Early Detection with Explainability of Network Attacks Using Deep Learning

Forskningsoutput: Kapitel i bok/konferenshandlingKonferensbidragVetenskapligPeer review

Sammanfattning

In previous work, we proposed an end-to-end early intrusion detection system to identify network attacks in real-time before they complete and could cause more damage to the system under attack. To implement the approach, we have trained a Convolution Neural Network (CNN) model with an attention mechanism in a supervised manner to extract relevant features from raw network traffic in order to classify network flows into different types of attacks. In this preliminary work, we discuss and compare the results of using the Recurrent Neural Network (RNN) model with an attention mechanism to detect the attacks earlier. Furthermore, the model not only classifies the given flow but also ranks the packets in the flow with respect to their importance for prediction. This ranking can be used for further investigation of the detected network attacks. We empirically evaluate our approach on the CICIDS2017 dataset. Preliminary results show that the RNN model with an attention mechanism can achieve better classification performance than our previous work with the CNN model.

OriginalspråkEngelska
Titel på värdpublikationProceedings - 2024 IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2024
FörlagIEEE
Sidor161-167
ISBN (elektroniskt)979-8-3503-4479-0
ISBN (tryckt)979-8-3503-4479-0
DOI
StatusPublicerad - 2024
MoE-publikationstypA4 Artikel i en konferenspublikation
EvenemangIEEE International Conference on Software Testing Verification and Validation Workshop -
Varaktighet: 27 maj 2024 → …

Publikationsserier

NamnProceedings - 2024 IEEE International Conference on Software Testing, Verification and Validation Workshops, ICSTW 2024

Konferens

KonferensIEEE International Conference on Software Testing Verification and Validation Workshop
Förkortad titelICSTW
Period27/05/24 → …

Fingeravtryck

Fördjupa i forskningsämnen för ”Early Detection with Explainability of Network Attacks Using Deep Learning”. Tillsammans bildar de ett unikt fingeravtryck.

Citera det här