Detection of Malicious Network Activity by Artificial Neural Network

Authors

  • Michal Turčaník
  • J. Baráth Department of Informatics, Armed Forces Academy of gen M.R. Štefánik, Liptovský Mikuláš,

DOI:

https://doi.org/10.3849/aimt.01794

Keywords:

stepwise selection method , artificial neural networks, malicious communication system, principal component analysis

Abstract

This paper presents a deep learning approach to detect malicious communication in a computer network. The intercepted communication is transformed into behavioral feature vectors that are reduced (using principal component analysis and stepwise selection methods) and normalized to create training and test sets. A feed-forward artificial neural network is then used as a classifier to determine the type of malicious communication. Three training algorithms were used to train the neural network: the Levenberg-Marquardt algorithm, Bayesian regularization, and the scaled conjugate gradient backpropagation algorithm. The proposed artificial neural network topology after reducing the size of the training and test sets achieves a correct classification probability of 81.5 % for each type of malicious communication and of 99.6 % (and better) for normal communication.

Author Biography

  • Michal Turčaník

References

DROPPA, M. and M. HARAKAL Analysis of Cybersecurity in the Real Environment. In: Proceedings of the Communication and Information Technologies Conference KIT 2021. Vysoke Tatry: IEEE, 2021, pp. 92-98. DOI 10.1109/KIT52904.2021.9583748.

DULIK, M. Deploying Fake Network Devices to Obtain Sensitive User Data. In: Proceedings of the Communication and Information Technologies Conference KIT 2021. Vysoké Tatry: IEEE, 2021, pp. 87-91. DOI 10.1109/KIT52904.2021.9583751.

A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) [online]. [viewed 2022-03-02]. Available from: https://registry.opendata.aws/cse-cic-ids2018/

SAUTER, M. “LOIC Will Tear Us Apart” The Impact of Tool Design and Media Portrayals in the Success of Activist DDOS Attacks. American Behavioral Scientist, 2013, 57(7), pp. 983-1007. DOI 10.1177/0002764213479370.

SHARAFALDIN, I., L.A. HABIBI and A.A. GHORBANI. A Detailed Analysis of the CICIDS2017 Data Set. In: Information Systems Security and Privacy, 4th International Conference. Funchal: ICISSP, 2019, pp. 172-188. DOI 10.1007/978-3-030-25109-3_9.

SHARAFALDIN, I., A.H. LASHKARI, S. HAKAK and A.A. GHORBANI. Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST). Chennai: IEEE, 2019. DOI 10.1109/CCST.2019.8888419.

BAPTISTA, F.D., S. RODRIGUES and F. MORGADO-DIAS. Performance Comparison of ANN Training Algorithms for Classification. In: 2013 IEEE 8th International Symposium on Intelligent Signal Processing. Funchal: IEEE, 2013, pp. 115-120. DOI 10.1109/WISP.2013.6657493.

KUMARASWAMY, B. 6 - Neural networks for data classification. In D. BINU and B.R. RAJAKUMAR, eds. Artificial Intelligence in Data Mining. Cambridge: Academic Press, 2021, pp. 109-131. ISBN 0-12-820601-2.

BURDEN, F. and D. WINKLER. Bayesian Regularization of Neural Networks. Totowa: Humana Press, 2009. ISBN 1-58829-718-7.

BABANI, L., S. JADHAV and B. CHAUDHARI. Scaled Conjugate Gradient Based Adaptive ANN Control for SVM-DTC Induction Motor Drive. In: Artificial Intelligence Applications and Innovations. Springer: Cham, 2016, pp. 384-395. DOI 10.1007/978-3-319-44944-9_33.

KARAKAYA, D., O. ULUCAN and M. TURKAN. Pas-Mef: Multi-Exposure Image Fusion Based on Principal Component Analysis, Adaptive Well-Exposedness and Saliency Map. In: Proceedings of the ICASSP 2022. Singapore: IEEE, 2022, pp. 2345-2349. DOI 10.1109/ICASSP43922.2022.9746779.YUE, Y., X. MA and C. ZHANG. Comprehensive Performance Evaluation of the Listed Companies in Coal Mining Industry Based on Factor Analysis and Cluster Analysis. In: 2010 Asia-Pacific Conference on Wearable Computing Systems, Shenzhen: IEEE, 2010. DOI 10.1109/APWCS.2010.75.

WANG, C., J. SUN, Y. LI, J. ZHAO and B. TIAN. A Comparison of Stepwise Cluster Analysis and Multiple Linear Regression for Hydrological Simulation. Journal of Physics: Conference Series, 2022, 2224, 012026. DOI 10.1088/1742-6596/2224/1/012026.

JAIN, K. and A. SINGH. Data-Prediction Model Based on Stepwise Data Regression Method in Wireless Sensor Network. Wireless Personal Communications, 2023, 128, pp. 2085-2111. DOI 10.1007/s11277-022-10034-3.

HAMID, N.B., M.E. SANIK, H.M. NOOR, J. PRASETIJO, M. MOKHTAR, M.A.M. AZMI, M.I. YAHAYA and M.Z. RAMLI. Prediction Model of Mass Rapid Transit Noise Level Using the Stepwise Regression Analysis. In: Proceedings of the 7th International Conference on the Applications of Science and Mathematics 2021. Singapore: Springer, 2022, pp. 379-389. DOI 10.1007/978-981-16-8903-1.

SHARAFALDIN, I., A.H. LASHKARI and A.A. GHORBANI. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP. Funchal: SciTePress, 2018, pp. 108-116. DOI 10.5220/0006639801080116.

DRAPER-GIL, G., A.H. LASHKARI, M.S.I. MAMUN and A.A. GHORBANI. Characterization of Encrypted and VPN Traffic Using Time-Related Features. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy – ICISSP. Roma: SciTePress, 2016, pp. 407-417. DOI n10.5220/0005740704070414.

LASHKARI, A.H., G.D. GIL, M.S.I. MAMUN and A.A. GHORBANI. Characterization of Tor Traffic Using Time based Features. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP. Porto: SciTePress, 2017, pp. 253-262. DOI 10.5220/0006105602530262.

ANDRÉ, C.D.S., S.C. NARULA, S.N. ELIAN and R.A. TAVARES. An Overview of the Variables Selection Methods for the Minimum Sum of Absolute Errors Regression. Statistics in Medicine, 2003, 22(13), pp. 2101-2111. DOI 10.1002/sim.1437.

BEJTLICH, R. The Practice of Network Security Monitoring: Understanding Incident Detection and Response. San Francisco: No Starch Press, 2013. ISBN 1-59327-509-9.

Security Onion [online]. [viewed 2022-03-02]. Available from: https://securityonionsolutions.com/

Security Onion Documentation [online]. [viewed 2022-03-15]. Available from: https://docs.securityonion.net/en/2.3/index.html

Downloads

Published

27-04-2023

Issue

Section

Technical Information

Categories

How to Cite

Detection of Malicious Network Activity by Artificial Neural Network . (2023). Advances in Military Technology, 18(1), 101-117. https://doi.org/10.3849/aimt.01794

Similar Articles

1-10 of 257

You may also start an advanced similarity search for this article.