Early DGA-based botnet identification: pushing detection to the edges

Zago, Mattia; Pérez, Manuel Gil; Pérez, Gregorio Martínez

doi:10.1007/s10586-020-03213-z

Cited by 8 publications

(3 citation statements)

References 40 publications

(92 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This implies that there is need for endpoints to be secured, data in transit and at rest should be encrypted. With reference to critical assets and applications; and the risk appetite, cloud and hybrid architectures are required need to be adequately configured regarding authorization, segmentation, encryption and authentication for significant perimeters with DMZs (Demilitarized Zone in perimeter networks) and firewalls or follow a complete zero trust model if it is allowed by resources [20]. Security reviews and cloud security gap analyses assist in searching for weaknesses and misconfigurations.…”

Section: Defensive Cyber Security Measures and Mitigationsmentioning

confidence: 99%

Quantum Signal Processing in Strengthening Cyber Defense: A Comparative Study

Ayorinde

2024

Curr. J. Appl. Sci. Technol.

View full text Add to dashboard Cite

Aim: To examine the strengthening of cyber defense using Quantum Signal Processing. Significance of Study: There is need for the application of Quantum Signal Processing in cyber security due to the vulnerable attack. This paper addresses the relevant issues on the use of Quantum Signal Processing in strengthening cyber defense. Problem Statement: The development of cyber space and its inestimable contribution in information dissemination has led to its wide patronage and usage. Thus, third party are intruding to hijack and hack secretive information to suite their own purpose. Discussion: The concepts of Quantum Signal Processing (QSP) and cyber defense were examined. It was revealed that the measurement of Quantum Signal Processing is strongly involved in signal processing of algorithms design with significance to QSP framework such that in this framework, the processing of signals occur via the utilization of some Quantum Signal Processing measurement variables or subjecting them to a Quantum Signal Processing measurement. Also, the QSP framework is primarily assigned with the quantum physics constraints, QSP measurement design, a quantum measurement, borrowing from the principles, and axioms. Nonetheless, the measurement consistency principle, measurement concept and quantization of the measurement output principle were identified as the three interconnected fundamental principles of quantum mechanics in Quantum Signal Processing. The existing correlation between QSP framework and quantum physics together with relevant key results were also examined. was also discussed with major Considerations were given to modification of known algorithms, measurement parameters utilization, probabilistic mappings, imposition of inner product constraints and oblique projections as the algorithm design in quantum signal processing framework. Conclusion: In conclusion, Quantum Signal Processing is applicable in strengthening cyber defense.

show abstract

Section: Defensive Cyber Security Measures and Mitigationsmentioning

confidence: 99%

Quantum Signal Processing in Strengthening Cyber Defense: A Comparative Study

Ayorinde

2024

Curr. J. Appl. Sci. Technol.

View full text Add to dashboard Cite

show abstract

“…The explanation is attributable to subgraph decomposition theory [198], where it is feasible to determine whether the learned model is interpretable by identifying the subgraph with the most significant influence on prediction and judging whether the subgraph is faithful to general knowledge. [199]- [201], three explainable studies focused on DGAbased botnet detection, are also worth mentioning, as is [202],in which the authors created a Gradient-based Explainable Variational Autoencoder for Network Anomaly Detection utilizing a BotNet dataset as a test.…”

Section: ) Explainable Artificial Intelligence In Bot(net) Detectionmentioning

confidence: 99%

Explainable Artificial Intelligence in CyberSecurity: A Survey

et al. 2022

View full text Add to dashboard Cite

Nowadays, Artificial Intelligence (AI) is widely applied in every area of human being's daily life. Despite the AI benefits, its application suffer from the opacity of complex internal mechanisms and doesn't satisfy by design the principles of Explainable Artificial Intelligence (XAI). The lack of transparency further exacerbates the problem in the field of Cybersecurity because entrusting crucial decisions to a system that cannot explain itself presents obvious dangers. There are several methods in the literature capable of providing explainability of AI results. Anyway, the application of XAI in Cybersecurity can be a doubleedged sword. It substantially improves the Cybersecurity practices but simultaneously leaves the system vulnerable to adversary attacks. Therefore, there is a need to analyze the state-of-the-art of XAI methods in Cybersecurity to provide a clear vision for future research. This study presents an in-depth examination of the application of XAI in Cybersecurity. It considers more than 300 papers to comprehensively analyze the main Cybersecurity application fields, like Intrusion Detection Systems,Malware detection, Phishing and Spam detection, BotNets detection, Fraud detection, Zero-Day vulnerabilities, Digital Forensics and Crypto-Jacking . Specifically, this study focuses on the explainability methods adopted or proposed in these fields, pointing out promising works and new challenges.

show abstract

“…Moreover, the DGA-based botnet type is one of the most disruptive and challenging to be detected since it hides its queries throughout the domain name system (DNS) traffics and uses CNC servers' domain names generated algorithmically [9]. Furthermore, in the current 5G and B5G networks era, potentially billions of smart devices are susceptible to botnet DGA attacks [10]. Since detecting DGA-based botnets is essential, we are well motivated to conduct our research in this paper.…”

Section: Botnet Dga and Hybrid Quantum Deep Learningmentioning

confidence: 99%

Adversarial Robustness in Hybrid Quantum-Classical Deep Learning for Botnet DGA Detection

Suryotrisongko

Musashi

Tsuneda

et al. 2022

Journal of Information Processing

View full text Add to dashboard Cite

This paper aims to contribute to the adversarial defense research gap in the current state-of-the-art of adversarial machine learning (ML) attacks and defense. More specifically, it contributes to the metric measurement of the robustness of artificial intelligence (AI)/ML models against adversarial example attacks, which currently remains an open question in the cybersecurity domain and to an even greater extent for quantum computing-based AI/ML applications. We propose a new adversarial robustness measurement approach which measures the statistical properties (such as the average of the accuracies and t-test results) from the performance results of quantum ML model experiments involving various adversarial perturbation coefficients (attack strength) values. We argue that our proposed approach is suitable for practical use in realizing a quantum-safe world because, in the current noisy intermediate-scale quantum devices (NISQs) era, quantum noise is complex and challenging to model and therefore complicates the measurement task or benchmarking. The second contribution of our study is the novel hardened hybrid quantum-classical deep learning (DL) model for botnet domain generation algorithm (DGA) detection, employing a model hardening adversarial training technique for mitigating new types of unknown DGA adversaries since new cyberattack approaches from the cyber arms race need to be anticipated. Our analysis shows the vulnerability of the hybrid quantum DL model to adversarial example attacks by as much as a 19% average drop in accuracy. We also found the superior performance of our hardened model obtained average accuracy gains as high as 5.9%. Furthermore, we found that the hybrid quantum-classical DL approach gives the benefit of suppressing the negative impact of quantum noises on the classifier's performance. We demonstrated how to apply our proposed measurement approach in evaluating our novel hybrid quantum DL model and highlighted the adversarial robustness of our model against adversarial example attacks as evidence of the practical implication of our study towards advancing the state of quantum adversarial machine learning research for the quantum-safe world.

show abstract

Early DGA-based botnet identification: pushing detection to the edges

Cited by 8 publications

References 40 publications

Quantum Signal Processing in Strengthening Cyber Defense: A Comparative Study

Quantum Signal Processing in Strengthening Cyber Defense: A Comparative Study

Explainable Artificial Intelligence in CyberSecurity: A Survey

Adversarial Robustness in Hybrid Quantum-Classical Deep Learning for Botnet DGA Detection

Contact Info

Product

Resources

About