‫ﻳﻌﺘﻤﺪﻋﻠﻰ ﺍﻟﻔﺮﺯ ﺍﻟﻤﺴﺒﻖ‪ ،‬ﻭﺍﻟﺘﻌﺰﻳﺰ ﺍﻟﻤﻄﻠﻮﺏ‪ ،‬ﻭﺃﺷﺠﺎﺭ ﺍﻟﻘﺮﺍﺭ ﺍﻟﻤﺘﻤﺎﺛﻠﺔ‪ .‬ﻛﺎﺕ ﺑﻮﺳﺖ‬
‫ﻳﻤﻜﻦﺇﺩﺍﺭﺓ ﺍﻟﺨﺼﺎﺋﺺ ﺍﻟﻔﺌﻮﻳﺔ ﻣﻊ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ ﺍﻟﻌﻨﺎﺻﺮ ﺍﻷﺳﺎﺳﻴﺔ‪ ،‬ﻣﺜﻞ‬
‫ﺍﻟﻤﺘﻐﻴﺮﺍﺕﺫﺍﺕ ﺍﻟﻌﻼﻗﺔ ﺍﻟﻌﺎﻟﻴﺔ‪ .‬ﻳﻀﻤﻦ ‪ CatBoost‬ﺍﻻﺳﺘﻘﺮﺍﺭ ﺑﺸﻜﻞ ﻋﺸﻮﺍﺋﻲ‬
‫ﺍﻟﺠﻤﻊﺑﻴﻦ ﺗﺮﺗﻴﺐ ﻛﻞ ﻓﺌﺔ ﻃﻮﺍﻝ ﺍﻟﺘﺪﺭﻳﺐ‪ ،‬ﻭﻣﻨﻊ ﺍﻟﻨﻤﻮﺫﺝ‬
‫ﻣﻦﺍﻻﻋﺘﻤﺎﺩ ﺣﺼﺮﺍ ﻋﻠﻰ ﺗﺮﺗﻴﺐ ﺍﻟﻔﺌﺎﺕ ]‪ .[58‬ﻓﻀﻼ ًﻋﻦ ﺫﻟﻚ‪،‬‬
‫ﻳﺘﻀﻤﻦ‪ CatBoost‬ﺗﻘﻨﻴﺔ ﺑﻨﺎء ﻣﺘﻤﺎﺛﻞ ﻟﻸﺷﺠﺎﺭ ﺗﺄﺧﺬ‬
‫ﺍﻟﺨﺼﺎﺋﺺﺍﻹﺣﺼﺎﺋﻴﺔ ﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺑﻌﻴﻦ ﺍﻻﻋﺘﺒﺎﺭ‪.‬‬
‫‪3.3.5‬ﻣﻘﺎﻳﻴﺲ ﺍﻟﺘﻘﻴﻴﻢ‬
‫ﺑﻤﺠﺮﺩﺗﺪﺭﻳﺐ ﺍﻟﻨﻤﻮﺫﺝ‪ ،‬ﻳﺠﺐ ﺗﻘﻴﻴﻢ ﺃﺩﺍﺋﻪ‪ .‬ﻓﻲ ﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ‪ ،‬ﻧﻘﻮﻡ ﺑﺘﻘﻴﻴﻢ ﻓﻌﺎﻟﻴﺔ ﻧﻤﺎﺫﺝ ‪DL‬‬
‫ﺍﻟﻤﻘﺘﺮﺣﺔﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻤﺴﺔ ﻣﻘﺎﻳﻴﺲ ﺗﻘﻴﻴﻢ ﻣﻘﺒﻮﻟﺔ ﻋﻠﻰ ﻧﻄﺎﻕ ﻭﺍﺳﻊ‪ :‬ﺍﻟﺪﻗﺔ‪ ،‬ﻭﺍﻻﺳﺘﺪﻋﺎء‪،‬‬
‫ﻭﻭﻗﺖﺍﻟﺤﺴﺎﺏ‪ ،‬ﻭﺍﻟﺪﻗﺔ‪ ،‬ﻭﺩﺭﺟﺔ ‪.F1‬‬
‫ﺳﻴﺘﻢﺣﺴﺎﺏ ﻣﻘﺎﻳﻴﺲ ﺍﻟﺘﻘﻴﻴﻢ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻤﻌﺎﺩﻻﺕ ‪ ،4-1‬ﻭﺍﻟﺘﻲ‬
‫ﺇﻇﻬﺎﺭﺍﻟﺼﻴﻎ ﺫﺍﺕ ﺍﻟﺼﻠﺔ ﻟﻜﻞ ﻣﻦ ﻫﺬﻩ ﺍﻟﺘﺪﺍﺑﻴﺮ ﻋﻠﻰ ﺃﺳﺎﺱ ‪،TPR‬‬
‫ﻧﺘﺎﺋﺞ‪ TNR‬ﻭ‪ FPR‬ﻭ‪.FPR‬‬
‫ﺍﻟﻤﻌﺪﻝﺍﻹﻳﺠﺎﺑﻲ ﺍﻟﺤﻘﻴﻘﻲ )‪ :(TPR‬ﻧﺴﺒﺔ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﻤﻠﺤﻮﻇﺔ ﺇﻟﻰ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﻤﺘﻮﻗﻌﺔ‪.‬‬
‫ﺍﻟﻤﻌﺪﻝﺍﻹﻳﺠﺎﺑﻲ ﺍﻟﻜﺎﺫﺏ )‪ :(FPR‬ﻧﺴﺒﺔ ﺍﻟﻘﻴﻢ ﺍﻟﺴﻠﺒﻴﺔ ﺣﻘﺎً ﻭﻟﻜﻨﻬﺎ ﻛﺬﻟﻚ‬
‫ﻣﻦﺍﻟﻤﺘﻮﻗﻊ ﺃﻥ ﺗﻜﻮﻥ ﺇﻳﺠﺎﺑﻴﺔ‪.‬‬
‫‪42‬‬
‫ﺍﻟﻤﻌﺪﻝﺍﻟﺴﻠﺒﻲ ﺍﻟﻜﺎﺫﺏ )‪ :(FNR‬ﻗﻴﻢ ﺍﻟﻨﺴﺒﺔ ﺍﻟﺘﻲ ﻫﻲ ﻓﻲ ﺍﻟﻮﺍﻗﻊ ﺇﻳﺠﺎﺑﻴﺔ ﻭﻟﻜﻨﻬﺎ ﻣﺘﻮﻗﻌﺔ‬
‫ﺃﻥﺗﻜﻮﻥ ﺳﻠﺒﻴﺔ‪.‬‬
‫ﺍﻟﻤﻌﺪﻝﺍﻟﺴﻠﺒﻲ ﺍﻟﺤﻘﻴﻘﻲ )‪ :(TNR‬ﻗﻴﻢ ﺍﻟﻨﺴﺒﺔ ﺍﻟﺴﻠﺒﻴﺔ ﻭﺍﻟﻤﺘﻮﻗﻌﺔ‬
‫ﺗﺼﺒﺢﺳﻠﺒﻴﺔ‪.‬‬
‫‪ -‬ﺩﻗﺔﻫﻲ ﻗﺪﺭﺓ ﺍﻟﻨﻈﺎﻡ ﻋﻠﻰ ﺍﻟﻜﺸﻒ ﺍﻟﺪﻗﻴﻖ ﻋﻦ ﻭﺟﻮﺩ‬

‫ﻫﺠﻮﻡﺃﻭ ﺧﺮﻕ ﺃﻣﻨﻲ‪ .‬ﻭﻳﻮﺿﺢ ﺍﻟﻌﻼﻗﺔ ﺑﻴﻦ‬
‫ﺍﻟﻬﺠﻤﺎﺕﺍﻟﻤﺘﻮﻗﻌﺔ ﺑﺪﻗﺔ ﻭﺍﻟﻌﻮﺍﻗﺐ ﺍﻟﻔﻌﻠﻴﺔ‪.‬‬
‫)‪(1‬‬
‫ﻧﻈﺎﻡﺍﻟﺤﻤﺎﻳﺔ ﺍﻟﻤﺆﻗﺖ‬
‫ﺍﻟﺪﻗﺔ=‬
‫‪TPR + FPR‬‬
‫‪ -‬ﻳﺘﺬﻛﺮﻳﺸﻴﺮ ﺇﻟﻰ ﻗﺪﺭﺓ ﺍﻟﻨﻈﺎﻡ ﻋﻠﻰ ﺍﻟﺘﻌﺮﻑ ﺑﺸﻜﻞ ﺻﺤﻴﺢ ﻋﻠﻰ ﻫﺠﻮﻡ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ‬
‫ﻋﻨﺪﻣﺎﻳﺤﺪﺙ ﻋﻠﻰ ﺍﻟﺸﺒﻜﺔ‪.‬‬
‫)‪(2‬‬
‫ﻧﻈﺎﻡﺍﻟﺤﻤﺎﻳﺔ ﺍﻟﻤﺆﻗﺖ‬
‫ﺃﺫﻛﺮ=‬
‫‪TPR + FPR‬‬
‫‪ -‬ﻗﺪﺭﺓﺍﻟﻨﻈﺎﻡ ﻋﻠﻰ ﺗﺼﻨﻴﻒ ﺍﻟﺤﺰﻡ ﺍﻟﻬﺠﻮﻣﻴﺔ ﻭﻏﻴﺮ ﺍﻟﻬﺠﻮﻣﻴﺔ ﺑﺸﻜﻞ ﻓﻌﺎﻝ‬

‫ﺗﺘﻤﻴﺰﺑﺄﻧﻬﺎﺩﻗﺔ‪ .‬ﻭﻳﻤﺜﻞ ﺍﻟﻨﺴﺒﺔ ﺍﻟﻤﺌﻮﻳﺔ ﻟﻠﺪﻗﺔ‬
‫ﺍﻟﺘﻨﺒﺆﺍﺕﺍﻟﻤﺘﻌﻠﻘﺔ ﺑﺎﻟﻌﺪﺩ ﺍﻹﺟﻤﺎﻟﻲ ﻟﻠﻌﻴﻨﺎﺕ‪.‬‬
‫ﺗﻲﺇﻥ ﺁﺭ ‪ +‬ﺗﻲ ﺑﻲ ﺁﺭ‬

‫)‪(3‬‬ ‫ﺍﻟﺪﻗﺔ=‬
‫‪TPR + FNR + FPR + TNR‬‬
‫‪ -‬ﺍﻝﺩﺭﺟﺔ ‪F1‬ﻳﻤﺜﻞ ﻣﺘﻮﺳﻂ ﺍﻻﺳﺘﺪﻋﺎء ﻭﺍﻟﺪﻗﺔ‪ .‬ﺃﻧﻪ ﻳﻮﻓﺮ‬

‫ﻧﺴﺒﺔﻋﻴﻨﺎﺕ ﺍﻟﺘﺪﻓﻖ ﺍﻟﻄﺒﻴﻌﻲ ﻭﺍﻟﻬﺠﻮﻣﻲ ﺑﺪﻗﺔ‬
‫ﺍﻟﻤﺘﻮﻗﻌﺔﻓﻲ ﻋﻴﻨﺔ ﺍﻻﺧﺘﺒﺎﺭ‪.‬‬
‫ﺃﺫﻛﺮ× ﺍﻟﺪﻗﺔ‬
‫)‪(4‬‬ ‫× ﺍﻟﻨﺘﻴﺠﺔ = ‪F1 - 2‬‬
‫ﺍﻻﺳﺘﺪﻋﺎء‪ +‬ﺍﻟﺪﻗﺔ‬
‫‪ -‬ﺗﻌﻘﻴﺪﺍﻟﻮﻗﺖﻳﺸﻴﺮ ﺇﻟﻰ ﻣﺪﻯ ﺳﺮﻋﺔ ﺃﻭ ﺑﻂء ﺃﺩﺍء ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔ‬

‫ﻧﻔﺲﺍﻟﻌﻼﻗﺔ ﻣﻊ ﻛﻤﻴﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪.‬‬
‫‪43‬‬
‫ﻧﺘﺎﺋﺞ‬ ‫ﺍﻟﻔﺼﻞ‪:4‬‬
‫‪4.1‬ﺍﻹﻋﺪﺍﺩﺍﺕ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ‬
‫ﻹﺟﺮﺍءﺗﺠﺎﺭﺑﻨﺎ‪ ،‬ﺍﺳﺘﺨﺪﻣﻨﺎ ﻟﻐﺔ ﺍﻟﺒﺮﻣﺠﺔ ﺑﺎﻳﺜﻮﻥ‬
‫ﺑﺎﻹﺿﺎﻓﺔﺇﻟﻰ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺃﻃﺮ ﻭﺣﺰﻡ ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﻤﻌﺎﻳﻴﺮ‪.‬ﻭﺷﻤﻠﺖ ﻫﺬﻩ ﺍﻟﻤﻜﺘﺒﺎﺕ ‪ TensorFlow‬ﻭ ‪ keras‬ﺍﻟﺘﻲ ﺗﻢ ﺗﺸﻐﻴﻠﻬﺎ‬
‫ﻓﻲﺑﻴﺌﺔ ‪ .Google CoLab GPU‬ﻣﺘﺎﺑﻌﺔ ﻟﻤﺎ ﺗﻢ ﺗﻐﻄﻴﺘﻪ‬
‫ﻓﻲﺍﻟﺴﺎﺑﻖ‪ ،‬ﺃﻭﻝ ﻣﺎ ﻓﻌﻠﻨﺎﻩ ﻫﻮ ﺗﻄﺒﻴﻖ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ ﻭﺍﻟﻤﻴﺰﺍﺕ‬
‫ﺍﻷﺳﺎﻟﻴﺐﺍﻟﻬﻨﺪﺳﻴﺔ ﻟﻤﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .BOT-IoT‬ﺑﻌﺪ ﺫﻟﻚ‪ ،‬ﺗﺪﺭﺑﻨﺎ ﺑﻌﻤﻖ‬
‫ﻧﻤﺎﺫﺝﺍﻟﺘﻌﻠﻢ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻘﻄﺎﺭ ﻭﻣﺠﻤﻮﻋﺔ ﺍﻻﺧﺘﺒﺎﺭ‪ ،‬ﻗﻤﻨﺎ ﺃﺧﻴﺮﺍً ﺑﺘﻘﻴﻴﻢ ﺟﻤﻴﻊ ﻣﺎ ﺗﻌﻠﻤﻨﺎﻩ‬
‫ﻋﺎﺭﺿﺎﺕﺍﺯﻳﺎء‪.‬‬
‫ﻟﺘﻨﻔﻴﺬﺍﻟﺘﺠﺮﺑﺔ‪ ،‬ﺗﻢ ﺗﻘﺴﻴﻢ ﻗﺎﻋﺪﺓ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻓﻲ ﺍﻟﺒﺪﺍﻳﺔ ﺇﻟﻰ ﺛﻼﺛﺔ‬
‫ﺍﻷﺟﺰﺍء‪ %70:‬ﻟﻠﺘﺪﺭﻳﺐ‪ ،‬ﻭ‪ %20‬ﻟﻠﺘﻄﻮﻳﺮ‪ ،‬ﻭ‪ %10‬ﻟﻠﺘﻄﻮﻳﺮ‬
‫ﺍﺧﺘﺒﺎﺭﺍﺕ‪.‬‬
‫ﻗﻴﺎﺳﺎﺕﺍﻷﺩﺍء ﻣﺜﻞ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺍﻟﺪﻗﺔ ﻭ‪-F1‬‬
‫ﻳﺘﻢﺍﻹﺑﻼﻍ ﻋﻦ ﺍﻟﻨﺘﻴﺠﺔ ﻣﻦ ﺧﻼﻝ ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﻤﺘﻮﺳﻄﺔ ﺍﻟﻤﺮﺟﺤﺔ ﻭﺍﻟﻤﻘﺎﻳﻴﺲ ﺍﻷﺧﺮﻯ ﻣﺜﻞ‬
‫ﺣﺠﻢﺍﻟﻨﻤﻮﺫﺝ ﻭﺯﻣﻦ ﺍﻟﺤﺴﺎﺏ‪.‬‬
‫‪4.2‬ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ‬
‫ﻓﻲﻫﺬﺍ ﺍﻟﻘﺴﻢ‪ ،‬ﻧﻠﻘﻲ ﻧﻈﺮﺓ ﻋﺎﻣﺔ ﻋﻠﻰ ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ ﻟﺪﺭﺍﺳﺘﻨﺎ‪ ،‬ﻭﺍﻟﺘﻲ‬
‫ﻗﺎﻡﺑﺘﻘﻴﻴﻢ ﺃﺩﺍء ﻋﺸﺮﺓ ﻧﻤﺎﺫﺝ ﻣﻨﻔﺼﻠﺔ ﻟﺘﻌﻠﻢ ﺍﻵﻟﺔ ﻻﻛﺘﺸﺎﻑ ﺍﻟﺒﺮﺍﻣﺞ ﺍﻟﻀﺎﺭﺓ‪.‬‬
‫ﺗﺘﻜﻮﻥﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﻣﻦ ﻣﺼﻨﻔﻴﻦ ﻣﻨﻔﺮﺩﻳﻦ‪ ،‬ﻭﻣﺼﻨﻔﺎﺕ ﻣﺠﻤﻌﺔ‪ ،‬ﻭﺃﺭﺑﻌﺔ‬

