Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts

Abstract

In this paper, we will improve the Advanced Persistent Threats (APT) attack detection rate accuracy by using an artificial intelligence based anomalous intrusion detection that will be based on unsupervised learning techniques. This system will be mainly network-based with a thin layer running on the host device. We plan to mainly use an unsupervised artificial intelligence technique that utilizes Adaptive Resonance theory that will be paired with a signature-based system that will filter anomalous data and significantly improve detection rates and decrease false positive rates compared to typical anomalous intrusion detection system (IDS). If proven here, this system could be applied to future IDS and can significantly increase overall network security for an organization.