Abstract
Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Systems (IDS). The increase in both the number and sheer variety of new cyber-attacks poses a tremendous challenge for IDS solutions that rely on a database of historical attack signatures. Therefore, the industrial pull for robust IDS capable of flagging zero-day attacks is growing. Current outlier-based zero-day detection research suffers from high false-negative rates, thus limiting their practical use and performance. This paper proposes an autoencoder implementation to detect zero-day attacks. The aim is to build an IDS model with high recall while keeping the miss rate (false-negatives) to an acceptable minimum. Two well-known IDS datasets are used for evaluation—CICIDS2017 and NSL-KDD. To demonstrate the efficacy of our model, we compare its results against a One-Class Support Vector Machine (SVM). The manuscript highlights the performance of a One-Class SVM when zero-day attacks are distinctive from normal behaviour. The proposed model benefits greatly from autoencoders encoding-decoding capabilities. The results show that autoencoders are well-suited at detecting complex zero-day attacks. The results demonstrate a zero-day detection accuracy of [89% - 99%] for the NSL-KDD dataset and [75% - 98%] for the CICIDS2017 dataset. Finally, the paper outlines the observed trade-off between recall and fallout.
Original language | English |
---|---|
Number of pages | 16 |
Journal | Electronics |
Volume | 9 |
Issue number | 10 |
Early online date | 14 Oct 2020 |
DOIs | |
Publication status | Published - 14 Oct 2020 |
Keywords
- Autoencoder
- Artificial Neural Network
- One-Class Support Vector Machine
- Intrusion Detection
- Zero-Day Attacks
- CICIDS2017
- NSL-KDD
Fingerprint
Dive into the research topics of 'Utilising Deep Learning techniques for effective zero-day attack detection'. Together they form a unique fingerprint.Student theses
-
Intrusion Detection Systems using Machine Learning and Deep Learning techniques
Hindy, H. (Author), Coull, N. (Supervisor), Bayne, E. (Supervisor), Elsayed, S. H. (Supervisor) & Bellekens, X. (Supervisor), 7 Sept 2021Student thesis: Doctoral Thesis
File