상세정보
학술지
Cyber Threat Detection Based on Artificial Neural Networks Using Event Profiles
- 발행일
- 201911
- 출처
- IEEE Access, v.7, pp.165607-165626
- ISSN
- 2169-3536
- 출판사
- IEEE
- 협약과제
- 19HH3700, 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발, 김종현
- 초록
- One of the major challenges in cybersecurity is the provision of an automated and effective cyber-threats detection technique. In this paper, we present an AI technique for cyber-threats detection, based on artificial neural networks. The proposed technique converts multitude of collected security events to individual event profiles and use a deep learning-based detection method for enhanced cyber-threat detection. For this work, we developed an AI-SIEM system based on a combination of event profiling for data preprocessing and different artificial neural network methods, including FCNN, CNN, and LSTM. The system focuses on discriminating between true positive and false positive alerts, thus helping security analysts to rapidly respond to cyber threats. All experiments in this study are performed by authors using two benchmark datasets (NSLKDD and CICIDS2017) and two datasets collected in the real world. To evaluate the performance comparison with existing methods, we conducted experiments using the five conventional machine-learning methods (SVM, k-NN, RF, NB, and DT). Consequently, the experimental results of this study ensure that our proposed methods are capable of being employed as learning-based models for network intrusion-detection, and show that although it is employed in the real world, the performance outperforms the conventional machine-learning methods.
- KSP 제안 키워드
- Artificial Neural Network, Benchmark datasets, Cyber threats, Data Preprocessing, Detection Method, False positive, Learning-based, Machine Learning Methods, Network intrusion, Network method, Performance comparison
본 저작물은 크리에이티브 커먼즈 저작자 표시 (CC BY) 조건에 따라 이용할 수 있습니다.
