Affiliation:
1. Electrical and Computer Engineering Department, Prairie View A&M University, Prairie View, TX 77446, USA
2. Department of Physics, University of Texas, Austin, TX 78712, USA
Abstract
Cybersecurity is a critical issue in today’s internet world. Classical security systems, such as firewalls based on signature detection, cannot detect today’s sophisticated zero-day attacks. Machine learning (ML) based solutions are more attractive for their capabilities of detecting anomaly traffic from benign traffic, but to develop an ML-based anomaly detection system, we need meaningful or realistic network datasets to train the detection engine. There are many public network datasets for ML applications. Still, they have limitations, such as the data creation process and the lack of diverse attack scenarios or background traffic. To create a good detection engine, we need a realistic dataset with various attack scenarios and various types of background traffic, such as HTTPs, streaming, and SMTP traffic. In this work, we have developed realistic network data or datasets considering various attack scenarios and diverse background/benign traffic. Furthermore, considering the importance of distributed denial of service (DDoS) attacks, we have compared the performance of detecting anomaly traffic of some classical supervised and our prior developed unsupervised ML algorithms based on the convolutional neural network (CNN) and pseudo auto-encoder (AE) architecture based on the created datasets. The results show that the performance of the CNN-Pseudo-AE is comparable to that of many classical supervised algorithms. Hence, the CNN-Pseudo-AE algorithm is promising in actual implementation.
Funder
US Army Research, Development and Engineering Command Army Research Office
DOD-Air Force Research Laboratory
National Science Foundation
Texas Instruments
Department of Education
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference35 articles.
1. (2023, September 13). Internet Crime Report 2022; Federal Bureau of Investigation, U.S. Department of Justice, Available online: https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf.
2. (2023, September 13). Astra. Available online: https://www.getastra.com.
3. (2023, September 13). Palo Alto Networks Launches World’s First ML-Powered NGFW. 17 June 2020. Available online: https://www.paloaltonetworks.com/company/press/2020/palo-alto-networks-launches-worlds-first-ml-powered-ngfw.
4. Alam, S., Alam, Y., Cui, S., Akujuobi, C., and Chouikha, M. (2021, January 10–12). Toward Developing a Realistic DDoS Dataset for Anomaly-Based Intrusion Detection. Proceedings of the 2021 IEEE International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA.
5. (2023, September 13). CyberFlood. Available online: https://www.spirent.com/products/cyberflood-security-test.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献