Robust Adaptive Cloud Intrusion Detection System Using Advanced Deep Reinforcement Learning

2020 ◽  
pp. 66-85
Author(s):  
Kamalakanta Sethi ◽  
Rahul Kumar ◽  
Dinesh Mohanty ◽  
Padmalochan Bera
Keyword(s):  
Reinforcement Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Robust Adaptive

A context-aware robust intrusion detection system: a reinforcement learning-based approach

2019 ◽  
Vol 19 (6) ◽  
pp. 657-678 ◽  
Author(s):  
Kamalakanta Sethi ◽  
E. Sai Rupesh ◽  
Rahul Kumar ◽  
Padmalochan Bera ◽  
Y. Venu Madhav
Keyword(s):  
Reinforcement Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Context Aware ◽  
System A

scholarly journals DRLDO A Novel DRL based De obfuscation System for Defence Against Metamorphic Malware

2021 ◽  
Vol 71 (1) ◽  
pp. 55-65
Author(s):  
Mohit Sewak ◽  
Sanjay K. Sahay ◽  
Hemant Rathore
Keyword(s):  
Reinforcement Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Probability ◽  
Detection System ◽  
Experimental Results ◽  
Multiple Generations ◽  
Defence System ◽  
Metamorphic Malware ◽  
Very High

In this paper, we propose a novel mechanism to normalise metamorphic and obfuscated malware down at the opcode level and hence create an advanced metamorphic malware de-obfuscation and defence system. We name this system as DRLDO, for deep reinforcement learning based de-obfuscator. With the inclusion of the DRLDO as a sub-component, an existing Intrusion Detection System could be augmented with defensive capabilities against ‘zero-day’ attack from obfuscated and metamorphic variants of existing malware. This gains importance, not only because there exists no system till date that use advance DRL to intelligently and automatically normalise obfuscation down even to the opcode level, but also because the DRLDO system does not mandate any changes to the existing IDS. The DRLDO system does not even mandate the IDS’ classifier to be retrained with any new dataset containing obfuscated samples. Hence DRLDO could be easily retrofitted into any existing IDS deployment. We designed, developed, and conducted experiments on the system to evaluate the same against multiple-simultaneous attacks from obfuscations generated from malware samples from a standardised dataset that contain multiple generations of malware. Experimental results prove that DRLDO was able to successfully make the otherwise undetectable obfuscated variants of the malware detectable by an existing pre-trained malware classifier. The detection probability was raised well above the cut-off mark to 0.6 for the classifier to detect the obfuscated malware unambiguously. Further, the de-obfuscated variants generated by DRLDO achieved a very high correlation (of ≈ 0.99) with the base malware. This observation validates that the DRLDO system is actually learning to de-obfuscate and not exploiting a trivial trick.

scholarly journals Reinforced Intrusion Detection Using Pursuit Reinforcement Competitive Learning

2014 ◽  
Vol 2 (1) ◽  
Author(s):  
Indah Yulia Prafitaning Tiyas ◽  
Ali Ridho Barakbah ◽  
Tri Harsono ◽  
Amang Sudarsono
Keyword(s):  
Reinforcement Learning ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Speed ◽  
Detection System ◽  
Competitive Learning ◽  
Classification Model ◽  
Experimental Result ◽  
On Line

Today, information technology is growing rapidly,all information can be obtainedmuch easier. It raises some new problems; one of them is unauthorized access to the system. We need a reliable network security system that is resistant to a variety of attacks against the system. Therefore, Intrusion Detection System (IDS) required to overcome the problems of intrusions. Many researches have been done on intrusion detection using classification methods. Classification methodshave high precision, but it takes efforts to determine an appropriate classification model to the classification problem. In this paper, we propose a new reinforced approach to detect intrusion with On-line Clustering using Reinforcement Learning. Reinforcement Learning is a new paradigm in machine learning which involves interaction with the environment.It works with reward and punishment mechanism to achieve solution. We apply the Reinforcement Learning to the intrusion detection problem with considering competitive learning using Pursuit Reinforcement Competitive Learning (PRCL). Based on the experimental result, PRCL can detect intrusions in real time with high accuracy (99.816% for DoS, 95.015% for Probe, 94.731% for R2L and 99.373% for U2R) and high speed (44 ms).The proposed approach can help network administrators to detect intrusion, so the computer network security systembecome reliable.Keywords: Intrusion Detection System, On-Line Clustering, Reinforcement Learning, Unsupervised Learning.

Classification with Clustering and Gaussian Functions in Intrusion Detection System

2014 ◽  
Vol 134 (12) ◽  
pp. 1908-1915 ◽  
Author(s):  
Nannan Lu ◽  
Shingo Mabu ◽  
Yuhong Li ◽  
Kotaro Hirasawa
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Gaussian Functions
Sign in / Sign up

Export Citation Format

Share Document