• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

一种强大的智能零日网络攻击检测技术。

A robust intelligent zero-day cyber-attack detection technique.

作者信息

Kumar Vikash, Sinha Ditipriya

机构信息

Department of Computer Science and Engineering, National Institute of Technology Patna, Patna, 800005 India.

出版信息

Complex Intell Systems. 2021;7(5):2211-2234. doi: 10.1007/s40747-021-00396-9. Epub 2021 May 28.

DOI:10.1007/s40747-021-00396-9
PMID:34777966
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC8160422/
Abstract

With the introduction of the Internet to the mainstream like e-commerce, online banking, health system and other day-to-day essentials, risk of being exposed to various are increasing exponentially. Zero-day attack(s) targeting unknown vulnerabilities of a software or system opens up further research direction in the field of cyber-attacks. Existing approaches either uses ML/DNN or anomaly-based approach to protect against these attacks. Detecting zero-day attacks through these techniques miss several parameters like frequency of particular byte streams in network traffic and their correlation. Covering attacks that produce lower traffic is difficult through neural network models because it requires higher traffic for correct prediction. This paper proposes a novel robust and intelligent cyber-attack detection model to cover the issues mentioned above using the concept of heavy-hitter and graph technique to detect zero-day attacks. The proposed work consists of two phases () Signature generation and () Evaluation phase. This model evaluates the performance using generated signatures at the training phase. The result analysis of the proposed zero-day attack detection shows higher performance for accuracy of 91.33% for the binary classification and accuracy of 90.35% for multi-class classification on real-time attack data. The performance against benchmark data set CICIDS18 shows a promising result of 91.62% for binary-class classification on this model. Thus, the proposed approach shows an encouraging result to detect zero-day attacks.

摘要

随着互联网融入电子商务、网上银行、医疗系统等主流日常必需品领域,遭受各种风险的可能性呈指数级增长。针对软件或系统未知漏洞的零日攻击为网络攻击领域开辟了进一步的研究方向。现有方法要么使用机器学习/深度神经网络(ML/DNN),要么采用基于异常的方法来防范这些攻击。通过这些技术检测零日攻击会遗漏一些参数,如网络流量中特定字节流的频率及其相关性。通过神经网络模型很难覆盖流量较低的攻击,因为正确预测需要更高的流量。本文提出了一种新颖的、强大且智能的网络攻击检测模型,利用重击中者概念和图形技术来检测零日攻击,以解决上述问题。所提出的工作包括两个阶段:(1)签名生成阶段和(2)评估阶段。该模型在训练阶段使用生成的签名来评估性能。对所提出的零日攻击检测的结果分析表明,在实时攻击数据上,二元分类的准确率为91.33%,多类分类的准确率为90.35%,性能较高。在基准数据集CICIDS18上的性能显示,该模型二元分类的准确率为91.62%,结果很有前景。因此,所提出的方法在检测零日攻击方面显示出令人鼓舞的结果。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/49a58c3ed9a3/40747_2021_396_Fig20_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/872ee312d938/40747_2021_396_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/376733ae73ab/40747_2021_396_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/66684c72bfb6/40747_2021_396_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/51af08b1f270/40747_2021_396_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/cba60e9a5f47/40747_2021_396_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/7bf36a6096c3/40747_2021_396_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/b5e13b1ec024/40747_2021_396_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/f149dd58b489/40747_2021_396_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/1b7ab6b1f6ff/40747_2021_396_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/6f69d365d823/40747_2021_396_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/3760824c3ae3/40747_2021_396_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/f3f0d4e316b6/40747_2021_396_Fig12_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/79e8a5310c38/40747_2021_396_Fig13_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c1b55e5812f3/40747_2021_396_Fig14_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/b47bf113fd62/40747_2021_396_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/3825f822e36d/40747_2021_396_Fig16_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c97a2f791f2a/40747_2021_396_Fig17_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c9c611c74616/40747_2021_396_Fig18_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/d31552aba7d6/40747_2021_396_Fig19_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/49a58c3ed9a3/40747_2021_396_Fig20_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/872ee312d938/40747_2021_396_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/376733ae73ab/40747_2021_396_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/66684c72bfb6/40747_2021_396_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/51af08b1f270/40747_2021_396_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/cba60e9a5f47/40747_2021_396_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/7bf36a6096c3/40747_2021_396_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/b5e13b1ec024/40747_2021_396_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/f149dd58b489/40747_2021_396_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/1b7ab6b1f6ff/40747_2021_396_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/6f69d365d823/40747_2021_396_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/3760824c3ae3/40747_2021_396_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/f3f0d4e316b6/40747_2021_396_Fig12_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/79e8a5310c38/40747_2021_396_Fig13_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c1b55e5812f3/40747_2021_396_Fig14_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/b47bf113fd62/40747_2021_396_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/3825f822e36d/40747_2021_396_Fig16_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c97a2f791f2a/40747_2021_396_Fig17_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/c9c611c74616/40747_2021_396_Fig18_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/d31552aba7d6/40747_2021_396_Fig19_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/4e0c/8160422/49a58c3ed9a3/40747_2021_396_Fig20_HTML.jpg

