scholarly journals Real-Time Detection of Dictionary DGA Network Traffic Using Deep Learning

2021 ◽  
Vol 2 (2) ◽  
Author(s):  
Kate Highnam ◽  
Domenic Puzio ◽  
Song Luo ◽  
Nicholas R. Jennings
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Real Time ◽  
Network Traffic ◽  
Short Term Memory ◽  
Domain Names ◽  
Control Networks ◽  
Detection Techniques ◽  
Lstm Network ◽  
And Control

AbstractBotnets and malware continue to avoid detection by static rule engines when using domain generation algorithms (DGAs) for callouts to unique, dynamically generated web addresses. Common DGA detection techniques fail to reliably detect DGA variants that combine random dictionary words to create domain names that closely mirror legitimate domains. To combat this, we created a novel hybrid neural network, Bilbo the “bagging” model, that analyses domains and scores the likelihood they are generated by such algorithms and therefore are potentially malicious. Bilbo is the first parallel usage of a convolutional neural network (CNN) and a long short-term memory (LSTM) network for DGA detection. Our unique architecture is found to be the most consistent in performance in terms of AUC, $$F_1$$ F 1 score, and accuracy when generalising across different dictionary DGA classification tasks compared to current state-of-the-art deep learning architectures. We validate using reverse-engineered dictionary DGA domains and detail our real-time implementation strategy for scoring real-world network logs within a large enterprise. In 4 h of actual network traffic, the model discovered at least five potential command-and-control networks that commercial vendor tools did not flag.

scholarly journals Efficient Deep Learning Models for DGA Domain Detection

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Juhong Namgung ◽  
Siwoon Son ◽  
Yang-Sae Moon
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Ensemble Model ◽  
Learning Models ◽  
Short Term ◽  
Domain Names ◽  
Additional Information ◽  
Domain Sequence ◽  
Long Short Term Memory ◽  
And Control

In recent years, cyberattacks using command and control (C&C) servers have significantly increased. To hide their C&C servers, attackers often use a domain generation algorithm (DGA), which automatically generates domain names for the C&C servers. Accordingly, extensive research on DGA domain detection has been conducted. However, existing methods cannot accurately detect continuously generated DGA domains and can easily be evaded by an attacker. Recently, long short-term memory- (LSTM-) based deep learning models have been introduced to detect DGA domains in real time using only domain names without feature extraction or additional information. In this paper, we propose an efficient DGA domain detection method based on bidirectional LSTM (BiLSTM), which learns bidirectional information as opposed to unidirectional information learned by LSTM. We further maximize the detection performance with a convolutional neural network (CNN) + BiLSTM ensemble model using Attention mechanism, which allows the model to learn both local and global information in a domain sequence. Experimental results show that existing CNN and LSTM models achieved F1-scores of 0.9384 and 0.9597, respectively, while the proposed BiLSTM and ensemble models achieved higher F1-scores of 0.9618 and 0.9666, respectively. In addition, the ensemble model achieved the best performance for most DGA domain classes, enabling more accurate DGA domain detection than existing models.

scholarly journals Application of deep learning methods to predict ionosphere parameters in real time

2020 ◽  
Vol 196 ◽  
pp. 02007
Author(s):  
Vladimir Mochalov ◽  
Anastasia Mochalova
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Real Time ◽  
Network Architecture ◽  
Short Term Memory ◽  
Neural Network Architecture ◽  
Short Term ◽  
Learning Methods ◽  
Term Memory ◽  
Long Short Term Memory

In this paper, the previously obtained results on recognition of ionograms using deep learning are expanded to predict the parameters of the ionosphere. After the ionospheric parameters have been identified on the ionogram using deep learning in real time, we can predict the parameters for some time ahead on the basis of the new data obtained Examples of predicting the ionosphere parameters using an artificial recurrent neural network architecture long short-term memory are given. The place of the block for predicting the parameters of the ionosphere in the system for analyzing ionospheric data using deep learning methods is shown.

A method for constructing a network traffic classifier based on deep learning

2021 ◽  
Author(s):  
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Network Traffic ◽  
Short Term Memory ◽  
Short Term ◽  
Raw Data ◽  
Term Memory ◽  
High Classification Accuracy ◽  
Data Flows ◽  
Long Short Term Memory

An overview and analysis of methods for constructing of network traffic classifiers is given and the advantage of deep learning methods is shown. Based on a comparative analysis, the methods of deep learning with a teacher is selected. A method based on the use of a multilayer neural network of long short-term memory (LSTM) is considered. The structure of a deep network, at the input of which raw data flows fed, divided into sessions is created. Based on the selected classes of applications, it is experimentally proven that the developed neural network of long short-term memory, to the input of which raw data is supplied, allows to obtain a high classification accuracy. Keywords network traffic; deep learning; long short-term memory neural network; raw data

