Title | G-Networks Can Detect Different Types of Cyberattacks |
Publication Type | Conference Paper |
Year of Publication | 2022 |
Authors | Gelenbe E, Nakip M |
Conference Name | 2022 Mascots: 30th International Symposium on the Modelling, Analysis and Simulation of Computer and Telecommunication Systems |
Publisher | IEEE |
Conference Location | Nice, France |
Keywords | Auto-Associative Deep Random Neural Network, Gelenbe-Networks (G-Networks), Multiple Attack Detection, Queueing Networks with Negative and Positive Customers, Random Neural Networks |
Abstract | Malicious network attacks are a serious source of concern, and machine learning techniques are widely used to build Attack Detectors with off-line training with real attack and non-attack data, and used online to monitor system entry points connected to networks. Many machine learning based Attack Detectors are typically trained to identify specific types attacks, and the training of such algorithms to cover several types of attacks may be excessively time consuming. This paper shows that G-Networks, which are queueing networks with product form solution and special customers such as negative customers and triggers, can be trained just with “non-attack” traffic, can accurately detect several different attack types. This is established with a special case of G-Networks with triggerred customer movement. A DARPA attack and non-attack traffic repository is used to train and test the the G-Network, yielding comparable or clearly better accuracy than most known attack detection techniques. |