Deep learning for detecting logic-flaw-exploiting network attacks: An end-to-end approach

Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu

Research output: Contribution to journalArticlepeer-review

2 Scopus citations

Abstract

Network attacks have become a major security concern for organizations worldwide. A category of network attacks that exploit the logic (security) flaws of a few widely-deployed authentication protocols has been commonly observed in recent years. Such logic-flaw-exploiting network attacks often do not have distinguishing signatures, and can thus easily evade the typical signature-based network intrusion detection systems. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach based on protocol fuzzing to automatically generate high-quality network data, on which deep learning models can be trained for network attack detection. Our findings show that protocol fuzzing can generate data samples that cover real-world data, and deep learning models trained with fuzzed data can successfully detect the logic-flaw-exploiting network attacks.

Original languageEnglish (US)
Pages (from-to)541-570
Number of pages30
JournalJournal of Computer Security
Volume30
Issue number4
DOIs
StatePublished - 2021

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Deep learning for detecting logic-flaw-exploiting network attacks: An end-to-end approach'. Together they form a unique fingerprint.

Cite this