相似文献

1
A robust intelligent zero-day cyber-attack detection technique.一种强大的智能零日网络攻击检测技术。
Complex Intell Systems. 2021;7(5):2211-2234. doi: 10.1007/s40747-021-00396-9. Epub 2021 May 28.
2
Defending the Defender: Adversarial Learning Based Defending Strategy for Learning Based Security Methods in Cyber-Physical Systems (CPS).捍卫防御者:基于对抗学习的防御策略,用于网络物理系统 (CPS) 中的基于学习的安全方法。
Sensors (Basel). 2023 Jun 9;23(12):5459. doi: 10.3390/s23125459.
3
A Survey of Machine Learning-Based Zero-Day Attack Detection: Challenges and Future Directions.基于机器学习的零日攻击检测综述:挑战与未来方向
Comput Commun. 2023 Jan;198. doi: 10.1016/j.comcom.2022.11.001.
4
IDAC: Federated Learning-Based Intrusion Detection Using Autonomously Extracted Anomalies in IoT.IDAC:基于联邦学习的物联网入侵检测,利用自主提取的异常情况
Sensors (Basel). 2024 May 18;24(10):3218. doi: 10.3390/s24103218.
5
A Lightweight Intelligent Network Intrusion Detection System Using One-Class Autoencoder and Ensemble Learning for IoT.一种使用单类自动编码器和集成学习的轻量级物联网智能入侵检测系统。
Sensors (Basel). 2023 Apr 20;23(8):4141. doi: 10.3390/s23084141.
6
Development of an IoT Architecture Based on a Deep Neural Network against Cyber Attacks for Automated Guided Vehicles.基于深度神经网络的物联网架构开发,以应对自动化引导车辆的网络攻击。
Sensors (Basel). 2021 Dec 18;21(24):8467. doi: 10.3390/s21248467.
7
Cyber-attack method and perpetrator prediction using machine learning algorithms.使用机器学习算法进行网络攻击方法及作案者预测
PeerJ Comput Sci. 2021 Apr 9;7:e475. doi: 10.7717/peerj-cs.475. eCollection 2021.
8
Personalized insulin dose manipulation attack and its detection using interval-based temporal patterns and machine learning algorithms.个性化胰岛素剂量操纵攻击及其基于区间的时间模式和机器学习算法检测
J Biomed Inform. 2022 Aug;132:104129. doi: 10.1016/j.jbi.2022.104129. Epub 2022 Jun 30.
9
Representation-Learning-Based CNN for Intelligent Attack Localization and Recovery of Cyber-Physical Power Systems.基于表示学习的卷积神经网络用于智能攻击定位与恢复网络物理电力系统
IEEE Trans Neural Netw Learn Syst. 2024 May;35(5):6145-6155. doi: 10.1109/TNNLS.2023.3257225. Epub 2024 May 2.
10
Correlation-Based Anomaly Detection in Industrial Control Systems.基于相关的工业控制系统异常检测。
Sensors (Basel). 2023 Feb 1;23(3):1561. doi: 10.3390/s23031561.

引用本文的文献

1
Zero-Day Malware Detection and Effective Malware Analysis Using Shapley Ensemble Boosting and Bagging Approach.零日恶意软件检测与 Shapley 集成提升和装袋方法在恶意软件分析中的有效应用。
Sensors (Basel). 2022 Apr 6;22(7):2798. doi: 10.3390/s22072798.