‫‪44‬‬
‫ﺑﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪ .‬ﻭﻛﻤﺎ ﻫﻮ ﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺠﺪﻭﻟﻴﻦ ‪ 4.1‬ﻭ‪ ،4.2‬ﻓﺈﻧﻨﺎ ﻧﻘﺎﺭﻥ ﺃﻳﻀﺎً‬
‫ﻓﻌﺎﻟﻴﺔﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﻣﻊ ﻭﺑﺪﻭﻥ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﻝ‬
‫ﺇﺩﺍﺭﺓﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ‪.‬‬
‫‪4.2.1‬ﺍﻟﺘﺠﺎﺭﺏ ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.SMOTE‬‬
‫ﺗﻜﺸﻒﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻟﻨﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،BoT IoT‬ﺍﻟﻮﺍﺭﺩﺓ ﻓﻲ‬
‫ﺍﻟﺠﺪﻭﻝ‪ ،4.1‬ﻋﻦ ﻣﺴﺘﻮﻳﺎﺕ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻷﺩﺍء ﻣﻦ ﺣﻴﺚ ﺍﻟﺪﻗﺔ ﻭﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺔ‬
‫‪ .F1‬ﻭﻣﻦ ﺍﻟﻤﻬﻢ ﻣﻼﺣﻈﺔ ﺃﻧﻪ ﺗﻢ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﻫﺬﻩ ﺍﻟﻨﺘﺎﺋﺞ ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ‬
‫‪.SMOTE‬‬
‫ﻭﻣﻦﺍﻟﻨﺘﺎﺋﺞ ﻟﻮﺣﻆ ﺃﻥ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻭﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ ﻭ‪KNN‬‬
‫ﺣﻘﻘﺖﺃﺩﺍء ًﺗﻨﺎﻓﺴﻴﺎً ﻣﻦ ﺣﻴﺚ ﺍﻟﺪﻗﺔ ﻭﺍﻹﺣﻜﺎﻡ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭ‬
‫ﺩﺭﺟﺔ‪ .F1‬ﻛﺎﻧﺖ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﻗﺎﺩﺭﺓ ﻋﻠﻰ ﺗﺼﻨﻴﻒ ﺍﻟﺤﺎﻻﺕ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺑﺸﻜﻞ ﻓﻌﺎﻝ‬
‫ﺩﻭﻥﺍﻟﺤﺎﺟﺔ ﺇﻟﻰ ﺗﻘﻨﻴﺎﺕ ﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﺍﻟﻌﻴﻨﺎﺕ‪ .‬ﻭﺍﻟﺠﺪﻳﺮ ﺑﺎﻟﺬﻛﺮ ﺃﻥ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ‬
‫ﺣﻘﻘﺖﺃﻋﻠﻰ ﺩﻗﺔ ﺑﻠﻐﺖ ‪ ،%95.183‬ﺗﻠﻴﻬﺎ ﻣﺒﺎﺷﺮﺓ ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ ﻣﻊ‬
‫ﺩﻗﺔ‪ .%96.741‬ﺃﻇﻬﺮﺕ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﺃﻳﻀﺎً ﺩﻗﺔ ﻋﺎﻟﻴﺔ ﻭ‪-F1‬‬
‫ﺍﻟﻨﺘﻴﺠﺔ‪،‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﻗﺪﺭﺗﻬﻢ ﻋﻠﻰ ﺗﺼﻨﻴﻒ ﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺑﺸﻜﻞ ﺻﺤﻴﺢ ﻭﺗﺤﻘﻴﻘﻬﺎ‬
‫ﺍﻟﺘﻮﺍﺯﻥﺑﻴﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺬﻛﺎﺭ‪.‬‬
‫ﻳﻌﺮﺽﺍﻟﺠﺪﻭﻝ ‪ 4.1‬ﻧﺘﺎﺋﺞ ﺃﺩﺍء ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﻤﺨﺘﻠﻒ‬
‫ﻧﻤﺎﺫﺝﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺗﻘﻨﻴﺔ ‪ SMOTE oversampling‬ﻋﻠﻰ ‪BoT-IoT‬‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﻟﻠﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫‪45‬‬
‫ﺍﻟﺠﺪﻭﻝ‪1-4‬ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ‪SMOTE‬‬
‫ﺣﺠﻢﺍﻟﻨﻤﻮﺫﺝ‬
‫ﻭﻗﺖﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ‬ ‫ﺩﺭﺟﺔ‪F1‬‬ ‫ﻳﺘﺬﻛﺮ‬ ‫ﺩﻗﺔ‬ ‫ﺩﻗﺔ‬ ‫ﻗﻴﺎﺱ‬
‫)ﻣﻴﺠﺎﺑﺎﻳﺖ(‬
‫ﻋﺸﻮﺍﺋﻲ‬
‫‪23.6‬‬ ‫‪21.6‬ﺛﺎﻧﻴﺔ‬ ‫‪0.94027‬‬ ‫‪0.92837‬‬ ‫‪0.95380‬‬ ‫‪0.95183‬‬
‫ﻏﺎﺑﺔ‬
‫‪598.7‬‬ ‫‪47.6‬ﺛﺎﻧﻴﺔ‬ ‫‪0.95821‬‬ ‫‪0.95169‬‬ ‫‪0.96524‬‬ ‫‪0.96741‬‬ ‫ﺃﺷﺠﺎﺭﺍﺿﺎﻓﻴﺔ‬
‫‪13.6‬‬ ‫‪3.29‬ﺛﺎﻧﻴﺔ‬ ‫‪0.89469‬‬ ‫‪0.88692‬‬ ‫‪0.90361‬‬ ‫‪0.90834‬‬ ‫ﻛﻲﺇﻥ ﺇﻥ‬
‫‪12.2‬‬ ‫‪21‬ﺩﻗﻴﻘﺔ ﻭ‪ 50‬ﺛﺎﻧﻴﺔ‬ ‫‪0.36952‬‬ ‫‪0.35984‬‬ ‫‪0.62795‬‬ ‫‪0.61205‬‬ ‫‪SVM‬‬
‫‪1.2‬‬ ‫‪13.4‬ﺛﺎﻧﻴﺔ‬ ‫‪0.73206‬‬ ‫‪0.73323‬‬ ‫‪0.74878‬‬ ‫‪0.95602‬‬ ‫‪HistGBoost‬‬
‫‪0.31‬‬ ‫‪1‬ﺩﻗﻴﻘﺔ ﻭ ‪ 19‬ﺛﺎﻧﻴﺔ‬ ‫‪0.08256‬‬ ‫‪0.34815‬‬ ‫‪0.45516‬‬ ‫‪0.12109‬‬ ‫‪adaBoost‬‬
‫‪1.8‬‬ ‫‪36.1‬ﺛﺎﻧﻴﺔ‬ ‫‪0.46900‬‬ ‫‪0.47388‬‬ ‫‪0.46649‬‬ ‫‪0.93230‬‬ ‫‪LGBM‬‬
‫‪3.5‬‬ ‫‪2‬ﺩﻗﻴﻘﺔ ﻭ ‪ 55‬ﺛﺎﻧﻴﺔ‬ ‫‪0.96459‬‬ ‫‪0.96075‬‬ ‫‪0.96857‬‬ ‫‪0.98193‬‬ ‫ﻛﺎﺕﺑﻮﺳﺖ‬
‫‪1.1‬‬ ‫‪2‬ﺩﻗﻴﻘﺔ ﻭ ‪ 43‬ﺛﺎﻧﻴﺔ‬ ‫‪0.97269‬‬ ‫‪0.96537‬‬ ‫‪0.98057‬‬ ‫‪0.98521‬‬ ‫‪XGBoost‬‬
‫‪0.005‬‬ ‫‪31.5‬ﺛﺎﻧﻴﺔ‬ ‫‪0.28504‬‬ ‫‪0.29416‬‬ ‫‪0.30309‬‬ ‫‪0.75394‬‬ ‫‪MLP‬‬
‫‪0.027‬‬ ‫‪13‬ﺩﻗﻴﻘﺔ ﻭ ‪ 48‬ﺛﺎﻧﻴﺔ‬ ‫‪0.37012‬‬ ‫‪0.47888‬‬ ‫‪0.33084‬‬ ‫‪0.83078‬‬ ‫ﺁﻥ‬
‫‪7.7‬‬ ‫‪10‬ﺩﻗﺎﺋﻖ ﻭ ‪ 10‬ﺛﻮﺍﻧﻲ‬ ‫‪0.36822‬‬ ‫‪0.34762‬‬ ‫‪0.48869‬‬ ‫‪0.77028‬‬ ‫‪LSTM‬‬
‫‪7.7‬‬ ‫‪11‬ﺩﻗﻴﻘﺔ ‪ 1‬ﺛﺎﻧﻴﺔ‬ ‫‪0.49015‬‬ ‫‪0.45170‬‬ ‫‪0.60580‬‬ ‫‪0.85359‬‬ ‫‪GRU‬‬
‫‪1.6‬‬ ‫‪10‬ﺩﻗﺎﺋﻖ ﻭ‪ 50‬ﺛﺎﻧﻴﺔ‬ ‫‪0.80131‬‬ ‫‪0.76312‬‬ ‫‪0.91886‬‬ ‫‪0.86819‬‬ ‫‪RNN‬‬
‫‪240.5‬‬ ‫‪2‬ﺩﻗﻴﻘﺔ ﻭ ‪ 54‬ﺛﺎﻧﻴﺔ‬ ‫‪0.92382‬‬ ‫‪0.91595‬‬ ‫‪0.93241‬‬ ‫‪0.93978‬‬ ‫ﺍﻟﺘﻌﺒﺌﺔ‬
‫ﻣﻦﻧﺎﺣﻴﺔ ﺃﺧﺮﻯ‪ ،‬ﺃﻇﻬﺮﺕ ﻧﻤﺎﺫﺝ ﻣﺜﻞ ‪ SVM‬ﻭ‪ AdaBoost‬ﺍﻧﺨﻔﺎﺿﺎً‬
‫ﺍﻷﺩﺍءﻣﻘﺎﺭﻧﺔ ﺑﻨﻤﺎﺫﺝ ﺍﻟﻤﺠﻤﻮﻋﺔ‪ .‬ﺃﻇﻬﺮ ‪ SVM‬ﺃﻗﻞ ﻧﺴﺒﻴﺎً‬
‫‪46‬‬
‫ﺍﻟﺪﻗﺔﻭﺩﺭﺟﺔ ‪ ،F1‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺍﻟﺘﺤﺪﻳﺎﺕ ﻓﻲ ﺍﻟﺘﻌﺎﻣﻞ ﺑﻔﻌﺎﻟﻴﺔ ﻣﻊ‬
‫ﺍﻟﻄﺒﻴﻌﺔﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ ﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ‪ ،AdaBoost .‬ﻣﻊ ﺩﻗﺔ ﻣﻨﺨﻔﻀﺔ‬
‫‪ ،12.11%‬ﺣﻘﻘﻮﺍ ﺩﻗﺔ ﺃﻋﻠﻰ ﻣﻘﺎﺭﻧﺔ ﺑﺎﻟﻤﻘﺎﻳﻴﺲ ﺍﻷﺧﺮﻯ‪ ،‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺍﻟﺘﺤﻴﺰ‬
‫ﻧﺤﻮﺗﺼﻨﻴﻒ ﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺑﺸﻜﻞ ﺻﺤﻴﺢ‪.‬‬
‫ﺍﺧﺘﻠﻒﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ﻋﺒﺮ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻟﻤﺨﺘﻠﻔﺔ‪ ،‬ﻣﻊ ﻭﺟﻮﺩ ﺃﺷﺠﺎﺭ ﺇﺿﺎﻓﻴﺔ‬
‫ﺃﻛﺒﺮﺣﺠﻢ ﻟﻠﻨﻤﻮﺫﺝ ﻫﻮ ‪ 598.7‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪ ،‬ﻳﻠﻴﻪ ‪ SVM‬ﺑـ ‪ 12.2‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪ .‬ﻓﻲ ﺃﺛﻨﺎء‪،‬‬
‫ﻛﺎﻧﺖﺍﻟﻨﻤﺎﺫﺝ ﻣﺜﻞ ‪ AdaBoost‬ﻭ‪ HistGBoost‬ﺫﺍﺕ ﺃﺣﺠﺎﻡ ﻧﻤﺎﺫﺝ ﺃﺻﻐﺮ ﺑﻜﺜﻴﺮ‪.‬‬
‫ﺑﺸﻜﻞﻋﺎﻡ‪ ،‬ﺗﺸﻴﺮ ﺍﻟﻨﺘﺎﺋﺞ ﺇﻟﻰ ﺃﻥ ﺑﻌﺾ ﺍﻟﻨﻤﺎﺫﺝ‪ ،‬ﻭﺧﺎﺻﺔ ‪ Random Forest‬ﻭ‬
‫ﺗﻢﺃﺩﺍء ﺍﻷﺷﺠﺎﺭ ﺍﻹﺿﺎﻓﻴﺔ ﺑﺸﻜﻞ ﺟﻴﺪ ﺩﻭﻥ ﺍﻟﺤﺎﺟﺔ ﺇﻟﻰ ﺃﺧﺬ ﻋﻴﻨﺎﺕ ﺯﺍﺋﺪﺓ ﻣﻦ ‪ .SMOTE‬ﻫﺆﻻء‬
‫ﺗﻤﻜﻨﺖﺍﻟﻨﻤﺎﺫﺝ ﻣﻦ ﺍﻟﺘﻘﺎﻁ ﺍﻷﻧﻤﺎﻁ ﺍﻷﺳﺎﺳﻴﺔ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺑﺸﻜﻞ ﻓﻌﺎﻝ‬
‫ﻭﺗﺤﻘﻴﻖﺃﺩﺍء ﺗﺼﻨﻴﻒ ﻣﺮﺿﻲ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﺃﺑﻌﺪ ﻣﻦ ﺫﻟﻚ‬
‫ﻗﺪﺗﻜﻮﻥ ﻫﻨﺎﻙ ﺣﺎﺟﺔ ﺇﻟﻰ ﺍﻟﺘﺤﻘﻴﻖ ﻭﺍﻟﺘﺠﺮﻳﺐ ﻟﻔﻬﻢ ﺗﺄﺛﻴﺮ‬
‫ﺧﺼﺎﺋﺺﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻭﺍﻟﻤﺘﻄﻠﺒﺎﺕ ﺍﻟﻤﺤﺪﺩﺓ ﻟﻤﺠﺎﻝ ﺍﻟﻤﺸﻜﻠﺔ‬
‫ﻋﻠﻰﺃﺩﺍء ﺍﻟﻨﻤﻮﺫﺝ‪.‬‬
‫ﺗﻢﺗﻘﻴﻴﻢ ﺟﻤﻴﻊ ﺍﻟﻨﻤﺎﺫﺝ ﺑﻨﺎء ًﻋﻠﻰ ﺩﻗﺘﻬﺎ ﻭﺇﺣﻜﺎﻣﻬﺎ ﻭﺍﺳﺘﺮﺟﺎﻋﻬﺎ ﻭ‪-F1‬‬
‫ﺍﻟﻨﺘﻴﺠﺔﻛﻤﺎ ﻫﻮ ﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺸﻜﻞ ‪.4.1‬‬
‫‪47‬‬
‫ﺍﻟﺸﻜﻞ‪:4.1‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ‪ ML‬ﺍﻟﻤﻘﺘﺮﺣﺔ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT IoT‬ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪.SMOTE‬‬
‫ﻧﺘﺎﺋﺞﺍﻷﺩﺍء ﻟﻨﻤﺎﺫﺝ ‪ DL‬ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،BoT IoT‬ﺍﻟﻤﻘﺪﻣﺔ ﻓﻲ‬
‫ﻳﻮﺿﺢﺍﻟﺸﻜﻞ ‪ 4.2‬ﻣﺴﺘﻮﻳﺎﺕ ﻣﺨﺘﻠﻔﺔ ﻣﻦ ﺍﻷﺩﺍء ﻣﻦ ﺣﻴﺚ ﺍﻟﺪﻗﺔ ﻭﺍﻹﺣﻜﺎﻡ ﻭﺍﻟﺪﻗﺔ‬
‫ﺍﻻﺳﺘﺪﻋﺎءﻭﺩﺭﺟﺔ ‪ .F1‬ﻭﻣﻦ ﺍﻟﻤﻬﻢ ﺍﻹﺷﺎﺭﺓ ﺇﻟﻰ ﺃﻧﻬﺎ ﺣﺼﻠﺖ ﻋﻠﻰ ﻫﺬﻩ ﺍﻟﻨﺘﺎﺋﺞ ﺩﻭﻥ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺧﻮﺍﺭﺯﻣﻴﺔ ‪.SMOTE‬‬
‫‪48‬‬
‫ﺍﻟﺸﻜﻞ‪4.2‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻘﺘﺮﺣﺔ ﺩﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ‪SMOTE‬‬
‫ﻣﻦﺑﻴﻦ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪ ،‬ﺃﻇﻬﺮﺕ ‪ MLP‬ﺃﺩﻧﻰ ﺃﺩﺍء‬
‫ﻋﺒﺮﺟﻤﻴﻊ ﺍﻟﻤﻘﺎﻳﻴﺲ‪ .‬ﻭﺣﻘﻘﺖ ﺩﻗﺔ ﻗﺪﺭﻫﺎ ‪ 0.75‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺃﻧﻬﺎ ﺻﺤﻴﺤﺔ‬
‫ﺗﺼﻨﻴﻒﻣﺎ ﻳﻘﺮﺏ ﻣﻦ ‪ ٪ 75‬ﻣﻦ ﺍﻟﺤﺎﻻﺕ‪ .‬ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺔ ‪F1‬‬
‫ﻭﻛﺎﻧﺖﺃﻳﻀﺎً ﻣﻨﺨﻔﻀﺔ ﻧﺴﺒﻴﺎً ﻋﻨﺪ ‪ 0.3‬ﻭ‪ 0.29‬ﻭ‪ 0.29‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﻫﺬﻩ ﺍﻟﻤﻘﺎﻳﻴﺲ‬
‫ﺗﺸﻴﺮﺇﻟﻰ ﺃﻥ ﻧﻤﻮﺫﺝ ‪ MLP‬ﻭﺍﺟﻪ ﺻﻌﻮﺑﺎﺕ ﻓﻲ ﺍﻟﻜﺸﻒ ﺑﺪﻗﺔ ﻋﻦ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪،‬‬
‫ﻣﻊﻋﺪﺩ ﻛﺒﻴﺮ ﻣﻦ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﻜﺎﺫﺑﺔ ﻭﺍﻟﺴﻠﺒﻴﺎﺕ ﺍﻟﻜﺎﺫﺑﺔ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ‪،‬‬
‫ﻳﺸﻴﺮﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﺼﻐﻴﺮ ﻧﺴﺒﻴﺎً ﺍﻟﺒﺎﻟﻎ ‪ 0.005‬ﻣﻴﺠﺎﺑﺎﻳﺖ ﺇﻟﻰ ﺃﻥ ‪ MLP‬ﺧﻔﻴﻒ ﺍﻟﻮﺯﻥ‬
‫ﻧﻤﻮﺫﺝ‪.‬‬
‫ﻛﺎﻥﺃﺩﺍء ﻧﻤﻮﺫﺝ ‪ ANN‬ﺃﻓﻀﻞ ﻧﺴﺒﻴﺎً ﻣﻦ ﻧﻤﻮﺫﺝ ‪ ،MLP‬ﺑﺪﻗﺔ ﻗﺪﺭﻫﺎ‬
‫‪.0.831‬ﻟﻘﺪ ﺃﻇﻬﺮﺕ ﺩﻗﺔ ﻣﺤﺴﻨﺔ ﻗﺪﺭﻫﺎ ‪ 0.33‬ﻭﺍﺳﺘﺪﻋﺎء ﻗﺪﺭﻩ ‪ ،0.48‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺃ‬
‫ﺗﻮﺍﺯﻥﺃﻓﻀﻞ ﺑﻴﻦ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﺤﻘﻴﻘﻴﺔ ﻭﺍﻟﺴﻠﺒﻴﺎﺕ ﺍﻟﻜﺎﺫﺑﺔ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪-F1 ،‬‬
‫ﺗﺸﻴﺮﺩﺭﺟﺔ ‪ 0.37‬ﺇﻟﻰ ﻗﺪﺭﺓ ﺍﻟﻨﻤﻮﺫﺝ ﻋﻠﻰ ﺗﺤﻘﻴﻖ ﺍﻟﺘﻮﺍﺯﻥ ﺑﻴﻦ‬
‫‪49‬‬
‫ﺍﻟﺪﻗﺔﻭﺍﻟﺘﺬﻛﺮ ﻻ ﺗﺰﺍﻝ ﻣﺤﺪﻭﺩﺓ‪ .‬ﻋﻠﻰ ﺍﻟﺮﻏﻢ ﻣﻦ ﺃﻥ ﻭﻗﺖ ﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﺃﻃﻮﻝ ﻭﻫﻮ ‪ 13‬ﺩﻗﻴﻘﺔ‬
‫ﻭ‪48‬ﺛﺎﻧﻴﺔ‪ ،‬ﺣﺎﻓﻆ ﻧﻤﻮﺫﺝ ‪ ANN‬ﻋﻠﻰ ﺣﺠﻢ ﻧﻤﻮﺫﺝ ﺻﻐﻴﺮ ﻳﺒﻠﻎ ‪ 0.027‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﻭﺑﺎﻻﻧﺘﻘﺎﻝﺇﻟﻰ ﻃﺮﺍﺯﻱ ‪ LSTM‬ﻭ‪ ،GRU‬ﻓﻘﺪ ﺣﻘﻘﻮﺍ ﻧﺘﺎﺋﺞ ﻣﻤﺎﺛﻠﺔ‬
‫ﻣﺴﺘﻮﻳﺎﺕﺍﻷﺩﺍء‪ .‬ﺣﻘﻖ ﻧﻤﻮﺫﺝ ‪ LSTM‬ﺩﻗﺔ ﻗﺪﺭﻫﺎ ‪ ،0.77‬ﻓﻲ ﺣﻴﻦ ﺣﻘﻖ ﻧﻤﻮﺫﺝ‬
‫ﺣﻘﻖﻧﻤﻮﺫﺝ ‪ GRU‬ﺩﻗﺔ ﺃﻋﻠﻰ ﻗﺪﺭﻫﺎ ‪ .0.85‬ﺃﻇﻬﺮ ﻛﻼ ﺍﻟﻨﻤﻮﺫﺟﻴﻦ‬
‫ﺗﺤﺴﻴﻨﺎﺕﻓﻲ ﺍﻟﺪﻗﺔ ﻣﻘﺎﺭﻧﺔ ﺑـ ‪ MLP‬ﻭ‪ ،ANN‬ﺑﻘﻴﻢ ‪ 0.49‬ﻭ‬
‫‪0.61‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﻗﻴﻢ ﺍﻻﺳﺘﺪﻋﺎء ﻟﻜﻼ ﺍﻟﻄﺮﺍﺯﻳﻦ ﺗﺒﻠﻎ ‪ 0.35‬ﻟـ ‪LSTM‬‬
‫ﻭ‪ 0.45‬ﻟـ ‪ ،GRU‬ﻛﺎﻧﺖ ﺃﻗﻞ ﻧﺴﺒﻴﺎً‪ .‬ﻛﺎﻧﺖ ﻧﺘﻴﺠﺔ ‪ F1‬ﻟـ ‪ LSTM‬ﻭ ‪GRU‬‬
‫‪0.37‬ﻭ ‪ 0.49‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ ،‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﺗﻮﺍﺯﻥ ﻣﻌﺘﺪﻝ ﺑﻴﻦ ﺍﻟﺪﻗﺔ ﻭ‬
‫ﻳﺘﺬﻛﺮ‪.‬ﻳﺘﻤﺘﻊ ﻛﻼ ﺍﻟﻄﺮﺍﺯﻳﻦ ‪ LSTM‬ﻭ‪ GRU‬ﺑﺄﻭﻗﺎﺕ ﺃﻃﻮﻝ ﻟﻮﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﻣﻘﺎﺭﻧﺔ ﺑـ ‪MLP‬‬
‫ﻭﻧﻤﺎﺫﺝ‪ ،ANN‬ﺑﻤﺪﺓ ‪ 10‬ﺩﻗﺎﺋﻖ ﻭ‪ 10‬ﺛﻮﺍﻥ ٍﻟـ ‪ LSTM‬ﻭ‪11‬‬
‫ﺩﻗﻴﻘﺔﻭﺛﺎﻧﻴﺔ ﻭﺍﺣﺪﺓ ﻟـ ‪ .GRU‬ﻛﺎﻥ ﻟﻜﻼ ﺍﻟﻄﺮﺍﺯﻳﻦ ﺣﺠﻢ ﻧﻤﻮﺫﺝ ﺃﻛﺒﺮ ﻳﺒﻠﻎ ‪ 7.7‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﻭﺃﺧﻴﺮﺍً‪،‬ﺃﻇﻬﺮ ﻧﻤﻮﺫﺝ ‪ RNN‬ﺃﻋﻠﻰ ﺩﻗﺔ ﺑﻴﻦ ﺟﻤﻴﻊ ﺍﻷﻋﻤﺎﻕ‬
‫ﻧﻤﺎﺫﺝﺍﻟﺘﻌﻠﻢ ﺑﻘﻴﻤﺔ ‪ .0.86819‬ﻭﺣﻘﻘﺖ ﺃﻋﻠﻰ ﺑﻜﺜﻴﺮ‬
‫ﺩﻗﺔﺗﺒﻠﻎ ‪ ،0.92‬ﻣﻤﺎ ﻳﻈُﻬﺮ ﻗﺪﺭﺓ ﻗﻮﻳﺔ ﻋﻠﻰ ﺗﺼﻨﻴﻒ ﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺑﺸﻜﻞ ﺻﺤﻴﺢ‪.‬‬
‫ﻗﻴﻤﺔﺍﻻﺳﺘﺪﻋﺎء ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.76‬ﻭﺩﺭﺟﺔ ‪ F1‬ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.80‬ﺗﺪﻋﻤﺎﻥ ﺍﻟﻨﻤﻮﺫﺝ ﺑﺸﻜﻞ ﺃﻛﺒﺮ‬
‫ﺍﻟﻔﻌﺎﻟﻴﺔﻓﻲ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﺤﻘﻴﻘﻴﺔ ﻭﺗﺤﻘﻴﻖ ﺍﻟﺘﻮﺍﺯﻥ ﺍﻟﺠﻴﺪ ﺑﻴﻨﻬﺎ‬
‫ﺍﻟﺪﻗﺔﻭﺍﻟﺘﺬﻛﻴﺮ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻛﺎﻥ ﻟﻨﻤﻮﺫﺝ ‪ RNN‬ﻭﻗﺖ ﺃﻃﻮﻝ ﻟﻮﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﻳﺒﻠﻎ ‪10‬‬
‫ﺩﻗﻴﻘﺔﻭ ‪ 50‬ﺛﺎﻧﻴﺔ‪ ،‬ﻭﺣﺠﻢ ﻧﻤﻮﺫﺝ ﺃﻛﺒﺮ ﻳﺒﻠﻎ ‪ 1.6‬ﻣﻴﺠﺎﺑﺎﻳﺖ ﻣﻘﺎﺭﻧﺔ ﺑـ ‪MLP‬‬
‫ﻭﺁﻥ‪.‬‬
‫‪50‬‬
‫ﻓﻲﺧﺘﺎﻡ ﻫﺬﺍ ﺍﻟﻘﺴﻢ ﺍﻟﻔﺮﻋﻲ‪ ،‬ﻗﺪﻣﺖ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﺘﻔﺎﻭﺗﺔ‬
‫ﻣﺴﺘﻮﻳﺎﺕﺍﻷﺩﺍء ﻓﻲ ﺍﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪BoT IoT‬‬
‫ﺩﻭﻥﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ .SMOTE‬ﺑﻴﻨﻤﺎ ﺃﻇﻬﺮ ‪ MLP‬ﻭ‪ ANN‬ﻧﺴﺒﻴﺎً‬
‫ﺃﺩﺍءﺃﻗﻞ‪ ،‬ﺃﻇﻬﺮﺕ ‪ LSTM‬ﻭ‪ GRU‬ﻭ‪ RNN‬ﺩﻗﺔ ﻣﺤﺴﻨﺔ‪،‬‬
‫ﺍﻟﺪﻗﺔﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺔ ‪ .F1‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﻤﻦ ﺍﻟﻤﻬﻢ ﺍﻟﻨﻈﺮ ﻓﻲ ﻓﺘﺮﺓ ﺃﻃﻮﻝ‬
‫ﺃﻭﻗﺎﺕﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﻭﺃﺣﺠﺎﻡ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻷﻛﺒﺮ ﺍﻟﻤﺮﺗﺒﻄﺔ ﺑﻬﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ‪ .‬ﺍﻟﺘﺎﻟﻲ‬
‫ﺗﺮﻛﺰﺍﻟﺘﺠﺎﺭﺏ ﻋﻠﻰ ﺗﺤﺴﻴﻦ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻫﺬﻩ ﻟﺘﻌﺰﻳﺰ ﻗﺪﺭﺍﺗﻬﺎ‬
‫ﺍﻷﺩﺍءﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ Smote‬ﻟﻠﺘﻐﻠﺐ ﻋﻠﻰ ﺗﺤﺪﻳﺎﺕ ﻋﺪﻡ ﺍﻟﺘﻮﺍﺯﻥ‬
‫ﻣﻊﺗﺨﻔﻴﻒ ﺍﻟﻤﺘﻄﻠﺒﺎﺕ ﺍﻟﺤﺴﺎﺑﻴﺔ ﻭﺍﻟﺬﺍﻛﺮﺓ‪.‬‬
‫‪4.2.2‬ﺍﻟﺘﺠﺎﺭﺏ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.SMOTE‬‬
‫ﻳﺘﻢﻋﺮﺽ ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻻﻛﺘﺸﺎﻑ ﻋﻤﻠﻴﺎﺕ ﺍﻟﺘﻄﻔﻞ ﻋﻠﻰ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪ SMOTE‬ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT-IoT‬ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ .4.2‬ﻳﻮﻓﺮ ﺍﻟﺠﺪﻭﻝ ﻣﺮﺍﺟﻌﺔ‬
‫ﺷﺎﻣﻠﺔﻟﻠﻌﺪﻳﺪ ﻣﻦ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺑﻨﺎء ًﻋﻠﻰ ﺩﻗﺘﻬﺎ ﻭﺍﺳﺘﺪﻋﺎﺋﻬﺎ ﻭﺩﺭﺟﺔ ‪ F1‬ﻭﻭﻗﺖ ﻭﺣﺪﺓ‬
‫ﺍﻟﻤﻌﺎﻟﺠﺔﺍﻟﻤﺮﻛﺰﻳﺔ ﻭﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ‪ .‬ﺗﻌﺪ ﻫﺬﻩ ﺍﻟﻤﻘﺎﻳﻴﺲ ﺿﺮﻭﺭﻳﺔ ﻟﺘﻘﻴﻴﻢ ﻓﻌﺎﻟﻴﺔ ﻭﻛﻔﺎءﺓ‬
‫ﻧﻤﺎﺫﺝﺍﻛﺘﺸﺎﻑ ﺍﻟﻬﺠﻤﺎﺕ ﻋﻠﻰ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪.4.3‬‬
‫ﺣﺼﻞﺍﻟﻄﺮﺍﺯ ‪ ،CatBoost‬ﻭﻫﻮ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻷﻭﻝ ﺍﻟﻤﺪﺭﺝ ﻓﻲ ﺍﻟﺠﺪﻭﻝ‪ ،‬ﻋﻠﻰ ﺩﻗﺔ ﺗﺒﻠﻎ ‪ .%97.661‬ﻫﻮ ‪ -‬ﻫﻲ‬
‫ﺃﻇﻬﺮﺕﺩﻗﺔ ﻋﺎﻟﻴﺔ ‪ ،0.91243‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺍﻧﺨﻔﺎﺽ ﻣﻌﺪﻝ ﺍﻹﻳﺠﺎﺑﻴﺎﺕ ﺍﻟﻜﺎﺫﺑﺔ‪ ،‬ﻭ‬
‫ﺍﺭﺗﻔﺎﻉﺍﻻﺳﺘﺪﻋﺎء ‪ 0.9815‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺍﻧﺨﻔﺎﺽ ﻣﻌﺪﻝ ﺍﻟﺴﻠﺒﻴﺎﺕ ﺍﻟﻜﺎﺫﺑﺔ‪ .‬ﺩﺭﺟﺔ ‪F1‬‬
‫‪51‬‬
‫ﻳﻮﺿﺢ‪ 0.94369‬ﺍﻟﺘﻮﺍﺯﻥ ﺑﻴﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء‪ .‬ﺍﻟﻤﻮﺩﻳﻞ‬
‫ﺍﺳﺘﻐﺮﻕﺍﻟﺘﺪﺭﻳﺐ ‪ 7‬ﺩﻗﺎﺋﻖ ﻭ‪ 43‬ﺛﺎﻧﻴﺔ ﻣﻦ ﻭﻗﺖ ﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﻭﻛﺎﻥ ﺣﺠﻤﻪ ‪ 3.48‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﺍﻟﺠﺪﻭﻝ‪2-4‬ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﻟﻠﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ ‪SMOTE‬‬

