Preliminary study on artificial intelligence methods for cybersecurity threat detection in computer networks based on raw data packets

• URL: http://arxiv.org/abs/2407.17339v1
• Date: Wed, 24 Jul 2024 15:04:00 GMT
• Title: Preliminary study on artificial intelligence methods for cybersecurity threat detection in computer networks based on raw data packets
• Authors: Aleksander Ogonowski, Michał Żebrowski, Arkadiusz Ćwiek, Tobiasz Jarosiewicz, Konrad Klimaszewski, Adam Padee, Piotr Wasiuk, Michał Wójcik,
• Abstract summary: In this paper, we investigate deep learning methodologies capable of detecting attacks in real-time directly from raw packet data within network traffic. We propose a novel approach where packets are stacked into windows and separately recognised, with a 2D image representation suitable for processing with computer vision models.
• Score: 34.82692226532414
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Most of the intrusion detection methods in computer networks are based on traffic flow characteristics. However, this approach may not fully exploit the potential of deep learning algorithms to directly extract features and patterns from raw packets. Moreover, it impedes real-time monitoring due to the necessity of waiting for the processing pipeline to complete and introduces dependencies on additional software components. In this paper, we investigate deep learning methodologies capable of detecting attacks in real-time directly from raw packet data within network traffic. We propose a novel approach where packets are stacked into windows and separately recognised, with a 2D image representation suitable for processing with computer vision models. Our investigation utilizes the CIC IDS-2017 dataset, which includes both benign traffic and prevalent real-world attacks, providing a comprehensive foundation for our research.

Related papers

• End-to-End triplet loss based fine-tuning for network embedding in effective PII detection [0.12289361708127873]
  We propose a novel deep learning based end-to-end learning framework for prediction of exposure of PII in mobile packets. The framework employs a pre-trained large language model (LLM) and an autoencoder to generate embedding of network packets. We compare our proposed detection framework with other state-of-the-art works in detecting PII leaks from user's device.
  arXiv  Detail & Related papers  (2025-02-13T06:43:46Z)
• AI/ML Based Detection and Categorization of Covert Communication in IPv6 Network [0.8130739369606821]
  IPv6 extension headers allow attackers to create covert channels or bypass security mechanisms, leading to potential data breaches or system compromises. The complexity of detecting covert communication, evolving injection techniques, and scarcity of data make building machine-learning models challenging. This study uses comprehensive machine learning techniques to train the model proposed in this study to detect threats.
  arXiv  Detail & Related papers  (2025-01-18T02:05:37Z)
• Revolutionizing Payload Inspection: A Self-Supervised Journey to Precision with Few Shots [0.0]
  Traditional security measures are inadequate against the sophistication of modern cyber attacks. Deep Packet Inspection (DPI) has been pivotal in enhancing network security. integration of advanced deep learning techniques with DPI has introduced modern methodologies into malware detection.
  arXiv  Detail & Related papers  (2024-09-26T18:55:52Z)
• Learning to Detect: A Data-driven Approach for Network Intrusion Detection [17.288512506016612]
  We perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks.
  arXiv  Detail & Related papers  (2021-08-18T21:19:26Z)
• Anomaly Detection on Attributed Networks via Contrastive Self-Supervised Learning [50.24174211654775]
  We present a novel contrastive self-supervised learning framework for anomaly detection on attributed networks. Our framework fully exploits the local information from network data by sampling a novel type of contrastive instance pair. A graph neural network-based contrastive learning model is proposed to learn informative embedding from high-dimensional attributes and local structure.
  arXiv  Detail & Related papers  (2021-02-27T03:17:20Z)
• Towards AIOps in Edge Computing Environments [60.27785717687999]
  This paper describes the system design of an AIOps platform which is applicable in heterogeneous, distributed environments. It is feasible to collect metrics with a high frequency and simultaneously run specific anomaly detection algorithms directly on edge devices.
  arXiv  Detail & Related papers  (2021-02-12T09:33:00Z)
• Intrusion detection in computer systems by using artificial neural networks with Deep Learning approaches [0.0]
  Intrusion detection into computer networks has become one of the most important issues in cybersecurity. This paper focuses on the design and implementation of an intrusion detection system based on Deep Learning architectures.
  arXiv  Detail & Related papers  (2020-12-15T19:12:23Z)
• Risk-Averse MPC via Visual-Inertial Input and Recurrent Networks for Online Collision Avoidance [95.86944752753564]
  We propose an online path planning architecture that extends the model predictive control (MPC) formulation to consider future location uncertainties. Our algorithm combines an object detection pipeline with a recurrent neural network (RNN) which infers the covariance of state estimates. The robustness of our methods is validated on complex quadruped robot dynamics and can be generally applied to most robotic platforms.
  arXiv  Detail & Related papers  (2020-07-28T07:34:30Z)
• Interpolation-based semi-supervised learning for object detection [44.37685664440632]
  We propose an Interpolation-based Semi-supervised learning method for object detection. The proposed losses dramatically improve the performance of semi-supervised learning as well as supervised learning.
  arXiv  Detail & Related papers  (2020-06-03T10:53:44Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.