ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Journal Article Cyber Threat Detection Based on Artificial Neural Networks Using Event Profiles
Cited 96 time in scopus Download 238 time Share share facebook twitter linkedin kakaostory
Authors
Jonghoon Lee, Jonghyun Kim, Ikkyun Kim, Kijun Han
Issue Date
2019-11
Citation
IEEE Access, v.7, pp.165607-165626
ISSN
2169-3536
Publisher
IEEE
Language
English
Type
Journal Article
DOI
https://dx.doi.org/10.1109/ACCESS.2019.2953095
Project Code
19HH3700, Cloud based Security Intelligence Technology Development for the Customized Security Service Provisioning, Kim Jonghyun
Abstract
One of the major challenges in cybersecurity is the provision of an automated and effective cyber-threats detection technique. In this paper, we present an AI technique for cyber-threats detection, based on artificial neural networks. The proposed technique converts multitude of collected security events to individual event profiles and use a deep learning-based detection method for enhanced cyber-threat detection. For this work, we developed an AI-SIEM system based on a combination of event profiling for data preprocessing and different artificial neural network methods, including FCNN, CNN, and LSTM. The system focuses on discriminating between true positive and false positive alerts, thus helping security analysts to rapidly respond to cyber threats. All experiments in this study are performed by authors using two benchmark datasets (NSLKDD and CICIDS2017) and two datasets collected in the real world. To evaluate the performance comparison with existing methods, we conducted experiments using the five conventional machine-learning methods (SVM, k-NN, RF, NB, and DT). Consequently, the experimental results of this study ensure that our proposed methods are capable of being employed as learning-based models for network intrusion-detection, and show that although it is employed in the real world, the performance outperforms the conventional machine-learning methods.
KSP Keywords
Artificial Neural Network, Benchmark datasets, Cyber threats, Data Preprocessing, Detection Method, False positive, Learning-based, Machine Learning Methods, Network intrusion, Network method, Performance comparison
This work is distributed under the term of Creative Commons License (CCL)
(CC BY)
CC BY