G-Networks Can Detect Different Types of Cyberattacks

TytułG-Networks Can Detect Different Types of Cyberattacks
Publication TypeConference Paper
Rok publikacji2022
AutorzyGelenbe E, Nakip M
Conference Name2022 Mascots: 30th International Symposium on the Modelling, Analysis and Simulation of Computer and Telecommunication Systems
PublisherIEEE
Conference LocationNice, France
Słowa kluczoweAuto-Associative Deep Random Neural Network, Gelenbe-Networks (G-Networks), Multiple Attack Detection, Queueing Networks with Negative and Positive Customers, Random Neural Networks
Abstract

Malicious network attacks are a serious source of concern, and machine learning techniques are widely used to build Attack Detectors with off-line training with real attack and non-attack data, and used online to monitor system entry points connected to networks. Many machine learning based Attack Detectors are typically trained to identify specific types attacks, and the training of such algorithms to cover several types of attacks may be excessively time consuming. This paper shows that G-Networks, which are queueing networks with product form solution and special customers such as negative customers and triggers, can be trained just with “non-attack” traffic, can accurately detect several different attack types. This is established with a special case of G-Networks with triggerred customer movement. A DARPA attack and non-attack traffic repository is used to train and test the the G-Network, yielding comparable or clearly better accuracy than most known attack detection techniques.

Plik PDF: 

Historia zmian

Data aktualizacji: 07/07/2023 - 10:00; autor zmian: Mert Nakip (mnakip@iitis.pl)