G-Networks Can Detect Different Types of Cyberattacks

TitleG-Networks Can Detect Different Types of Cyberattacks
Publication TypeConference Paper
Year of Publication2022
AuthorsGelenbe E, Nakip M
Conference Name2022 Mascots: 30th International Symposium on the Modelling, Analysis and Simulation of Computer and Telecommunication Systems
Conference LocationNice, France
KeywordsAuto-Associative Deep Random Neural Network, Gelenbe-Networks (G-Networks), Multiple Attack Detection, Queueing Networks with Negative and Positive Customers, Random Neural Networks

Malicious network attacks are a serious source of concern, and machine learning techniques are widely used to build Attack Detectors with off-line training with real attack and non-attack data, and used online to monitor system entry points connected to networks. Many machine learning based Attack Detectors are typically trained to identify specific types attacks, and the training of such algorithms to cover several types of attacks may be excessively time consuming. This paper shows that G-Networks, which are queueing networks with product form solution and special customers such as negative customers and triggers, can be trained just with “non-attack” traffic, can accurately detect several different attack types. This is established with a special case of G-Networks with triggerred customer movement. A DARPA attack and non-attack traffic repository is used to train and test the the G-Network, yielding comparable or clearly better accuracy than most known attack detection techniques.

PDF version: 

Historia zmian

Data aktualizacji: 07/07/2023 - 10:00; autor zmian: Mert Nakip (mnakip@iitis.pl)