‫ﺧﻮﺍﺭﺯﻣﻴﺔﻣﻦ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪.BoT-IoT‬‬
‫ﺣﺠﻢﺍﻟﻨﻤﻮﺫﺝ‬
‫ﻭﻗﺖﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ‬ ‫ﺩﺭﺟﺔ‪F1‬‬ ‫ﻳﺘﺬﻛﺮ‬ ‫ﺩﻗﺔ‬ ‫ﺩﻗﺔ‬ ‫ﻗﻴﺎﺱ‬
‫)ﻣﻴﺠﺎﺑﺎﻳﺖ(‬
‫‪3.48‬‬ ‫‪7‬ﺩﻗﺎﺋﻖ ﻭ ‪ 43‬ﺛﺎﻧﻴﺔ‬ ‫‪0.94369‬‬ ‫‪0.9815‬‬ ‫‪0.91249‬‬ ‫‪0.97661‬‬ ‫ﻛﺎﺕﺑﻮﺳﺖ‬
‫‪1.22‬‬ ‫‪7‬ﺩﻗﺎﺋﻖ ﻭ ‪ 53‬ﺛﺎﻧﻴﺔ‬ ‫‪0.96383‬‬ ‫‪0.98084‬‬ ‫‪0.94868‬‬ ‫‪0.97986‬‬ ‫‪XGBoost‬‬
‫‪0.02‬‬ ‫‪4‬ﺩﻗﺎﺋﻖ ﻭ ‪ 47‬ﺛﺎﻧﻴﺔ‬ ‫‪0.32423‬‬ ‫‪0.63571‬‬ ‫‪0.31119‬‬ ‫‪0.53336‬‬ ‫‪MLP‬‬
‫‪0.03‬‬ ‫‪31‬ﺩﻗﻴﻘﺔ ‪ 41‬ﺛﺎﻧﻴﺔ‬ ‫‪0.63602‬‬ ‫‪0.89682‬‬ ‫‪0.61794‬‬ ‫‪0.76594‬‬ ‫ﺁﻥ‬
‫‪7.69‬‬ ‫‪30‬ﺩﻗﻴﻘﺔ ‪ 6‬ﺛﻮﺍﻧﻲ‬ ‫‪0.76773‬‬ ‫‪0.92699‬‬ ‫‪0.75511‬‬ ‫‪0.83418‬‬ ‫‪LSTM‬‬
‫‪7.69‬‬ ‫‪29‬ﺩﻗﻴﻘﺔ ﻭ‪ 50‬ﺛﺎﻧﻴﺔ‬ ‫‪0.83175‬‬ ‫‪0.93476‬‬ ‫‪0.78463‬‬ ‫‪0.87806‬‬ ‫‪GRU‬‬
‫‪1.62‬‬ ‫‪27‬ﺩﻗﻴﻘﺔ ‪ 3‬ﺛﺎﻧﻴﺔ‬ ‫‪0.8257‬‬ ‫‪0.94066‬‬ ‫‪0.77572‬‬ ‫‪0.87147‬‬ ‫‪RNN‬‬
‫‪350.73‬‬ ‫‪9‬ﺩﻗﻴﻘﺔ ﻭ ‪ 31‬ﺛﺎﻧﻴﺔ‬ ‫‪0.92205‬‬ ‫‪0.93127‬‬ ‫‪0.91357‬‬ ‫‪0.94099‬‬ ‫ﺍﻟﺘﻌﺒﺌﺔ‬
‫‪29.60‬‬ ‫‪1‬ﺩﻗﻴﻘﺔ ﻭ ‪ 7‬ﺛﻮﺍﻧﻲ‬ ‫‪0.9304‬‬ ‫‪0.9635‬‬ ‫‪0.90961‬‬ ‫‪0.9425‬‬ ‫ﻏﺎﺑﺔﻋﺸﻮﺍﺋﻴﺔ‬
‫‪35.19‬‬ ‫‪3.43‬ﺛﺎﻧﻴﺔ‬ ‫‪0.8906‬‬ ‫‪0.8952‬‬ ‫‪0.88756‬‬ ‫‪0.90922‬‬ ‫ﺃﺷﺠﺎﺭﺍﺿﺎﻓﻴﺔ‬
‫‪35.19‬‬ ‫‪3.43‬ﺛﺎﻧﻴﺔ‬ ‫‪0.8906‬‬ ‫‪0.8952‬‬ ‫‪0.88756‬‬ ‫‪0.90922‬‬ ‫ﻛﻲﺇﻥ ﺇﻥ‬
‫‪1h18min‬‬
‫‪25.34‬‬ ‫‪0.48259‬‬ ‫‪0.63258‬‬ ‫‪0.4853‬‬ ‫‪0.59398‬‬ ‫‪SVM‬‬
‫‪19‬ﺛﺎﻧﻴﺔ‬
‫‪1.90‬‬ ‫‪47.6‬ﺛﺎﻧﻴﺔ‬ ‫‪0.97511‬‬ ‫‪0.97437‬‬ ‫‪0.97758‬‬ ‫‪0.97437‬‬ ‫ﻫﻴﺴﺘﻐﺒﻮﺳﺖ‬
‫‪0.31‬‬ ‫‪3‬ﺩﻗﺎﺋﻖ ﻭ ‪ 55‬ﺛﺎﻧﻴﺔ‬ ‫‪0.25093‬‬ ‫‪0.34041‬‬ ‫‪0.32098‬‬ ‫‪0.43068‬‬ ‫‪adaBoost‬‬
‫‪11.05‬‬ ‫‪4‬ﺩﻗﺎﺋﻖ ﻭ‪ 5‬ﺛﻮﺍﻧﻲ‬ ‫‪0.96986‬‬ ‫‪0.98055‬‬ ‫‪0.96029‬‬ ‫‪0.98242‬‬ ‫‪LGBM‬‬
‫‪52‬‬
‫ﺍﻟﺸﻜﻞ‪4.3‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﺍﻟﻤﻘﺘﺮﺣﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ‪SMOTE‬‬
‫ﻭﻛﺎﻧﺖﺩﻗﺔ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﺜﺎﻧﻲ‪ ،XGBoost ،‬ﺃﻛﺒﺮ ﻗﻠﻴﻼ ًﺑﻨﺴﺒﺔ ‪ .%97.986‬ﻫﻮ ‪ -‬ﻫﻲ‬
‫ﺃﻇﻬﺮﺩﻗﺔ ﺃﻛﺒﺮ ﺗﺒﻠﻎ ‪ 0.94866‬ﻭﺍﺳﺘﺮﺟﺎﻋﺎً ﻣﺸﺎﺑﻬﺎً ﻟـ‬
‫‪.0.98084‬ﺗﺸﻴﺮ ﺩﺭﺟﺔ ‪ F1‬ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.96383‬ﺇﻟﻰ ﺗﺤﺴﻦ ﻃﻔﻴﻒ ﺑﺸﻜﻞ ﻋﺎﻡ‬
‫ﺍﻷﺩﺍءﻣﻦ ‪ .CatBoost‬ﻛﺎﻧﺖ ﻣﺪﺓ ﺗﺪﺭﻳﺐ ‪ XGBoost 7‬ﺩﻗﺎﺋﻖ ﻭ‬
‫‪53‬ﺛﺎﻧﻴﺔ‪ ،‬ﻭﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ‪ 1.22‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﻓﻲﺍﻟﻤﻘﺎﺑﻞ‪ ،‬ﻛﺎﻥ ﺃﺩﺍء ﻧﻤﻮﺫﺝ ‪ MLP‬ﺃﺩﻧﻰ ﺑﻜﺜﻴﺮ ﻋﺒﺮﻩ‬
‫ﺟﻤﻴﻊﺍﻟﻤﻘﺎﻳﻴﺲ‪ .‬ﻭﺻﻠﺖ ﺇﻟﻰ ﺩﻗﺔ ‪ ،0.5336‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﻋﺪﺩ ﻛﺒﻴﺮ ﻣﻦ‬
‫ﺍﻟﺘﺼﻨﻴﻔﺎﺕﺍﻟﺨﺎﻃﺌﺔ‪ .‬ﺗﻌﻜﺲ ﺍﻟﺪﻗﺔ ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.31‬ﻭﺍﻻﺳﺘﺪﻋﺎء ‪ 0.64‬ﻋﺪﻡ ﻗﺪﺭﺓ ﺍﻟﻨﻤﻮﺫﺝ‬
‫ﻟﺘﺤﺪﻳﺪﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺑﺪﻗﺔ‪ .‬ﻭﺑﺎﻟﺘﺎﻟﻲ ﻓﺈﻥ ﺩﺭﺟﺔ ‪ F1‬ﺗﺒﻠﻎ ‪،0.32‬‬
‫ﻳﺪﻝﻋﻠﻰ ﺿﻌﻒ ﺍﻷﺩﺍء ﺍﻟﻌﺎﻡ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻟﺘﺪﺭﻳﺐ ﻋﻠﻰ ﻧﻤﻮﺫﺝ ‪MLP‬‬
‫‪53‬‬
‫ﻭﻛﺎﻧﺖﺍﻟﻤﺪﺓ ‪ 4‬ﺩﻗﺎﺋﻖ ﻭ‪ 47‬ﺛﺎﻧﻴﺔ ﻓﻘﻂ‪ ،‬ﻭﻛﺎﻥ ﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ‪ 0.02‬ﻓﻘﻂ‬
‫ﻣﻴﻐﺎﺑﺎﻳﺖ‪.‬‬
‫ﻛﺎﻥﺃﺩﺍء ﻧﻤﻮﺫﺝ ‪ ANN‬ﺃﻓﻀﻞ ﻣﻦ ﻧﻤﻮﺫﺝ ‪ ،MLP‬ﻟﻜﻨﻪ ﻻ ﻳﺰﺍﻝ ﻣﺘﺨﻠﻔﺎً‬
‫ﻛﺎﺕﺑﻮﺳﺖ ﻭ‪ .XGBoost‬ﻛﺎﻧﺖ ﺍﻟﺪﻗﺔ ‪ 0.76594‬ﻭﺍﻟﺪﻗﺔ ‪ 0.62‬ﻭﺍﻻﺳﺘﺪﻋﺎء‬
‫‪.0.897‬ﺗﺸﻴﺮ ﺩﺭﺟﺔ ‪ F1‬ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.64‬ﺇﻟﻰ ﺗﻮﺍﺯﻥ ﻣﺮﺽ ٍﺑﻴﻦ‬
‫ﺍﻟﺪﻗﺔﻭﺍﻟﺘﺬﻛﻴﺮ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻛﺎﻧﺖ ﻓﺘﺮﺓ ﺍﻟﺘﺪﺭﻳﺐ ﻟﻨﻤﻮﺫﺝ ‪ANN‬‬
‫ﺃﻃﻮﻝﺑﻜﺜﻴﺮ ﻋﻨﺪ ‪ 31‬ﺩﻗﻴﻘﺔ ﻭ‪ 41‬ﺛﺎﻧﻴﺔ‪ ،‬ﻭﻛﺎﻥ ﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ‬
‫ﺃﻛﺒﺮﻗﻠﻴﻼ ًﺑﺤﺠﻢ ‪ 0.03‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﺍﻟﺸﻜﻞ‪4.4‬ﻧﺘﺎﺋﺞ ﺗﻘﻴﻴﻢ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻘﺘﺮﺣﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ‪SMOTE‬‬

