An Enhanced Classification Model for Likelihood of Zero-Day Attack Detection and Estimation



Abstract Views
405

Downloads
356

Citations

Share

##plugins.themes.bootstrap3.article.sidebar##

Submitted Jul 29, 2021
Published Aug 19, 2021
10.24018/ejece.2021.5.4.350

Abstract viewed = 405 times

Table of Contents

##plugins.themes.bootstrap3.article.main##

The growing threat to sensitive information stored in computer systems and devices is becoming alarming. This is as a result of the proliferation of different malware created on a daily basis to cause zero-day attacks. Most of the malware whose signatures are known can easily be detected and blocked, however, the unknown malwares are the most dangerous. In this paper a zero-day vulnerability model based on deep-reinforcement learning is presented. The technique employs a Monte Carlo Based Pareto Rule (Deep-RL-MCB-PR) approach that exploits a reward learning and training feature with sparse feature generation and adaptive multi-layered recurrent prediction for the detection and subsequent mitigation of zero-day threats. The new model has been applied to the Kyoto benchmark datasets for intrusion detection systems, and compared to an existing system, that uses a multi-layer protection and a rule-based ranking (RBK) approach to detect a zero-day attack likelihood. Experiments were performed using the dataset, and simulation results show that the Deep-RL-MCB-PR technique when measured with the classification accuracy metrics, produced about 67.77%. The dataset was further magnified, and the result of classification accuracy showed about 75.84%. These results account for a better error response when compared to the RBK technique.

Keywords: Deep Learning, Dimensionality Reduction, Malware, Sparse features, Zero-day Attack

Downloads

Download data is not yet available.

References

  1. Dalziel, H. (2014). How to defeat advanced malware: new tools for protection and forensics: Syngress.
     Google Scholar
  2. Parrend, P., Navarro, J., Guigou, F., Deruyver, A., & Collet, P. (2018). Foundations and applications of artificial Intelligence for zero-day and multi-step attack detection. Journal on Information Security EURASIP, 2018(1), 4.
     Google Scholar
  3. Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep Learning. In: MIT Press.
     Google Scholar
  4. Hinton, G. E., & Salakhutdinov, R. R. (2006). Reducing the dimensionality of data with neural networks. Journal of Science, 313(5786), 504-507.
     Google Scholar
  5. Alazab, M., Venkatraman, S., Watters, P., & Alazab, M. (2011). Zero-day malware detection based on supervised learning algorithms of API call signatures. Paper presented at the Proceedings of the Ninth Australasian Data Mining Conference-Volume 121. 171-181.
     Google Scholar
  6. Jain, P., & Sardana, A. (2012). Defending against internet worms using honeyfarm. Paper presented at the Proceedings of the CUBE International Information Technology Conference.
     Google Scholar
  7. Kaur, R., & Singh, M. (2014). Efficient hybrid technique for detecting zero-day polymorphic worms. Paper presented at the 2014 IEEE International Advance Computing Conference (IACC).
     Google Scholar
  8. Kaur, R., & Singh, M. (2015). A Hybrid Real-Time Zero-day Attack Detection and Analysis System. International Journal of Computer Network and Information Security, 9, 19-31. doi: 10.5815/ijcnis.2015.09.03.
     Google Scholar
  9. Rathore, H., Agarwal, S., Sahay, S. K., & Sewak, M. (2018). Malware Detection Using Machine Learning and Deep Learning. Paper presented at the International Conference on Big Data Analytics.
     Google Scholar
  10. Cordonsky, I., Rosenberg, I., Sicard, G., & David, E. O. (2018). DeepOrigin: End-to-end deep learning for detection of new malware families. Paper presented at the 2018 International Joint Conference on Neural Networks (IJCNN). 1-7.
     Google Scholar
  11. Bhodia, N., Prajapati, P., Di Troia, F., & Stamp, M. (2019). Transfer Learning for Image-Based Malware Classification. arXiv preprint arXiv:1903.11551.
     Google Scholar
  12. Singh, U. K., & Joshi, C. (2018). Scalable approach towards discovery of unknown vulnerabilities. International Journal of Network Security. 20(5), 827-835.
     Google Scholar
  13. Singh, U. K., Joshi, C., & Singh, S. K. (2017). Zero day attacks defense technique for protecting system against unknown vulnerabilities. International Journal of Scientific Research in Computer Science and Engineering. 5(1), 13-18.
     Google Scholar
  14. Page, L., Brin, S., Motwani, R., & Winograd, T. (1999). The PageRank citation ranking: Bringing order to the web. Stanford InfoLab.
     Google Scholar
  15. Song, J., Takakura, H., & Okabe, Y. (2008). Cooperation of intelligent honeypots to detect unknown malicious codes. Paper presented at the 2008 WOMBAT Workshop on Information Security Threats Data Collection and Sharing.
     Google Scholar