Nguyen, V.Q. and Ngo, T.L. and Nguyen, L.M. and Nguyen, V.H. and Van Nguyen, V. and Nguyen, T.H. (2023) Hybrid of Deep Auto-Encoder and Maximum Mean Discrepancy for Cyber Reconnaissance Detection. In: UNSPECIFIED.
Full text not available from this repository. (Upload)Abstract
Detection of cyber-reconnaissance attacks plays a vital role in planning to prevent further attack stages as well as incident response. Although much effort has been made in the industry and academic community, there are still many limitations over the accuracy that need to be improved. Two fundamental limitations contributing to these concerns are powerful, meaningful, latent representation learning of network data and determination of the borderline between normal and cyber reconnaissance attack regions at learned latent space. Recent studies have introduced a number of solutions to detect network reconnaissance attacks such as using machine learning (ML) classifiers and combining Principal Component Analysis (PCA) or Deep Auto-Encoder (DAE) with ML. However, such solutions are still affected by the aforementioned limitations. In addition, these methods inefficiently handled high dimensional network traffic data. In this work, we proposed a novel hybrid of DAE and Maximum Mean Discrepancy (MMD) to overcome such limitations and strongly support the attack detection efficiency of ML classifiers. The proposed model called MMDAE exploits the advantage of the latent representation capability of DAE combined with the efficiency to determine the distance between probability distributions of MMD. The learned latent representation of MMD strongly increases the classification performance of ML classifiers. In order to evaluate the performance of the proposed model, we use four benchmark network datasets: NSL-KDD, UNSW-NB15, CIDDS-001, and CIDDS-002. The comprehensive experimental outputs obtained clearly demonstrate that this novel approach has better performance in comparison with existing works for cyber reconnaissance detection. © 2023 IEEE.
Item Type: | Conference or Workshop Item (UNSPECIFIED) |
---|---|
Divisions: | Offices > Office of International Cooperation |
Identification Number: | 10.1109/KSE59128.2023.10299465 |
Uncontrolled Keywords: | Efficiency; Principal component analysis; Probability distributions; Signal encoding, Attack detection; Auto encoders; Deep auto-encoder; Incident response; Latent representation; Learning classifiers; Machine-learning; Maximum mean discrepancy; Performance; Reconnaissance attack detection, Benchmarking |
Additional Information: | cited By 0; Conference of 15th International Conference on Knowledge and Systems Engineering, KSE 2023 ; Conference Date: 18 October 2023 Through 20 October 2023; Conference Code:194303 |
URI: | http://eprints.lqdtu.edu.vn/id/eprint/11038 |