Detection of Malicious Network Activity by Artificial Neural Network
DOI:
https://doi.org/10.3849/aimt.01794Keywords:
stepwise selection method , artificial neural networks, malicious communication system, principal component analysisAbstract
This paper presents a deep learning approach to detect malicious communication in a computer network. The intercepted communication is transformed into behavioral feature vectors that are reduced (using principal component analysis and stepwise selection methods) and normalized to create training and test sets. A feed-forward artificial neural network is then used as a classifier to determine the type of malicious communication. Three training algorithms were used to train the neural network: the Levenberg-Marquardt algorithm, Bayesian regularization, and the scaled conjugate gradient backpropagation algorithm. The proposed artificial neural network topology after reducing the size of the training and test sets achieves a correct classification probability of 81.5 % for each type of malicious communication and of 99.6 % (and better) for normal communication.
References
DROPPA, M. and M. HARAKAL Analysis of Cybersecurity in the Real Environment. In: Proceedings of the Communication and Information Technologies Conference KIT 2021. Vysoke Tatry: IEEE, 2021, pp. 92-98. DOI 10.1109/KIT52904.2021.9583748.
DULIK, M. Deploying Fake Network Devices to Obtain Sensitive User Data. In: Proceedings of the Communication and Information Technologies Conference KIT 2021. Vysoké Tatry: IEEE, 2021, pp. 87-91. DOI 10.1109/KIT52904.2021.9583751.
A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) [online]. [viewed 2022-03-02]. Available from: https://registry.opendata.aws/cse-cic-ids2018/
SAUTER, M. “LOIC Will Tear Us Apart” The Impact of Tool Design and Media Portrayals in the Success of Activist DDOS Attacks. American Behavioral Scientist, 2013, 57(7), pp. 983-1007. DOI 10.1177/0002764213479370.
SHARAFALDIN, I., L.A. HABIBI and A.A. GHORBANI. A Detailed Analysis of the CICIDS2017 Data Set. In: Information Systems Security and Privacy, 4th International Conference. Funchal: ICISSP, 2019, pp. 172-188. DOI 10.1007/978-3-030-25109-3_9.
SHARAFALDIN, I., A.H. LASHKARI, S. HAKAK and A.A. GHORBANI. Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST). Chennai: IEEE, 2019. DOI 10.1109/CCST.2019.8888419.
BAPTISTA, F.D., S. RODRIGUES and F. MORGADO-DIAS. Performance Comparison of ANN Training Algorithms for Classification. In: 2013 IEEE 8th International Symposium on Intelligent Signal Processing. Funchal: IEEE, 2013, pp. 115-120. DOI 10.1109/WISP.2013.6657493.
KUMARASWAMY, B. 6 - Neural networks for data classification. In D. BINU and B.R. RAJAKUMAR, eds. Artificial Intelligence in Data Mining. Cambridge: Academic Press, 2021, pp. 109-131. ISBN 0-12-820601-2.
BURDEN, F. and D. WINKLER. Bayesian Regularization of Neural Networks. Totowa: Humana Press, 2009. ISBN 1-58829-718-7.
BABANI, L., S. JADHAV and B. CHAUDHARI. Scaled Conjugate Gradient Based Adaptive ANN Control for SVM-DTC Induction Motor Drive. In: Artificial Intelligence Applications and Innovations. Springer: Cham, 2016, pp. 384-395. DOI 10.1007/978-3-319-44944-9_33.
KARAKAYA, D., O. ULUCAN and M. TURKAN. Pas-Mef: Multi-Exposure Image Fusion Based on Principal Component Analysis, Adaptive Well-Exposedness and Saliency Map. In: Proceedings of the ICASSP 2022. Singapore: IEEE, 2022, pp. 2345-2349. DOI 10.1109/ICASSP43922.2022.9746779.YUE, Y., X. MA and C. ZHANG. Comprehensive Performance Evaluation of the Listed Companies in Coal Mining Industry Based on Factor Analysis and Cluster Analysis. In: 2010 Asia-Pacific Conference on Wearable Computing Systems, Shenzhen: IEEE, 2010. DOI 10.1109/APWCS.2010.75.
WANG, C., J. SUN, Y. LI, J. ZHAO and B. TIAN. A Comparison of Stepwise Cluster Analysis and Multiple Linear Regression for Hydrological Simulation. Journal of Physics: Conference Series, 2022, 2224, 012026. DOI 10.1088/1742-6596/2224/1/012026.
JAIN, K. and A. SINGH. Data-Prediction Model Based on Stepwise Data Regression Method in Wireless Sensor Network. Wireless Personal Communications, 2023, 128, pp. 2085-2111. DOI 10.1007/s11277-022-10034-3.
HAMID, N.B., M.E. SANIK, H.M. NOOR, J. PRASETIJO, M. MOKHTAR, M.A.M. AZMI, M.I. YAHAYA and M.Z. RAMLI. Prediction Model of Mass Rapid Transit Noise Level Using the Stepwise Regression Analysis. In: Proceedings of the 7th International Conference on the Applications of Science and Mathematics 2021. Singapore: Springer, 2022, pp. 379-389. DOI 10.1007/978-981-16-8903-1.
SHARAFALDIN, I., A.H. LASHKARI and A.A. GHORBANI. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy - ICISSP. Funchal: SciTePress, 2018, pp. 108-116. DOI 10.5220/0006639801080116.
DRAPER-GIL, G., A.H. LASHKARI, M.S.I. MAMUN and A.A. GHORBANI. Characterization of Encrypted and VPN Traffic Using Time-Related Features. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy – ICISSP. Roma: SciTePress, 2016, pp. 407-417. DOI n10.5220/0005740704070414.
LASHKARI, A.H., G.D. GIL, M.S.I. MAMUN and A.A. GHORBANI. Characterization of Tor Traffic Using Time based Features. In: Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP. Porto: SciTePress, 2017, pp. 253-262. DOI 10.5220/0006105602530262.
ANDRÉ, C.D.S., S.C. NARULA, S.N. ELIAN and R.A. TAVARES. An Overview of the Variables Selection Methods for the Minimum Sum of Absolute Errors Regression. Statistics in Medicine, 2003, 22(13), pp. 2101-2111. DOI 10.1002/sim.1437.
BEJTLICH, R. The Practice of Network Security Monitoring: Understanding Incident Detection and Response. San Francisco: No Starch Press, 2013. ISBN 1-59327-509-9.
Security Onion [online]. [viewed 2022-03-02]. Available from: https://securityonionsolutions.com/
Security Onion Documentation [online]. [viewed 2022-03-15]. Available from: https://docs.securityonion.net/en/2.3/index.html
Downloads
Published
License
Copyright (c) 2023 Advances in Military Technology
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
Users can use, reuse and build upon the material published in the journal for any purpose, even commercially.