Deep-Net: Deep Neural Network for Cyber Security Use Cases

Deep neural networks (DNNs) have witnessed as a powerful approach in this year by solving long-standing Artificial intelligence (AI) supervised and unsupervised tasks exists in natural language processing, speech processing, computer vision and others. In this paper, we attempt to apply DNNs on three different cyber security use cases: Android malware classification, incident detection and fraud detection. The data set of each use case contains real known benign and malicious activities samples. The efficient network architecture for DNN is chosen by conducting various trails of experiments for network parameters and network structures. The experiments of such chosen efficient configurations of DNNs are run up to 1000 epochs with learning rate set in the range [0.01-0.5]. Experiments of DNN performed well in comparison to the classical machine learning algorithms in all cases of experiments of cyber security use cases. This is due to the fact that DNNs implicitly extract and build better features, identifies the characteristics of the data that lead to better accuracy. The best accuracy obtained by DNN and XGBoost on Android malware classification 0.940 and 0.741, incident detection 1.00 and 0.997 fraud detection 0.972 and 0.916 respectively.

[1]  K. P. Soman,et al.  Evaluating effectiveness of shallow and deep networks to intrusion detection system , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[2]  Issa M. Khalil,et al.  Cloud Computing Security: A Survey , 2014, Comput..

[3]  Abdelouahid Derhab,et al.  Android Malware Detection using Deep Learning on API Method Sequences , 2017, ArXiv.

[4]  Yuan Yu,et al.  TensorFlow: A system for large-scale machine learning , 2016, OSDI.

[5]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[6]  K. P. Soman,et al.  Evaluating shallow and deep networks for secure shell (ssh)traffic analysis , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[7]  T. Gireesh Kumar,et al.  Static and Dynamic Analysis for Android Malware Detection , 2018, CloudCom 2018.

[8]  Nitish Srivastava,et al.  Dropout: a simple way to prevent neural networks from overfitting , 2014, J. Mach. Learn. Res..

[9]  Andrew L. Maas Rectifier Nonlinearities Improve Neural Network Acoustic Models , 2013 .

[10]  P SomanK.,et al.  S.P.O.O.F Net: Syntactic Patterns for identification of Ominous Online Factors , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[11]  K. P. Soman,et al.  Secure shell (ssh) traffic analysis with flow based features using shallow and deep networks , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[12]  K. P. Soman,et al.  Deep android malware detection and classification , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[13]  K. P. Soman,et al.  Evaluating shallow and deep networks for ransomware detection and classification , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[14]  K. P. Soman,et al.  Long short-term memory based operation log anomaly detection , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[15]  Geoffrey E. Hinton,et al.  Rectified Linear Units Improve Restricted Boltzmann Machines , 2010, ICML.

[16]  Ruth Breu,et al.  Anomaly Detection in the Cloud: Detecting Security Incidents via Machine Learning , 2012, EternalS@ECAI.

[17]  K. P. Soman,et al.  Detecting malicious domain names using deep learning approaches at scale , 2018, J. Intell. Fuzzy Syst..

[18]  K. P. Soman,et al.  Evaluating deep learning approaches to characterize and classify malicious URL's , 2018, J. Intell. Fuzzy Syst..

[19]  Johan L. Perols Financial Statement Fraud Detection: An Analysis of Statistical and Machine Learning Algorithms , 2011 .

[20]  K. P. Soman,et al.  Deep encrypted text categorization , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[21]  K. P. Soman,et al.  Detecting Android malware using Long Short-term Memory (LSTM) , 2018, J. Intell. Fuzzy Syst..

[22]  Xingquan Zhu,et al.  Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[23]  Sergey Ioffe,et al.  Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift , 2015, ICML.

[24]  Prabaharan Poornachandran,et al.  Scalable Framework for Cyber Threat Situational Awareness Based on Domain Name Systems Data Analysis , 2018 .

[25]  K. P. Soman,et al.  Evaluating deep learning approaches to characterize and classify the DGAs at scale , 2018, J. Intell. Fuzzy Syst..

[26]  K. P. Soman,et al.  Evaluation of Recurrent Neural Network and its Variants for Intrusion Detection System (IDS) , 2017, Int. J. Inf. Syst. Model. Des..

[27]  Shanqing Guo,et al.  Integration of Multi-modal Features for Android Malware Detection Using Linear SVM , 2016, 2016 11th Asia Joint Conference on Information Security (AsiaJCIS).

[28]  Yong Hu,et al.  The application of data mining techniques in financial fraud detection: A classification framework and an academic review of literature , 2011, Decis. Support Syst..

[29]  K. P. Soman,et al.  Applying convolutional neural network for network intrusion detection , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[30]  V Kishore Ayyadevara,et al.  Gradient Boosting Machine , 2018 .

[31]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[32]  K. P. Soman,et al.  Applying deep learning approaches for network traffic prediction , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[33]  Yoshua Bengio,et al.  Deep Sparse Rectifier Neural Networks , 2011, AISTATS.

[34]  Martin Knahl,et al.  An Autonomous Agent Based Incident Detection System for Cloud Environments , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.