Papers
Topics
Authors
Recent
Search
2000 character limit reached

Anticipated Network Surveillance -- An extrapolated study to predict cyber-attacks using Machine Learning and Data Analytics

Published 27 Dec 2023 in cs.CR and cs.LG | (2312.17270v1)

Abstract: Machine learning and data mining techniques are utiized for enhancement of the security of any network. Researchers used machine learning for pattern detection, anomaly detection, dynamic policy setting, etc. The methods allow the program to learn from data and make decisions without human intervention, consuming a huge training period and computation power. This paper discusses a novel technique to predict an upcoming attack in a network based on several data parameters. The dataset is continuous in real-time implementation. The proposed model comprises dataset pre-processing, and training, followed by the testing phase. Based on the results of the testing phase, the best model is selected using which, event class which may lead to an attack is extracted. The event statistics are used for attack

Definition Search Book Streamline Icon: https://streamlinehq.com
References (51)
  1. H.-J. Liao, C.-H. R. Lin, Y.-C. Lin, and K.-Y. Tung, “Intrusion detection system: A comprehensive review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16–24, 2013.
  2. W. Tounsi and H. Rais, “A survey on technical threat intelligence in the age of sophisticated cyber attacks,” Computers & security, vol. 72, pp. 212–233, 2018.
  3. M. Conti, T. Dargahi, and A. Dehghantanha, “Cyber threat intelligence: challenges and opportunities,” in Cyber Threat Intelligence.   Springer, 2018, pp. 1–6.
  4. S. R. Valiveti, A. Manglani, and T. Desai, “Anomaly-based intrusion detection systems for mobile ad hoc networks: A practical comprehension,” International Journal of Systems and Software Security and Protection (IJSSSP), vol. 12, no. 2, pp. 11–32, 2021.
  5. N. Moustaf and J. Slay, “Creating novel features to anomaly network detection using darpa-2009 data set,” in Proceedings of the 14th European Conference on Cyber Warfare and Security. Academic Conferences Limited, 2015, pp. 204–212.
  6. K. CUP, “data set [eb/0 l]. h ttp,” kdd. ics. uci. edu/databases/kddcup99, 1999.
  7. R. Bala and R. Nagpal, “A review on kdd cup99 and nsl nsl-kdd dataset.” International Journal of Advanced Research in Computer Science, vol. 10, no. 2, 2019.
  8. S. Soheily-Khah, P.-F. Marteau, and N. Béchet, “Intrusion detection in network systems through hybrid supervised and unsupervised machine learning process: A case study on the iscx dataset,” in 2018 1st International Conference on Data Intelligence and Security (ICDIS).   IEEE, 2018, pp. 219–226.
  9. N. Moustafa and J. Slay, “Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set),” in 2015 military communications and information systems conference (MilCIS).   IEEE, 2015, pp. 1–6.
  10. G. Creech and J. Hu, “Generation of a new ids test dataset: Time to retire the kdd collection,” in 2013 IEEE Wireless Communications and Networking Conference (WCNC).   IEEE, 2013, pp. 4487–4492.
  11. R. Panigrahi and S. Borah, “A detailed analysis of cicids2017 dataset for designing intrusion detection systems,” International Journal of Engineering & Technology, vol. 7, no. 3.24, pp. 479–482, 2018.
  12. I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “A detailed analysis of the cicids2017 data set,” in International conference on information systems security and privacy.   Springer, 2018, pp. 172–188.
  13. S. Kumar and E. H. Spafford, “A pattern matching model for misuse intrusion detection,” 1994.
  14. V. Jyothsna, R. Prasad, and K. M. Prasad, “A review of anomaly based intrusion detection systems,” International Journal of Computer Applications, vol. 28, no. 7, pp. 26–35, 2011.
  15. P. Uppuluri and R. Sekar, “Experiences with specification-based intrusion detection,” in International Workshop on Recent Advances in Intrusion Detection.   Springer, 2001, pp. 172–189.