‫ﺃﺩﺍءﻧﻤﺎﺫﺝ ‪ LSTM‬ﻭ‪ GRU‬ﻭ‪ RNN‬ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪،4.4‬‬
‫ﻛﺎﻥﻣﺘﻔﻮﻗﺎً ﻋﻠﻰ ﻃﺮﺍﺯﻱ ‪ MLP‬ﻭ‪ .ANN‬ﺣﺼﻞ ﻧﻤﻮﺫﺝ ‪ LSTM‬ﻋﻠﻰ‬
‫ﺩﻗﺔ‪ ،0.83418‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﺍﻟﺒﺎﻟﻐﺔ ‪،0.927 ،0.755‬‬
‫ﻭ‪ 0.77‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﺃﻇﻬﺮﺕ ﻧﻤﺎﺫﺝ ‪ GRU‬ﻭ‪ RNN‬ﻣﻤﺎﺛﻠﺔ‬
‫‪54‬‬
‫ﺍﻷﺩﺍءﺑﺪﻗﺔ ‪ 0.878‬ﻭ ‪ 0.87‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻛﻞ ﺛﻼﺛﺔ‬
‫ﺗﺘﻄﻠﺐﺍﻟﻨﻤﺎﺫﺝ ﻓﺘﺮﺍﺕ ﺗﺪﺭﻳﺐ ﻋﺎﻟﻴﺔ ﺗﺼﻞ ﺇﻟﻰ ‪ 30‬ﺩﻗﻴﻘﺔ ﺗﻘﺮﻳﺒﺎً‪ ،‬ﻛﻤﺎ ﺃﻧﻬﺎ ﺗﺘﻄﻠﺐ ﺗﺪﺭﻳﺒﺎً ﻋﺎﻟﻴﺎً‬
‫ﺃﺣﺠﺎﻡﺍﻟﻨﻤﺎﺫﺝ ﺃﻛﺒﺮ ﻧﺴﺒﻴﺎً ﺣﻴﺚ ﺗﺒﻠﻎ ‪ 7.69‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﻭﺑﺎﻻﻧﺘﻘﺎﻝﺇﻟﻰ ﻃﺮﻕ ﺍﻟﺘﺠﻤﻴﻊ‪ ،‬ﺣﺼﻞ ﻧﻤﻮﺫﺝ ﺍﻟﺘﻌﺒﺌﺔ ﻋﻠﻰ ﺩﻗﺔ ﻗﺪﺭﻫﺎ‬
‫‪0.94000‬ﺑﺪﺭﺟﺔ ﺩﻗﺔ ﻋﺎﻟﻴﺔ ‪ 0.91357‬ﻭﺍﺳﺘﺪﻋﺎء ‪ .0.93127‬ﺩﺭﺟﺔ ‪F1‬‬
‫ﻳﺸﻴﺮﺍﻟﺮﻗﻢ ‪ 0.92205‬ﺇﻟﻰ ﻣﺰﻳﺞ ﻣﺘﻮﺍﺯﻥ ﻣﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻟﺘﺬﻛﺮ‪ .‬ﺍﻟﻤﻮﺩﻳﻞ‬
‫ﺍﺳﺘﻐﺮﻕﺍﻟﺘﺪﺭﻳﺐ ‪ 9‬ﺩﻗﺎﺋﻖ ﻭ‪ 31‬ﺛﺎﻧﻴﺔ ﻭﻛﺎﻥ ﻟﺪﻳﻪ ﻧﻤﻮﺫﺝ ﺃﻛﺒﺮ‬
‫ﺍﻟﺤﺠﻢ‪ 350.73‬ﻣﻴﺠﺎ ﺑﺎﻳﺖ ‪ .‬ﻭﺑﺎﻟﻤﺜﻞ‪ ،‬ﻛﺎﻥ ﻧﻤﻮﺫﺝ ﺍﻟﻐﺎﺑﺔ ﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﺩﻗﻴﻘﺎً‬
‫‪،0.94‬ﺍﻟﺪﻗﺔ ‪ ،0.91‬ﺍﻻﺳﺘﺪﻋﺎء ‪ ،0.9635‬ﻭ‪ .F1-score 0.93‬ﻛﺎﻥ ﻟﺪﻳﻪ ﺗﺪﺭﻳﺐ‬
‫ﻣﺪﺗﻪﺩﻗﻴﻘﺔ ﻭﺳﺒﻊ ﺛﻮﺍﻧﻲ ﻭﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ‪ 29.60‬ﻣﻴﺠﺎﺑﺎﻳﺖ‬
‫ﻛﺎﻥﺃﻗﺼﺮ ﻭﺃﺻﻐﺮ ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪.‬‬
‫ﺣﻘﻖﻛﻞ ﻣﻦ ﻃﺮﺍﺯﻱ ‪ Extra Trees‬ﻭ‪ KNN‬ﺩﻗﺔ ﻗﺪﺭﻫﺎ ‪ ،0.90922‬ﻣﻊ‬
‫ﺍﻟﺪﻗﺔﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﻫﻲ ‪ 0.89‬ﻭ‪ 0.895‬ﻭ‪ 0.8906‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﻫﺆﻻء‬
‫ﻛﺎﻧﺖﻟﻠﻨﻤﺎﺫﺝ ﺃﻭﻗﺎﺕ ﺗﺪﺭﻳﺐ ﺃﻗﻞ ﺑﻜﺜﻴﺮ ﺗﺒﻠﻎ ‪ 3.43‬ﺛﺎﻧﻴﺔ ﻭﺃﺣﺠﺎﻡ ﻧﻤﺎﺫﺝ ﺃﻛﺒﺮ‬
‫ﺑﺤﺠﻢ‪ 35.19‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪.‬‬
‫ﻓﻲﺍﻟﻤﻘﺎﺑﻞ‪ ،‬ﻛﺎﻥ ﺃﺩﺍء ﻧﻤﻮﺫﺝ ‪ SVM‬ﺃﺳﻮﺃ ﺑﻜﺜﻴﺮ ﻓﻲ ﺟﻤﻴﻊ ﺍﻟﻤﻘﺎﻳﻴﺲ‪ .‬ﻫﻮ ‪ -‬ﻫﻲ‬
‫ﺣﺼﻠﺖﻋﻠﻰ ﺩﻗﺔ ‪ ،0.59‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﻋﺪﺩ ﻛﺒﻴﺮ ﻣﻦ‬
‫ﺍﻟﺘﺼﻨﻴﻔﺎﺕﺍﻟﺨﺎﻃﺌﺔ‪ .‬ﺗﺸﻴﺮ ﺍﻟﺪﻗﺔ ﺍﻟﺒﺎﻟﻐﺔ ‪ 0.49‬ﻭﺍﻻﺳﺘﺪﻋﺎء ‪ 0.63‬ﺇﻟﻰ ﺍﻟﻨﻤﻮﺫﺝ‬
‫ﻋﺪﻡﺍﻟﻘﺪﺭﺓ ﻋﻠﻰ ﺗﺤﺪﻳﺪ ﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﺑﺪﻗﺔ‪ .‬ﺑﺸﻜﻞ ﻋﺎﻡ‪ ،‬ﺩﺭﺟﺔ ‪ F1‬ﻫﻲ‬
‫‪0.48259‬ﻳﺸﻴﺮ ﺇﻟﻰ ﺿﻌﻒ ﺍﻷﺩﺍء‪ .‬ﻣﺪﺓ ﺍﻟﺘﺪﺭﻳﺐ ﻋﻠﻰ ﻧﻤﻮﺫﺝ ‪SVM‬‬
‫‪55‬‬
‫ﻛﺎﻧﺖ‪ 1‬ﺳﺎﻋﺔ ﻭ ‪ 18‬ﺩﻗﻴﻘﺔ ﻭ ‪ 19‬ﺛﺎﻧﻴﺔ ﻭﺣﺠﻢ ﺍﻟﻤﻮﺩﻳﻞ ‪25.34‬‬
‫ﻣﻴﻐﺎﺑﺎﻳﺖ‪.‬‬
‫ﺃﺧﻴﺮﺍً‪،‬ﺗﻢ ﺗﺤﺴﻴﻦ ﻧﻤﺎﺫﺝ ‪ HISTGBOOST‬ﻭ‪ AdaBoost‬ﻭ‪LGBM‬‬
‫ﺃﺩﺍء‪.‬ﺩﻗﺔ ﻧﻤﻮﺫﺝ ‪ HISTGBOOST‬ﻛﺎﻧﺖ ‪ ،0.97437‬ﻭ‬
‫ﻭﻛﺎﻧﺖﺩﺭﺟﺎﺕ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء ﻭ‪ F1‬ﻫﻲ ‪ 0.97758‬ﻭ‪ 0.97437‬ﻭ‪،0.97511‬‬
‫ﻋﻠﻰﺍﻟﺘﻮﺍﻟﻰ‪ .‬ﺍﺳﺘﻐﺮﻗﺖ ﻣﺪﺓ ﺍﻟﺘﺪﺭﻳﺐ ‪ 47.6‬ﺛﺎﻧﻴﺔ ﻭﺣﺠﻢ ﺍﻟﻨﻤﻮﺫﺝ ‪ 1.90‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪،‬‬
‫ﻭﻛﻼﻫﻤﺎﻣﺨﺘﺼﺮ ﻧﺴﺒﻴﺎً‪ .‬ﺑﺪﻗﺔ ‪ ،0.43068‬ﺩﻗﺔ ﺃﻗﻞ‪،‬‬
‫ﺍﻻﺳﺘﺪﻋﺎء‪،‬ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﺗﺘﺮﺍﻭﺡ ﻣﻦ ‪ 0.32098‬ﺇﻟﻰ ‪ ،0.34041‬ﻭﺩﺭﺟﺔ ‪F1‬‬
‫‪،0.25093‬ﺃﻇﻬﺮ ﻧﻤﻮﺫﺝ ‪ AdaBoost‬ﺃﺩﺍء ًﺃﻗﻞ‪ .‬ﻛﺎﻥ ﻣﻄﻠﻮﺑﺎ ‪3‬‬
‫ﺩﻗﻴﻘﺔﻭ‪ 55‬ﺛﺎﻧﻴﺔ ﻣﻦ ﻭﻗﺖ ﺍﻟﺘﺪﺭﻳﺐ ﻭﻛﺎﻥ ﺣﺠﻤﻬﺎ ‪ 0.31‬ﻣﻴﺠﺎﺑﺎﻳﺖ‪ .‬ﺇﻝ ﺟﻲ ﺑﻲ ﺇﻡ‬
‫ﺃﻇﻬﺮﺍﻟﻨﻤﻮﺫﺝ ﺃﻋﻠﻰ ﺩﻗﺔ ﺑﻘﻴﻤﺔ ‪ ،0.98242‬ﻭﻛﺬﻟﻚ‬
‫ﺩﻗﺔﻣﻤﺘﺎﺯﺓ ﻭﺍﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﺗﺒﻠﻎ ‪ 0.96029‬ﻭ‪ 0.98055‬ﻭ‪،0.96986‬‬
‫ﻋﻠﻰﺍﻟﺘﻮﺍﻟﻰ‪ .‬ﻛﺎﻧﺖ ﻣﺪﺓ ﺗﺪﺭﻳﺐ ‪ LGBM 4‬ﺩﻗﺎﺋﻖ ﻭ‪ 5‬ﺛﻮﺍﻧﻲ‬
‫ﺣﺠﻢﺍﻟﻨﻤﻮﺫﺝ ‪ 11.05‬ﻣﻴﺠﺎ ﺑﺎﻳﺖ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،BoT-IoT‬ﻭ‪ CatBoost‬ﻭ‪XGBoost‬‬
‫ﺃﻇﻬﺮﺕﺍﻟﻨﻤﺎﺫﺝ ﺃﺩﺍء ًﻓﺎﺋﻘﺎً ﻓﻲ ﺍﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺑﻨﺎء ًﻋﻠﻰ ﻣﻘﺎﻳﻴﺲ ﺍﻷﺩﺍء ﺍﻟﻮﺍﺭﺩﺓ ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ .4.2‬ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ‬
‫ﺣﻘﻘﺖﻣﺴﺘﻮﻳﺎﺕ ﻋﺎﻟﻴﺔ ﻣﻦ ﺍﻟﺪﻗﺔ‪ ،‬ﻭﺍﻟﺪﻗﺔ‪ ،‬ﻭﺍﻻﺳﺘﺪﻋﺎء‪ ،‬ﻭﺩﺭﺟﺎﺕ ‪ ،F1‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﺫﻟﻚ‬
‫ﻗﺪﺭﺗﻬﻢﻋﻠﻰ ﺗﺤﺪﻳﺪ ﺍﻟﺤﺎﻻﺕ ﺍﻹﻳﺠﺎﺑﻴﺔ ﻭﺍﻟﺴﻠﺒﻴﺔ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻫﻢ‬
‫‪56‬‬
‫ﻛﺎﻧﺖﻓﺘﺮﺍﺕ ﺍﻟﺘﺪﺭﻳﺐ ﺃﻗﺼﺮ ﻭﺃﺣﺠﺎﻡ ﺍﻟﻨﻤﺎﺫﺝ ﺃﺻﻐﺮ ﻣﻦ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻷﺧﺮﻯ‪،‬‬
‫ﻣﻤﺎﻳﺠﻌﻠﻬﺎ ﺧﻴﺎﺭﺍﺕ ﻣﻤﻜﻨﺔ ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫‪4.3‬ﻣﻨﺎﻗﺸﺔ ﺍﻟﻨﺘﺎﺋﺞ‬
‫ﺗﻮﻓﺮﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﺍﻟﻮﺍﺭﺩﺓ ﻓﻲ ﺍﻟﺠﺪﻭﻟﻴﻦ ‪ 4.1‬ﻭ‪ 4.2‬ﺍﻟﻔﻬﻢ‬
‫ﺣﻮﻝﻓﻌﺎﻟﻴﺔ ﺍﻟﻤﺼﻨﻔﺎﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻟﻠﻜﺸﻒ ﻋﻦ ﻋﻤﻠﻴﺎﺕ ﺍﻟﺘﻄﻔﻞ ﻋﻠﻰ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ‪ .BoT-IoT‬ﺗﻜﺸﻒ ﻣﻘﺎﺭﻧﺔ ﻫﺬﻩ ﺍﻟﺠﺪﺍﻭﻝ ﺗﺄﺛﻴﺮ ‪SMOTE‬‬
‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔﻟﻬﺎ ﻣﻘﺎﻳﻴﺲ ﺍﻷﺩﺍء‪.‬‬
‫ﻳﻌﺮﺽﺍﻟﺸﻜﻞ ‪ 4.5‬ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻴﺔ‬
‫ﺍﻷﺩﺍءﻣﻊ ﻭﺑﺪﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ .Smote‬ﻭﻳﺪﻝ ﻋﻠﻰ ﺫﻟﻚ ﺃﻓﻀﻞ‬
‫ﺍﻟﻨﺘﺎﺋﺞﻣﻦ ﻋﺪﺓ ﻣﺼﻨﻔﺎﺕ‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ ‪ Extra Trees‬ﻭ‪ CatBoost‬ﻭ‪،XGBoost‬‬
‫ﻭﺻﻠﺖﺇﻟﻰ ﺩﻗﺔ ﻋﺎﻟﻴﺔ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﺃﻇﻬﺮﺕ ﻫﺬﻩ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻣﻮﺍﺗﻴﺔ‬
‫ﺍﻟﺪﻗﺔﻭﺍﻻﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ ،F1‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﻗﺪﺭﺗﻬﻢ ﻋﻠﻰ ﺗﺤﺪﻳﺪ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺪﻗﺔ‬
‫ﻫﺠﻤﺎﺕﺍﻟﺸﺒﻜﺔ‪ .‬ﻭﺍﻟﺠﺪﻳﺮ ﺑﺎﻟﺬﻛﺮ ﺃﻥ ‪ CatBoost‬ﻭ‪ XGBoost‬ﺃﺛﺒﺘﺎ ﺫﻟﻚ ﺑﺎﺳﺘﻤﺮﺍﺭ‬
‫ﺃﺩﺍءﻣﺘﻔﻮﻕ ﻋﺒﺮ ﻣﺠﻤﻮﻋﺔ ﻣﺘﻨﻮﻋﺔ ﻣﻦ ﺍﻟﻤﻘﺎﻳﻴﺲ ﺃﻓﻀﻞ ﻣﻦ ﺍﺳﺘﺨﺪﺍﻡ ﻫﺬﻩ ﺍﻟﻤﻘﺎﻳﻴﺲ‬
‫ﺍﻟﻤﺼﻨﻔﺎﺕﻣﻊ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.Smote‬‬
‫‪57‬‬
‫ﺍﻟﺸﻜﻞ‪4.5‬ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﻓﻀﻞ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ﺗﺆﺩﻱ ﺇﻟﻰ ﺍﻟﻨﺘﺎﺋﺞ ﻣﻊ ﻭﺑﺪﻭﻧﻬﺎ‬
‫ﺑﺎﺳﺘﺨﺪﺍﻡﺧﻮﺍﺭﺯﻣﻴﺔ ﺍﻟﻀﺮﺑﺔ‪.‬‬
‫ﻓﻲﺍﻟﻤﻘﺎﺑﻞ‪ ،‬ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﻊ‬
‫ﻭﺑﺪﻭﻥﺍﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ Smote‬ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪ .4.6‬ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺍﻻﺛﻨﻴﻦ‬
‫ﺗﻜﺸﻒﺍﻟﺠﺪﺍﻭﻝ ﺃﻥ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﺃﺛﺮﺕ ﻋﻠﻰ ﺍﻷﺩﺍء ﻛﺜﻴﺮﺍً‬
‫ﻣﺼﻨﻔﺎﺕﻣﺨﺘﻠﻔﺔ‪ .‬ﻣﻦ ﺍﻟﺸﻜﻞ ‪ ،4.1‬ﺗﻢ ﺗﻨﻔﻴﺬ ‪ CatBoost‬ﻭ‪XGBoost‬‬
‫ﺃﻓﻀﻞﺑﺸﻜﻞ ﺍﺳﺘﺜﻨﺎﺋﻲ ﻛﻤﺎ ﻫﻮ ﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ ،4.1‬ﻭﺣﺎﻓﻈﺖ ﻋﻠﻰ ﺩﻗﺘﻬﺎ ﺍﻟﻌﺎﻟﻴﺔ‪ ،‬ﻭ‬
‫ﺣﺼﻠﺖﻋﻠﻰ ﺩﻗﺔ ﺗﻨﺎﻓﺴﻴﺔ ﻭﺍﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ .4.2‬ﻫﺬﺍ ﻳﺪﻝ ﻋﻠﻰ‬
‫ﺃﻥﻫﺬﻩ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻗﻮﻳﺔ ﻭﺃﻥ ﺍﺳﺘﺨﺪﺍﻡ ‪ SMOTE‬ﻟﻪ ﺗﺄﺛﻴﺮ ﺿﺌﻴﻞ‬
‫ﻋﻠﻰﻓﺎﻋﻠﻴﺘﻬﺎ‪.‬‬
‫‪58‬‬
‫ﺍﻟﺸﻜﻞ‪4.6‬ﻣﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﻊ ﻭﺑﺪﻭﻥ ﺍﺳﺘﺨﺪﺍﻡ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔﺍﻟﻀﺮﺑﺔ‪.‬‬
‫ﻭﻣﻦﻧﺎﺣﻴﺔ ﺃﺧﺮﻯ‪ ،‬ﺃﺩﻯ ﺗﻄﺒﻴﻖ ‪ SMOTE‬ﺇﻟﻰ ﺗﻐﻴﻴﺮ ﺃﺩﺍء ﺍﻟﺒﻌﺾ‬
‫ﺍﻟﻤﺼﻨﻔﺎﺕﺑﺸﻜﻞ ﻣﻠﺤﻮﻅ‪ .‬ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ 4.2‬ﻭﺍﻟﺸﻜﻞ ‪ MLP 4.3‬ﻭ‪ ANN‬ﻭ‪ LSTM‬ﻭ‪GRU‬‬
‫ﺃﻇﻬﺮﺕﺍﻟﻨﻤﺎﺫﺝ ﺩﻗﺔ ﻭﺩﻗﺔ ﻭﺍﺳﺘﺪﻋﺎء ﻭﺩﺭﺟﺎﺕ ‪ F1‬ﺃﻗﻞ ﻣﻤﺎ ﻫﻲ ﻋﻠﻴﻪ ﻓﻲ ﺍﻟﺠﺪﻭﻝ‬
‫‪.4.1‬ﻳﺸﻴﺮ ﻫﺬﺍ ﺇﻟﻰ ﺃﻧﻪ ﺣﺘﻰ ﻣﻊ ‪ ،SMOTE‬ﻗﺪ ﻻ ﺗﻜﻮﻥ ﻫﺬﻩ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻓﻌﺎﻟﺔ‬
‫ﻋﻨﺪﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﻤﻦ ﺍﻟﻤﻬﻢ ﺃﻥ ﻧﻼﺣﻆ ﺫﻟﻚ‬
‫ﻻﺗﺰﺍﻝ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﺗﺤﺼﻞ ﻋﻠﻰ ﻣﺴﺘﻮﻯ ﻣﺤﺘﺮﻡ ﻣﻦ ﺍﻟﺪﻗﺔ ﻭﺍﻟﻤﻘﺎﻳﻴﺲ ﺍﻷﺧﺮﻯ‪.‬‬
‫ﺑﺎﻹﺿﺎﻓﺔﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻣﺜﻞ ‪ Baging‬ﻭ‪ Random Forest‬ﻭ‪ Extra Trees‬ﻭ‪ KNN‬ﻭ‬
‫ﺃﻇﻬﺮ‪ LGBM‬ﺃﺩﺍء ًﻣﺘﺴﻘﺎً ﻋﺒﺮ ﻛﻼ ﺍﻟﺠﺪﻭﻟﻴﻦ‪ ،‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﻛﻔﺎءﺗﻬﻤﺎ‬
‫‪-‬ﺍﻟﻤﺘﺎﻧﺔ ﻓﻲ ﺍﻟﺘﻌﺎﻣﻞ ﻣﻊ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ‪ .‬ﻓﻲ ﺣﻴﻦ ﺃﻥ ﺍﻟﺪﻗﺔ ﻭ‪-F1‬‬
‫ﻇﻠﺖﺍﻟﻨﺘﺎﺋﺞ ﻣﺴﺘﻘﺮﺓ ﻧﺴﺒﻴﺎً‪ ،‬ﺇﻻ ﺃﻥ ﺗﻄﺒﻴﻖ ‪ SMOTE‬ﺃﺩﻯ ﺇﻟﻰ ﺗﺤﺴﻴﻦ ﺍﻟﻨﺘﺎﺋﺞ‬
‫ﻗﻴﻢﺍﻟﺪﻗﺔ ﻭﺍﻟﺘﺬﻛﺮ ﻟﻬﺬﻩ ﺍﻟﻤﺼﻨﻔﺎﺕ ﺑﺸﻜﻞ ﻫﺎﻣﺸﻲ‪.‬‬

‫‪59‬‬
‫ﻓﻲﻛﻼ ﺍﻟﺠﺪﻭﻟﻴﻦ‪ ،‬ﻛﺎﻥ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ‪ SVM‬ﻭ‪ AdaBoost‬ﺿﻌﻴﻔﺎً ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻷﺷﻜﺎﻝ‬
‫‪.4.3‬ﻣﻊ ﺩﻗﺔ ﺃﻗﻞ‪ ،‬ﻭﺇﺣﻜﺎﻡ‪ ،‬ﻭﺍﺳﺘﺮﺟﺎﻉ‪ ،‬ﻭﺩﺭﺟﺎﺕ ‪ ،F1‬ﻫﺬﻩ ﺍﻟﻤﺼﻨﻔﺎﺕ‬
‫ﻛﺎﻓﺤﺖﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺪﻗﺔ‪ .‬ﻭﻋﻼﻭﺓ ﻋﻠﻰ ﺫﻟﻚ‪ ،‬ﻛﺎﻥ ‪SVM‬‬
‫ﺃﻭﻗﺎﺕﻭﺣﺪﺓ ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺮﻛﺰﻳﺔ ﺃﻛﺒﺮ ﺑﻜﺜﻴﺮ ﻣﻦ ﺍﻟﻤﺼﻨﻔﺎﺕ ﺍﻷﺧﺮﻯ ﻓﻲ ﻛﻼ ﺍﻟﺴﻴﻨﺎﺭﻳﻮﻫﻴﻦ‪ ،‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ‬
‫ﺗﻔﺎﺻﻴﻞﺍﻟﺘﻌﻘﻴﺪ ﺍﻟﺤﺴﺎﺑﻲ ﻛﻤﺎ ﻫﻮ ﻣﻮﺿﺢ ﻓﻲ ﺍﻟﺸﻜﻞ ‪.4.7‬‬
‫ﺍﻟﺸﻜﻞ‪4.7‬ﻣﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺃﺩﺍء ﻧﻤﺎﺫﺝ ﺍﻟﻤﺼﻨﻔﺎﺕ ﺍﻟﻔﺮﺩﻳﺔ ﻣﻊ ﻭﺑﺪﻭﻥ‬

