Artificial intelligence analysis in cyber domain: A review

IF 1.9 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Liguo Zhao, D. Zhu, Wasswa Shafik, S. Matinkhah, Zubair Ahmad, Lule Sharif, Alisa Craig
{"title":"Artificial intelligence analysis in cyber domain: A review","authors":"Liguo Zhao, D. Zhu, Wasswa Shafik, S. Matinkhah, Zubair Ahmad, Lule Sharif, Alisa Craig","doi":"10.1177/15501329221084882","DOIUrl":null,"url":null,"abstract":"The application of Big Data Analytics is identified through the Cyber Research Alliance for cybersecurity as the foremost preference for future studies and advancement in the field of cybersecurity. In this study, we develop a repeatable procedure for detecting cyber-attacks in an accurate, scalable, and timely manner. An in-depth learning algorithm is utilized for training a neural network for detecting suspicious user activities. The proposed system architecture was implemented with the help of Splunk Enterprise Edition 6.42. A data set of average feature counts has been executed through a Splunk search command in 1-min intervals. All the data sets consisted of a minute trait total derived from a sparkling file. The attack patterns that were not anonymized or were indicative of the vulnerability of cyber-attack were denoted with yellow. The rule-based method dispensed a low quantity of irregular illustrations in contrast with the Partitioning Around Medoids method. The results in this study demonstrated that using a proportional collection of instances trained with the deep learning algorithm, a classified data set can accurately detect suspicious behavior. This method permits for the allocation of multiple log source types through a sliding time window and provides a scalable solution, which is a much-needed function.","PeriodicalId":50327,"journal":{"name":"International Journal of Distributed Sensor Networks","volume":" ","pages":""},"PeriodicalIF":1.9000,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Distributed Sensor Networks","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1177/15501329221084882","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 6

Abstract

The application of Big Data Analytics is identified through the Cyber Research Alliance for cybersecurity as the foremost preference for future studies and advancement in the field of cybersecurity. In this study, we develop a repeatable procedure for detecting cyber-attacks in an accurate, scalable, and timely manner. An in-depth learning algorithm is utilized for training a neural network for detecting suspicious user activities. The proposed system architecture was implemented with the help of Splunk Enterprise Edition 6.42. A data set of average feature counts has been executed through a Splunk search command in 1-min intervals. All the data sets consisted of a minute trait total derived from a sparkling file. The attack patterns that were not anonymized or were indicative of the vulnerability of cyber-attack were denoted with yellow. The rule-based method dispensed a low quantity of irregular illustrations in contrast with the Partitioning Around Medoids method. The results in this study demonstrated that using a proportional collection of instances trained with the deep learning algorithm, a classified data set can accurately detect suspicious behavior. This method permits for the allocation of multiple log source types through a sliding time window and provides a scalable solution, which is a much-needed function.
网络领域人工智能分析综述
网络安全研究联盟将大数据分析的应用确定为网络安全领域未来研究和发展的首要选择。在本研究中,我们开发了一种可重复的程序,以准确、可扩展和及时的方式检测网络攻击。利用深度学习算法训练用于检测可疑用户活动的神经网络。提出的系统架构在Splunk Enterprise Edition 6.42的帮助下实现。通过Splunk搜索命令每隔1分钟执行一个平均特征计数的数据集。所有的数据集都由一个微小的特征总数组成,这些特征总数来自一个闪闪发光的文件。未匿名化或表明存在网络攻击脆弱性的攻击模式用黄色表示。与围绕介质划分方法相比,基于规则的方法分配了少量的不规则插图。本研究的结果表明,使用深度学习算法训练的实例的比例集合,分类数据集可以准确地检测可疑行为。该方法允许通过滑动时间窗口分配多种日志源类型,并提供可扩展的解决方案,这是一个急需的功能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
6.50
自引率
4.30%
发文量
94
审稿时长
3.6 months
期刊介绍: International Journal of Distributed Sensor Networks (IJDSN) is a JCR ranked, peer-reviewed, open access journal that focuses on applied research and applications of sensor networks. The goal of this journal is to provide a forum for the publication of important research contributions in developing high performance computing solutions to problems arising from the complexities of these sensor network systems. Articles highlight advances in uses of sensor network systems for solving computational tasks in manufacturing, engineering and environmental systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信