Deep learning for detecting logic-flaw-exploiting network attacks: An end-to-end approach

2021 ◽  
pp. 1-30
Author(s):  
Qingtian Zou ◽  
Anoop Singhal ◽  
Xiaoyan Sun ◽  
Peng Liu
Keyword(s):  
Deep Learning ◽  
Attack Detection ◽  
Network Data ◽  
Learning Models ◽  
Real World Data ◽  
Network Attacks ◽  
Network Attack ◽  
Public Network ◽  
Network Intrusion ◽  
End To End

Network attacks have become a major security concern for organizations worldwide. A category of network attacks that exploit the logic (security) flaws of a few widely-deployed authentication protocols has been commonly observed in recent years. Such logic-flaw-exploiting network attacks often do not have distinguishing signatures, and can thus easily evade the typical signature-based network intrusion detection systems. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach based on protocol fuzzing to automatically generate high-quality network data, on which deep learning models can be trained for network attack detection. Our findings show that protocol fuzzing can generate data samples that cover real-world data, and deep learning models trained with fuzzed data can successfully detect the logic-flaw-exploiting network attacks.

scholarly journals End-to-End Deep Learning Fusion of Fingerprint and Electrocardiogram Signals for Presentation Attack Detection

Sensors ◽  
2020 ◽  
Vol 20 (7) ◽  
pp. 2085 ◽  
Author(s):  
Rami M. Jomaa ◽  
Hassan Mathkour ◽  
Yakoub Bazi ◽  
Md Saiful Islam
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Convolutional Neural Network ◽  
Attack Detection ◽  
Ecg Signal ◽  
Ecg Signals ◽  
Biometric Systems ◽  
Fingerprint Biometrics ◽  
End To End ◽  
The Impact

Although fingerprint-based systems are the commonly used biometric systems, they suffer from a critical vulnerability to a presentation attack (PA). Therefore, several approaches based on a fingerprint biometrics have been developed to increase the robustness against a PA. We propose an alternative approach based on the combination of fingerprint and electrocardiogram (ECG) signals. An ECG signal has advantageous characteristics that prevent the replication. Combining a fingerprint with an ECG signal is a potentially interesting solution to reduce the impact of PAs in biometric systems. We also propose a novel end-to-end deep learning-based fusion neural architecture between a fingerprint and an ECG signal to improve PA detection in fingerprint biometrics. Our model uses state-of-the-art EfficientNets for generating a fingerprint feature representation. For the ECG, we investigate three different architectures based on fully-connected layers (FC), a 1D-convolutional neural network (1D-CNN), and a 2D-convolutional neural network (2D-CNN). The 2D-CNN converts the ECG signals into an image and uses inverted Mobilenet-v2 layers for feature generation. We evaluated the method on a multimodal dataset, that is, a customized fusion of the LivDet 2015 fingerprint dataset and ECG data from real subjects. Experimental results reveal that this architecture yields a better average classification accuracy compared to a single fingerprint modality.

APT attack detection based on flow network analysis techniques using deep learning

2020 ◽  
Vol 39 (3) ◽  
pp. 4785-4801
Author(s):  
Cho Do Xuan ◽  
Mai Hoang Dao ◽  
Hoa Dinh Nguyen
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Network Analysis ◽  
Network Traffic ◽  
Network Flow ◽  
Network Flows ◽  
Attack Detection ◽  
Research Network ◽  
Learning Models ◽  
Flow Network