  16. Y.-H. Kim and W. H. Park, “A study on cyber threat prediction based on intrusion detection event for apt attack detection,” Multimedia tools and applications, vol. 71, no. 2, pp. 685–698, 2014.
  17. M. Abdlhamed, K. Kifayat, Q. Shi, and W. Hurst, “Intrusion prediction systems,” in Information fusion for cyber-security analytics.   Springer, 2017, pp. 155–174.
  18. P. Dokas, L. Ertoz, V. Kumar, A. Lazarevic, J. Srivastava, and P.-N. Tan, “Data mining for network intrusion detection,” in Proc. NSF Workshop on Next Generation Data Mining, 2002, pp. 21–30.
  19. A. Lazarevic, L. Ertoz, V. Kumar, A. Ozgur, and J. Srivastava, “A comparative study of anomaly detection schemes in network intrusion detection,” in Proceedings of the 2003 SIAM international conference on data mining.   SIAM, 2003, pp. 25–36.
  20. Z.-t. Li, J. Lei, L. Wang, and D. Li, “A data mining approach to generating network attack graph for intrusion prediction,” in Fourth International Conference on Fuzzy Systems and Knowledge Discovery (FSKD 2007), vol. 4.   IEEE, 2007, pp. 307–311.
  21. S. Jha, O. Sheyner, and J. Wing, “Two formal analyses of attack graphs,” in Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.   IEEE, 2002, pp. 49–63.
  22. V. Abaeian, A. Abdullah, T. Pillai, and L. Z. Cai, “Intrusion detection forecasting using time series for improving cyber defence,” International Journal of Intelligent Systems and Applications in Engineering, vol. 3, no. 1, pp. 28–33, 2015.
  23. S. J. Yang, H. Du, J. Holsopple, and M. Sudit, “Attack projection,” Cyber Defense and Situational Awareness, pp. 239–261, 2014.
  24. A. Okutan, S. J. Yang, and K. McConky, “Predicting cyber attacks with bayesian networks using unconventional signals,” in Proceedings of the 12th Annual Conference on Cyber and Information Security Research, 2017, pp. 1–4.
  25. G. Onoh, “Predicting cyber-attacks using publicly available data,” in Journal of The Colloquium for Information Systems Security Education, vol. 6, no. 1, 2018, pp. 18–18.
  26. M. Husák, J. Komárková, E. Bou-Harb, and P. Čeleda, “Survey of attack projection, prediction, and forecasting in cyber security,” IEEE Communications Surveys & Tutorials, vol. 21, no. 1, pp. 640–660, 2018.
  27. Y.-B. Leau and S. Manickam, “Network security situation prediction: a review and discussion,” in International Conference on Soft Computing, Intelligence Systems, and Information Technology.   Springer, 2015, pp. 424–435.
  28. R. S. Shaw, C. C. Chen, A. L. Harris, and H.-J. Huang, “The impact of information richness on information security awareness training effectiveness,” Computers & Education, vol. 52, no. 1, pp. 92–100, 2009.
  29. A. Ahmadian Ramaki, A. Rasoolzadegan, and A. Javan Jafari, “A systematic review on intrusion detection based on the hidden markov model,” Statistical Analysis and Data Mining: The ASA Data Science Journal, vol. 11, no. 3, pp. 111–134, 2018.
  30. L. Wang, A. Singhal, and S. Jajodia, “Measuring the overall security of network configurations using attack graphs,” in IFIP Annual Conference on Data and Applications Security and Privacy.   Springer, 2007, pp. 98–112.
  31. T. Hughes and O. Sheyner, “Attack scenario graphs for computer network threat analysis and prediction,” Complexity, vol. 9, no. 2, pp. 15–18, 2003.
  32. P. Cao, E. Badger, Z. Kalbarczyk, R. Iyer, and A. Slagell, “Preemptive intrusion detection: Theoretical framework and real-world measurements,” in Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 2015, pp. 1–12.
  33. N. Friedman, D. Geiger, and M. Goldszmidt, “Bayesian network classifiers,” Machine learning, vol. 29, no. 2, pp. 131–163, 1997.
  34. C. Lai-Cheng, “A high-efficiency intrusion prediction technology based on markov chain,” in 2007 International Conference on Computational Intelligence and Security Workshops (CISW 2007).   IEEE, 2007, pp. 518–521.
