AI Enhanced Automatic Response System for Resisting Network Threats
Network threats are malicious attacks that endanger network security. With terabits of information stored in the network and much of this information being confidential, cyber security turns to be very important. Most network protection mechanisms are based on firewall and Intrusion Detection System (IDS). However, with the diversification of cyber-attacks, traditional defense mechanisms cannot fully guarantee the security of the network. In this paper, we propose an automatic network threat response system based on machine learning and deep learning. It comprises three sub-modules: threat detection module, threat identification module and threat mitigation module. The experimental results show that the proposed system can handle 22 types of network threats in the KDD99 dataset and the rate of successful response is over 97%, which is much better than the traditional ways.
KeywordsCyber security Artificial intelligence Automatic response system Threat detection Threat identification Threat mitigation
This work is supported by the National Natural Science Foundation of China (No.61728303) and the Open Research Project of the State Key Laboratory of Industrial Control Technology, Zhejiang University, China (No. ICT1800417); this work is also supported by China NSFC 61836005 and 61672358.
- 1.Thakur, K., Qiu, M., Gai, K., Ali, M.: An investigation on cyber security threats and security models. In: 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing, pp. 307–311. IEEE, New York, November 2015Google Scholar
- 2.Tidwell, K., Saurabh, K., Dash, D., Njemanze, H.S., Kothari, P.S.: Threat detection in a network security system. U.S. Patent 7,260,844. Washington, DC, August 2007Google Scholar
- 3.Alfayyadh, B., Ponting, J., Alzomai, M., Jøsang, A.: Vulnerabilities in personal firewalls caused by poor security usability. In: 2010 IEEE International Conference on Information Theory and Information Security, pp. 682–688, Beijing, January 2011Google Scholar
- 4.Rietta, F.: Application layer intrusion detection for SQL injection. In: ACM-SE 44 Proceedings of the 44th Annual Southeast Regional Conference, pp. 531–536, Florida, March 2016Google Scholar
- 5.Ross, K.: SQL injection detection using machine learning techniques and multiple data sources. Master’s Projects. 650. https://doi.org/10.31979/etd.zknb-4z36
- 6.Li, W., Yi, P., Wu, Y., Pan, L., Li, J.: A new intrusion detection system based on KNN classification algorithm in wireless sensor network. J. Electr. Comput. Eng. 2014(240217), 1–9 (2014)Google Scholar
- 8.Vinayakumar, R., Soman, K., Poornachandran, P.: Applying convolutional neural network for network intrusion detection. In: IEEE International Conference on Advances in Computing, Communications and Informatics (ICACCI), p. 2017. Udupi, September 2017Google Scholar
- 12.Mena, J.: Investigative Data Mining for Security and Criminal Detection. Butterworth Heinemann (2003)Google Scholar
- 13.Teodoro, P.G., Verdejo, J.D., Fernández, G.M., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009)Google Scholar
- 16.Hodo, E., et al.: Threat analysis of IoT networks using artificial neural network intrusion detection system. In: 2016 International Symposium on Networks. Computers and Communications (ISNCC), pp. 1–6, Yasmine, May 2016Google Scholar
- 20.Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G.: A user-centric data protection method for cloud storage based on invertible DWT. IEEE Trans. Cloud Comput. https://doi.org/10.1109/TCC.2019.2911679