‫ﺑﺎﺳﺘﺨﺪﺍﻡﺧﻮﺍﺭﺯﻣﻴﺔ ﺍﻟﻀﺮﺑﺔ‪.‬‬
‫‪60‬‬
‫‪4.4‬ﻣﻠﺨﺺ‬
‫ﻭﻓﻲﺍﻟﺨﺘﺎﻡ‪ ،‬ﻓﺈﻥ ﺍﻟﻤﻘﺎﺭﻧﺔ ﺑﻴﻦ ﺍﻟﺠﺪﻭﻟﻴﻦ ‪ 4.1‬ﻭ‪ 4.2‬ﺗﺴﻠﻂ ﺍﻟﻀﻮء ﻋﻠﻰ ﺗﺄﺛﻴﺮ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺔ‪ SMOTE‬ﺣﻮﻝ ﻓﻌﺎﻟﻴﺔ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻓﻲ ﺍﻟﻜﺸﻒ ﻋﻦ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻟﻬﺠﻤﺎﺕ‪.‬ﻣﻦ ﺣﻴﺚ ﺍﻟﺪﻗﺔ ﻭﺍﻻﺳﺘﺪﻋﺎء‪ ،‬ﺃﻇﻬﺮﺕ ﺑﻌﺾ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻟﻤﺤﺴﻨﺔ‬
‫ﺍﻷﺩﺍء‪،‬ﻓﻲ ﺣﻴﻦ ﺃﻇﻬﺮ ﺁﺧﺮﻭﻥ ﺍﻧﺨﻔﺎﺿﺎ ﻓﻲ ﺍﻷﺩﺍء‪ .‬ﺃﺧﻴﺮﺍ‪ً،‬‬
‫ﺣﻘﻘﺖﻣﺼﻨﻔﺎﺕ ‪ CatBoost‬ﻭ‪ XGBoost‬ﻧﺘﺎﺋﺞ ﺩﻗﺔ ﺗﺼﻞ ﺇﻟﻰ ‪%98.19‬‬
‫‪ 98.52%‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﺃﻓﻀﻞ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻣﺘﺴﻘﺔ ﻭﻗﻮﻳﺔ ﻋﺒﺮ‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ‪ ،BoT-IoT‬ﻣﻤﺎ ﻳﺠﻌﻠﻬﺎ ﺧﻴﺎﺭﺍﺕ ﻗﺎﺑﻠﺔ ﻟﻠﺘﻄﺒﻴﻖ ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺳﻮﺍءﻛﺎﻥ ﺗﻄﺒﻴﻖ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪ SMOTE‬ﺃﻭ ﻏﻴﺮﻫﺎ‪.‬‬
‫‪61‬‬
‫ﻣﻘﺎﺭﻧﺔ‬ ‫ﺍﻟﻔﺼﻞ‪:5‬‬
‫‪5.1‬ﺍﻟﻤﻨﺎﻗﺸﺔ‬
‫ﻓﻲﺍﻵﻭﻧﺔ ﺍﻷﺧﻴﺮﺓ‪ ،‬ﺍﺳﺘﺨﺪﻣﺖ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﺪﺭﺍﺳﺎﺕ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﺘﻌﺰﻳﺰ‬
‫ﻛﻔﺎءﺓﻧﻤﺎﺫﺝ ﺍﻟﺘﺪﺭﻳﺐ ﻛﻤﺎ ﻫﻮ ﻣﺒﻴﻦ ﻓﻲ ﺍﻟﺠﺪﻭﻝ ‪ .2.1‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺎﺕ‬
‫ﻻﺗﺪﺭﺱ ﺍﻟﺸﺒﻜﺎﺕ ﺑﺸﻜﻞ ﻛﺎﻣﻞ ﻓﻲ ﻣﺠﺎﻝ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻟﺘﺤﺪﻳﺪ ﺍﻟﻤﺨﺎﻟﻔﺎﺕ‬
‫ﺑﺴﺮﻋﺔﻭﺩﻗﺔ ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﻟﺮﺩ ﻋﻠﻴﻬﺎ‪ .‬ﻭﺍﻟﺘﻐﻠﺐ ﻋﻠﻰ‬
‫ﻗﻀﺎﻳﺎﺍﻵﻟﺔ ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻣﺜﻞ ﺍﻟﺤﺼﻮﻝ ﻋﻠﻰ ﺍﻟﻌﺪﺩ ﺍﻷﻣﺜﻞ ﻣﻦ‬
‫ﺍﻟﺨﻼﻳﺎﺍﻟﻌﺼﺒﻴﺔ‪ ،‬ﻭﺍﻟﺘﺮﻛﻴﺐ ﺍﻟﺰﺍﺋﺪ‪ ،‬ﻭﺍﻟﻤﻌﻠﻤﺎﺕ ﺍﻟﺘﻲ ﺗﺤﻘﻖ ﻫﺪﻑ ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﺜﺎﻟﻲ‪.‬‬
‫ﻳﻘﺪﻡﺍﻟﺠﺪﻭﻝ ‪ 5.1‬ﺗﺤﻠﻴﻼ ًﻣﻘﺎﺭﻧﺎً ﻷﺣﺪﺙ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺣﻠﻮﻝﺗﻌﺮﺽ ﻧﺘﺎﺋﺞ ﺍﻷﺩﺍء ﺍﻟﺘﻲ ﺣﻘﻘﺘﻬﺎ ﺍﻟﺪﺭﺍﺳﺎﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻓﻲ‬
‫ﺍﻟﻤﻴﺪﺍﻥ‪.‬ﻳﻤﺜﻞ ﻛﻞ ﺻﻒ ﻣﺮﺟﻌﺎً ﺑﺤﺜﻴﺎً ﻣﺤﺪﺩﺍً‪ ،‬ﺑﻤﺎ ﻓﻲ ﺫﻟﻚ ﺍﻟﺴﻨﺔ‬
‫ﺍﻟﺪﺭﺍﺳﺔ‪،‬ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ‪ ،‬ﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ‪ ،‬ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ‬
‫ﺍﻟﻤﺴﺘﺨﺪﻣﺔ‪،‬ﻭﻧﺘﺎﺋﺞ ﺍﻟﺪﻗﺔ ﻓﻲ ﺍﻟﻨﺴﺒﺔ ﺍﻟﻤﺌﻮﻳﺔ‪.‬‬
‫ﻣﻨﺪﻭﻧﺴﺎﻭﺁﺧﺮﻭﻥ‪ [15] .‬ﺃﺟﺮﻳﺖ ﺩﺭﺍﺳﺔ ﻓﻲ ﻋﺎﻡ ‪ 2022‬ﺑﺎﺳﺘﺨﺪﺍﻡ ‪ DS2OS‬ﻭ‪CICIDS2017‬‬
‫ﻣﺠﻤﻮﻋﺎﺕﺍﻟﺒﻴﺎﻧﺎﺕ‪ .‬ﻟﻘﺪ ﻃﺒﻘﻮﺍ ﺗﻘﻨﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪ ،‬ﻭﺗﺤﺪﻳﺪﺍً ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ‪،SET‬‬
‫ﻭﺣﻘﻘﺖﺩﻗﺔ ﻣﺬﻫﻠﺔ ﺑﻠﻐﺖ ‪ .%98‬ﻭﺗﻈﻬﺮ ﺍﻟﺪﺭﺍﺳﺔ ﻓﻌﺎﻟﻴﺔ‬
‫ﻟﻠﺘﻌﻠﻢﺍﻟﻌﻤﻴﻖ ﻓﻲ ﻣﺠﺎﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﻛﻤﺎ ﻳﺘﻀﺢ ﻣﻦ ﺍﻟﺪﻗﺔ ﺍﻟﻌﺎﻟﻴﺔ ﺍﻟﺘﻲ ﺣﺼﻠﺖ ﻋﻠﻴﻬﺎ‪.‬‬
‫ﺑﻮﺑﻮﻻﻭﺁﺧﺮﻭﻥ‪ [18] .‬ﺭﻛﺰ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT-IoT‬ﻓﻲ ﻋﺎﻡ ‪ .2020‬ﻭﻗﺪ ﺍﺳﺘﺨﺪﻣﻮﺍ ﺃ‬
‫ﺇﻃﺎﺭﻋﻤﻞ ﻣﺨﺘﻠﻂ ﻟﻠﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻳﺠﻤﻊ ﺑﻴﻦ ﺗﻀﻤﻴﻦ ﺍﻟﻨﺸﺎﻁ ﺍﻟﻤﺤﻠﻲ )‪(LAE‬‬
‫ﻟﺘﻘﻠﻴﻞﺍﻷﺑﻌﺎﺩ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺫﺍﻛﺮﺓ ﻃﻮﻳﻠﺔ ﺍﻟﻤﺪﻯ ﺛﻨﺎﺋﻴﺔ ﺍﻻﺗﺠﺎﻩ‬
‫‪62‬‬
‫ﺍﻟﻤﺼﻨﻒ)‪ .(BLSTM‬ﻭﻗﺪ ﺃﺳﻔﺮ ﻧﻬﺠﻬﻢ ﻋﻦ ﺩﻗﺔ ﻋﺮﺽ ﺑﻠﻐﺖ ‪%91.89‬‬
‫ﻧﺠﺎﺡﺇﻃﺎﺭ ‪ DL‬ﺍﻟﻤﺨﺘﻠﻂ ﻓﻲ ﻣﻌﺎﻟﺠﺔ ﺗﻌﻘﻴﺪﺍﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻷﻣﻦﺍﻹﻟﻜﺘﺮﻭﻧﻲ‪.‬‬
‫ﺍﻟﺤﺮﺑﻲﻭﺁﺧﺮﻭﻥ‪ ،[19] .‬ﻓﻲ ﻋﺎﻡ ‪ ،2021‬ﺍﺳﺘﺨﺪﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ N-BaIoT‬ﻭﻗﺪﻡ ﻧﻈﺎﻣﺎً ﻣﺤﻠﻴﺎً‬
‫ﺃﻓﻀﻞﺧﻮﺍﺭﺯﻣﻴﺔ ﺑﺎﺕ ﻋﻠﻰ ﻣﺴﺘﻮﻯ ﺍﻟﻌﺎﻟﻢ ﻟﻠﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ )‪ .(LGBA-NN‬ﻟﻘﺪ ﺣﻘﻘﻮﺍ‬
‫ﺩﻗﺔ‪ ،%90‬ﻣﻤﺎ ﻳﺪﻝ ﻋﻠﻰ ﻓﻌﺎﻟﻴﺔ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔ ﺍﻟﺨﺎﺻﺔ ﺑﻬﻢ ﻓﻲ ﺍﻟﻜﺸﻒ ﻭ‬
‫ﺗﺼﻨﻴﻒﺗﻬﺪﻳﺪﺍﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺑﻴﺌﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺳﺤﺮﺧﻴﺰﺍﻥﻭﺁﺧﺮﻭﻥ‪ [22] .‬ﺭﻛﺰ ﻋﻠﻰ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺷﺒﻜﺔ ‪ Modbus/TCP‬ﻓﻲ ﻋﺎﻡ ‪2020‬‬
‫ﺗﺘﻀﻤﻦﺍﻟﻤﻨﻬﺠﻴﺔ ﺍﺳﺘﺨﺪﺍﻡ ‪) LSTM‬ﺍﻟﺬﺍﻛﺮﺓ ﻃﻮﻳﻠﺔ ﺍﻟﻤﺪﻯ( ﻭﺍﻟﻤﺠﻤﻮﻋﺔ‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ‪ ،‬ﻣﻤﺎ ﺃﺩﻯ ﺇﻟﻰ ﺩﻗﺔ ﻣﺬﻫﻠﺔ ﺗﺒﻠﻎ ‪ .٪98.99‬ﻫﺬﺍ‬
‫ﻳﻮﺿﺢﻓﻌﺎﻟﻴﺔ ‪ LSTM‬ﻭﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ﻓﻲ ﺍﻟﺘﺤﻠﻴﻞ ﻭﺍﻟﺘﺤﻠﻴﻞ‬
‫ﺍﻛﺘﺸﺎﻑﺍﻟﺤﺎﻻﺕ ﺍﻟﺸﺎﺫﺓ ﻓﻲ ﺣﺮﻛﺔ ﻣﺮﻭﺭ ﺷﺒﻜﺔ ‪.Modbus/TCP‬‬
‫ﺑﻮﺧﺮﻳﻞﻭﺁﺧﺮﻭﻥ‪ [23] .‬ﺃﺟﺮﻯ ﺩﺭﺍﺳﺔ ﻓﻲ ﻋﺎﻡ ‪ 2021‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ BoT-IoT‬ﻭﻋﻤﻴﻘﺔ‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ‪ ،‬ﻭﺗﺤﺪﻳﺪﺍ ً‪MLP ANN )Multi-Layer Perceptron Artificial‬‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ(‪ .‬ﻭﺣﻘﻘﻮﺍ ﺩﻗﺔ ﺑﻠﻐﺖ ‪ ،%87.4‬ﻣﻤﺎ ﻳﺸﻴﺮ ﺇﻟﻰ ﺩﺭﺟﺔ ﻣﻌﻘﻮﻟﺔ‬
‫ﻣﺴﺘﻮﻯﺍﻷﺩﺍء ﻓﻲ ﻧﻬﺠﻬﻢ‪.‬‬
‫ﺍﻟﺤﻞﺍﻟﻤﻘﺘﺮﺡ ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،BoT-IoT‬ﺍﻟﻤﺠﻤﻮﻋﺔ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ‪ CatBoosting‬ﻭ‪ .XGBoosting‬ﺍﻝ‬
‫‪63‬‬
‫ﺣﻘﻖﺍﻟﻨﻬﺞ ﺍﻟﻤﻘﺘﺮﺡ ﺩﻗﺔ ﻋﺮﺽ ﺑﻠﻐﺖ ‪ %98.19‬ﻭ‪%98.52‬‬
‫ﺗﺤﺴﻦﻣﻠﺤﻮﻅ ﻣﻘﺎﺭﻧﺔ ﺑﺎﻟﺪﺭﺍﺳﺎﺕ ﺍﻟﺴﺎﺑﻘﺔ ‪.‬‬
‫ﻣﻘﺎﺭﻧﺔﺃﺩﺍء ﺍﻟﺤﻞ ﺍﻟﻤﻘﺘﺮﺡ ﻣﻊ ﺍﻟﺪﺭﺍﺳﺎﺕ ﺍﻷﺧﺮﻯ‪،‬‬
‫ﻭﻳﺘﻔﻮﻕﺍﻟﻨﻬﺞ ﺍﻟﻤﻘﺘﺮﺡ ﻋﻠﻰ ﺟﻤﻴﻊ ﺍﻟﺘﻘﻨﻴﺎﺕ ﺍﻷﺧﺮﻯ ﻣﻦ ﺣﻴﺚ ﺍﻟﺪﻗﺔ‪.‬‬
‫ﺗﺸﻴﺮﺍﻟﺪﻗﺔ ﺍﻷﻋﻠﻰ ﺍﻟﺘﻲ ﺗﻢ ﺗﺤﻘﻴﻘﻬﺎ ﺇﻟﻰ ﺍﻛﺘﺸﺎﻑ ﺃﻛﺜﺮ ﻓﻌﺎﻟﻴﺔ ﻭ‬
‫ﺗﺼﻨﻴﻒﺗﻬﺪﻳﺪﺍﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ .BoT-IoT‬ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻔﺮﻗﺔ‬
‫ﻳﺒﺪﻭﺃﻥ ﺍﻟﺘﻌﻠﻢ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ‪ CatBoosting‬ﻭ‪ XGBoosting‬ﻗﺪ ﺗﻢ ﺗﻮﻓﻴﺮﻩ‬
‫ﻗﺪﺭﺍﺕﺗﻨﺒﺆﻳﺔ ﺃﻓﻀﻞ ﻭﺗﻌﺰﻳﺰ ﺍﻷﺩﺍء ﺍﻟﻌﺎﻡ‪.‬‬
‫ﺍﻟﺠﺪﻭﻝ‪: 1-5‬ﺗﺤﻠﻴﻞ ﻣﻘﺎﺭﻥ ﻷﺣﺪﺙ ﺣﻠﻮﻝ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﺩﻗﺔ‬
‫ﻳﺆﺩﻱﺍﻟﻰ‬ ‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ‬ ‫ﺍﻟﻤﻨﻬﺠﻴﺔﺍﻟﻤﺴﺘﺨﺪﻣﺔ‬ ‫ﺍﻟﺒﻴﺎﻧﺎﺕﺍﻟﻤﺴﺘﺨﺪﻣﺔ‬ ‫ﺳﻨﺔ‬ ‫ﺍﻟﻤﺮﺟﻊ‬
‫)‪(%‬‬
‫‪DS2OS،‬‬
‫‪98‬‬ ‫ﻣﻨﺪﻭﻧﺴﺎﻭﺁﺧﺮﻭﻥ‬
‫ﻧﻤﻮﺫﺝﻗﺎﺋﻢ ﻋﻠﻰ ‪SET‬‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫‪CICIDS201‬‬ ‫‪2022‬‬
‫]‪[15‬‬
‫‪7‬‬
‫ﺍﻟﻬﺠﻴﻦ‪DL‬‬ ‫ﻟﻸﺑﻌﺎﺩ‪LAE‬‬
‫‪91.89‬‬ ‫ﺍﻹﻃﺎﺭ)‪-LAE‬‬ ‫ﺍﻟﺘﺨﻔﻴﺾﻭ ‪BLSTM‬‬ ‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬ ‫‪2020‬‬ ‫ﺑﻮﺑﻮﻻﻭﺁﺧﺮﻭﻥ‪[18] .‬‬
‫)ﺑﻠﺴﺘﻢ(‬ ‫ﻣﺼﻨﻒ‬
‫ﺃﻓﻀﻞﺍﻟﺨﻔﺎﻓﻴﺶ ﺍﻟﻤﺤﻠﻴﺔ ﻭﺍﻟﻌﺎﻟﻤﻴﺔ‬

‫ﺍﻟﺤﺮﺑﻲﻭﺁﺧﺮﻭﻥ‪.‬‬
‫‪90‬‬ ‫‪LGBA-NN‬‬ ‫ﺧﻮﺍﺭﺯﻣﻴﺔﺍﻟﻌﺼﺒﻴﺔ‬ ‫ﺇﻥ‪-‬ﺑﺎﻳﻮﺕ‬ ‫‪2021‬‬
‫ﺍﻟﺸﺒﻜﺎﺕ‬ ‫]‪[19‬‬
‫‪98.99‬‬ ‫ﻣﻮﺩﺑﻮﺱ‪TC/‬‬
‫ﻭﺍﻟﻤﺠﻤﻮﻋﺔ‪LSTM‬‬ ‫ﺳﺤﺮﺧﻴﺰﺍﻥﻭﺁﺧﺮﻭﻥ‪.‬‬
‫‪LSTM‬‬ ‫ﺷﺒﻜﺔ‪P‬‬ ‫‪2020‬‬
‫ﺗﻌﻠﻢُّ‬ ‫]‪[22‬‬
‫ﻣﺮﻭﺭ‬
‫‪87.4‬‬ ‫ﺁﻥ‪MLP‬‬ ‫ﺗﻌﻠﻢﻋﻤﻴﻖ‬ ‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬ ‫‪2021‬‬ ‫ﺑﻮﺧﺮﻳﻞﻭﺁﺧﺮﻭﻥ‪[23] .‬‬
‫‪98.19‬‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﺠﻤﺎﻋﻲ‬ ‫‪2023‬‬ ‫ﻣﻘﺘﺮﺡ‬
‫‪com.CatBoosting‬‬
‫ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫‪98.52‬‬ ‫‪XGBosting‬‬
‫‪64‬‬
‫‪5.2‬ﻣﻠﺨﺺ‬
‫ﻓﻲﺧﺘﺎﻡ ﻫﺬﺍ ﺍﻟﻔﺼﻞ‪ ،‬ﺍﻟﺘﺤﻠﻴﻞ ﺍﻟﻤﻘﺎﺭﻥ ﻷﺣﺪﺙ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺣﻠﻮﻝﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﺗﺴﻠﻂ ﺍﻟﻀﻮء ﻋﻠﻰ ﺍﻟﺘﻄﻮﺭﺍﺕ ﻓﻲ ﻫﺬﺍ ﺍﻟﻤﺠﺎﻝ‪ .‬ﺍﻟﻤﻘﺘﺮﺡ‬
‫ﻳﺒﺮﺯﺍﻟﺤﻞ ﺑﺪﻗﺔ ﻓﺎﺋﻘﺔ‪ ،‬ﻣﻤﺎ ﻳﻈُﻬﺮ ﺇﻣﻜﺎﻧﻴﺔ ﺃﻥ ﻳﻜﻮﻥ ﺣﻼً‬
‫ﻧﻬﺞﻓﻌﺎﻝ ﻻﻛﺘﺸﺎﻑ ﻭﺗﺨﻔﻴﻒ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬
‫ﻭﻣﻊﺫﻟﻚ‪ ،‬ﺳﻴﻜﻮﻥ ﻣﻦ ﺍﻟﻀﺮﻭﺭﻱ ﺇﺟﺮﺍء ﻣﺰﻳﺪ ﻣﻦ ﺍﻟﺘﺤﻘﻖ ﻭﺍﻟﺘﻘﻴﻴﻢ ﻟﺘﻘﻴﻴﻤﻬﺎ‬
‫ﺍﻟﻤﺘﺎﻧﺔﻭﺍﻟﺘﻌﻤﻴﻢ ﻋﺒﺮ ﻣﺠﻤﻮﻋﺎﺕ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻭﺍﻟﻌﺎﻟﻢ ﺍﻟﺤﻘﻴﻘﻲ‬
‫ﺳﻴﻨﺎﺭﻳﻮﻫﺎﺕ‪.‬‬
‫ﺍﻟﺨﻼﺻﺔﻭﺍﻟﻌﻤﻞ ﻓﻲ ﺍﻟﻤﺴﺘﻘﺒﻞ‬ ‫ﺍﻟﻔﺼﻞ‪:6‬‬
‫‪65‬‬
‫ﺍﻟﻬﺪﻑﻣﻦ ﻫﺬﻩ ﺍﻷﻃﺮﻭﺣﺔ ﻫﻮ ﺗﻨﻔﻴﺬ ﻧﻈﺎﻡ ﺫﻛﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺃﺟﻬﺰﺓﺍﻟﺤﻤﺎﻳﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻧﻤﻮﺫﺝ ﺟﺪﻳﺪ ﻗﺎﺋﻢ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻹﺩﺍﺭﺗﻬﺎ‬
‫ﻣﺠﻤﻮﻋﺎﺕﺑﻴﺎﻧﺎﺕ ﻣﻌﻘﺪﺓ ﻟﻠﻐﺎﻳﺔ‪ .‬ﻭﻗﺪ ﺃﺩﺕ ﺍﻷﺑﺤﺎﺙ ﺍﻹﺿﺎﻓﻴﺔ ﺇﻟﻰ ﺗﻄﻮﻳﺮ‬
‫ﺃﻧﻈﻤﺔﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﺫﺍﺕ ﺑﻨﻴﺔ ﻣﺮﻛﺰﻳﺔ ﻭﺗﻌﻠﻢ ﻋﻤﻴﻖ ﻭ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻻﻟﻲ‪.‬‬
‫ﻟﻠﺘﻐﻠﺐﻋﻠﻰ ﺍﻟﻌﺪﻳﺪ ﻣﻦ ﺍﻟﻌﻮﺍﺋﻖ‪ ،‬ﻣﺜﻞ ﺍﻟﺘﺠﻬﻴﺰ ﺍﻟﺰﺍﺋﺪ‪ ،‬ﻭﺃﻭﻗﺎﺕ ﺍﻟﺘﺪﺭﻳﺐ ﺍﻟﻤﻤﺘﺪﺓ‪،‬‬
‫ﻭﺩﻗﺔﺍﻟﻨﻤﻮﺫﺝ ﻣﻨﺨﻔﻀﺔ‪ ،‬ﺳﺘﺠﻤﻊ ﺍﻟﻨﻤﺎﺫﺝ ﺍﻟﻤﻘﺘﺮﺣﺔ ﺑﻴﻦ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﻨﻬﺞﻣﻊ ﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ‪ .‬ﻓﻴﻤﺎ ﻳﺘﻌﻠﻖ ﺑﺎﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ ﻓﻲ ﺍﻟﻔﺼﻞ‪ ،‬ﻓﺈﻥ‬
‫ﺗﻢﺗﻄﺒﻴﻖ ﺗﻘﻨﻴﺔ ﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﺍﻟﻌﻴﻨﺎﺕ )‪ ،(SMOTE‬ﻓﻲ ﺣﻴﻦ ﺃﻥ ﻓﻌﺎﻟﻴﺔ ﺧﻤﺴﺔ ﻋﺸﺮ‬
‫ﺗﻢﺗﻘﻴﻴﻢ ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﻋﻠﻰ ﺑﻴﺎﻧﺎﺕ ﻣﺘﻮﺍﺯﻧﺔ ﺍﻟﻔﺼﻞ‪ .‬ﻛﺎﺕ ﺑﻮﺳﺖ ﻭ‪XGBoost‬‬
‫ﺗﺘﻔﻮﻕﻋﻠﻰ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﺘﻲ ﺗﺘﻌﻠﻢ ﻣﻦ ﺍﻟﺘﺠﺮﺑﺔ‪ ،‬ﺧﺎﺻﺔ ﻋﻨﺪﻣﺎ‬
‫ﺗﺤﺪﻳﺪﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﻤﺴﺘﻘﺒﻠﻴﺔ ﺿﺪ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .‬ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ﻓﻲ ﺍﻟﻮﻗﺖ ﺍﻟﺤﻘﻴﻘﻲ ‪BoT IoT‬‬
‫ﻳﻤﺜﻞﻛﻤﻴﺎﺕ ﻫﺎﺋﻠﺔ ﻣﻦ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﺍﻟﺘﻲ ﺗﺘﺄﺛﺮ ﺑﺄﻧﻮﺍﻉ ﻣﺘﻌﺪﺩﺓ ﻣﻦ‬
‫ﺍﻟﻬﺠﻤﺎﺕ‪.‬ﺣﻘﻘﺖ ﻣﺼﻨﻔﺎﺕ ‪ CatBoost‬ﻭ‪ XGBoost‬ﻣﻌﺪﻻﺕ ﺩﻗﺔ ﺧﺎﺻﺔ ﺑﻬﺎ‬
‫‪ 98.19%‬ﻭ ‪ .%98.50‬ﺃﻓﻀﻞ ﺍﻟﻤﺼﻨﻔﺎﺕ ﻣﺘﺴﻘﺔ ﻭﻳﻤﻜﻦ ﺍﻻﻋﺘﻤﺎﺩ ﻋﻠﻴﻬﺎ ﻋﺒﺮﻫﺎ‬
‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ‪ ،BoT-IoT‬ﻣﻤﺎ ﻳﺠﻌﻠﻬﺎ ﺧﻴﺎﺭﺍﺕ ﻗﺎﺑﻠﺔ ﻟﻠﺘﻄﺒﻴﻖ ﻻﻛﺘﺸﺎﻑ ﺷﺒﻜﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺍﻟﻬﺠﻤﺎﺕﺑﻐﺾ ﺍﻟﻨﻈﺮ ﻋﻦ ﺗﻨﻔﻴﺬ ﺧﻮﺍﺭﺯﻣﻴﺔ ‪.SMOTE‬‬
‫ﻳﺘﻀﻤﻦﺍﻟﻌﻤﻞ ﺍﻟﻤﺴﺘﻘﺒﻠﻲ ﻟﻬﺬﻩ ﺍﻟﻮﺭﻗﺔ ﺍﻟﺒﺤﺜﻴﺔ ﻣﻘﺎﺭﻧﺔ ﺍﻟﺘﻮﺯﻳﻊ ﺍﻟﻌﻤﻴﻖ‬
‫ﺍﻟﺘﻌﻠﻢﻟﻠﺒﻴﺎﻧﺎﺕ ﺍﻷﺧﺮﻯ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻤﺠﻤﻌﺔ ﺍﻟﻤﺨﺘﻠﻔﺔ ﻭﺍﻟﻌﺼﺒﻴﺔ‬
‫‪66‬‬
‫ﺑﻨﻴﺎﺕﺍﻟﺸﺒﻜﺔ‪ .‬ﺑﺎﻹﺿﺎﻓﺔ ﺇﻟﻰ ﺫﻟﻚ‪ ،‬ﻧﺤﻦ ﻧﺨﻄﻂ ﻟﺪﺭﺍﺳﺔ ﺍﻟﻜﺸﻒ ﻋﻦ ﺷﺒﻜﺔ ﺍﻟﻬﺎﺗﻒ ﺍﻟﻤﺤﻤﻮﻝ‬
‫ﺍﻟﺘﻄﻔﻞﻋﻠﻰ ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‪ ،‬ﻭﻫﻨﺪﺳﺔ ﺍﻟﻤﻴﺰﺍﺕ‪ ،‬ﻭ‬
‫ﺗﻘﻨﻴﺎﺕﺍﻟﺘﺤﺴﻴﻦ‪.‬‬
‫● ﻣﺮﺍﺟﻊ‬
‫]‪ [1‬ﺃﻭ‪ .‬ﻓﻴﺮﻣﻴﺴﺎﻥ ﻭﺁﺧﺮﻭﻥ‪" ،‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺧﺎﺭﺝ ﻧﻄﺎﻕ ﺍﻟﻀﺠﻴﺞ‪ :‬ﺍﻟﺒﺤﺚ ﻭﺍﻻﺑﺘﻜﺎﺭ ﻭ‬
‫ﺍﻟﻨﺸﺮ"‪ ،‬ﻓﻲ ﺑﻨﺎء ﺍﻟﻤﺠﺘﻤﻊ ﺍﻟﻤﺘﺮﺍﺑﻂ ‪ -‬ﺃﺑﺤﺎﺙ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭ‬
‫‪67‬‬
‫ﺳﻼﺳﻞﻗﻴﻤﺔ ﺍﻻﺑﺘﻜﺎﺭ ﻭﺍﻟﻨﻈﻢ ﺍﻟﺒﻴﺌﻴﺔ ﻭﺍﻷﺳﻮﺍﻕ‪ ،River Publishers، 2022 ،‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 15‬ﺇﻟﻰ ‪.118‬‬
‫]‪ [2‬ﺇﺱ ﺇﻑ ﻣﺪﻳﻨﺔ‪ ،‬ﺇﻡ ﺇﺱ ﺇﺳﻼﻡ‪ ،‬ﺇﻑ ﺇﻡ ﺃﻻﻣﺠﻴﺮ‪ ،‬ﻭﺇﻡ ﺇﻑ ﻓﺮﺩﻭﺱ‪" ،‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء )‪-(IoT‬‬
‫"ﻧﻈﺎﻡ ﺍﻟﻤﺮﺍﻗﺒﺔ ﺍﻟﺼﻨﺎﻋﻴﺔ ﺍﻟﻘﺎﺋﻢ"‪ ،‬ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺼﻨﺎﻋﻲ‪،CRC Press، 2022 ،‬‬
‫ﺹ‪.86-55‬‬
‫]‪ [3‬ﻝ‪ .‬ﻫﻮﺍﻧﻎ‪" ،‬ﺗﺼﻤﻴﻢ ﻧﻈﺎﻡ ﻟﻠﺘﻨﺒﺆ ﺑﻬﺠﻮﻡ ‪ IoT DDoS‬ﻳﻌﺘﻤﺪ ﻋﻠﻰ ﺍﺳﺘﺨﺮﺍﺝ ﺍﻟﺒﻴﺎﻧﺎﺕ‬
‫ﺍﻟﺘﻜﻨﻮﻟﻮﺟﻴﺎ‪ ،.J. Supercomput"،‬ﺍﻟﻤﺠﻠﺪ‪ ،78 .‬ﻻ‪ ،4 .‬ﺹ ‪.2022 ،4623-4601‬‬
‫]‪ [4‬ﺃ‪ .‬ﺃﻭﺳﻴﻨﻲ ﻭﺁﺧﺮﻭﻥ‪" ،‬ﺇﻃﺎﺭ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻘﺎﺑﻞ ﻟﻠﺘﻔﺴﻴﺮ ﻣﻦ ﺃﺟﻞ ﺍﻻﺧﺘﺮﺍﻕ ﺍﻟﻤﺮﻥ‬
‫ﺍﻟﻜﺸﻒﻓﻲ ﺷﺒﻜﺎﺕ ﺍﻟﻨﻘﻞ ﺍﻟﺘﻲ ﺗﺪﻋﻢ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .IEEE Trans ،‬ﺇﻧﺘﻞ‪ .Transp .‬ﺍﻟﻨﻈﺎﻡ‪،.‬‬
‫‪.2022‬‬
‫]‪ [5‬ﺇﺱ ﻛﻴﻪ ﺑﺎﺩﺝ ﻭﺁﺧﺮﻭﻥ‪“ ،‬ﺍﻟﺬﻛﺎء ﺍﻻﺻﻄﻨﺎﻋﻲ ﻭﺍﻟﺮﺅﻳﺔ ﺍﻟﺬﻛﻴﺔ ﻟﻠﺒﻨﺎء ﻭﺍﻟﺘﺸﻴﻴﺪ‬
‫‪:4.0‬ﺃﺳﺎﻟﻴﺐ ﻭﺗﻄﺒﻴﻘﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻭﺍﻟﻌﻤﻴﻖ‪ .Autom ،‬ﺍﻟﺒﻨﺎء‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،141 .‬ﺹ‪.‬‬
‫‪.2022،104440‬‬
‫]‪ [6‬ﻳﻮ ﺇﺳﻼﻡ ﻭﺁﺧﺮﻭﻥ‪“ ،‬ﺍﻟﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺭﻓﺾ ﺍﻟﺨﺪﻣﺔ ﺍﻟﻤﻮﺯﻋﺔ )‪ (DDoS‬ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ‬
‫ﻧﻈﺎﻡﻣﺮﺍﻗﺒﺔ ﺍﻟﻘﻄﺎﻉ ﺍﻟﻤﺼﺮﻓﻲ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ ،‬ﺍﻻﺳﺘﺪﺍﻣﺔ‪،‬‬

