A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies

Rabbani, Mahdi; Wang, Yongli; Khoshkangini, Reza; Jelodar, Hamed; Zhao, Ruxin; Ahmadi, Sajjad Bagheri Baba; Ayobi, Seyedvalyallah

doi:10.3390/e23050529

Cited by 29 publications

(12 citation statements)

References 114 publications

(170 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The feature values are translated to an acceptable confidence interval in this process 8,47 . The key benefit of this measure is that it eliminates dataset bias without changing the predictive properties of the features.…”

Section: Proposed Methodologymentioning

confidence: 99%

“…Different methods, such as Argus, Netmate, and others, are used to gather network traffic features. 8 The data in the UNSW-NB15 are divided into six feature categories to define user behavior: basic, flow, content, time created, and additional features. Utilizing the transactional flow identifiers and the transaction times, these features are derived.…”

Section: Feature Creationmentioning

confidence: 99%

“…The feature values are translated to an acceptable confidence interval in this process. 8,47 The key benefit of this measure is that it eliminates dataset bias without changing the predictive properties of the features. This analysis uses a min-max technique for normalization to accomplish the former, which is represented by the equation below:…”

Section: Normalization Of Featuresmentioning

confidence: 99%

“…Conventional security systems [6][7][8] mainly aim to secure the user's credentials while a malicious behavior recognition system aims to identify the abnormal behavior of the users after log-in. The conventional security techniques are often struggling with malware creators and detectors and the present intrusion system is not capable of identifying the novel malware created using new techniques such as deep learning, reverse engineering, etc.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Malicious behavior detection in cloud using self‐optimized dynamic kernel convolutional neural network

Alajlan

Almasri

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Cloud computing is one example of a technological revolution that has drastically altered the way traditional commercial operations are conducted. Because cloud platforms are fundamentally revolutionizing the area of computing, they must provide safe transmission and storage of user data by assuring the confidentiality, integrity, and availability of the data. As a result, establishing a secure cloud computing framework is crucial, and security cannot only rely on the user's credentials being verified. To overcome this problem, this article presents a multi‐population genetic algorithm optimized dynamic kernel convolutional neural network to analyze the user's behavior to identify their malicious intent. This article describes a two‐stage malicious detection and prediction scheme. The proposed system's efficiency is measured by its ability to discriminate between nine different types of attacks in the UNSW‐NB15 dataset (abnormal behavior exhibited by users). The average true positive rate, false positive rate, precision, and F‐measure for the nine attack classes were 99.22%, 99.11%, 99.11%, and 99.22%, respectively, when evaluated using the UNSW‐NB15 dataset. The experimental results demonstrate that this technique is effective in detecting malicious behaviors in the cloud environment with higher accuracy.

show abstract

Section: Proposed Methodologymentioning

confidence: 99%

Section: Feature Creationmentioning

confidence: 99%

Section: Normalization Of Featuresmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Malicious behavior detection in cloud using self‐optimized dynamic kernel convolutional neural network

Alajlan

Almasri

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…It reduces the impact of network security events by monitoring abnormal behaviour in the network and linking with other security systems [2]. In recent years, the relevant technologies of the system have been deeply integrated with deep learning (DL), and a variety of network anomaly detection methods based on deep learning have been derived [3,4].…”

Section: Introductionmentioning

confidence: 99%

A Network Data Reinforcement Method Based on the Multiclass Variational Autoencoder

Jiang

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Anomaly detection models based on deep learning come up against difficulties on the deployment in real scenarios such as generalization problem. The performance of the model based on specific dataset is not as good as expected in other scenarios. In order to avoid this problem, it is a feasible solution to collect network data from the target environment to train the model. This paper proposes a network data reinforcement method based on the multiclass variational autoencoder to complete training tasks with little amount data. In this paper, anomaly detection models based on MLP and CNN are designed, respectively, and validation experiments are carried out on the CICIDS-2018 dataset. Compared with unreinforced models, models based on this method get faster convergence speed during training. During evaluation, models based on this method achieve an average accuracy of 93.69%, while unreinforced models only get an average accuracy of 55.63%. In addition, this method provides competitive results on insufficient data compared with those existing models on sufficient data.

show abstract

Detecting Malicious Accounts in Cyberspace: Enhancing Security in ChatGPT and Beyond

Salloum

2024

Studies in Big Data

View full text Add to dashboard Cite

A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies

Cited by 29 publications

References 114 publications

Malicious behavior detection in cloud using self‐optimized dynamic kernel convolutional neural network

Malicious behavior detection in cloud using self‐optimized dynamic kernel convolutional neural network

A Network Data Reinforcement Method Based on the Multiclass Variational Autoencoder

Detecting Malicious Accounts in Cyberspace: Enhancing Security in ChatGPT and Beyond

Contact Info

Product

Resources

About