Demand Forecasting in Supply Chain Management Using Different Deep Learning Methods

2021 ◽  
pp. 140-170
Author(s):  
Asma Husna ◽  
Saman Hassanzadeh Amin ◽  
Bharat Shah
Keyword(s):  
Neural Network ◽  
Supply Chain ◽  
Deep Learning ◽  
Supply Chain Management ◽  
Short Term Memory ◽  
Demand Forecasting ◽  
Learning Approaches ◽  
Chain Management ◽  
Lstm Network ◽  
Artificial Neural Network Ann

Supply chain management (SCM) is a fast growing and largely studied field of research. Forecasting of the required materials and parts is an important task in companies and can have a significant impact on the total cost. To have a reliable forecast, some advanced methods such as deep learning techniques are helpful. The main goal of this chapter is to forecast the unit sales of thousands of items sold at different chain stores located in Ecuador with holistic techniques. Three deep learning approaches including artificial neural network (ANN), convolutional neural network (CNN), and long short-term memory (LSTM) are adopted here for predictions from the Corporación Favorita grocery sales forecasting dataset collected from Kaggle website. Finally, the performances of the applied models are evaluated and compared. The results show that LSTM network tends to outperform the other two approaches in terms of performance. All experiments are conducted using Python's deep learning library and Keras and Tensorflow packages.

scholarly journals DGA CapsNet: 1D Application of Capsule Networks to DGA Detection

Information ◽  
2019 ◽  
Vol 10 (5) ◽  
pp. 157 ◽  
Author(s):  
Daniel S. Berman
Keyword(s):  
Neural Networks ◽  
Deep Learning ◽  
Real Time ◽  
Convolutional Neural Networks ◽  
Recurrent Neural Networks ◽  
State Of The Art ◽  
One Dimensional ◽  
Domain Names ◽  
Large Numbers ◽  
And Control

Domain generation algorithms (DGAs) represent a class of malware used to generate large numbers of new domain names to achieve command-and-control (C2) communication between the malware program and its C2 server to avoid detection by cybersecurity measures. Deep learning has proven successful in serving as a mechanism to implement real-time DGA detection, specifically through the use of recurrent neural networks (RNNs) and convolutional neural networks (CNNs). This paper compares several state-of-the-art deep-learning implementations of DGA detection found in the literature with two novel models: a deeper CNN model and a one-dimensional (1D) Capsule Networks (CapsNet) model. The comparison shows that the 1D CapsNet model performs as well as the best-performing model from the literature.

scholarly journals A hybrid deep learning model for air quality time series prediction

2021 ◽  
Vol 22 (3) ◽  
pp. 1611
Author(s):  
Samit Bhanja ◽  
Abhisek Das
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Air Quality ◽  
Input Data ◽  
Short Term Memory ◽  
Time Series Prediction ◽  
Key Factors ◽  
Spatial Features ◽  
And Control ◽  
Learning Architectures

Air quality (mainly PM2.5) forecasting plays an important role in the early detection and control of air pollution. In recent times, numerous deep learning-based models have been proposed to forecast air quality more accurately. The success of these deep learning models heavily depends on the two key factors viz. proper representation of the input data and preservation of temporal order of the input data during the feature’s extraction phase. Here we propose a hybrid deep neural network (HDNN) framework to forecast the PM2.5 by integrating two popular deep learning architectures, viz. Convolutional neural network (CNN) and bidirectional long short-term memory (BDLSTM) network. Here we build a 3D input tensor so that CNN can extract the trends and spatial features more accurately within the input window. Here we also introduce a linking layer between CNN and BDLSTM to maintain the temporal ordering of feature vectors. In the end, our proposed HDNN framework is compared with the state-of-the-art models, and we show that HDNN outruns other models in terms of prediction accuracy.

scholarly journals Deep Learning Recurrent Neural Network for Concussion Classification in Adolescents Using Raw Electroencephalography Signals: Toward a Minimal Number of Sensors

2021 ◽  
Vol 15 ◽  
Author(s):  
Karun Thanjavur ◽  
Dionissios T. Hristopulos ◽  
Arif Babul ◽  
Kwang Moo Yi ◽  
Naznin Virji-Babul
Keyword(s):  
Neural Network ◽  
Neural Networks ◽  
Deep Learning ◽  
Recurrent Neural Network ◽  
Resting State ◽  
Short Term Memory ◽  
State Data ◽  
Eeg Data ◽  
Clinical Environments ◽  
Lstm Network

