Abstract
Intrusion detection plays a critical role in cyber-security domain since malicious attacks cause irreparable damages to cyber-systems. In this work, we propose the I2SP prototype, which is a novel Information Sharing Platform, able to gather, pre-process, model, and distribute network-traffic information. Within the I2SP prototype we build several challenging deep feature learning models for network-traffic intrusion detection. The learnt representations will be utilized for classifying each new network measurement into its corresponding threat level. We evaluate our prototype's performance by conducting case studies using cyber-security data extracted from the Malware Information Sharing Platform (MISP)-API. To the best of our knowledge, we are the first that combine the MISP-API in order to construct an information sharing mechanism that supports multiple novel deep feature learning architectures for intrusion detection. Experimental results justify that the proposed deep feature learning techniques are able to predict accurately MISP threat-levels.
Highlights
N OWADAYS, the demand for designing efficient, endto-end Network Intrusion Detection Systems (NIDS) for Cyber Physical Systems (CPS) has grown tremendously
Moving towards to this direction, we provide the prototype version of the proposed Information Sharing Platform (I2SP), utilizing network incidents extracted from the Malware Information Sharing Platform (MISP)-API [3]
DEEP FEATURE LEARNING FOR NETWORK ANOMALY DETECTION In this study, we propose challenging deep feature learning architectures towards the problem of anomaly detection of the MISP database
Summary
N OWADAYS, the demand for designing efficient, endto-end Network Intrusion Detection Systems (NIDS) for Cyber Physical Systems (CPS) has grown tremendously. Novel and large-scale machine learning formulations should be developed in order to exploit the enormous amounts of training data that were synthesized by these systems Moving towards to this direction, we provide the prototype version of the proposed Information Sharing Platform (I2SP), utilizing network incidents extracted from the Malware Information Sharing Platform (MISP)-API [3]. We are the first to propose multiple innovative deep-feature learning architectures towards the problem of MISP network-traffic measurements modelling, with upper goal the threat-level identification, and distribution of this information through the proposed I2SP platform. We explain the variant deep learning formulations that were exploited in this study for the problem of threat-level detection of MISP instances
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
