455 research outputs found
Artificial intelligence in the cyber domain: Offense and defense
Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41
Statistical analysis driven optimized deep learning system for intrusion detection
Attackers have developed ever more sophisticated and intelligent ways to hack
information and communication technology systems. The extent of damage an
individual hacker can carry out upon infiltrating a system is well understood.
A potentially catastrophic scenario can be envisaged where a nation-state
intercepting encrypted financial data gets hacked. Thus, intelligent
cybersecurity systems have become inevitably important for improved protection
against malicious threats. However, as malware attacks continue to dramatically
increase in volume and complexity, it has become ever more challenging for
traditional analytic tools to detect and mitigate threat. Furthermore, a huge
amount of data produced by large networks has made the recognition task even
more complicated and challenging. In this work, we propose an innovative
statistical analysis driven optimized deep learning system for intrusion
detection. The proposed intrusion detection system (IDS) extracts optimized and
more correlated features using big data visualization and statistical analysis
methods (human-in-the-loop), followed by a deep autoencoder for potential
threat detection. Specifically, a pre-processing module eliminates the outliers
and converts categorical variables into one-hot-encoded vectors. The feature
extraction module discard features with null values and selects the most
significant features as input to the deep autoencoder model (trained in a
greedy-wise manner). The NSL-KDD dataset from the Canadian Institute for
Cybersecurity is used as a benchmark to evaluate the feasibility and
effectiveness of the proposed architecture. Simulation results demonstrate the
potential of our proposed system and its outperformance as compared to existing
state-of-the-art methods and recently published novel approaches. Ongoing work
includes further optimization and real-time evaluation of our proposed IDS.Comment: To appear in the 9th International Conference on Brain Inspired
Cognitive Systems (BICS 2018
Network Intrusion Detection Method Using Stacked BILSTM Elastic Regression Classifier with Aquila Optimizer Algorithm for Internet of Things (IoT)
Globally, over the past ten years, computer networks and Internet of Things (IoT) networks have grown significantly due to the increasing amount of data that has been collected, ranging from zettabytes to petabytes. As a result, as the network has expanded, security problems have also emerged. The large data sets involved in these types of attacks can make detection difficult. The developing networks are being used for a multitude of sophisticated purposes, such as smart homes, cities, grids, gadgets, and objects, as well as e-commerce, e-banking, and e-government. As a result of the development of numerous intrusion detection systems (IDS), computer networks are now protected from security and privacy threats. Data confidentiality, integrity, and availability will suffer if IDS prevention efforts fail. Complex attacks can't be handled by traditional methods. There has been a growing interest in advanced deep learning techniques for detecting intrusions and identifying abnormal behavior in networks. This research aims to propose a novel network namely stacked BiLSTM elastic regression classifier (Stack_BiLSTM-ERC) with Aquila optimizer algorithm for feature selection. This optimization method computes use of a cutting-edge transition function that enables it to be transformed into a binary form of the Aquila optimizer. A better solution could be secured once number of possible solutions are found from diverse regions of the search space utilizing the Aquila optimizer method. NSL-KDD and UNSW-NB15 are two datasets that enable learning characteristics from the raw data in order to detect harmful prerequisites characteristics and effective framework patterns. The proposed Stack_BiLSTM-ERC achieves 98.l3% of accuracy, 95.1% of precision, 94.3% of recall and 95.4 of F1-score for NSL-KDD dataset. Moreover, 98.6% of accuracy, 97.2% of precision, 98.5 of recall and 97.5% of F1-score
IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection
As an important tool in security, the intrusion detection system bears the
responsibility of the defense to network attacks performed by malicious
traffic. Nowadays, with the help of machine learning algorithms, the intrusion
detection system develops rapidly. However, the robustness of this system is
questionable when it faces the adversarial attacks. To improve the detection
system, more potential attack approaches should be researched. In this paper, a
framework of the generative adversarial networks, IDSGAN, is proposed to
generate the adversarial attacks, which can deceive and evade the intrusion
detection system. Considering that the internal structure of the detection
system is unknown to attackers, adversarial attack examples perform the
black-box attacks against the detection system. IDSGAN leverages a generator to
transform original malicious traffic into adversarial malicious traffic. A
discriminator classifies traffic examples and simulates the black-box detection
system. More significantly, we only modify part of the attacks' nonfunctional
features to guarantee the validity of the intrusion. Based on the dataset
NSL-KDD, the feasibility of the model is demonstrated to attack many detection
systems with different attacks and the excellent results are achieved.
Moreover, the robustness of IDSGAN is verified by changing the amount of the
unmodified features.Comment: 8 pages, 5 figure
A Machine Learning Approach for Intrusion Detection
Master's thesis in Information- and communication technology (IKT590)Securing networks and their confidentiality from intrusions is crucial, and for this rea-son, Intrusion Detection Systems have to be employed. The main goal of this thesis is to achieve a proper detection performance of a Network Intrusion Detection System (NIDS). In this thesis, we have examined the detection efficiency of machine learning algorithms such as Neural Network, Convolutional Neural Network, Random Forestand Long Short-Term Memory. We have constructed our models so that they can detect different types of attacks utilizing the CICIDS2017 dataset. We have worked on identifying 15 various attacks present in CICIDS2017, instead of merely identifying normal-abnormal traffic. We have also discussed the reason why to use precisely this dataset, and why should one classify by attack to enhance the detection. Previous works based on benchmark datasets such as NSL-KDD and KDD99 are discussed. Also, how to address and solve these issues. The thesis also shows how the results are effected using different machine learning algorithms. As the research will demon-strate, the Neural Network, Convulotional Neural Network, Random Forest and Long Short-Term Memory are evaluated by conducting cross validation; the average score across five folds of each model is at 92.30%, 87.73%, 94.42% and 87.94%, respectively. Nevertheless, the confusion metrics was also a crucial measurement to evaluate the models, as we shall see. Keywords: Information security, NIDS, Machine Learning, Neural Network, Convolutional Neural Network, Random Forest, Long Short-Term Memory, CICIDS2017
A Convolutional Neural Network for Network Intrusion Detection System
System administrators can benefit from deploying Network Intrusion Detection Systems (NIDS) to find potential security breaches. However, security attacks tend to be unpredictable. There are many challenges to develop a flexible and effective NIDS in order to prevent high false alarm rates and low detection accuracy against unknown attacks. In this paper, we propose a deep learning method to implement an effective and flexible NIDS. We used a convolutional neural network (CNN), an advanced deep learning technique, on NSL-KDD, a benchmark dataset for network intrusion. Our experimental results of a 99.79% detection rate when compared against the NSL-KDD test dataset show that CNNs can be applied as a learning method for Intrusion Detection Systems (IDSs)
- …