Powiadomienia systemowe
- Sesja wygasła!
Tytuł artykułu
Autorzy
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
Most of the intrusion detection methods in computer networks are based on traffic flow characteristics. However, this approach may not fully exploit the potential of deep learning algorithms to directly extract features and patterns from raw packets. Moreover, it impedes real-time monitoring due to the necessity of waiting for the processing pipeline to complete and introduces dependencies on additional software components. In this paper, we investigate deep learning methodologies capable of detecting attacks in real-time directly from raw packet data within network traffic. Our investigation utilizes the CICIDS-2017 dataset, which includes both benign traffic and prevalent real-world attacks, providing a comprehensive foundation for our research.
Wydawca
Czasopismo
Rocznik
Tom
Strony
45--–68
Opis fizyczny
Bibliogr. 30 poz., rys., tab., wykr.
Twórcy
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
autor
- National Centre for Nuclear Research, 05-400 Otwock-Świerk ul. A. Sołtana 7
Bibliografia
- [1] Anderson J.P.: Computer security threat monitoring and surveillance,TechnicalReport, James P Anderson Company, 1980.
- [2] Buczak A., Guven E.: A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection, IEEE Communications Surveys&Tutorials, vol. 18(2), pp. 1153–1176, 2016. doi: 10.1109/COMST.2015.2494502.
- [3] Chen P., Desmet L., Huygens C.: A Study on Advanced Persistent Threats. In: B. De Decker, A. Zúquete (eds.), Communications and Multimedia Security. CMS2014, Lecture Notes in Computer Science, vol. 8735, pp. 63–72, Springer, Berlin, Heidelberg, 2014. doi: 10.1007/978-3-662-44885-4_5.
- [4] CICFlowMeter tool, https://www.unb.ca/cic/research/applications.html. Accessed: 2024-05-05.
- [5] Deng J., Dong W., Socher R., Li L.J., Li K., Fei-Fei L.: ImageNet: A large-scale hierarchical image database. In: 2009 IEEE Conference on Computer Vision and Pattern Recognition, pp. 248–255, 2009. doi: 10.1109/CVPR.2009.5206848.
- [6] Díaz-Verdejo J., Muñoz Calle J., Estepa Alonso A., Estepa Alonso R., Madinabeitia G.: On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks, Applied Sciences, vol. 12(2), 2022.doi: 10.3390/app12020852.
- [7] Engelen G., Rimmer V., Joosen W.: Troubleshooting an intrusion detection dataset: the CICIDS2017 case study. In: 2021 IEEE Security and Privacy Work-shops (SPW), pp. 7–12, IEEE, 2021. doi: 10.1109/spw53761.2021.00009.
- [8] Guezzaz A., Benkirane S., Azrour M., Khurram S.: A Reliable Network Intrusion Detection Approach Using Decision Tree with Enhanced Data Quality, Securityand Communication Networks, vol. 2021(1), 1230593, 2021. doi: 10.1155/2021/1230593.
- [9] Halbouni A., Gunawan T.S., Habaebi M.H., Halbouni M., Kartiwi M., Ahmad R.: CNN-LSTM: hybrid deep neural network for network intrusion detection system, IEEE Access, vol. 10, pp. 99837–99849, 2022. doi: 10.1109/access.2022.3206425.
- [10] Hnamte V., Hussain J.: Dependable intrusion detection system using deep convolutional neural network: A novel framework and performance evaluation approach, Telematics and Informatics Reports, vol. 11, 2023. doi: 10.1016/j.teler.2023.100077.
- [11] Jose J., Jose D.V.: Deep learning algorithms for intrusion detection systems in internet of things using CIC-IDS 2017 dataset, International Journal of Electrical and Computer Engineering (IJECE), vol. 13(1), pp. 1134–1141, 2023.doi: 10.11591/ijece.v13i1.pp1134-1141.
- [12] Lee J., Kim J., Kim I., Han K.: Cyber threat detection based on artificial neural networks using event profiles, IEEE Access, vol. 7, pp. 165607–165626, 2019.doi: 10.1109/access.2019.2953095.
