Projects per year
Abstract
In previous work, we proposed an end-to-end early intrusion detection system to identify network attacks in real-time before they complete and could cause more damage to the system under attack. To implement the approach, we have trained a Convolution Neural Network (CNN) model with an attention mechanism in a supervised manner to extract relevant features from raw network traffic in order to classify network flows into different types of attacks. In this preliminary work, we discuss and compare the results of using the Recurrent Neural Network (RNN) model with an attention mechanism to detect the attacks earlier. Furthermore, the model not only classifies the given flow but also ranks the packets in the flow with respect to their importance for prediction. This ranking can be used for further investigation of the detected network attacks. We empirically evaluate our approach on the CICIDS2017 dataset. Preliminary results show that the RNN model with an attention mechanism can achieve better classification performance than our previous work with the CNN model.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 2024 IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2024 |
| Publisher | IEEE |
| Pages | 161-167 |
| ISBN (Electronic) | 979-8-3503-4479-0 |
| ISBN (Print) | 979-8-3503-4479-0 |
| DOIs | |
| Publication status | Published - 2024 |
| MoE publication type | A4 Article in a conference publication |
| Event | IEEE International Conference on Software Testing Verification and Validation Workshop - Duration: 27 May 2024 → … |
Publication series
| Name | Proceedings - 2024 IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2024 |
|---|
Conference
| Conference | IEEE International Conference on Software Testing Verification and Validation Workshop |
|---|---|
| Abbreviated title | ICSTW |
| Period | 27/05/24 → … |
Fingerprint
Dive into the research topics of 'Early Detection with Explainability of Network Attacks Using Deep Learning'. Together they form a unique fingerprint.-
VST: Virtual Sea Trial
Truscan, D. (Principal Investigator), Hellström, M. (Principal Investigator), Porres Paltor, I. (Co-Principal Investigator), Ahmad, T. (Co-Investigator), Chariyarupadannayil Sudheerbabu, G. (Project staff), Yaseen, A. (Project staff), Khan, S. (Project staff) & Mughees, A. (Project staff)
01/01/24 → 31/12/26
Project: Industry/Business Finland
-
AIDOaRT
Porres Paltor, I. (Principal Investigator), Truscan, D. (Co-Principal Investigator), Nybom, K. (Co-Investigator), Logacheva, E. (Co-Investigator), Winsten, J. (Co-Investigator) & Peltomäki, J. (Co-Investigator)
01/04/21 → 30/09/24
Project: EU
-
VeriDevOps: Automated Protection and Prevention to Meet Security Requirements in DevOps Environments
Truscan, D. (Principal Investigator), Porres Paltor, I. (Co-Principal Investigator), Ashraf, A. (Principal Investigator), Ahmad, T. (Co-Investigator), Chariyarupadannayil Sudheerbabu, G. (Co-Investigator) & Chapagain, S. (Principal Investigator)
01/10/20 → 31/01/24
Project: EU
Prizes
-
Best Paper Award
Ahmad, T. (Recipient) & Truscan, D. (Recipient), 2024
Prize: Award or honor granted for a specific work