Application of Representation Learning based Chronological Modeling for Network Intrusion Detection

An autoencoder has the potential to overcome the limitations of current intrusion detection methods by recognizing benign user activity rather than differentiating between benign and malicious activity. However, the line separating them is quite blurry with a significant overlap. The first part of this study aims to investigate the rationale behind this overlap. The results suggest that although a subset of traffic cannot be separated without labels, timestamps have the potential to be leveraged for identification of activity that does not conform to the normal or expected behavior of the network. The second part aims to eliminate dependence on visual-inspections by exploring automation. The trend of errors for HTTP traffic was modeled chronologically using resampled data and moving averages. This model successfully identified attacks that had orchestrated over HTTP within their respective time slots. These results support the hypothesis that it is technically feasible to build an anomaly-based intrusion detection system where each individual observation need not be categorized.

Cyber-attack and Measuring its Risk

In this short research, cyber-attack and the well-known attacking methods are discussed. Moreover, how many attacks were made in 2021 compared to the attacks in the previous year is found, to determine how fast this malicious activity is growing and the reasons which motivate such cyber-attacks are studied. The risk measurement methods are also discussed in this article based on some previous research. The conclusions are made on the suitable solution for cyber-attack, reviewed based on the point of view of different research.

A Novel Monte-Carlo Simulation-Based Model for Malware Detection (eRBCM)

The use of innovative and sophisticated malware definitions poses a serious threat to computer-based information systems. Such malware is adaptive to the existing security solutions and often works without detection. Once malware completes its malicious activity, it self-destructs and leaves no obvious signature for detection and forensic purposes. The detection of such sophisticated malware is very challenging and a non-trivial task because of the malware’s new patterns of exploiting vulnerabilities. Any security solutions require an equal level of sophistication to counter such attacks. In this paper, a novel reinforcement model based on Monte-Carlo simulation called eRBCM is explored to develop a security solution that can detect new and sophisticated network malware definitions. The new model is trained on several kinds of malware and can generalize the malware detection functionality. The model is evaluated using a benchmark set of malware. The results prove that eRBCM can identify a variety of malware with immense accuracy.

The BitcoinHeist: Classifications of Ransomware Crime Families

Ransomware attacks are on the rise and attackers are hijacking valuable information from different critical infrastructures and businesses requiring ransom payments to release the encrypted files. Payments in cryptocurrencies are designed to evade tracing the transactions and the recipients. With anonymity being paramount, tracing cryptocurrencies payments due to malicious activity and criminal transactions is a complicated process. Therefore, the need to identify these transactions and label them is crucial to categorize them as legitimate digital currency trade and exchange or malicious activity operations. Machine learning techniques are utilized to train the machine to recognize specific transactions and trace them back to malicious transactions or benign ones. I propose to work on the Bitcoin Heist data set to classify the different malicious transactions. The different transactions features are analyzed to predict a classifier label among the classifiers that have been identified as ransomware or associated with malicious activity. I use decision tree classifiers and ensemble learning to implement a random forest classifier. Results are assessed to evaluate accuracy, precision, and recall. I limit the study design to known ransomware identified previously and made available under the Bitcoin transaction graph from January 2009 to December 2018.

A semantic rule based digital fraud detection

Digital fraud has immensely affected ordinary consumers and the finance industry. Our dependence on internet banking has made digital fraud a substantial problem. Financial institutions across the globe are trying to improve their digital fraud detection and deterrence capabilities. Fraud detection is a reactive process, and it usually incurs a cost to save the system from an ongoing malicious activity. Fraud deterrence is the capability of a system to withstand any fraudulent attempts. Fraud deterrence is a challenging task and researchers across the globe are proposing new solutions to improve deterrence capabilities. In this work, we focus on the very important problem of fraud deterrence. Our proposed work uses an Intimation Rule Based (IRB) alert generation algorithm. These IRB alerts are classified based on severity levels. Our proposed solution uses a richer domain knowledge base and rule-based reasoning. In this work, we propose an ontology-based financial fraud detection and deterrence model.

Intrusion detection system based on machine learning techniques

Recently, the data flow over the internet has exponentially increased due to the massive growth of computer networks connected to it. Some of these data can be classified as a malicious activity which cannot be captured by firewalls and anti-malwares. Due to this, the intrusion detection systems are urgent need in order to recognize malicious activity to keep data integrity and availability. In this study, an intrusion detection system based on cluster feature concepts and KNN classifier has been suggested to handle the various challenges issues in data such as in complete data, mixed-type and noise data. To streng then the proposed system a special kind of patterns similarity measures are supported to deal with these types of challenges. The experimental results show that the classification accuracy of the suggested system is better than K-nearest neighbor (KNN) and support vector machine classifiers when processing incomplete data set, inspite of droping down the overall detection accuracy.