- [13] Makrakis G.M., Kolias C., Kambourakis G., Rieger C., Benjamin J.: Industrial and Critical Infrastructure Security: Technical Analysis of Real-Life Security Incidents, IEEE Access, vol. 9, pp. 165295–165325, 2021. doi: 10.1109/ACCESS.2021.3133348.
- [14] Mathieson M.: Reordercap tool. https://www.wireshark.org/docs/man-pages/reordercap.html. Accessed: 2024-05-05.
- [15] McAfee report, 2016. https://web.archive.org/web/20171026083736/https://www.mcafee.com/us/resources/reports/rp-threats-predictions-2016.pdf. Ac-cessed: 2024-05-05.
- [16] Moustafa R., Slay J.: A comprehensive data set for network intrusion detection systems, School of Engineering and Information Technology University of New South Wales at the Australian Defense Force Academy Canberra, Australia, UNSW-NB15, 2015.
- [17] Muthuppalaniappan Menaka L., Stevenson K.: Healthcare cyber-attacks and theCOVID-19 pandemic: an urgent threat to global health, International Journal for Quality in Health Care, vol. 33(1), mzaa117, 2020. doi: 10.1093/intqhc/mzaa117.
- [18] Pcapfix. https://github.com/Rup0rt/pcapfix. Accessed: 2024-05-05.
- [19] Praanna K., Sruthi S., Kalyani K., Tejaswi A.S.: A CNN-LSTM model for intrusion detection system from high dimensional data, Journal of Information and Computational Science, vol. 10(3), pp. 1362–1370, 2020. doi: 10.5281/zenodo.7911821.
- [20] Rid T., Buchanan B.: Attributing Cyber Attacks, Journal of Strategic Studies, vol. 38(1-2), pp. 4–37, 2015. doi: 10.1080/01402390.2014.977382.
- [21] Sharafaldin I., Lashkari A.H., Ghorbani A.A.: Toward generating a new intrusiondetection dataset and intrusion traffic characterization. In:Proceedings of the 4thInternational Conference on Information Systems Security and Privacy ICISSP– Volume 1, pp. 108–116, 2018. doi: 10.5220/0006639801080116.
- [22] Simonyan K., Vedaldi A., Zisserman A.: Deep Inside Convolutional Networks: Visualising Image Classification Models and Saliency Maps, 2014. https://arxiv.org/abs/1312.6034.
- [23] Simonyan K., Zisserman A.: Very Deep Convolutional Networks for Large-ScaleImage Recognition, arXiv preprint arXiv:14091556, 2014.
- [24] Soltani M., Siavoshani M.J., Jahangir A.H.: A content-based deep intrusion detection system, International Journal of Information Security, vol. 21(3),pp. 547–562, 2022.
- [25] Sulaiman N.S., Nasir A., Othman W., Fahmy S., Aziz N., Yacob A., Samsudin N.: Intrusion Detection System Techniques: A Review, Journal of Physics: Conference Series, vol. 1874, 012042, 2021. doi: 10.1088/1742-6596/1874/1/012042.
- [26] Symantec Corporation: Internet Security Threat Report, Symantec Corporation,2017.
- [27] Szegedy C., Vanhoucke V., Ioffe S., Shlens J., Wojna Z.: Rethinking the Inception Architecture for Computer Vision. In: 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 2818–2826, 2016. doi: 10.1109/CVPR.2016.308.
- [28] Talukder M.A., Islam M.M., Uddin M.A., Hasan K.F., Sharmin S., Alyami S.A.,Moni M.A.: Machine learning-based network intrusion detection for big and imbalanced data using oversampling, stacking feature embedding and feature extraction, Journal of Big Data, vol. 11(1), p. 33, 2024. doi: 10.1186/s40537-024-00886-w.
- [29] Tan M., Le Q.V.: EfficientNet: Rethinking Model Scaling for Convolutional Neural Networks, 2020.
- [30] Zhang Y., Chen X., Guo D., Song M., Teng Y., Wang X.: PCCN: parallelcross convolutional neural network for abnormal network traffic flows detectionin multi-class imbalanced network traffic flows, IEEE Access, vol. 7, pp. 119904–119916, 2019. doi: 10.1109/access.2019.2933165
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-3a5c35de-ce57-4b49-9c25-1dfe95dc77f2
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.