深度学习
自编码
计算机科学
人工智能
卷积神经网络
机器学习
循环神经网络
短时记忆
计算机安全
人工神经网络
作者
Meaad Alrehaili,Adel Alshamrani,Ala’ Abdulmajid Eshmawi
标识
DOI:10.1145/3508072.3508085
摘要
Advanced Persistent Threat (APT) attack is one of the most common and costly destructive attacks on the target system. This attack has become a challenge for companies, governments, and organizations’ information security systems. In recent years, methods for detecting and preventing APT attacks that use machine learning or deep learning algorithms to analyze indications and anomalous behaviors in network traffic have become popular. However, due to a lack of typical data from attack campaigns, the APT attack detection approach that uses behavior analysis and evaluation approaches encounter many issues. Network traffic analysis to detect a common APT attack is one of the solutions for dealing with this situation. This paper develops efficient and flexible deep learning models. To analyze huge network traffic, a hybrid deep learning approach that builds two models is used: Stacked Autoencoder with Long Short-Term Memory (SAE-LSTM) and Convolutional Neural Networks with Long Short-Term Memory Network (CNN-LSTM) to detect indications of APT attacks. A reliable dataset ’DAPT2020’ that covers all APT stages is used to evaluate the proposed approach. The experimental results demonstrate that the hybrid deep learning approach proved to give higher performance than the individual deep learning model in detecting malicious behavior in each APT stage.
科研通智能强力驱动
Strongly Powered by AbleSci AI