{"title":"入侵检测系统中零日攻击的无监督学习算法研究","authors":"Sunkanmi Oluwadare, Zag ElSayed","doi":"10.32473/flairs.36.133182","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems (IDS) are systems that are used to monitor networks for malicious events, abnormal activities, and policy violations. They are systems that are capable of detecting and classifying network attacks based on behaviors or signatures of previously known attacks based on markers. However, since network attacks are constantly evolving and it is almost impossible to infuse all possible combinations and signatures of the attacks, the effectiveness of Machine Learning based IDS is often challenged and called into play as a result of novel attacks generated, known as Zero-day attacks. This has facilitated the need to have intelligent-based IDS that could detect anomalies without relying on a detailed signature repository. In this paper, we present a literature-based survey of popular deep learning algorithms and evaluated their capabilities, strengths, limitations, and resource requirements for detecting anomalies and Zero-Day attacks. Based on our evaluation, we propose Long Short-Term (LSTM) networks and Autoencoder networks as the best algorithms for further analysis in intrusion detection.","PeriodicalId":302103,"journal":{"name":"The International FLAIRS Conference Proceedings","volume":"07 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Survey of Unsupervised Learning Algorithms for Zero-Day Attacks in Intrusion Detection Systems\",\"authors\":\"Sunkanmi Oluwadare, Zag ElSayed\",\"doi\":\"10.32473/flairs.36.133182\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection systems (IDS) are systems that are used to monitor networks for malicious events, abnormal activities, and policy violations. They are systems that are capable of detecting and classifying network attacks based on behaviors or signatures of previously known attacks based on markers. However, since network attacks are constantly evolving and it is almost impossible to infuse all possible combinations and signatures of the attacks, the effectiveness of Machine Learning based IDS is often challenged and called into play as a result of novel attacks generated, known as Zero-day attacks. This has facilitated the need to have intelligent-based IDS that could detect anomalies without relying on a detailed signature repository. In this paper, we present a literature-based survey of popular deep learning algorithms and evaluated their capabilities, strengths, limitations, and resource requirements for detecting anomalies and Zero-Day attacks. Based on our evaluation, we propose Long Short-Term (LSTM) networks and Autoencoder networks as the best algorithms for further analysis in intrusion detection.\",\"PeriodicalId\":302103,\"journal\":{\"name\":\"The International FLAIRS Conference Proceedings\",\"volume\":\"07 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The International FLAIRS Conference Proceedings\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32473/flairs.36.133182\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The International FLAIRS Conference Proceedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32473/flairs.36.133182","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Survey of Unsupervised Learning Algorithms for Zero-Day Attacks in Intrusion Detection Systems
Intrusion detection systems (IDS) are systems that are used to monitor networks for malicious events, abnormal activities, and policy violations. They are systems that are capable of detecting and classifying network attacks based on behaviors or signatures of previously known attacks based on markers. However, since network attacks are constantly evolving and it is almost impossible to infuse all possible combinations and signatures of the attacks, the effectiveness of Machine Learning based IDS is often challenged and called into play as a result of novel attacks generated, known as Zero-day attacks. This has facilitated the need to have intelligent-based IDS that could detect anomalies without relying on a detailed signature repository. In this paper, we present a literature-based survey of popular deep learning algorithms and evaluated their capabilities, strengths, limitations, and resource requirements for detecting anomalies and Zero-Day attacks. Based on our evaluation, we propose Long Short-Term (LSTM) networks and Autoencoder networks as the best algorithms for further analysis in intrusion detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
