Translate 
Abstract
Detecting unknown cyberattacks remains an open research problem and a significant challenge for the research community and the security industry. This paper tackles the detection of unknown cybersecurity attacks in the Internet of Things (IoT) and traditional networks by categorizing them into two types: entirely new classes of unknown attacks (type-A) and unknown attacks within already known classes (type-B). To address this, we propose a novel multi-stage, multi-layer zero trust architecture for an intrusion detection system (IDS), uniquely designed to handle these attack types. The architecture employs a hybrid methodology that combines two supervised and one unsupervised learning stages in a funnel-like design, significantly advancing current detection capabilities. A key innovation is the layered filtering mechanism, leveraging type-A and type-B attack concepts to systematically classify traffic as malicious unless proven otherwise. Using four benchmark datasets, the proposed system demonstrates significant improvements in accuracy, recall, and error classification rates for unknown attacks, achieving an average accuracy and recall ranging between 88% and 95%. This work offers a robust, scalable framework for enhancing cybersecurity in diverse network environments.
Published Version
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