  35. H. Hao, L. Yuling, Z. Hongqi, Y. Yingjie, and Y. Runguo, “Route prediction method for network intrusion using absorbing markov chain,” Journal of Computer Research and Development, vol. 55, no. 4, p. 831, 2018.
  36. K. Haslum, A. Abraham, and S. Knapskog, “Dips: A framework for distributed intrusion prediction and prevention using hidden markov models and online fuzzy risk assessment,” in Third International Symposium on Information Assurance and Security.   IEEE, 2007, pp. 183–190.
  37. P. Holgado, V. A. Villagrá, and L. Vazquez, “Real-time multistep attack prediction based on hidden markov models,” IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, pp. 134–147, 2017.
  38. H. Farhadi, M. AmirHaeri, and M. Khansari, “Alert correlation and prediction using data mining and hmm,” The ISC International Journal of Information Security, vol. 3, no. 2, pp. 77–101, 2011.
  39. S. Abraham and S. Nair, “Exploitability analysis using predictive cybersecurity framework,” in 2015 IEEE 2nd International Conference on Cybernetics (CYBCONF).   IEEE, 2015, pp. 317–323.
  40. F. Soldo, A. Le, and A. Markopoulou, “Blacklisting recommendation system: Using spatio-temporal patterns to predict future attacks,” IEEE Journal on Selected Areas in Communications, vol. 29, no. 7, pp. 1423–1437, 2011.
  41. T. R. Pillai, S. Palaniappan, A. Abdullah, and H. M. Imran, “Predictive modeling for intrusions in communication systems using garma and arma models,” in 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW).   IEEE, 2015, pp. 1–6.
  42. Z. Zhan, M. Xu, and S. Xu, “Predicting cyber attack rates with extreme values,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 8, pp. 1666–1677, 2015.
  43. Y. Zhang, S. Jin, X. Cui, X. Yin, and Y. Pang, “Network security situation prediction based on bp and rbf neural network,” in International Conference on Trustworthy Computing and Services.   Springer, 2012, pp. 659–665.
  44. Y. Liu, A. Sarabi, J. Zhang, P. Naghizadeh, M. Karir, M. Bailey, and M. Liu, “Cloudy with a chance of breach: Forecasting cyber security incidents,” in 24th {normal-{\{{USENIX}normal-}\}} Security Symposium ({normal-{\{{USENIX}normal-}\}} Security 15), 2015, pp. 1009–1024.
  45. N. M. Khan, N. Madhav C, A. Negi, and I. S. Thaseen, “Analysis on improving the performance of machine learning models using feature selection technique,” in international conference on intelligent systems design and applications.   Springer, 2018, pp. 69–77.
  46. R. A. Disha and S. Waheed, “Performance analysis of machine learning models for intrusion detection system using gini impurity-based weighted random forest (giwrf) feature selection technique,” Cybersecurity, vol. 5, no. 1, pp. 1–22, 2022.
  47. R. Zuech, J. Hancock, and T. M. Khoshgoftaar, “Detecting web attacks using random undersampling and ensemble learners,” Journal of Big Data, vol. 8, no. 1, pp. 1–20, 2021.
  48. Ł. Podlodowski and M. Kozłowski, “Application of xgboost to the cyber-security problem of detecting suspicious network traffic events,” in 2019 IEEE International Conference on Big Data (Big Data).   IEEE, 2019, pp. 5902–5907.
  49. A. A. Ramaki, M. Amini, and R. E. Atani, “Rteca: Real time episode correlation algorithm for multi-step attack scenarios detection,” computers & security, vol. 49, pp. 206–219, 2015.
  50. S. Dowling, M. Schukat, and H. Melvin, “Using analysis of temporal variances within a honeypot dataset to better predict attack type probability,” in 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST).   IEEE, 2017, pp. 349–354.
  51. J. L. Leevy, J. Hancock, R. Zuech, and T. M. Khoshgoftaar, “Detecting cybersecurity attacks across different network features and learners,” Journal of Big Data, vol. 8, no. 1, pp. 1–29, 2021.

Summary

No one has generated a summary of this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Summarize

Paper to Video (Beta)

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up