Shallow and Deep Learning Approaches for Network Intrusion Alert Prediction

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F20%3A10133283" target="_blank" >RIV/63839172:_____/20:10133283 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.sciencedirect.com/science/article/pii/S1877050920310371" target="_blank" >https://www.sciencedirect.com/science/article/pii/S1877050920310371</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1016/j.procs.2020.04.070" target="_blank" >10.1016/j.procs.2020.04.070</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Shallow and Deep Learning Approaches for Network Intrusion Alert Prediction

Popis výsledku v původním jazyce

The ever-increasing frequency and intensity of intrusion attacks on computer networks worldwide has necessitated intense research efforts towards the design of attack detection and prediction mechanisms. While there are a variety of intrusion detection solutions available, the prediction of network intrusion events is still under active investigation. Over the past, statistical methods have dominated the design of attack prediction methods. However more recently, both shallow and deep learning techniques have shown promise for such data intensive regression tasks. This paper first explores the use of shallow learning techniques for predicting intrusions in computer networks by estimating the probability that a malicious source will repeat an attack in a given future time interval. The approach also highlights the limits to which shallow learning may be applied for such predictive tasks. The work then goes on to show that deep learning approaches are much more suited for network alert prediction tasks. A recurrent neural network based approach is shown to be more suited for alert prediction tasks. Both approaches are evaluated on the same dataset, comprising of millions of alerts taken from the alert sharing system Warden operated by CESNET.

Název v anglickém jazyce

Shallow and Deep Learning Approaches for Network Intrusion Alert Prediction

Popis výsledku anglicky

The ever-increasing frequency and intensity of intrusion attacks on computer networks worldwide has necessitated intense research efforts towards the design of attack detection and prediction mechanisms. While there are a variety of intrusion detection solutions available, the prediction of network intrusion events is still under active investigation. Over the past, statistical methods have dominated the design of attack prediction methods. However more recently, both shallow and deep learning techniques have shown promise for such data intensive regression tasks. This paper first explores the use of shallow learning techniques for predicting intrusions in computer networks by estimating the probability that a malicious source will repeat an attack in a given future time interval. The approach also highlights the limits to which shallow learning may be applied for such predictive tasks. The work then goes on to show that deep learning approaches are much more suited for network alert prediction tasks. A recurrent neural network based approach is shown to be more suited for alert prediction tasks. Both approaches are evaluated on the same dataset, comprising of millions of alerts taken from the alert sharing system Warden operated by CESNET.

Druh

J_SC - Článek v periodiku v databázi SCOPUS

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

R - Projekt Ramcoveho programu EK

Rok uplatnění

2020

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Procedia Computer Science

ISSN

1877-0509

e-ISSN

—

Svazek periodika

171

Číslo periodika v rámci svazku

4. 6. 2020

Stát vydavatele periodika

NL - Nizozemsko

Počet stran výsledku

10

Strana od-do

644-653

Kód UT WoS článku

—

EID výsledku v databázi Scopus

2-s2.0-85086634612