Advanced Persistent Threat (APT) attacks are a form of malicious, intentionally and clearly targeted attack. This attack technique is growing in both the number of recorded attacks and the extent of its dangers to organizations, businesses and governments. Therefore, the task of detecting and warning APT attacks in the real system is very necessary today. One of the most effective approaches to APT attack detection is to apply machine learning or deep learning to analyze network traffic. There have been a number of studies and recommendations to analyze network traffic into network flows and then combine with some classification or clustering methods to look for signs of APT attacks. In particular, recent studies often apply machine learning algorithms to spot the present of APT attacks based on network flow. In this paper, a new method based on deep learning to detect APT attacks using network flow is proposed. Accordingly, in our research, network traffic is analyzed into IP-based network flows, then the IP information is reconstructed from flow, and finally deep learning models are used to extract features for detecting APT attack IPs from other IPs. Additionally, a combined deep learning model using Bidirectional Long Short-Term Memory (BiLSTM) and Graph Convolutional Networks (GCN) is introduced. The new detection model is evaluated and compared with some traditional machine learning models, i.e. Multi-layer perceptron (MLP) and single GCN models, in the experiments. Experimental results show that BiLSTM-GCN model has the best performance in all evaluation scores. This not only shows that deep learning application on flow network analysis to detect APT attacks is a good decision but also suggests a new direction for network intrusion detection techniques based on deep learning.

scholarly journals Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

2021 ◽  
Author(s):  
Kathiroli Raja ◽  
Krithika Karthikeyan ◽  
Abilash B ◽  
Kapal Dev ◽  
Gunasekaran Raja
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Production Management ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Sensitive Information ◽  
Smart Meters ◽  
Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified,
1
stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

scholarly journals A comparison of deep learning models for end-to-end face-based video retrieval in unconstrained videos

2022 ◽  
Author(s):  
Gioele Ciaparrone ◽  
Leonardo Chiariglione ◽  
Roberto Tagliaferri
Keyword(s):  
Deep Learning ◽  
Video Retrieval ◽  
Large Datasets ◽  
Validation Dataset ◽  
Learning Models ◽  
Average Precision ◽  
Query Image ◽  
Shot Detection ◽  
Independent Test ◽  
End To End

AbstractFace-based video retrieval (FBVR) is the task of retrieving videos that containing the same face shown in the query image. In this article, we present the first end-to-end FBVR pipeline that is able to operate on large datasets of unconstrained, multi-shot, multi-person videos. We adapt an existing audiovisual recognition dataset to the task of FBVR and use it to evaluate our proposed pipeline. We compare a number of deep learning models for shot detection, face detection, and face feature extraction as part of our pipeline on a validation dataset made of more than 4000 videos. We obtain 97.25% mean average precision on an independent test set, composed of more than 1000 videos. The pipeline is able to extract features from videos at $$\sim $$ ∼ 7 times the real-time speed, and it is able to perform a query on thousands of videos in less than 0.5 s.

scholarly journals Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Sensors ◽  
2021 ◽  
Vol 21 (21) ◽  
pp. 7070
Author(s):  
Malak Aljabri ◽  
Sumayh S. Aljameel ◽  
Rami Mustafa A. Mohammad ◽  
Sultan H. Almotiri ◽  
Samiha Mirza ◽  
...  
Keyword(s):  
Rapid Development ◽  
Attack Detection ◽  
Network Attacks ◽  
Research Directions ◽  
Network Attack ◽  
Detection Systems ◽  
Increased Risk ◽  
Use Of The Internet ◽  
Main Components ◽  
Network Technologies

The significant growth in the use of the Internet and the rapid development of network technologies are associated with an increased risk of network attacks. Network attacks refer to all types of unauthorized access to a network including any attempts to damage and disrupt the network, often leading to serious consequences. Network attack detection is an active area of research in the community of cybersecurity. In the literature, there are various descriptions of network attack detection systems involving various intelligent-based techniques including machine learning (ML) and deep learning (DL) models. However, although such techniques have proved useful within specific domains, no technique has proved useful in mitigating all kinds of network attacks. This is because some intelligent-based approaches lack essential capabilities that render them reliable systems that are able to confront different types of network attacks. This was the main motivation behind this research, which evaluates contemporary intelligent-based research directions to address the gap that still exists in the field. The main components of any intelligent-based system are the training datasets, the algorithms, and the evaluation metrics; these were the main benchmark criteria used to assess the intelligent-based systems included in this research article. This research provides a rich source of references for scholars seeking to determine their scope of research in this field. Furthermore, although the paper does present a set of suggestions about future inductive directions, it leaves the reader free to derive additional insights about how to develop intelligent-based systems to counter current and future network attacks.

Sign in / Sign up

Export Citation Format

Share Document