Modern Cybersecurity Solution using Supervised Machine Learning

• URL: http://arxiv.org/abs/2109.07593v1
• Date: Wed, 15 Sep 2021 22:03:50 GMT
• Title: Modern Cybersecurity Solution using Supervised Machine Learning
• Authors: Mustafa Sakhai, Maciej Wielgosz
• Abstract summary: Traditional Firewall and Intrusion Detection system fails to detect new attacks, zero-day attacks, and traffic patterns that do not match with configured rules. We used Netflow datasets to extract features after applying data analysis. Our experiments focus on how efficient machine learning algorithms can detect Bot traffic, Malware traffic, and background traffic.
• Score: 0.456877715768796
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Cybersecurity is essential, and attacks are rapidly growing and getting more challenging to detect. The traditional Firewall and Intrusion Detection system, even though it is widely used and recommended but it fails to detect new attacks, zero-day attacks, and traffic patterns that do not match with any configured rules. Therefore, Machine Learning (ML) can be an efficient and cost-reduced solution in cybersecurity. We used Netflow datasets to extract features after applying data analysis. Then, a selection process has been applied to compare these features with one another. Our experiments focus on how efficient machine learning algorithms can detect Bot traffic, Malware traffic, and background traffic. We managed to get 0.903 precision value from a dataset that has 6.5% Bot flows, 1.57% Normal flows, 0.18% Command&Control (C&C) flows, and 91.7% background flows, from 2,753,884 total flows. The results show low false-negative with few false-positive detections.

Related papers

• Unlearn and Burn: Adversarial Machine Unlearning Requests Destroy Model Accuracy [65.80757820884476]
  We expose a critical yet underexplored vulnerability in the deployment of unlearning systems. We present a threat model where an attacker can degrade model accuracy by submitting adversarial unlearning requests for data not present in the training set. We evaluate various verification mechanisms to detect the legitimacy of unlearning requests and reveal the challenges in verification.
  arXiv  Detail & Related papers  (2024-10-12T16:47:04Z)
• T4P: Test-Time Training of Trajectory Prediction via Masked Autoencoder and Actor-specific Token Memory [39.021321011792786]
  Trajectory prediction is a challenging problem that requires considering interactions among multiple actors. Data-driven approaches have been used to address this complex problem, but they suffer from unreliable predictions under distribution shifts during test time. We propose several online learning methods using regression loss from the ground truth of observed data. Our method surpasses the performance of existing state-of-the-art online learning methods in terms of both prediction accuracy and computational efficiency.
  arXiv  Detail & Related papers  (2024-03-15T06:47:14Z)
• FLTracer: Accurate Poisoning Attack Provenance in Federated Learning [38.47921452675418]
  Federated Learning (FL) is a promising distributed learning approach that enables multiple clients to collaboratively train a shared global model. Recent studies show that FL is vulnerable to various poisoning attacks, which can degrade the performance of global models or introduce backdoors into them. We propose FLTracer, the first FL attack framework to accurately detect various attacks and trace the attack time, objective, type, and poisoned location of updates.
  arXiv  Detail & Related papers  (2023-10-20T11:24:38Z)
• A Dependable Hybrid Machine Learning Model for Network Intrusion Detection [1.222622290392729]
  We propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability. Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022.
  arXiv  Detail & Related papers  (2022-12-08T20:19:27Z)
• Online Distribution Shift Detection via Recency Prediction [43.84609690251748]
  We present an online method for detecting distribution shift with guarantees on the false positive rate. Our system is very unlikely (with probability $ epsilon$) to falsely issue an alert when there is no distribution shift. It empirically achieves up to 11x faster detection on realistic robotics settings compared to prior work.
  arXiv  Detail & Related papers  (2022-11-17T22:29:58Z)
• DAAIN: Detection of Anomalous and Adversarial Input using Normalizing Flows [52.31831255787147]
  We introduce a novel technique, DAAIN, to detect out-of-distribution (OOD) inputs and adversarial attacks (AA) Our approach monitors the inner workings of a neural network and learns a density estimator of the activation distribution. Our model can be trained on a single GPU making it compute efficient and deployable without requiring specialized accelerators.
  arXiv  Detail & Related papers  (2021-05-30T22:07:13Z)
• DoS and DDoS Mitigation Using Variational Autoencoders [15.23225419183423]
  We explore the potential of Variational Autoencoders to serve as a component within an intelligent security solution. Two methods based on the ability of Variational Autoencoders to learn latent representations from network traffic flows are proposed.
  arXiv  Detail & Related papers  (2021-05-14T15:38:40Z)
• Improving Botnet Detection with Recurrent Neural Network and Transfer Learning [5.602292536933117]
  Botnet detection is a critical step in stopping the spread of botnets and preventing malicious activities. Recent approaches employing machine learning (ML) showed improved performance than earlier ones. We propose a novel botnet detection method, built upon Recurrent Variational Autoencoder (RVAE)
  arXiv  Detail & Related papers  (2021-04-26T14:05:01Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• Hybrid Model For Intrusion Detection Systems [0.0]
  This project involves analysis of different machine learning algorithms used in intrusion detection systems. After the analysis of different intrusion detection systems on both the datasets, this project aimed to develop a new hybrid model for intrusion detection systems.
  arXiv  Detail & Related papers  (2020-03-19T05:52:29Z)
• Cyber Attack Detection thanks to Machine Learning Algorithms [0.0]
  This paper explores Machine Learning as a viable solution by examining its capabilities to classify malicious traffic in a network. Our approach analyzes five different machine learning algorithms against NetFlow dataset containing common botnets. The Random Forest succeeds in detecting more than 95% of the botnets in 8 out of 13 scenarios and more than 55% in the most difficult datasets.
  arXiv  Detail & Related papers  (2020-01-17T13:52:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.