‫ﺍﻟﻤﺠﻠﺪ‪ ،14.‬ﻻ‪ ،14 .‬ﺹ‪.2022 ،8374 .‬‬
‫ﺍﻟﻜﺸﻒﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ" ‪]7[ N. Vadivelan, K. Bhargavi, S. Kodati, and M. Nalini,‬‬
‫ﺍﻟﺘﻌﻠﻢﺍﻵﻟﻲ‪ "،‬ﻓﻲ ﻭﻗﺎﺋﻊ ﻣﺆﺗﻤﺮ ‪ ،AIP، AIP Publishing LLC، 2022‬ﺹ‪.030003 .‬‬
‫]‪ [8‬ﺭ‪ .‬ﺃﺣﻤﺪ‪ ،‬ﺇﺑﺮﺍﻫﻴﻢ ﺍﻟﺼﻤﺎﺩﻱ‪ ،‬ﻭ‪ .‬ﺍﻟﺤﻤﺪﺍﻧﻲ‪ ،‬ﻭﻝ‪ .‬ﻃﻮﺍﻟﺒﺔ‪“ ،‬ﺗﻌﻠﻢ ﻋﻤﻴﻖ ﺷﺎﻣﻞ”‪.‬‬
‫ﺍﻟﻤﻌﻴﺎﺭﺍﻟﻘﻴﺎﺳﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ‪ .IDS، "Comput‬ﺁﻣﻦ‪ ،.‬ﺍﻟﻤﺠﻠﺪ‪ ،114 .‬ﺹ‪.2022 ،102588 .‬‬
‫ﻛﺎﺷﻒﺧﺎﺭﺟﻲ ﻗﻮﻱ ﻭﻗﺎﺑﻞ ﻟﻠﺘﻄﻮﻳﺮ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﺘﺴﻠﺴﻞ ﺍﻟﻬﺮﻣﻲ" ‪S. Sengupta،‬ﻭ ‪]9[ RM Shukla‬‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﺘﺠﻤﻴﻌﻴﺔ ﻭﺍﻟﺬﺍﻛﺮﺓ ﻃﻮﻳﻠﺔ ﺍﻟﻤﺪﻯ )‪ (LSTM‬ﻟﻺﻧﺘﺮﻧﺖ‬

‫ﺍﻷﺷﻴﺎء‪"،‬ﺃﺷﻴﺎء ﺍﻹﻧﺘﺮﻧﺖ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،9 .‬ﺹ‪.2020 ،100167 .‬‬
‫]‪ [10‬ﻡ‪ .‬ﺍﻟﻤﻴﺎﻧﻲ‪ ،‬ﺃ‪ .‬ﺃﺑﻮ ﻏﺰﺍﻟﺔ‪ ،‬ﺃ‪ .‬ﺍﻟﺮﻫﻴﻔﺔ‪ ،‬ﺱ‪ .‬ﻋﻄﻴﻮﻱ‪ ،‬ﺃ‪ .‬ﺭﺯﺍﻕ‪“ ،‬ﻋﻤﻴﻖ ﻣﺘﻜﺮﺭ”‪.‬‬
‫ﺍﻟﺸﺒﻜﺔﺍﻟﻌﺼﺒﻴﺔ ﻟﻨﻈﺎﻡ ﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .Simul ،‬ﻧﻤﻮﺫﺝ‪ .‬ﺗﺪﺭﺏ‪ .‬ﺍﻟﻨﻈﺮﻳﺔ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪.‬‬
‫‪،101‬ﺹ‪.2020 ،102031 .‬‬
‫]‪ [11‬ﺃ‪ .‬ﻧﺎﺟﻴﺴﻴﺘﻲ ﻭﺟﻲ ﺑﻲ ﺟﻮﺑﺘﺎ‪" ،‬ﺇﻃﺎﺭ ﻋﻤﻞ ﺍﻟﻜﺸﻒ ﻋﻦ ﺍﻷﻧﺸﻄﺔ ﺍﻟﻀﺎﺭﺓ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء"‬
‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﺘﻲ ﺗﺴﺘﺨﺪﻡ ﻣﻜﺘﺒﺔ ‪ keras‬ﻟﻠﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪ "،‬ﻓﻲ ﺍﻟﻤﺆﺗﻤﺮ ﺍﻟﺪﻭﻟﻲ ﺍﻟﺜﺎﻟﺚ ﻟﻌﺎﻡ ‪ 2019‬ﺣﻮﻝ‬
‫ﻣﻨﻬﺠﻴﺎﺕﺍﻟﺤﻮﺳﺒﺔ ﻭﺍﻻﺗﺼﺎﻻﺕ )‪ ،IEEE، 2019 ،(ICCMC‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 633‬ﺇﻟﻰ ‪.637‬‬
‫‪68‬‬
‫ﺑﻨﺎء ًﻋﻠﻰ ﻣﻌﻠﻮﻣﺎﺕ ﺑﺴﻴﻄﺔ ‪ Ddos‬ﺍﻛﺘﺸﺎﻑ ﻫﺠﻮﻡ" ‪]12[ YN Soe, PI Santosa, and R. Hartanto,‬‬
‫ﻣﻊﺿﺮﺑﺔ ﻟﺒﻴﺌﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء"‪ ،‬ﻓﻲ ﺍﻟﻤﺆﺗﻤﺮ ﺍﻟﺪﻭﻟﻲ ﺍﻟﺮﺍﺑﻊ ﻟﻌﺎﻡ ‪ 2019‬ﺣﻮﻝ‬
‫ﺍﻟﻤﻌﻠﻮﻣﺎﺗﻴﺔﻭﺍﻟﺤﻮﺳﺒﺔ )‪ ،IEEE، 2019 ،(ICIC‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 1‬ﺇﻟﻰ ‪.5‬‬
‫]‪ [13‬ﺃ‪ .‬ﺧﺎﻥ ﻭﺳﻲ‪ .‬ﻛﻮﺗﻮﻥ‪" ،‬ﺍﻟﻜﺸﻒ ﺍﻟﻔﻌﺎﻝ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﻓﻲ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﻤﻴﺰﺓ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻵﻟﻲ ﺑﺪﻭﻥ ﻫﻨﺪﺳﺔ‪ .ArXiv Prepr" ،‬ﺃﺭﻛﻴﻒ‪.2023 ،230103532‬‬
‫]‪ [14‬ﺇﻑ ﺇﻡ ﺃﺳﻮﺩ‪ ،‬ﺇﻳﻪ ﺇﻡ ﺇﺱ ﺃﺣﻤﺪ‪ ،‬ﻧﺎﻡ ﺍﻟﺤﻤﺎﺩﻱ‪ ،‬ﺑﻲ ﺇﻳﻪ ﺧﻠﻒ‪ ،‬ﻭﺱ‪.‬ﺃ‪ .‬ﻣﺼﻄﻔﻰ‪،‬‬
‫"ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻓﻲ ﻃﺮﻳﻘﺔ ﺍﻟﻜﺸﻒ ﻋﻦ ﻫﺠﻤﺎﺕ ﺭﻓﺾ ﺍﻟﺨﺪﻣﺔ ﺍﻟﻤﻮﺯﻋﺔ ﻹﻧﺘﺮﻧﺖ‬
‫ﺷﺒﻜﺎﺕﺍﻷﺷﻴﺎء‪ "،‬ﺝ‪ .‬ﺇﻧﺘﻞ‪ .‬ﺍﻟﻨﻈﺎﻡ‪ ،.‬ﺍﻟﻤﺠﻠﺪ‪ ،32 .‬ﻻ‪.2023 ،1 .‬‬
‫]‪ [15‬ﺁﺭ ﻓﻲ ﻣﻴﻨﺪﻭﻧﺴﺎ‪ ،‬ﺟﻲ ﺳﻲ ﺳﻴﻠﻔﺎ‪ ،‬ﺁﺭ ﺇﻝ ﺭﻭﺯﺍ‪ ،‬ﻡ‪ .‬ﺳﻌﺪﻱ‪ ،‬ﺩﻱ ﺯﻱ ﺭﻭﺩﺭﻳﺠﻴﺰ‪ ،‬ﻭﺃ‪ .‬ﻓﺎﺭﻭﻕ‪“ ،‬ﺃ”‬
‫ﻧﻈﺎﻡﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﺍﻟﺬﻛﻲ ﺧﻔﻴﻒ ﺍﻟﻮﺯﻥ ﻻﺳﺘﺨﺪﺍﻡ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺼﻨﺎﻋﻲ‬
‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ‪" ،‬ﻧﻈﺎﻡ ﺍﻟﺨﺒﺮﺍء‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،39 .‬ﻻ‪ ،5 .‬ﺹ‪.e12917، 2022 .‬‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﻌﻤﻴﻖ ﺍﻟﻤﻮﺣﺪ ﻣﻦ ﺃﺟﻞ" ‪]16[ MA Ferrag, O. Friha, L. Maglaras, H. Janicke, and L. Shu,‬‬
‫ﺍﻷﻣﻦﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ :‬ﺍﻟﻤﻔﺎﻫﻴﻢ ﻭﺍﻟﺘﻄﺒﻴﻘﺎﺕ ﻭﺍﻟﺘﺠﺮﻳﺒﻴﺔ‬

‫ﺍﻟﺘﺤﻠﻴﻞ"‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪ ،9 .‬ﺹ ‪.2021 ،138542-138509‬‬
‫ﺍﻻﺗﺤﺎﺩﻳﺔ" ‪]17[ SI Popoola, R. Ande, B. Adebisi, G. Gui, M. Hamoudeh, and O. Jogunola,‬‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﻌﻤﻴﻖ ﻻﻛﺘﺸﺎﻑ ﻫﺠﻤﺎﺕ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ ﻓﻲ ﻳﻮﻡ ﺍﻟﺼﻔﺮ ﻓﻲ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪IEEE Internet ،‬‬
‫ﺍﻷﺷﻴﺎء‪ ،.J‬ﺍﻟﻤﺠﻠﺪ‪ ،9 .‬ﻻ‪ ،5 .‬ﺹ ‪.2021 ،3944-3930‬‬
‫]‪ [18‬ﺇﺱ ﺁﻱ ﺑﻮﺑﻮﻻ‪ ،‬ﺏ‪ .‬ﺃﺩﻳﺒﻴﺴﻲ‪ ،‬ﻡ‪ .‬ﺣﻤﻮﺩﺓ‪ ،‬ﺝ‪ .‬ﻏﻮﻱ‪ ،‬ﻭﻩ‪ .‬ﻏﺎﻛﺎﻧﻴﻦ‪" ،‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﺍﻟﻬﺠﻴﻦ"‬
‫ﻟﻠﻜﺸﻒﻋﻦ ﻫﺠﻤﺎﺕ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ ﻓﻲ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪,.IEEE Internet Things J "،‬‬
‫ﺍﻟﻤﺠﻠﺪ‪ ،8.‬ﻻ‪ ،6 .‬ﺹ ‪.2020 ،4956-4944‬‬
‫]‪ [19‬ﺃ‪ .‬ﺍﻟﺤﺮﺑﻲ‪ ،‬ﻭ‪ .‬ﺍﻟﻌﺼﻴﻤﻲ‪ ،‬ﺡ‪ .‬ﺍﻟﻴﺎﻣﻲ‪ ،‬ﺇﺗﺶ ﺗﻲ ﺭﺅﻭﻑ‪ ،‬ﻭ ﺭ‪ .‬ﺩﺍﻣﺎﺷﻴﻔﻴﺘﺸﻴﻮﺱ‪" ،‬ﻫﺠﻮﻡ ﺍﻟﺒﻮﺕ ﻧﺖ"‬
‫ﺍﻟﻜﺸﻒﺑﺎﺳﺘﺨﺪﺍﻡ ﺃﻓﻀﻞ ﺧﻮﺍﺭﺯﻣﻴﺔ ﺍﻟﺨﻔﺎﻓﻴﺶ ﺍﻟﻤﺤﻠﻴﺔ ﻭﺍﻟﻌﺎﻟﻤﻴﺔ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺼﻨﺎﻋﻲ‪.‬‬
‫ﺍﻻﻟﻜﺘﺮﻭﻧﻴﺎﺕ‪،‬ﺍﻟﻤﺠﻠﺪ‪ ،10 .‬ﻻ‪ ،11 .‬ﺹ‪.2021 ،1341 .‬‬
‫ﻭﺁﺧﺮﻭﻥ‪"،‬ﺷﺒﻜﺔ ﻋﺼﺒﻴﺔ ﻋﺸﻮﺍﺋﻴﺔ ﻫﺠﻴﻨﺔ ﻭﻋﻤﻴﻘﺔ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻓﻲ ‪]20[ ZE Huma‬‬
‫"ﺍﻹﻧﺘﺮﻧﺖ ﺍﻟﺼﻨﺎﻋﻲ ﻟﻸﺷﻴﺎء"‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪ ،9 .‬ﺹ ‪.2021 ،55605-55595‬‬
‫ﻫﺠﻮﻡﺩﺍﺧﻠﻲ ﺟﺪﻳﺪ ﻭ" ‪]21[ M. Chowdhury, B. Ray, S. Chowdhury, and S. Rajasegarar,‬‬

‫ﺍﻟﻜﺸﻒﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ .ACM Trans" ،‬ﺇﻧﺘﺮﻧﺖ‬
‫ﺍﻷﺷﻴﺎء‪،‬ﺍﻟﻤﺠﻠﺪ‪ ،2 .‬ﻻ‪ ،4 .‬ﺹ ‪.2021 ،23-1‬‬
‫‪69‬‬
‫]‪ [22‬ﻡ‪ .‬ﺳﻬﺎﺭﺧﻴﺰﺍﻥ‪ ،‬ﺃ‪ .‬ﻋﺰﻣﻮﺩﺓ‪ ،‬ﺃ‪ .‬ﺩﻫﻐﺎﻧﺘﺎﻧﻬﺎ‪ ،‬ﻙ‪-.‬ﻛﻴﻪ ﺁﺭ ﺗﺸﻮ‪ ،‬ﻭ ﺁﺭ ﺇﻡ ﺑﺎﺭﻳﺰﻱ‪An“ ،‬‬
‫ﻣﺠﻤﻮﻋﺔﻣﻦ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺍﻟﻌﻤﻴﻘﺔ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﻹﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ‬
‫ﺣﺮﻛﺔﻣﺮﻭﺭ ﺍﻟﺸﺒﻜﺔ‪ ،.IEEE Internet Things J "،‬ﺍﻟﻤﺠﻠﺪ‪ ،7 .‬ﻻ‪ ،9 .‬ﺹ ‪.2020 ،8859-8852‬‬
‫]‪ [23‬ﺱ‪ .‬ﺑﻮﺧﺮﻳﻞ‪ ،‬ﺭ‪ .‬ﻋﺒﺎﺱ‪ ،‬ﻭﺏ‪ .‬ﺃﺭﻳﺎﻝ‪" ،‬ﺃﻣﻦ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ :‬ﺍﻛﺘﺸﺎﻑ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻵﻟﺔ‬
‫ﺍﻟﺘﻌﻠﻢ"‪.ArXiv Prepr. ArXiv210402231، 2021 ،‬‬
‫]‪ [24‬ﺱ‪ .‬ﻟﻄﻴﻒ‪ ،‬ﺯ‪ .‬ﺯﻭ‪ ،‬ﺯ‪ .‬ﺇﺩﺭﻳﺲ‪ ،‬ﻭﺝ‪ .‬ﺃﺣﻤﺪ‪“ ،‬ﻣﺨﻄﻂ ﺟﺪﻳﺪ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻮﻡ ﻋﻠﻰ‬
‫ﺇﻧﺘﺮﻧﺖﺍﻷﺷﻴﺎء ﺍﻟﺼﻨﺎﻋﻲ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺷﺒﻜﺔ ﻋﺼﺒﻴﺔ ﻋﺸﻮﺍﺋﻴﺔ ﺧﻔﻴﻔﺔ ﺍﻟﻮﺯﻥ‪،IEEE Access ،‬‬
‫ﺍﻟﻤﺠﻠﺪ‪ ،8.‬ﺹ ‪.2020 ،89350-89337‬‬
‫]‪ [25‬ﻥ‪ .‬ﻣﺼﻄﻔﻰ‪" ،‬ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪ ،bot-iot"، IEEE Dataport‬ﺍﻟﻤﺠﻠﺪ‪.2019 ,5 .‬‬
‫]‪ [26‬ﺁﺭ ﺇﺱ ﺑﺎﺗﺚ‪ ،‬ﺃ‪ .‬ﻧﻴﺎﺭ‪ ،‬ﻭﺃ‪ .‬ﻧﺎﺟﺒﺎﻝ‪" ،‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻵﻟﻴﺔ‪ :‬ﺍﻟﻘﻴﺎﺩﺓ ﺍﻟﺬﻛﻴﺔ"‬
‫ﺍﻟﺮﻭﺑﻮﺗﺎﺕﺫﺍﺕ ﺍﻟﻤﻔﻬﻮﻡ ﺍﻟﻤﺴﺘﻘﺒﻠﻲ ﻭﺍﻟﻬﻨﺪﺳﺔ ﺍﻟﻤﻌﻤﺎﺭﻳﺔ ﻭﺍﻟﺘﻄﺒﻴﻘﺎﺕ ﻭﺍﻟﺘﻘﻨﻴﺎﺕ "‪ ،‬ﻓﻲ ﻋﺎﻡ ‪ 2018‬ﺍﻟﺮﺍﺑﻊ‬
‫ﺍﻟﻤﺆﺗﻤﺮﺍﻟﺪﻭﻟﻲ ﻟﻌﻠﻮﻡ ﺍﻟﺤﻮﺳﺒﺔ )‪ ،IEEE، 2018 ،(ICCS‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 151‬ﺇﻟﻰ ‪.160‬‬
‫]‪ [27‬ﻥ‪ .‬ﻣﺼﻄﻔﻰ‪" ،‬ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪-Bot-IoT." https://research.unsw.edu.au/projects/bot-iot‬‬
‫‪dataset‬‬
‫]‪ [28‬ﺃﻭﻱ ﺃﺑﻴﻮﺩﻭﻥ ﻭﺁﺧﺮﻭﻥ‪" ،‬ﻣﺮﺍﺟﻌﺔ ﺷﺎﻣﻠﺔ ﻟﺘﻄﺒﻴﻘﺎﺕ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ‬
‫ﺍﻟﺘﻌﺮﻑﻋﻠﻰ ﺍﻷﻧﻤﺎﻁ "‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪ ،7 .‬ﺹ ‪.2019 ،158846-158820‬‬
‫"‪،‬ﺍﻟﺘﺨﻠﺺ ﻣﻦ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻬﺠﻴﻨﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﻻﺧﺘﻴﺎﺭ ﺍﻟﻤﻴﺰﺍﺕ ﺑﻜﻔﺎءﺓ" ‪S. Oh،‬ﻭ ‪]29[ H. Jeon‬‬
‫ﺗﻄﺒﻴﻖ‪.‬ﺍﻟﻌﻠﻮﻡ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،10 .‬ﻻ‪ ،9 .‬ﺹ‪.2020 ،3211 .‬‬
‫]‪ [30‬ﻡ‪ .‬ﺃﺭﺗﻮﺭ‪" ،‬ﻣﺮﺍﺟﻌﺔ ﺃﺩﺍء ﻣﺼﻨﻒ ‪ Bernoulli Naïve Bayes‬ﻓﻲ ﻋﻤﻠﻴﺔ ﺍﻟﺘﻄﻔﻞ‬
‫ﺃﻧﻈﻤﺔﺍﻟﻜﺸﻒ ﺍﻟﺘﻲ ﺗﺴﺘﺨﺪﻡ ﺇﺯﺍﻟﺔ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻌﻮﺩﻳﺔ ﻣﻊ ﺗﺤﺪﻳﺪ ﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺼﺤﺔ‬
‫ﻣﻦﺃﻓﻀﻞ ﻋﺪﺩ ﻣﻦ ﺍﻟﻤﻴﺰﺍﺕ‪ .Procedia Comput" ،‬ﺍﻟﻌﻠﻮﻡ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،190 .‬ﺹ ‪.2021 ،570-564‬‬
‫]‪ [31‬ﻫـ‪ .‬ﻋﺒﺪﻱ ﻭﺇﻝ ﺟﻲ ﻭﻳﻠﻴﺎﻣﺰ‪" ،‬ﺗﺤﻠﻴﻞ ﺍﻟﻤﻜﻮﻧﺎﺕ ﺍﻟﺮﺋﻴﺴﻴﺔ"‪ ،‬ﻭﺍﻳﻠﻲ ﺇﻧﺘﺮﺩﻳﺴﻴﺐ‪ .‬ﺍﻟﻘﺲ‪.‬‬
‫ﺣﺴﺎﺏ‪.‬ﺍﻟﻘﺎﻧﻮﻥ ﺍﻷﺳﺎﺳﻲ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،2 .‬ﻻ‪ ،4 .‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 433‬ﺇﻟﻰ ‪ ،459‬ﻳﻮﻧﻴﻮ ‪ ،2010‬ﺩﻭﻯ‪.wics.101/10.1002 :‬‬
‫]‪ [32‬ﺱ‪ .‬ﺑﺎﺑﺎﺩﻭﺑﻮﻟﻮﺱ‪ ،‬ﺃ‪ .‬ﺩﺭﻭﺳﻮ‪ ،‬ﻥ‪ .‬ﺩﻳﻤﻴﺘﺮﻳﻮ‪ ،‬ﺃﻭ ﺇﺗﺶ ﻋﺒﺪ ﺍﻟﺮﺣﻤﻦ‪ ،‬ﺝ‪ .‬ﺟﻮﺭﺑﻴﻞ‪ ،‬ﻭﺩ‪.‬‬
‫ﻟﻠﻜﺸﻒﻋﻦ ﺍﻟﺤﺎﻻﺕ ﺍﻟﺸﺎﺫﺓ ﻓﻲ ﺷﺒﻜﺎﺕ ﺍﻟﻬﺎﺗﻒ ﺍﻟﻤﺤﻤﻮﻝ‪ "،‬ﻓﻲ ‪ BRPCA‬ﻧﻬﺞ ﻗﺎﺋﻢ ﻋﻠﻰ" ‪Tzovaras،‬‬
‫ﻋﻠﻮﻡﻭﺃﻧﻈﻤﺔ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ‪ ،2015‬ﺳﺒﺮﻳﻨﻐﺮ‪ ،2016 ،‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 115‬ﺇﻟﻰ ‪.125‬‬
‫]‪ [33‬ﺇﺗﺶ ﺇﻳﻪ ﺳﻮﻧﺎﻭﺍﻧﻲ ﻭﺗﻲ ﺇﻡ ﺑﺎﺗﻴﻮﺍﺭ‪" ،‬ﺗﻘﻴﻴﻢ ﺃﺩﺍء ﻣﻘﺎﺭﻥ ﻟـ‬
‫ﻛﺸﻒﺍﻟﺘﺴﻠﻞ ﺍﺳﺘﻨﺎﺩﺍً ﺇﻟﻰ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ ﻭ‪ ،PCA،" IEEE‬ﺃﺑﺮﻳﻞ ‪:doi .2015‬‬
‫‪70‬‬
‫‪10.1109/iccsp.2015.7322612.‬‬
‫"ﺻﻨﺎﻋﻲ ‪]34[ NV Chawla، KW Bowyer، LO Hall، and WP Kegelmeyer، "SMOTE:‬‬