Artificial neural networks (ANNs) are showing increasing promise as decision support tools in medicine and particularly in neuroscience and neuroimaging. Recently, there has been increasing work on using neural networks to classify individuals with concussion using electroencephalography (EEG) data. However, to date the need for research grade equipment has limited the applications to clinical environments. We recently developed a deep learning long short-term memory (LSTM) based recurrent neural network to classify concussion using raw, resting state data using 64 EEG channels and achieved high accuracy in classifying concussion. Here, we report on our efforts to develop a clinically practical system using a minimal subset of EEG sensors. EEG data from 23 athletes who had suffered a sport-related concussion and 35 non-concussed, control athletes were used for this study. We tested and ranked each of the original 64 channels based on its contribution toward the concussion classification performed by the original LSTM network. The top scoring channels were used to train and test a network with the same architecture as the previously trained network. We found that with only six of the top scoring channels the classifier identified concussions with an accuracy of 94%. These results show that it is possible to classify concussion using raw, resting state data from a small number of EEG sensors, constituting a first step toward developing portable, easy to use EEG systems that can be used in a clinical setting.

scholarly journals LSTM Network based Malicious Domain Name Detection

2019 ◽  
Vol 8 (6) ◽  
pp. 3187-3191
Keyword(s):  
Neural Network ◽  
Network Traffic ◽  
Deep Neural Network ◽  
Domain Name ◽  
Domain Names ◽  
Bidirectional Lstm ◽  
Lstm Network

Detecting malicious domain names attract lot of research in recent years. Researchers tried various text based, network traffic based and combination of these methods to detect malicious names. In this paper, we analyze the possibility of detection malicious names using deep neural network based models. Bidirectional LSTM network has been developed and trained on the dataset. Two tasks were experimented. First task was to identify malicious domain name and second task was to identify the class of domain name. Proposed method is able to perform well on task 1 producing 98.9% accuracy whereas on task 2 it is able to achieve accuracy of 69.7% only.

Improving Sentiment Analysis using Hybrid Deep Learning Model

2020 ◽  
Vol 13 (4) ◽  
pp. 627-640 ◽  
Author(s):  
Avinash Chandra Pandey ◽  
Dharmveer Singh Rajpoot
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Sentiment Analysis ◽  
Classification Accuracy ◽  
Short Term Memory ◽  
Computational Cost ◽  
Extraction Process ◽  
Learning Model ◽  
Sentiment Classification ◽  
Deep Learning Model

Background: Sentiment analysis is a contextual mining of text which determines viewpoint of users with respect to some sentimental topics commonly present at social networking websites. Twitter is one of the social sites where people express their opinion about any topic in the form of tweets. These tweets can be examined using various sentiment classification methods to find the opinion of users. Traditional sentiment analysis methods use manually extracted features for opinion classification. The manual feature extraction process is a complicated task since it requires predefined sentiment lexicons. On the other hand, deep learning methods automatically extract relevant features from data hence; they provide better performance and richer representation competency than the traditional methods. Objective: The main aim of this paper is to enhance the sentiment classification accuracy and to reduce the computational cost. Method: To achieve the objective, a hybrid deep learning model, based on convolution neural network and bi-directional long-short term memory neural network has been introduced. Results: The proposed sentiment classification method achieves the highest accuracy for the most of the datasets. Further, from the statistical analysis efficacy of the proposed method has been validated. Conclusion: Sentiment classification accuracy can be improved by creating veracious hybrid models. Moreover, performance can also be enhanced by tuning the hyper parameters of deep leaning models.

scholarly journals Data-Driven Stability Assessment of Multilayer Long Short-Term Memory Networks

2021 ◽  
Vol 11 (4) ◽  
pp. 1829
Author(s):  
Davide Grande ◽  
Catherine A. Harris ◽  
Giles Thomas ◽  
Enrico Anderlini
Keyword(s):  
Neural Network ◽  
Network Architecture ◽  
Short Term Memory ◽  
Moving Average ◽  
Machine Learning Algorithms ◽  
Physical Models ◽  
Data Driven ◽  
The Stability ◽  
And Control ◽  
Nonlinear Autoregressive

Recurrent Neural Networks (RNNs) are increasingly being used for model identification, forecasting and control. When identifying physical models with unknown mathematical knowledge of the system, Nonlinear AutoRegressive models with eXogenous inputs (NARX) or Nonlinear AutoRegressive Moving-Average models with eXogenous inputs (NARMAX) methods are typically used. In the context of data-driven control, machine learning algorithms are proven to have comparable performances to advanced control techniques, but lack the properties of the traditional stability theory. This paper illustrates a method to prove a posteriori the stability of a generic neural network, showing its application to the state-of-the-art RNN architecture. The presented method relies on identifying the poles associated with the network designed starting from the input/output data. Providing a framework to guarantee the stability of any neural network architecture combined with the generalisability properties and applicability to different fields can significantly broaden their use in dynamic systems modelling and control.

Sign in / Sign up

Export Citation Format

Share Document