A Hybrid Real-time Zero-day Attack Detection and Analysis System

Kaur, Ratinder; Singh, Maninder

doi:10.5815/ijcnis.2015.09.03

Cited by 9 publications

(4 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors of Ref. [37] proposed a zero-day polymorphic worm attack framework for detecting polymorphic worms that are zero-day in nature by their behavior, anomaly, and signature-based techniques. Three layers, namely, analysis, detection, and resource, were used in the proposed architecture.…”

Section: Anomaly-basedmentioning

confidence: 99%

Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection

et al. 2022

View full text Add to dashboard Cite

Many intrusion detection and prevention systems (IDPS) have been introduced to identify suspicious activities. However, since attackers are exploiting new vulnerabilities in systems and are employing more sophisticated advanced cyber-attacks, these zero-day attacks remain hidden from IDPS in most cases. These features have incentivized many researchers to propose different artificial intelligence-based techniques to prevent, detect, and respond to such advanced attacks. This has also created a new requirement for a comprehensive comparison of the existing schemes in several aspects ; after a thorough study we found that there currently exists no detailed comparative analysis of artificial intelligence-based techniques published in the last five years. Therefore, there is a need for this kind of work to be published, as there are many comparative analyses in other fields of cyber security that are available for readers to review.In this paper, we provide a comprehensive review of the latest and most recent literature, which introduces well-known machine learning and deep learning algorithms and the challenges they face in detecting zero-day attacks. Following these qualitative analyses, we present the comparative evaluation results regarding the highest accuracy, precision, recall, and F1 score compared to different datasets.

show abstract

Section: Anomaly-basedmentioning

confidence: 99%

Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection

et al. 2022

View full text Add to dashboard Cite

show abstract

“…In [19], Moustafa et al have proposed an Outlier Dirichlet Mixture (ODM) based detection system for fog. In [20], authors have proposed an architecture to detect zeroday polymorphic worms attack using signature, behavior, and anomaly-based technique. The proposed architecture consists of three layers, namely: detection, analysis and resource layer.…”

Section: Anomaly-basedmentioning

confidence: 99%

A robust intelligent zero-day cyber-attack detection technique

Kumar

Sinha

2021

Complex Intell. Syst.

View full text Add to dashboard Cite

With the introduction of the Internet to the mainstream like e-commerce, online banking, health system and other day-to-day essentials, risk of being exposed to various are increasing exponentially. Zero-day attack(s) targeting unknown vulnerabilities of a software or system opens up further research direction in the field of cyber-attacks. Existing approaches either uses ML/DNN or anomaly-based approach to protect against these attacks. Detecting zero-day attacks through these techniques miss several parameters like frequency of particular byte streams in network traffic and their correlation. Covering attacks that produce lower traffic is difficult through neural network models because it requires higher traffic for correct prediction. This paper proposes a novel robust and intelligent cyber-attack detection model to cover the issues mentioned above using the concept of heavy-hitter and graph technique to detect zero-day attacks. The proposed work consists of two phases (a) Signature generation and (b) Evaluation phase. This model evaluates the performance using generated signatures at the training phase. The result analysis of the proposed zero-day attack detection shows higher performance for accuracy of 91.33% for the binary classification and accuracy of 90.35% for multi-class classification on real-time attack data. The performance against benchmark data set CICIDS18 shows a promising result of 91.62% for binary-class classification on this model. Thus, the proposed approach shows an encouraging result to detect zero-day attacks.

show abstract

“…The wrapper technique assumed an essential part in highlight determination, which prompts high precision contrasted with other examined static methodologies. Ratinder Kaur and Maninder Singh [10]has proposed novel hybrid framework that coordinates inconsistency for identifying and breaking down zero day attaks.the framework is actualized and assessed against different standard measurements True Positive Rate(TPR),False Positive Date(FPR), F-Measure, Total Accuracy(ACC) and Receiver Operating Characteristic(ROC).the outcome indicates high discovery rate with almost zero false positive.to guard against zero day attacks, the exploration group has proposed different procedures. There are partitioned into Statistical based, Signatured based, behavior based and Hybrid strategies.…”

Section: Related Workmentioning

confidence: 99%

A novel approach for phishing emails real time classifica-tion using k-means algorithm

Mhaske-Dhamdhere¹,

Vanjale²

2017

IJET

View full text Add to dashboard Cite

The dangers phishing becomes considerably bigger problem in online networking, for example, Facebook, twitter and Google+. The phishing is normally completed by email mocking or texting and it frequently guides client to enter points of interest at a phony sites whose look and feel are practically indistinguishable to the honest to goodness. Non-technical user resists learning of anti-phishing technic. Also not permanently remember phishing learning. Software solutions such as authentication and security warnings are still depending on end user action. In this paper we are mainly focus on a novel approach of real time phishing email classification using K-means algorithm. For this we uses 160 emails of last year computer engineering students. we get True positive of legitimate and phishing as 67% and 80% and true negative is 30 % and 20%.,which is very high so we ask same users reasons which I mainly categories into three categories ,look and feel of email, email technical parameters, and email structure.

show abstract

A Hybrid Real-time Zero-day Attack Detection and Analysis System

Cited by 9 publications

References 31 publications

Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection

Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection

A robust intelligent zero-day cyber-attack detection technique

A novel approach for phishing emails real time classifica-tion using k-means algorithm

Contact Info

Product

Resources

About