‫ﺗﻘﻨﻴﺔﺍﻹﻓﺮﺍﻁ ﻓﻲ ﺃﺧﺬ ﺍﻟﻌﻴﻨﺎﺕ ﻟﻸﻗﻠﻴﺔ‪ .J. Artif" ،‬ﺇﻧﺘﻞ‪ .‬ﺍﻟﺪﻗﺔ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،16 .‬ﺹ ‪.2002 ،357-321‬‬
‫ﺍﻟﺸﺒﻜﺎﺕﺍﻟﻌﺼﺒﻴﺔ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ ﻟـ" ‪ J. Kaiser،‬ﻭ ‪]35[ J. Vrábel، E. Képeš، P. Pořízka،‬‬
‫ﺍﻟﺘﺼﻨﻴﻒ"ﻛﻴﻢ‪ .‬ﺭﻗﻢ‪ .‬ﻃﺮﻕ ‪ ،LIBS‬ﺹ ‪.2022 ،240-213‬‬
‫]‪ [36‬ﺃ‪.‬ﺩﺭﺗﺎﺕ‪“ ،‬ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻻﺻﻄﻨﺎﻋﻴﺔ”‪ ،‬ﻣﺘﻮﺳﻂ‪.2017 ،‬‬

‫‪https://towardsdatascience.com/applied-deep-learning-part-1-artificial-neural-‬‬
‫ﺍﻟﺸﺒﻜﺎﺕ‪d7834f67a4f6-‬‬
‫‪ RNN‬ﻣﺤﻤﻮﺩ‪" ،‬ﺗﺼﻤﻴﻢ ﻭﺗﻄﻮﻳﺮ ﻛﺸﻒ ﺷﺬﻭﺫ ‪ QH‬ﻭ ‪]37[ I. Ullah‬‬

‫ﻧﻤﻮﺫﺝﻟﺸﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪ ،10 .‬ﺹ ‪.2022 ،62750-62722‬‬
‫]‪ [38‬ﺑﻴﺴﻮﺍﻝ ﺃﻓﻴﺠﻴﺖ‪" ،‬ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ )‪.Simplilearn "،(RNN‬‬
‫‪https://www.simplilearn.com/tutorials/deep-learning-tutorial/rnn‬‬
‫ﺍﻟﻘﺎﺋﻢﻋﻠﻰ ‪ CNN-RNN‬ﺗﺼﻨﻴﻒ ﺻﻮﺭﺓ ﺍﻟﺜﺪﻱ ﺍﻟﺸﻌﺎﻋﻴﺔ ﺑﺎﺳﺘﺨﺪﺍﻡ" ‪SK Mittal،‬ﻭ ‪]39[ K. Kaur‬‬
‫ﺍﻟﻤﻴﺰﺍﺕﺍﻟﺪﻻﻟﻴﺔ ﻭﻧﻬﺞ ﺗﺼﻨﻴﻒ ﺍﻟﺸﺠﺮﺓ ﺍﻹﺿﺎﻓﻲ ﺑﺎﺳﺘﺨﺪﺍﻡ ‪ ،LSTM‬ﻣﺎﺗﺮ‪ .‬ﺍﻟﻴﻮﻡ ﺑﺮﻭﻙ‪,.‬‬
‫‪.2020‬‬
‫ﺍﻟﺘﻨﺒﺆﺑﻤﺆﺷﺮ ﺍﻟﻨﻴﻨﻴﻮ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ" ‪]40[ Y. Guo, X. Cao, L. Bainian, and K. Peng,‬‬
‫ﻣﻊﺗﺤﻠﻞ ﺍﻟﻮﺿﻊ ﺍﻟﺘﺠﺮﻳﺒﻲ ﻟﻠﻤﺠﻤﻮﻋﺔ‪ "،‬ﺍﻟﺘﻨﺎﻇﺮ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،12 .‬ﺹ‪ ،893 .‬ﻳﻮﻧﻴﻮ ‪،2020‬‬
‫ﺩﻭﻯ‪.sym12060893/10.3390:‬‬
‫]‪ [41‬ﺟﻲ ﺇﻝ ﻟﻴﻔﻲ‪ ،‬ﺟﻲ ﻫﺎﻧﻜﻮﻙ‪ ،‬ﺗﻲ ﺇﻡ ﺧﻮﺷﺠﻮﻓﺘﺎﺭ‪ ،‬ﻭﺝ‪ .‬ﺑﻴﺘﺮﺳﻮﻥ‪" ،‬ﻛﺸﻒ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ‬
‫ﻫﺠﻤﺎﺕﺍﻟﺴﺮﻗﺔ ﻓﻲ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪" ،bot-iot‬ﻓﻲ ﻋﺎﻡ ‪ ،2021‬ﻣﺆﺗﻤﺮ ‪ IEEE‬ﺍﻟﺪﻭﻟﻲ ﺍﻟﻌﺸﺮﻳﻦ ﺣﻮﻝ‬
‫ﺍﻟﺘﻌﻠﻢﺍﻵﻟﻲ ﻭﺍﻟﺘﻄﺒﻴﻘﺎﺕ )‪ ،IEEE، 2021 ،(ICMLA‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 807‬ﺇﻟﻰ ‪.812‬‬
‫]‪ [42‬ﻥ‪-.‬ﺃ‪ .‬ﺳﺘﻮﻳﺎﻥ‪" ،‬ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﺤﺎﻻﺕ ﺍﻟﺸﺎﺫﺓ ﻓﻲ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ :‬ﺍﻟﺒﺮﺍﻣﺞ ﺍﻟﻀﺎﺭﺓ‬
‫ﺍﻟﺘﺤﻠﻴﻞﻋﻠﻰ ﻣﺠﻤﻮﻋﺔ ﺑﻴﺎﻧﺎﺕ ‪" ،IoT-23‬ﺃﻃﺮﻭﺣﺔ ﺑﻜﺎﻟﻮﺭﻳﻮﺱ‪ ،‬ﺟﺎﻣﻌﺔ ﺗﻮﻳﻨﺘﻲ‪.2020 ،‬‬
‫ﺗﺤﻠﻴﻞﻭﻇﻴﻔﺔ ﺍﻟﻮﺣﺪﺓ ﺍﻟﺨﻄﻴﺔ ﺍﻟﻤﺼﺤﺤﺔ ﺍﻟﻤﺴﺘﺨﺪﻣﺔ ﻓﻲ" ‪]43[ K. Hara, D. Saito, and H. Shouno,‬‬
‫ﺍﻟﺘﻌﻠﻢﺍﻟﻌﻤﻴﻖ"‪ ،‬ﻓﻲ ﺍﻟﻤﺆﺗﻤﺮ ﺍﻟﺪﻭﻟﻲ ﺍﻟﻤﺸﺘﺮﻙ ﻟﻌﺎﻡ ‪ 2015‬ﺣﻮﻝ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ )‪،(IJCNN‬‬
‫ﻣﻌﻬﺪﻣﻬﻨﺪﺳﻲ ﺍﻟﻜﻬﺮﺑﺎء ﻭﺍﻹﻟﻜﺘﺮﻭﻧﻴﺎﺕ‪ ،2015 ،‬ﺹ ‪.8-1‬‬
‫]‪" [44‬ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ ﺑﻴﺮﺳﺒﺘﺮﻭﻥ‪-https://deepai.org/machine-learning-glossary-and ".‬‬
‫ﺣﻴﺚ ‪ /‬ﻣﺘﻌﺪﺩ ﺍﻟﻄﺒﻘﺎﺕ ﺍﻹﺩﺭﺍﻙ‬
‫‪71‬‬
‫ﺑﺮﻧﺎﻣﺞﺗﻌﻠﻴﻤﻲ ﻋﻤﻠﻲ ﺣﻮﻝ" ‪]45[ S. González, S. García, J. Del Ser, L. Rokach, and F. Herrera،‬‬
‫ﺗﻌﺒﺌﺔﻭﺗﻌﺰﻳﺰ ﺍﻟﻤﺠﻤﻮﻋﺎﺕ ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ‪ :‬ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ ﻭﺍﻟﺒﺮﻣﺠﻴﺎﺕ‬

‫ﺍﻷﺩﻭﺍﺕﻭﺩﺭﺍﺳﺔ ﺍﻷﺩﺍء ﻭﺍﻟﻤﻨﻈﻮﺭﺍﺕ ﻭﺍﻟﻔﺮﺹ ﺍﻟﻌﻤﻠﻴﺔ "‪ .‬ﺍﻻﻧﺼﻬﺎﺭ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪,64 .‬‬
‫ﺹ‪.2020 ،237-205‬‬
‫ﺍﻷﺷﺠﺎﺭﺍﻟﻌﺸﻮﺍﺋﻴﺔ ﻟﻠﻐﺎﻳﺔ ﺍﻟﻘﺎﺋﻤﺔ ﻋﻠﻰ" ‪]46[ MRC Acosta, S. Ahmad, CE Garcia, and I. Koo,‬‬
‫ﻣﺨﻄﻂﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻟﺴﻴﺒﺮﺍﻧﻴﺔ ﺍﻟﺨﻔﻴﺔ ﻓﻲ ﺷﺒﻜﺎﺕ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﺬﻛﻴﺔ‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪,8 .‬‬
‫ﺹ‪.2020 ،19933-19921‬‬
‫]‪ [47‬ﺭ‪ .‬ﺳﻴﻐﺎﻟﻲ‪ ،‬ﺝ‪ .‬ﺟﺎﺭﺳﻴﺎ‪ ،‬ﺇﻛﺲ‪ .‬ﻣﺎﺳﻴﺐ ﺑﺮﻭﻳﻦ‪ ،‬ﻭﻡ‪.‬ﻡ‪ .‬ﻓﺎﺭﻧﺎﻣﺨﺎﺳﺘﻲ‪" ،‬ﺍﻟﺘﺪﺧﻞ‬
‫ﺍﻟﺘﻌﺮﻑﻋﻠﻰ ﺑﻨﻴﺔ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﺍﻟﺘﻲ ﻣﻜﻨّﺖ ﺍﻟﻀﺒﺎﺏ ﺑﺎﺳﺘﺨﺪﺍﻡ ﻃﺮﻳﻘﺔ ﺟﺪﻳﺪﺓ ﺗﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻷﺷﺠﺎﺭ‪" ،‬ﻓﻲ ﻋﺎﻡ ‪2022‬‬
‫ﻣﺆﺗﻤﺮ‪ IEEE‬ﺍﻟﺪﻭﻟﻲ ﻟﻸﻧﻈﻤﺔ ﺍﻟﺬﻛﻴﺔ ﻣﺘﻌﺪﺩﺓ ﺍﻟﻄﺒﻘﺎﺕ )‪،IEEE، 2022 ،(COINS‬‬

‫ﺹ‪.6-1‬‬
‫]‪ [48‬ﺭ‪ .‬ﺍﻟﻐﺎﻣﺪﻱ ﻭﻡ‪ .‬ﺑﻠﻌﻴﺶ‪“ ،‬ﻧﻤﺎﺫﺝ ﺍﻟﺘﻘﻴﻴﻢ ﻭﺍﻻﺧﺘﻴﺎﺭ ﻟﻠﺘﻄﻔﻞ ﺍﻟﺠﻤﺎﻋﻲ”‪.‬‬
‫ﺃﻧﻈﻤﺔﺍﻟﻜﺸﻒ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪" ،‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،3 .‬ﻻ‪ ،2 .‬ﺹ ‪.2022 ،314-285‬‬
‫]‪ [49‬ﻋﻤﺮ ﺍﻟﻤﻮﻣﻨﻲ‪ ،‬ﻡ‪.‬ﺃ ﺍﻟﻤﻴﺔ‪ ،‬ﺃ‪.‬ﺍﻟﺴﻌﻴﺪﺓ‪ ،‬ﺱ‪.‬ﺍﻟﺼﻤﺎﺩﻱ‪ ،‬ﺃ‪.‬ﺡ ﻣﺤﻤﺪ‪ ،‬ﻭﺃ‪.‬‬
‫ﺍﻟﺬﻧﻴﺒﺎﺕ‪"،‬ﻣﺼﻨﻔﺎﺕ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻟﻨﻈﺎﻡ ﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﺇﻟﻰ ﺍﻟﺸﺒﻜﺎﺕ‪:‬‬
‫ﺩﺭﺍﺳﺔﻣﻘﺎﺭﻧﺔ” ﻓﻲ ﺍﻟﻤﺆﺗﻤﺮ ﺍﻟﺪﻭﻟﻲ ﻟﺘﻜﻨﻮﻟﻮﺟﻴﺎ ﺍﻟﻤﻌﻠﻮﻣﺎﺕ ‪2021‬‬
‫‪.‬ﺹ‪)ICIT(، IEEE، 2021، 445-440‬‬
‫]‪ [50‬ﺳﻲ‪ .‬ﻫﺎﻳﻨﺮﻳﺶ‪" ،‬ﺣﻮﻝ ﻋﺪﺩ ﺍﻟﺼﻨﺎﺩﻳﻖ ﻓﻲ ﺍﻟﺮﺳﻢ ﺍﻟﺒﻴﺎﻧﻲ ﻟﻠﺮﺗﺒﺔ‪ .QJR Meteorol "،‬ﺷﺮﻛﺔ ﻧﻔﻂ ﺍﻟﺠﻨﻮﺏ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪.‬‬
‫‪،147‬ﻻ‪ ،734 .‬ﺹ ‪.2021 ،556-544‬‬
‫ﺗﻌﺰﻳﺰﺍﻟﺘﺪﺭﺝ ﺍﻟﻤﺘﻄﻮﺭ‪ :‬ﺍﻟﺘﻘﻠﻴﻢ" ‪]51[ K. Wang, J. Lu, A. Liu, G. Zhang, and L. Xiong,‬‬
‫ﻣﺨﻄﻂﻳﻌﺘﻤﺪ ﻋﻠﻰ ﻧﺴﺒﺔ ﺗﺤﺴﻴﻦ ﺍﻟﺨﺴﺎﺭﺓ ﻟﻠﺘﻌﻠﻢ ﻓﻲ ﻇﻞ ﺍﻧﺤﺮﺍﻑ ﺍﻟﻤﻔﻬﻮﻡ‪.IEEE Trans ،‬‬
‫ﺳﺎﻳﺒﺮﻥ‪.2021،‬‬
‫ﻓﻌﺎﻟﺔﻣﻊ ﺗﻌﺪﺩ ‪ AdaBoost‬ﺧﻮﺍﺭﺯﻣﻴﺔ" ‪]52[ Y. Ding, H. Zhu, R. Chen, and R. Li,‬‬

