A holistic and proactive approach to forecasting cyber threats

Almahmoud, Zaid; Yoo, Paul D.; Alhussein, Omar; Farhat, Ilyas A. H.; Damiani, Ernesto

doi:10.1038/s41598-023-35198-1

Cited by 14 publications

(4 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, attackers employ various strategies to evade detection, resulting in diverse patterns and temporal distributions in terms of their attack behavior. For instance, some attacks may occur during nonworking hours, or attackers might intentionally carry out attacks during holidays when network traffic is typically more congested, making it easier to conceal their malicious activities [47,48]. Therefore, network intrusion detection needs to consider the temporal dependencies before and after attack events to gain a comprehensive understanding of intrusion behavior patterns.…”

Section: Bidirectional Long Short-term Memorymentioning

confidence: 99%

CBF-IDS: Addressing Class Imbalance Using CNN-BiLSTM with Focal Loss in Network Intrusion Detection System

Peng,

Wu,

Xiao

2023

Applied Sciences

View full text Add to dashboard Cite

The importance of network security has become increasingly prominent due to the rapid development of network technology. Network intrusion detection systems (NIDSs) play a crucial role in safeguarding networks from malicious attacks and intrusions. However, the issue of class imbalance in the dataset presents a significant challenge to NIDSs. In order to address this concern, this paper proposes a new NIDS called CBF-IDS, which combines convolutional neural networks (CNNs) and bidirectional long short-term memory networks (BiLSTMs) while employing the focal loss function. By utilizing CBF-IDS, spatial and temporal features can be extracted from network traffic. Moreover, during model training, CBF-IDS applies the focal loss function to give more weight to minority class samples, thereby mitigating the impact of class imbalance on model performance. In order to evaluate the effectiveness of CBF-IDS, experiments were conducted on three benchmark datasets: NSL-KDD, UNSW-NB15, and CIC-IDS2017. The experimental results demonstrate that CBF-IDS outperforms other classification models, achieving superior detection performance.

show abstract

Section: Bidirectional Long Short-term Memorymentioning

confidence: 99%

CBF-IDS: Addressing Class Imbalance Using CNN-BiLSTM with Focal Loss in Network Intrusion Detection System

Peng,

Wu,

Xiao

2023

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…Cybercriminals use malware or malicious software for many reasons. For instance: To illegally obtain sensitive data from the individual via stealing or online fraud, for example, passwords, bank and credit card details and business-related data, and so on [23] . To acquire remote admittance to machines and networks.…”

Section: Background and Financial Impact Of Malware Attacks On Societymentioning

confidence: 99%

“…To illegally obtain sensitive data from the individual via stealing or online fraud, for example, passwords, bank and credit card details and business-related data, and so on [23] .…”

Section: Background and Financial Impact Of Malware Attacks On Societymentioning

confidence: 99%

How to punish cyber criminals: A study to investigate the target and consequence based punishments for malware attacks in UK, USA, China, Ethiopia & Pakistan

Khadam,

Anjum,

Alam

et al. 2023

Heliyon

View full text Add to dashboard Cite

“…The trend is to move away from traditional security approaches and embrace predictive methods capable of detecting sophisticated attacks [4]. The cost of cyber attacks continues to increase, and it will likely follow the same trajectory.…”

Section: Introductionmentioning

confidence: 99%

Rapid Forecasting of Cyber Events Using Machine Learning-Enabled Features

Ahmed,

Azad,

Asyhari

2024

Information

View full text Add to dashboard Cite

In recent years, there has been a notable surge in both the complexity and volume of targeted cyber attacks, largely due to heightened vulnerabilities in widely adopted technologies. The Prediction and detection of early attacks are vital to mitigating potential risks from cyber attacks and network resilience. With the rapid increase of digital data and the increasing complexity of cyber attacks, big data has become a crucial tool for intrusion detection and forecasting. By leveraging the capabilities of unstructured big data, intrusion detection and forecasting systems can become more effective in detecting and preventing cyber attacks and anomalies. While some progress has been made on attack prediction, little attention has been given to forecasting cyber events based on time series and unstructured big data. In this research, we used the CSE-CIC-IDS2018 dataset, a comprehensive dataset containing several attacks on a realistic network. Then we used time-series forecasting techniques to construct time-series models with tuned parameters to assess the effectiveness of these techniques, which include Sequential Minimal Optimisation for regression (SMOreg), linear regression and Long Short-Term Memory (LSTM) to forecast the cyber events. We used machine learning algorithms such as Naive Bayes and random forest to evaluate the performance of the models. The best performance results of 90.4% were achieved with Support Vector Machine (SVM) and random forest. Additionally, Mean Absolute Error (MAE) and Root Mean Square Error (RMSE) metrics were used to evaluate forecasted event performance. SMOreg’s forecasted events yielded the lowest MAE, while those from linear regression exhibited the lowest RMSE. This work is anticipated to contribute to effective cyber threat detection, aiming to reduce security breaches within critical infrastructure.

show abstract

A holistic and proactive approach to forecasting cyber threats

Cited by 14 publications

References 36 publications

CBF-IDS: Addressing Class Imbalance Using CNN-BiLSTM with Focal Loss in Network Intrusion Detection System

CBF-IDS: Addressing Class Imbalance Using CNN-BiLSTM with Focal Loss in Network Intrusion Detection System

How to punish cyber criminals: A study to investigate the target and consequence based punishments for malware attacks in UK, USA, China, Ethiopia & Pakistan

Rapid Forecasting of Cyber Events Using Machine Learning-Enabled Features

Contact Info

Product

Resources

About