Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Aljabri, Malak; Aljameel, Sumayh S.; Mohammad, Rami Mustafa A.; Almotiri, Sultan H.; Mirza, Samiha; Anis, Fatima M.; Aboulnour, Menna; Alomari, Dorieh M.; Alhamed, Dina H.; Altamimi, Hanan S.

doi:10.3390/s21217070

Cited by 34 publications

(15 citation statements)

References 119 publications

(120 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Certain features must be available to analysts in order to create proactive models to identify malicious URLs. Simple URL strings can be used to extract these features, which can be lexical, content, or network [6], [7].…”

Section: A Url Featuresmentioning

confidence: 99%

Detecting Malicious URLs Using Machine Learning Techniques: Review and Research Directions

et al. 2022

View full text Add to dashboard Cite

In recent years, the digital world has advanced significantly, particularly on the Internet, which is critical given that many of our activities are now conducted online. As a result of attackers' inventive techniques, the risk of a cyberattack is rising rapidly. One of the most critical attacks is the malicious URL intended to extract unsolicited information by mainly tricking inexperienced end users, resulting in compromising the user's system and causing losses of billions of dollars each year. As a result, securing websites is becoming more critical. In this paper, we provide an extensive literature review highlighting the main techniques used to detect malicious URLs that are based on machine learning models, taking into consideration the limitations in the literature, detection technologies, feature types, and the datasets used. Moreover, due to the lack of studies related to malicious Arabic website detection, we highlight the directions of studies in this context. Finally, as a result of the analysis that we conducted on the selected studies, we present challenges that might degrade the quality of malicious URL detectors, along with possible solutions.

show abstract

Section: A Url Featuresmentioning

confidence: 99%

Detecting Malicious URLs Using Machine Learning Techniques: Review and Research Directions

et al. 2022

View full text Add to dashboard Cite

show abstract

“…[44][45][46][47][48] To forecast what features to take and what feature selection method to use is a difficult task in itself especially when many machines learning models and feature selection methods are available. The authors [40][41][42][43] predicted many optimal feature selection methods and using benchmark dataset but could not attain the efficient results. The selection of effective predictors prior to training the classifier on a large dataset produce better results than the classifiers using ineffective feature selection method.…”

Section: Research Gapmentioning

confidence: 99%

“…Yuan et al40 proposed deep defense, which is a deep learning-based DDoS attack detection that studies the network traffic sequence patterns and trace the network attack activities. They have used UNB-ISCX intrusion detection evaluation 2012 (ISCX2012) dataset.…”

mentioning

confidence: 99%

Performance evaluation of machine learning models for distributed denial of service attack detection using improved feature selection and hyper‐parameter optimization techniques

Habib

Khursheed

2022

Concurrency and Computation

View full text Add to dashboard Cite

This article gives the framework of extensive experimentation of various machine learning models to detect distributed denial of service attacks (DDoS). We use six-tier feature ranking methods that use statistical techniques as well as machine learning based classifiers to obtain the significant features. The measurable statistical based feature selection involves Chi-Square (Chi2), information gain (IG), merged Chi-Square (Chi2)-IG ranking and machine learning classifiers involve ensemble classifiers, that is, decision tree, random forest and eXtreme gradient boosting (XGBoost). Different supervised machine learning models (logistic regression, decision tree classifier, linear support vector machine, k-nearest neighbors, Gaussian Naive Bayes, random forest classifier, XGBoost) are trained on a feature-engineered datasets. To further our research, we use neural networks (ANN and CNN) using both feature-selected and auto-feature selection training setup. We check the validation and adaptability of these models with the optimal tuning of various parameters using GridSearchCV and the effectiveness of random sampling in overcoming the class imbalance problem. Based on various feature selection methods, the models are evaluated for their best performance. The experimental results show that our trained machine learning models and neural networks outperformed the ones in the state of art. The performance analysis is done based on confusion matrix scores, that is, accuracy, false alarm rate, sensitivity, specificity, false-positive rate, F1 score, area under curve analysis and loss functions on well-known KDD Cup 99 and UNSW-NB15 datasets. This study is significant for furthering the research in DDoS detection with machine learning and deep neural networks.

show abstract

“…Instance-based clustering [1] is not in the coverage of this work, with the similar reason that edge devices are usually not able to store too many history data.…”

Section: Introductionmentioning

confidence: 99%

Securing 6G-enabled IoT/IoV networks by machine learning and data fusion

Sun

Geng

Zhang

et al. 2022

J Wireless Com Network

View full text Add to dashboard Cite

The rapid growth of Internet of Things (IoT) and Internet of Vehicles (IoV) are rapidly moving to the 6G networks, which leads to dramatically raised security issues. Using machine learning, including deep learning, to find out malicious network traffic is one of practical ways. Though much work has been done in this direction, we found little investigating the effect of using fused network conversation datasets to train and test models. Thus, this work proposes to check conversation dataset characteristics and find suitable ones to fuse into one dataset in order to improve the capability of malicious traffic and malware detection performance. The experiments using real data show that conditioned combination of datasets can be used to enhance algorithm performance and improve detection results. For this reason, it is recommended to profile datasets and conduct conditional fusion of network conversation datasets before using machine learning or deep learning. As the characterization is done using general statistical calculation, it is promising to be used for other domains too.

show abstract

Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Cited by 34 publications

References 119 publications

Detecting Malicious URLs Using Machine Learning Techniques: Review and Research Directions

Detecting Malicious URLs Using Machine Learning Techniques: Review and Research Directions

Performance evaluation of machine learning models for distributed denial of service attack detection using improved feature selection and hyper‐parameter optimization techniques

Securing 6G-enabled IoT/IoV networks by machine learning and data fusion

Contact Info

Product

Resources

About