ETRI-Knowledge Sharing Plaform



논문 검색
구분 SCI
연도 ~ 키워드


학술지 Cyber Threat Detection Based on Artificial Neural Networks Using Event Profiles
Cited 87 time in scopus Download 186 time Share share facebook twitter linkedin kakaostory
이종훈, 김종현, 김익균, 한기준
IEEE Access, v.7, pp.165607-165626
19HH3700, 맞춤형 보안서비스 제공을 위한 클라우드 기반 지능형 보안 기술 개발, 김종현
One of the major challenges in cybersecurity is the provision of an automated and effective cyber-threats detection technique. In this paper, we present an AI technique for cyber-threats detection, based on artificial neural networks. The proposed technique converts multitude of collected security events to individual event profiles and use a deep learning-based detection method for enhanced cyber-threat detection. For this work, we developed an AI-SIEM system based on a combination of event profiling for data preprocessing and different artificial neural network methods, including FCNN, CNN, and LSTM. The system focuses on discriminating between true positive and false positive alerts, thus helping security analysts to rapidly respond to cyber threats. All experiments in this study are performed by authors using two benchmark datasets (NSLKDD and CICIDS2017) and two datasets collected in the real world. To evaluate the performance comparison with existing methods, we conducted experiments using the five conventional machine-learning methods (SVM, k-NN, RF, NB, and DT). Consequently, the experimental results of this study ensure that our proposed methods are capable of being employed as learning-based models for network intrusion-detection, and show that although it is employed in the real world, the performance outperforms the conventional machine-learning methods.
KSP 제안 키워드
Artificial Neural Network, Benchmark datasets, Cyber threats, Data Preprocessing, Detection Method, False positive, Learning-based, Machine Learning Methods, Network intrusion, Network method, Performance comparison
본 저작물은 크리에이티브 커먼즈 저작자 표시 (CC BY) 조건에 따라 이용할 수 있습니다.
저작자 표시 (CC BY)