Detection of Malicious Activities and Connections for Network Security using Deep Learning

2022 IEEE Pune Section International Conference (PuneCon) Pub Date : 2022-12-15 DOI:10.1109/PuneCon55413.2022.10014736

M. Rokade, Sunil S. Khatal

{"title":"Detection of Malicious Activities and Connections for Network Security using Deep Learning","authors":"M. Rokade, Sunil S. Khatal","doi":"10.1109/PuneCon55413.2022.10014736","DOIUrl":null,"url":null,"abstract":"Computer attacks are growing in both number and diversity as a result of the ongoing growth of the Internet: ransomware is more prevalent than ever before, and zero-day vulnerabilities are gaining so much importance that they are attracting media attention. Antivirus software and firewalls are no longer sufficient to safeguard a company's network; instead, many layers of security are required. One of the most important layers, an intrusion detection system, is designed to protect its target from any potential attack by continually monitoring the system (IDS). IDSs may currently be classified into two basic categories: anomaly detection and signature-based detection. For signature-based detection, the IDS compares the data it is watching to known attack patterns. Although this method has gained popularity because to tools like Snort, it has a serious drawback: it can only detect known threats that have already been described in a database. On the other hand, anomaly detection builds a model of the system's typical behaviour before searching for anomalies in the observed data. As a consequence, while it often generates a great deal of false alarms, this approach may reveal undiscovered risks.","PeriodicalId":258640,"journal":{"name":"2022 IEEE Pune Section International Conference (PuneCon)","volume":"80 6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Pune Section International Conference (PuneCon)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PuneCon55413.2022.10014736","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Computer attacks are growing in both number and diversity as a result of the ongoing growth of the Internet: ransomware is more prevalent than ever before, and zero-day vulnerabilities are gaining so much importance that they are attracting media attention. Antivirus software and firewalls are no longer sufficient to safeguard a company's network; instead, many layers of security are required. One of the most important layers, an intrusion detection system, is designed to protect its target from any potential attack by continually monitoring the system (IDS). IDSs may currently be classified into two basic categories: anomaly detection and signature-based detection. For signature-based detection, the IDS compares the data it is watching to known attack patterns. Although this method has gained popularity because to tools like Snort, it has a serious drawback: it can only detect known threats that have already been described in a database. On the other hand, anomaly detection builds a model of the system's typical behaviour before searching for anomalies in the observed data. As a consequence, while it often generates a great deal of false alarms, this approach may reveal undiscovered risks.

查看原文本刊更多论文

利用深度学习检测网络安全中的恶意活动和连接

由于互联网的持续发展，计算机攻击在数量和多样性上都在增长:勒索软件比以往任何时候都更加普遍，零日漏洞变得如此重要，以至于它们引起了媒体的注意。防病毒软件和防火墙不再足以保护公司的网络;相反，需要许多层的安全性。其中最重要的一层是入侵检测系统，旨在通过持续监控系统(IDS)来保护目标免受任何潜在的攻击。目前，入侵检测可以分为两大类:基于异常检测和基于签名检测。对于基于签名的检测，IDS将监视的数据与已知的攻击模式进行比较。尽管这种方法因为Snort等工具而变得流行，但它有一个严重的缺点:它只能检测已经在数据库中描述的已知威胁。另一方面，异常检测在搜索观测数据中的异常之前，建立系统典型行为的模型。因此，虽然它经常产生大量的假警报，但这种方法可能会揭示未被发现的风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 IEEE Pune Section International Conference (PuneCon)

自引率

0.00%

发文量