DeNNeS: deep embedded neural network expert system for detecting cyber attacks

  • PDF / 1,703,420 Bytes
  • 28 Pages / 595.276 x 790.866 pts Page_size
  • 72 Downloads / 183 Views

DOWNLOAD

REPORT

(0123456789().,-volV)(0123456789().,-volV)

ORIGINAL ARTICLE

DeNNeS: deep embedded neural network expert system for detecting cyber attacks Samaneh Mahdavifar1



Ali A. Ghorbani1

Received: 14 August 2019 / Accepted: 4 March 2020  Springer-Verlag London Ltd., part of Springer Nature 2020

Abstract With the advances in computing powers and increasing volumes of data, deep learning’s emergence has helped revitalize artificial intelligence research. There is a growing trend of applying deep learning techniques to image processing, speech recognition, self-driving cars, and even health-care. Recently, several deep learning models have been employed to detect a cyber threat such as network attack, malware infiltration, or phishing website; nevertheless, they suffer from not being explainable to security experts. Security experts not only do need to detect the incoming threat but also need to know the incorporating features that cause that particular security incident. To address this issue, in this paper, we propose a deep embedded neural network expert system (DeNNeS) that extracts refined rules from a trained deep neural network (DNN) architecture to substitute the knowledge base of an expert system. The knowledge base later is used to classify an unseen security incident and inform the final user of the corresponding rule that made that inference. We consider different rule extraction scenarios, and to prove the robustness of DeNNeS, we evaluate it on two cybersecurity datasets including UCI phishing websites dataset and Android malware dataset comprising more than 4000 Android APKs from several sources. The comparison results of DeNNeS with standalone DNN, JRip, and common machine learning algorithms show that DeNNeS with the retraining uncovered samples scenario outperforms other algorithms on both datasets. Furthermore, the extracted rules approximately reproduce the accuracy of the neural network from which they are derived. DeNNeS achieves an outstanding accuracy of 97:5% and a negligible false positive rate of 1:8% about 2:4% higher and 3:5% lower than the rule learner JRip on the phishing dataset. Moreover, DeNNeS outperforms random forest (RF), which produces the highest results among decision tree (DT), support vector machine, k-nearest neighbor, and Gaussian naive Bayes. Despite smaller training data in the malware dataset, DeNNeS achieves an accuracy of 95:8% and F1 score of 91:1%, much higher than JRip and RF. Keywords Cybersecurity  Deep learning  Neural network  Embedded expert system  Phishing attack detection  Malware detection  Rule extraction  Rule refinement

1 Introduction Cyber threats have imperiled the security and viability of many entities that exist in this rapidly evolving data-driven world. On that account, security specialists are designing & Samaneh Mahdavifar [email protected] Ali A. Ghorbani [email protected] 1

Canadian Institute for Cybersecurity, Faculty of Computer Science, University of New Brunswick, Fredericton, NB E3B 5A3, Canada

new mechanisms to deal with the ongoing

Data Loading...

Recommend Documents
A Trust System for Detecting Selective Forwarding Attacks in VANETs

158 49 823KB

Deep learning controller design of embedded control system for maglev train via deep belief network algorithm

183 16 2MB

Analysis of intrusion detection in cyber attacks using DEEP learning neural networks

177 2 5MB

Explainable AI for Inspecting Adversarial Attacks on Deep Neural Networks

279 2 86MB

Classification score approach for detecting adversarial example in deep neural network

151 78 3MB

Security Against Communication Network Attacks of Cyber-Physical Systems

196 106 1MB

Hierarchical Deep Neural Network for Image Captioning

260 57 719KB

A Deep Metric Neural Network with Disentangled Representation for Detecting Smartphone Glass Defects

151 16 62MB

DCNN-IDS: Deep Convolutional Neural Network Based Intrusion Detection System

204 61 6MB

Deep Neural Network Compression via Knowledge Distillation for Embedded Vision Applications

192 47 475KB

Investigation of Cyber Attacks on a Water Distribution System

142 91 39MB

Deep Learning Adoption Blockchain Secure Framework for Cyber Physical System

204 84 6MB