‫ﺗﺼﻨﻴﻒﺍﻟﻌﺘﺒﺎﺕ "‪ ،‬ﺗﻄﺒﻴﻖ‪ .‬ﺍﻟﻌﻠﻮﻡ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،12 .‬ﻻ‪ ،12 .‬ﺹ‪.2022 ،5872 .‬‬
‫]‪ [53‬ﺁﻱ ﺩﻱ ﻣﻴﻨﺎﻱ ﻭﻱ‪ .‬ﺻﻦ‪" ،‬ﺩﺭﺍﺳﺔ ﺍﺳﺘﻘﺼﺎﺋﻴﺔ ﻟﻠﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ‪ :‬ﺍﻟﻤﻔﺎﻫﻴﻢ ﻭﺍﻟﺨﻮﺍﺭﺯﻣﻴﺎﺕ‪،‬‬
‫ﺍﻟﺘﻄﺒﻴﻘﺎﺕﻭﺍﻵﻓﺎﻕ "‪ ،IEEE Access ،‬ﺍﻟﻤﺠﻠﺪ‪ ،10 .‬ﺹ ‪.2022 ،99149-99129‬‬
‫‪ adaboost‬ﺍﻛﺘﺸﺎﻑ ﺍﺧﺘﺮﺍﻕ ﺍﻟﺸﺒﻜﺔ ﺑﻨﺎء ًﻋﻠﻰ ﺗﺤﺴﻴﻦ" ‪]54[ Q. Wang and X. Wei,‬‬
‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔ"‪ ،‬ﻓﻲ ﻭﻗﺎﺋﻊ ﺍﻟﻤﺆﺗﻤﺮ ﺍﻟﺪﻭﻟﻲ ﺍﻟﺮﺍﺑﻊ ﻟﻠﺘﺸﻔﻴﺮ ﻟﻌﺎﻡ ‪،2020‬‬
‫‪72‬‬
‫ﺍﻷﻣﻦﻭﺍﻟﺨﺼﻮﺻﻴﺔ‪ ،2020 ،‬ﺍﻟﺼﻔﺤﺎﺕ ﻣﻦ ‪ 84‬ﺇﻟﻰ ‪.88‬‬
‫]‪ [55‬ﺩ‪ .‬ﻣﻴﺸﺮﺍ‪ ،‬ﺏ‪ .‬ﻧﺎﻳﻚ‪ ،‬ﺝ‪ .‬ﻧﺎﻳﺎﻙ‪ ،‬ﺃ‪ .‬ﺳﻮﺭﻱ‪ ،‬ﺑﻲ ﺑﻲ ﺩﺍﺵ‪ ،‬ﻭﺱ‪ .‬ﻓﻴﻤﺎﻝ‪" ،‬ﺗﻌﺰﻳﺰ ﺍﻟﺘﺪﺭﺝ ﺍﻟﺨﻔﻴﻒ‬
‫ﺟﻬﺎﺯﻣﺰﻭﺩ ﺑﻤﻌﻠﻤﺎﺕ ﺗﺸﻌﺒﻴﺔ ﻣﺤﺴﻨﺔ ﻟﺘﺤﺪﻳﺪ ﺍﻟﻮﺻﻮﻝ ﺍﻟﻀﺎﺭ ﻓﻲ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬
‫ﺷﺒﻜﺔ"ﺭﻗﻢ‪ .‬ﻣﺸﺘﺮﻙ‪ .‬ﺍﻟﺸﺒﻜﺔ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،9 .‬ﻻ‪ ،1 .‬ﺹ ‪.2023 ،137-125‬‬
‫ﻣﻨﻬﺞﺟﺪﻳﺪ ﻗﺎﺋﻢ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﻳﺘﺴﻢ ﺑﺎﻟﻜﻔﺎءﺓ ﻓﻲ ﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﻮﻗﺖ" ‪]56[ S. Seth, G. Singh, and K. Kaur Chahal,‬‬
‫ﻟﻨﻈﺎﻡﻛﺸﻒ ﺍﻟﺘﺴﻠﻞ ﺍﻟﺬﻛﻲ‪ ،J. Big Data" ،‬ﺍﻟﻤﺠﻠﺪ‪ ،8 .‬ﻻ‪ ،1 .‬ﺹ ‪.2021 ،28-1‬‬
‫]‪ [57‬ﺭ‪ .‬ﺳﺎﻧﺠﻴﺜﺎ‪ ،‬ﺃ‪ .‬ﺭﺍﺝ‪ ،‬ﻙ‪ .‬ﺳﻴﻔﻴﻨﻮ‪ ،‬ﺇﻡ ﺁﻱ ﺃﺣﻤﺪ‪ ،‬ﺏ‪ .‬ﺳﺎﺗﻔﻴﻚ‪ ،‬ﻭﺃ‪ .‬ﻛﺎﻧﺎﻓﺎﻟﻲ‪" ،‬ﺍﻟﻜﺸﻒ‬
‫ﻭﺍﻟﺘﺨﻔﻴﻒﻣﻦ ﻫﺠﻤﺎﺕ ‪ DDoS‬ﺍﻟﻤﺴﺘﻨﺪﺓ ﺇﻟﻰ ﺍﻟﺮﻭﺑﻮﺗﺎﺕ ﺑﺎﺳﺘﺨﺪﺍﻡ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ‪catboost‬‬
‫ﺍﻟﺨﻮﺍﺭﺯﻣﻴﺔﻓﻲ ﺑﻴﺌﺔ ‪ .SDN "، Int‬ﺟﻲ‪.‬ﻣﺪﺍﻓﻊ‪ .‬ﺗﻜﻨﻮﻝ‪ .‬ﻡ‪ .‬ﺍﺳﺘﻜﺸﺎﻑ‪ ،.‬ﺍﻟﻤﺠﻠﺪ‪ ،8 .‬ﻻ‪ ،76 .‬ﺹ‪,445 .‬‬
‫‪.2021‬‬
‫‪ A. Gulin، "CatBoost:‬ﻭ ‪]58[ L. Prokhorenkova، G. Gusev، A. Vorobev، AV Dorogush،‬‬
‫ﺗﻌﺰﻳﺰﻣﺴﺘﻘﻞ ﻣﻊ ﻣﻴﺰﺍﺕ ﻓﺌﻮﻳﺔ‪ .Adv" ،‬ﺍﻟﻤﺸﺎﺓ ﺍﻟﻌﺼﺒﻴﺔ‪ .‬ﻋﻤﻠﻴﺔ‪ .‬ﺍﻟﻨﻈﺎﻡ‪ ،.‬ﺍﻟﻤﺠﻠﺪ‪,31 .‬‬
‫‪.2018‬‬
‫]‪ [59‬ﺃ‪ .‬ﺃﻭﻧﺎﻥ‪“ ،‬ﺑﻨﻴﺔ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺍﻟﺘﻼﻓﻴﻔﻴﺔ ﺛﻨﺎﺋﻴﺔ ﺍﻻﺗﺠﺎﻩ ﻣﻊ‬
‫"ﺁﻟﻴﺔ ﺍﻟﺘﺤﺴﻴﻦ ﻋﻠﻰ ﻣﺴﺘﻮﻯ ﺍﻟﻤﺠﻤﻮﻋﺔ ﻟﺘﺼﻨﻴﻒ ﻣﻌﻨﻮﻳﺎﺕ ﺍﻟﻨﺺ"‪ ،‬ﺝ‪ .‬ﺍﻟﻤﻠﻚ ﺳﻌﻮﺩ‬
‫‪.‬ﺍﻟﻤﺸﺎﺓ‪.‬ﺍﻟﻌﻠﻮﻡ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،34 .‬ﻻ‪ ،5 .‬ﺹ ‪Univ.-Comput. 2022 ،2117-2098‬‬
‫]‪ [60‬ﺑﻲ ﺑﻲ ﻭﻳﺮﺍﻛﻮﺩﻱ‪ ،‬ﻛﻴﻪ ﺩﺑﻠﻴﻮ ﻭﻭﻧﻎ‪ ،‬ﺟﻲ ﻭﺍﻧﻎ‪ ،‬ﻭ‪ .‬ﺇﻳﻼ‪“ ،‬ﻣﺮﺍﺟﻌﺔ ﺍﻟﺴﻼﺳﻞ ﺍﻟﺰﻣﻨﻴﺔ ﻏﻴﺮ ﺍﻟﻤﻨﺘﻈﻤﺔ‬
‫ﺍﻟﺘﻌﺎﻣﻞﻣﻊ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻣﻊ ﺍﻟﺸﺒﻜﺎﺕ ﺍﻟﻌﺼﺒﻴﺔ ﺍﻟﻤﺘﻜﺮﺭﺓ ﺍﻟﻤﺴﻮﺭﺓ‪ ،‬ﺍﻟﺤﻮﺳﺒﺔ ﺍﻟﻌﺼﺒﻴﺔ‪ ،‬ﺍﻟﻤﺠﻠﺪ‪ ،441 .‬ﺹ‪.‬‬
‫‪.2021،161-178‬‬
‫‪ RNN‬ﻣﺴﺢ ﺣﻮﻝ ﺍﻟﺒﺤﺚ ﻓﻲ ﺍﻟﺰﻣﺎﻥ ﻭﺍﻟﻤﻜﺎﻥ ﺍﻟﻘﺎﺋﻢ ﻋﻠﻰ" ‪]61[ W. Fang, Y. Chen, and Q. Xue,‬‬
‫"ﺧﻮﺍﺭﺯﻣﻴﺎﺕ ﺍﻟﺘﻨﺒﺆ ﺑﺎﻟﺘﺴﻠﺴﻞ"‪ ،J. Big Data ،‬ﺍﻟﻤﺠﻠﺪ‪ ،3 .‬ﻻ‪ ،3 .‬ﺹ‪.2021 ،97 .‬‬
‫‪73‬‬
74
75
76

BU CS Thesis Omar Edited 2023 2.en - Ar

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BU CS Thesis Omar Edited 2023 2.en - Ar

Uploaded by

Copyright:

Available Formats

‫ﻣﺘﺮﺟﻢ ﻣﻦ ﺍﻹﻧﺠﻠﻴﺰﻳﺔ ﺇﻟﻰ ﺍﻟﻌﺮﺑﻴﺔ ‪www.onlinedoctranslator.

‫ﻣﻨﻬﺠﻴﺔﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ﻟﻠﺘﻨﺒﺆ‬

‫ﺭﺳﺎﻟﺔﻣﻘﺪﻣﺔ ﻟﻤﺘﻄﻠﺒﺎﺕ ﺩﺭﺟﺔ ﺍﻟﻤﺎﺟﺴﺘﻴﺮ ﻓﻲ‬

‫‪3‬ﺑﺤﺚ ﻭﺗﻄﻮﻳﺮﻧﺼﻒ ﺍﻟﺴﻨﺔ‬

‫ﻋﻤﺮﻋﺰﻳﺐ ﺍﻟﺨﺪﻳﺪﻱ‬ ‫ﺃﺳﻢﺍﻟﻄﺎﻟﺐ‬

‫ﻭﺍﻟﺘﻲﺗﻢ ﺗﺸﻜﻴﻠﻬﺎ ﺑﺎﻟﻘﺮﺍﺭ ﺭﻗﻢ ‪ xx‬ﻟﺸﻬﺮ ﺩ ﺩ‪ ،2023 ،‬ﺗﺸﻬﺪ ﺃﻥ ﻫﺬﺍ ﻫﻮ‬

‫ﻋﻨﻮﺍﻥﻃﻮﻳﻞ ﻷﻃﺮﻭﺣﺔ ﺑﺤﺜﻴﺔ ﻳﺴﺘﻐﺮﻕ ﺳﻄﺮﻳﻦ ﻣﻦ ﺍﻟﻨﺺ ]ﺇﻧﺠﻠﻴﺰﻱ[‬

‫]ﺇﻣﻀﺎء[‬ ‫]ﺗﺎﺭﻳﺦ[‬ ‫]ﺍﺳﻢ[‬ ‫ﻣﺸﺮﻑﺍﻟﻠﺠﻨﺔ‬

‫ﺃﻭﺩﺃﻥ ﺃﻋﺮﺏ ﻋﻦ ﺧﺎﻟﺺ ﺍﻣﺘﻨﺎﻧﻲ ﻟﻠﺪﻛﺘﻮﺭ ﻣﻌﺎﺫ ﻣﺤﻤﻮﺩ ﻭﺩ‪.‬‬

‫ﺃﻧﺲﺍﻟﻐﺎﻣﺪﻱ ﻟﺘﻮﺟﻴﻬﺎﺗﻬﻢ ﻭﺧﺒﺮﺍﺗﻬﻢ ﻭﺭﺅﺍﻫﻢ ﺍﻟﻘﻴﻤﺔ‬

‫ﻃﻮﺍﻝﻫﺬﻩ ﺍﻟﺪﺭﺍﺳﺔ‪ .‬ﻭﻛﺎﻥ ﺩﻋﻤﻬﻢ ﻭﺗﺸﺠﻴﻌﻬﻢ‬

‫ﺳﺎﻫﻢﻓﻲ ﺇﺗﻤﺎﻡ ﻫﺬﺍ ﺍﻟﻌﻤﻞ ﺑﻨﺠﺎﺡ‪.‬‬

‫ﻛﻤﺎﺃﻭﺩ ﺃﻥ ﺃﻋﺮﺏ ﻋﻦ ﺧﺎﻟﺺ ﺗﻘﺪﻳﺮﻱ ﻟﻮﺍﻟﺪﻱ ﻋﺰﻳﺐ ﺻﺎﻟﺢ‬

‫ﺍﻟﺨﻀﻴﺪﻱ‪،‬ﻭﻭﺍﻟﺪﺗﻲ‪ ،‬ﻋﻠﻰ ﺣﺒﻬﻢ ﻭﺩﻋﻤﻬﻢ ﺍﻟﺬﻱ ﻻ ﻳﺘﺰﻋﺰﻉ‬

‫ﺍﻟﻔﻬﻢﻃﻮﺍﻝ ﻫﺬﻩ ﺍﻟﺮﺣﻠﺔ‪ .‬ﺇﻳﻤﺎﻧﻬﻢ ﺑﻲ ﻭﺛﺎﺑﺖ‬

‫ﻛﺎﻥﺍﻟﺘﺸﺠﻴﻊ ﻫﻮ ﺍﻟﻘﻮﺓ ﺍﻟﺪﺍﻓﻌﺔ ﻭﺭﺍء ﻣﺴﻴﺮﺗﻲ ﺍﻷﻛﺎﺩﻳﻤﻴﺔ ﻭﺍﻟﺸﺨﺼﻴﺔ‬

‫ﻋﻼﻭﺓﻋﻠﻰ ﺫﻟﻚ‪ ،‬ﺃﻭﺩ ﺃﻥ ﺃﻧﻮﻩ ﺑﺎﻟﺪﻋﻢ ﻭﺍﻟﻤﺴﺎﻋﺪﺓ ﺍﻟﺘﻲ ﺗﻠﻘﻴﺘﻬﺎ‬

‫ﻣﻦﺃﺻﺪﻗﺎﺋﻲ ﻭﺯﻣﻼﺋﻲ ﻭﺟﻤﻴﻊ ﺍﻟﻤﺸﺎﺭﻛﻴﻦ ﺍﻟﺬﻳﻦ ﺷﺎﺭﻛﻮﺍ ﻋﻦ ﻃﻴﺐ ﺧﺎﻃﺮ‬

‫ﻫﺬﻩﺍﻟﺪﺭﺍﺳﺔ‪ ،‬ﻭﺗﻘﺪﻳﻢ ﻣﺴﺎﻋﺪﺓ ﻗﻴﻤﺔ ﻭﺭﺅﻯ‪.‬‬

‫ﻭﺑﺪﻭﻥﻣﺴﺎﻫﻤﺎﺕ ﻭﺩﻋﻢ ﻫﺆﻻء ﺍﻷﻓﺮﺍﺩ‪ ،‬ﻓﺈﻥ ﻫﺬﺍ ﺍﻟﺒﺤﺚ ﺳﻴﻜﻮﻥ‬

‫ﻟﻢﻳﻜﻦ ﻣﻤﻜﻨﺎ‪ .‬ﺃﻧﺎ ﻣﻤﺘﻦ ﺣﻘﺎً ﻟﻮﺟﻮﺩﻫﻢ ﻓﻲ ﺣﻴﺎﺗﻲ ﻭﻣﻦ ﺃﺟﻠﻬﻢ‬

‫ﺍﻟﺘﺄﺛﻴﺮﺍﻟﻜﺒﻴﺮ؛ ﻟﻘﺪ ﻛﺎﻥ ﻟﺪﻳﻬﻢ ﻓﻲ ﺭﺣﻠﺘﻲ ﺍﻷﻛﺎﺩﻳﻤﻴﺔ‪.‬‬

‫ﻭﻧﻈﺮﺍًﻟﻼﺭﺗﻔﺎﻉ ﺍﻟﻤﺘﺰﺍﻳﺪ ﻣﺆﺧﺮﺍً ﻓﻲ ﺷﺪﺓ ﻭﺗﻮﺍﺗﺮ ﺍﻟﻬﺠﻤﺎﺕ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ‪،‬‬

‫ﻭﻗﺪﻃﺮﺡ ﺍﻟﻨﻤﻮ ﺍﻟﺴﺮﻳﻊ ﻓﻲ ﻋﺪﺩ ﻭﺗﻨﻮﻉ ﺍﻷﺷﻴﺎء ﺍﻟﺬﻛﻴﺔ‬

‫ﺗﻬﺪﻳﺪﺍﺕﻛﺒﻴﺮﺓ ﻟﻸﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ‪ .‬ﻭﻣﻊ ﺫﻟﻚ‪ ،‬ﻓﺈﻥ ﺍﻷﻣﻦ ﻫﻮ ﺍﻟﺸﺎﻏﻞ ﺍﻟﺮﺋﻴﺴﻲ‬

‫ﻳﺴﺘﻤﺮﺣﺠﻤﻬﺎ ﻭﺗﻄﺒﻴﻘﺎﺗﻬﺎ ﻓﻲ ﺍﻟﺘﻮﺳﻊ ﺑﺴﺮﻋﺔ‪ .‬ﺍﺗﺼﺎﻻﺕ ﻭﺍﺳﻌﺔ ﺍﻟﻨﻄﺎﻕ‬

‫ﺗﺸﻜﻞﺑﻴﺎﻧﺎﺕ ﺣﺮﻛﺔ ﺍﻟﻤﺮﻭﺭ ﺑﻴﻦ ﺃﺟﻬﺰﺓ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء )‪ (IoT‬ﺃﻫﻤﻴﺔ ﻛﺒﻴﺮﺓ‬

‫ﺗﺤﺪﻱﺣﻤﺎﻳﺔ ﺍﻷﺟﻬﺰﺓ ﻣﻦ ﺍﻟﺘﺪﺧﻼﺕ ﺍﻷﻣﻨﻴﺔ ﺍﻟﻤﺤﺘﻤﻠﺔ‪ .‬ﻋﻼﻭﺓ ﻋﻠﻰ ﺫﻟﻚ‪،‬‬

‫ﺗﻌﺪﺗﻄﺒﻴﻘﺎﺕ ﺍﻷﻣﻦ ﺍﻟﺴﻴﺒﺮﺍﻧﻲ ﺍﻟﻤﺴﺘﻨﺪﺓ ﺇﻟﻰ ﺍﻟﺬﻛﺎء )‪ (AI‬ﺃﻛﺜﺮ ﻓﻌﺎﻟﻴﺔ ﻓﻲ‬

‫ﺍﻟﺘﻬﺪﻳﺪﺍﺕﺍﻷﻣﻨﻴﺔ ﺿﺪ ﺷﺒﻜﺎﺕ ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‪.‬‬

‫ﺧﻮﺍﺭﺯﻣﻴﺎﺕﻻﺳﺘﺨﺮﺍﺝ ﺍﻟﻤﻴﺰﺍﺕ ﺍﻟﻤﺜﺎﻟﻴﺔ ﺑﺪﻗﺔ ﻋﺎﻟﻴﺔ‪ ،‬ﻭﺍﺧﺘﺒﺎﺭﻫﺎ‬

‫ﻧﺘﺎﺋﺞﺩﺭﺍﺳﺘﻨﺎ ﻟﺘﻘﻴﻴﻢ ﺗﻨﻔﻴﺬ ﻋﺸﺮﺓ ﺁﻻﺕ ﻣﻨﻔﺼﻠﺔ‬

‫ﻭﺗﻨﺎﻗﺶﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﻟﻠﻜﺸﻒ ﻋﻦ ﺍﻟﺒﺮﺍﻣﺞ ﺍﻟﻀﺎﺭﺓ‪ .‬ﻭﺗﺸﻤﻞ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﺍﺛﻨﻴﻦ‬

‫ﻣﺼﻨﻔﺎﺕﻓﺮﺩﻳﺔ ﺗﺘﻌﻠﻖ ﺑـ ‪ KNN‬ﻭ‪ ،SVM‬ﻭﺛﻤﺎﻧﻴﺔ ﻣﺼﻨﻔﺎﺕ ﺟﻤﺎﻋﻴﺔ ﻣﺜﻞ‬

‫ﻭﺃﺭﺑﻌﺔﺃﺑﻨﻴﺔ ‪LGBM،‬ﻭ ‪AdaBoost،‬ﻭ ‪Extra Trees،‬ﻭ ‪Random Forest،‬‬

‫ﻣﻘﺎﺭﻧﺔﻓﻌﺎﻟﻴﺔ ﻫﺬﻩ ﺍﻟﻨﻤﺎﺫﺝ ﻣﻊ ﻭﺑﺪﻭﻥ ‪SMOTE‬‬

‫ﺧﻮﺍﺭﺯﻣﻴﺔﻹﺩﺍﺭﺓ ﺍﻟﺒﻴﺎﻧﺎﺕ ﻏﻴﺮ ﺍﻟﻤﺘﻮﺍﺯﻧﺔ‪ .‬ﻣﺼﻨﻔﺎﺕ ‪ CatBoost‬ﻭ‪XGBoost‬‬

‫ﺣﻘﻘﺖﻣﻌﺪﻻﺕ ﺩﻗﺔ ‪ %98.19‬ﻭ‪ %98.50‬ﻋﻠﻰ ﺍﻟﺘﻮﺍﻟﻲ‪ .‬ﺟﻬﻮﺩ ﺍﻟﺘﺠﺮﺑﺔ‬

‫ﺃﻭﺧﻮﺍﺭﺯﻣﻴﺔ ﺑﺪﻳﻠﺔ ﺗﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ﻭﺍﻟﻌﻤﻴﻖ ‪SMOTE‬‬

‫ﻣﺠﻤﻮﻋﺔﺑﻴﺎﻧﺎﺕ ﺑﻮﺕ‪-‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء‬

‫ءﺍﻳﺸﻼﺍﺗﺮﻧﺘﻨﺈ ﯨﻠﻊ ﻳﻨﺎﺭﺑﻴﺴﻼ ﻧﻤﻸﺍ ﺗﺎﻣﺠﻬﺐ ﺅﺑﻨﺘﻠﻞ ﻗﻴﻤﻌﻼ ﻣﻠﻌﺘﻼ ﺓﻳﺠﻬﻨﻢ‬

‫ﺗﺎﻛﺒﺶﺩﺱ ﺓﻳﻦ ﻣﻞءﺍ ﺗﺎﺩﻳﻬﺘﻼ ﻧﻢ ﺓﻋﺴﺎﻭ‪IoT.‬‬

‫ﺗﺎﻳﻤﺰﺭﺍﻭﺧﻞﻟﻜﺎﻳﻪ ﺓﻋﺒﺮﺃﻭ ‪LGBM،‬ﻭ ‪AdaBoosto Extra Trees‬ﻭ ‪ Random Forest‬ﻟﺜﻢ ﺓﻋﻤﺠﻢ‬

‫ﺗﻼﺩﻋﻢ‪XGBoost‬ﻭ ‪ CatBoost‬ﺗﺎﻓﻴﻦ ﺍﻟﺘﻨﺼﺖ ﺗﻘﻘﺢ ‪.‬ﺓﻧﺰﺍﻭﺗﻤﻼ ﺭﻳﻎ ﺗﺎﻧﺎﻳﺒﻼ ﺓﺭﺍﺩﻝ ‪ SMOTE‬ﺓﻳﻤﺰﺭﺍﻭﺥ‬

‫‪.‬ﻗﻴﻤﻼ ﻣﻠﻌﺘﻼﻭ ﻳﻠﻶﺍ‬

‫‪1.2‬ﺍﻟﺪﺍﻓﻊ ‪2 ............ .................................................. ..............................................‬‬

‫‪1.3‬ﺑﻴﺎﻥ ﺍﻟﻤﺸﻜﻠﺔ ‪4 .................................................. ..............................................‬‬

‫‪1.4‬ﺃﻫﺪﺍﻑ ﺍﻟﺒﺤﺚ ‪6 ................................................ ...........................................................‬‬

‫‪1.5‬ﻣﺴﺎﻫﻤﺔ ﺍﻷﻃﺮﻭﺣﺔ ﻓﻲ ﺍﻟﻤﺠﺎﻝ ‪ /‬ﺃﻫﻤﻴﺔ ﻭ ‪ /‬ﺃﻭ ﺗﺄﺛﻴﺮ ﺍﻟﺒﺤﺚ ‪7 ...........‬‬

‫‪1.6‬ﻣﺨﻄﻂ ﺍﻷﻃﺮﻭﺣﺔ ‪9........... .................................................. ..............................................‬‬

‫ﺍﻟﻔﺼﻞﺍﻟﺜﺎﻧﻲ‪ :‬ﻣﺮﺍﺟﻌﺔ ﺍﻷﺩﺑﻴﺎﺕ‪11 ........................................... ................................................‬‬

‫‪2.2‬ﺇﻧﺘﺮﻧﺖ ﺍﻷﺷﻴﺎء ﻭﺍﻟﺘﻌﻠﻢ ﺍﻵﻟﻲ ‪11 ........................................... ...........................................‬‬

‫‪2.3‬ﺍﻟﻤﻨﺎﻗﺸﺔ ‪18 ........... .................................................. ..............................................‬‬

‫ﺍﻟﻔﺼﻞﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻟﻤﻨﻬﺠﻴﺔ ‪20 ........................................... ..............................................‬‬

‫‪3.2‬ﻣﺠﻤﻮﻋﺔ ﺍﻟﺒﻴﺎﻧﺎﺕ ﺍﻟﻤﺮﺟﻌﻴﺔ‪20 ................................................ ................................................‬‬

‫‪3.3‬ﺍﻟﻨﻤﻮﺫﺝ ﺍﻟﻤﻘﺘﺮﺡ ‪25 ............................................... ...........................................‬‬

‫‪3.3.1‬ﺍﻟﻤﻌﺎﻟﺠﺔ ﺍﻟﻤﺴﺒﻘﺔ ﻟﻠﺒﻴﺎﻧﺎﺕ ‪25 ............................................ ...........................................‬‬

‫‪3.3.2‬ﺗﻘﻨﻴﺎﺕ ﺍﻟﻬﻨﺪﺳﺔ ﺍﻟﻤﻤﻴﺰﺓ ‪26 ............................ ...........................................‬‬

‫‪3.3.3‬ﻧﻤﺎﺫﺝ ﺍﻟﺘﻌﻠﻢ ﺍﻟﻌﻤﻴﻖ ‪32 ........................................... ...........................................‬‬

‫‪3.3.4‬ﺍﻟﺘﻌﻠﻢ ﺍﻟﺠﻤﺎﻋﻲ ‪38........................................... ..............................................‬‬

‫‪3.3.5‬ﻣﻘﺎﻳﻴﺲ ﺍﻟﺘﻘﻴﻴﻢ ‪42 ............................................ ..............................................‬‬

‫ﺍﻟﻔﺼﻞﺍﻟﺮﺍﺑﻊ‪ :‬ﺍﻟﻨﺘﺎﺋﺞ ‪44 ... .................................................. ..............................................‬‬

‫‪4.2‬ﺍﻟﻨﺘﺎﺋﺞ ﺍﻟﺘﺠﺮﻳﺒﻴﺔ ‪44 ................................................ ..............................................‬‬