Deep Learning for Detecting Network Attacks: An End-to-End Approach

Qingtian Zou; Anoop Singhal; Xiaoyan Sun; Peng Liu

doi:10.1007/978-3-030-81242-3_13

Deep Learning for Detecting Network Attacks: An End-to-End Approach

Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traffic data. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach to automatically generate high-quality network data using protocol fuzzing, and train the deep learning models using the fuzzed data to detect the network attacks that exploit the logic flaws within the network protocols. Our findings show that fuzzing generates data samples that cover real-world data and deep learning models trained with fuzzed data can successfully detect real network attacks.

Original language	English (US)
Title of host publication	Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings
Editors	Ken Barker, Kambiz Ghazinour
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	221-234
Number of pages	14
ISBN (Print)	9783030812416
DOIs	https://doi.org/10.1007/978-3-030-81242-3_13
State	Published - 2021
Event	35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021 - Virtual, Online Duration: Jul 19 2021 → Jul 20 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12840 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021
City	Virtual, Online
Period	7/19/21 → 7/20/21

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-030-81242-3_13

Cite this

Zou, Q., Singhal, A., Sun, X., & Liu, P. (2021). Deep Learning for Detecting Network Attacks: An End-to-End Approach. In K. Barker, & K. Ghazinour (Eds.), Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings (pp. 221-234). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12840 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-81242-3_13

Zou, Qingtian ; Singhal, Anoop ; Sun, Xiaoyan et al. / Deep Learning for Detecting Network Attacks : An End-to-End Approach. Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings. editor / Ken Barker ; Kambiz Ghazinour. Springer Science and Business Media Deutschland GmbH, 2021. pp. 221-234 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c750a8442f274adcba5f9a65801ad2b2,

title = "Deep Learning for Detecting Network Attacks: An End-to-End Approach",

abstract = "Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traffic data. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach to automatically generate high-quality network data using protocol fuzzing, and train the deep learning models using the fuzzed data to detect the network attacks that exploit the logic flaws within the network protocols. Our findings show that fuzzing generates data samples that cover real-world data and deep learning models trained with fuzzed data can successfully detect real network attacks.",

author = "Qingtian Zou and Anoop Singhal and Xiaoyan Sun and Peng Liu",

note = "Funding Information: This work was supported by NIST 60NANB20D180. Publisher Copyright: {\textcopyright} 2021, IFIP International Federation for Information Processing.; 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021 ; Conference date: 19-07-2021 Through 20-07-2021",

year = "2021",

doi = "10.1007/978-3-030-81242-3_13",

language = "English (US)",

isbn = "9783030812416",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "221--234",

editor = "Ken Barker and Kambiz Ghazinour",

booktitle = "Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings",

address = "Germany",

}

Zou, Q, Singhal, A, Sun, X & Liu, P 2021, Deep Learning for Detecting Network Attacks: An End-to-End Approach. in K Barker & K Ghazinour (eds), Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12840 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 221-234, 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021, Virtual, Online, 7/19/21. https://doi.org/10.1007/978-3-030-81242-3_13

Deep Learning for Detecting Network Attacks: An End-to-End Approach. / Zou, Qingtian; Singhal, Anoop; Sun, Xiaoyan et al.
Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings. ed. / Ken Barker; Kambiz Ghazinour. Springer Science and Business Media Deutschland GmbH, 2021. p. 221-234 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12840 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Deep Learning for Detecting Network Attacks

T2 - 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021

AU - Zou, Qingtian

AU - Singhal, Anoop

AU - Sun, Xiaoyan

AU - Liu, Peng

PY - 2021

Y1 - 2021

N2 - Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traffic data. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach to automatically generate high-quality network data using protocol fuzzing, and train the deep learning models using the fuzzed data to detect the network attacks that exploit the logic flaws within the network protocols. Our findings show that fuzzing generates data samples that cover real-world data and deep learning models trained with fuzzed data can successfully detect real network attacks.

AB - Network attack is still a major security concern for organizations worldwide. Recently, researchers have started to apply neural networks to detect network attacks by leveraging network traffic data. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach to automatically generate high-quality network data using protocol fuzzing, and train the deep learning models using the fuzzed data to detect the network attacks that exploit the logic flaws within the network protocols. Our findings show that fuzzing generates data samples that cover real-world data and deep learning models trained with fuzzed data can successfully detect real network attacks.

UR - http://www.scopus.com/inward/record.url?scp=85112687268&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85112687268&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-81242-3_13

DO - 10.1007/978-3-030-81242-3_13

M3 - Conference contribution

AN - SCOPUS:85112687268

SN - 9783030812416

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 221

EP - 234

BT - Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings

A2 - Barker, Ken

A2 - Ghazinour, Kambiz

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 19 July 2021 through 20 July 2021

ER -

Zou Q, Singhal A, Sun X, Liu P. Deep Learning for Detecting Network Attacks: An End-to-End Approach. In Barker K, Ghazinour K, editors, Data and Applications Security and Privacy XXXV - 35th Annual IFIP WG 11.3 Conference, DBSec 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 221-234. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-81242-3_13

Deep Learning for Detecting Network Attacks: An End-to-End Approach

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this