A Comparison of Re-Sampling Techniques for Detection of Multi-Step Attacks on Deep Learning Models
Jamal, Muhammad Hassan and Naz, Naila and Khattak, Muazzam A. Khan and Saeed, Faisal and Altamimi, Saad Nasser and Qasem, Sultan Noman (2023) A Comparison of Re-Sampling Techniques for Detection of Multi-Step Attacks on Deep Learning Models. IEEE Access, 11. pp. 127446-127457. ISSN 2169-3536
Preview |
Text
A_Comparison_of_Re-Sampling_Techniques_for_Detection_of_Multi-Step_Attacks_on_Deep_Learning_Models.pdf - Published Version Available under License Creative Commons Attribution Non-commercial No Derivatives. Download (1MB) |
Abstract
The increasing dependence on data analytics and artificial intelligence (AI) methodologies across various domains has prompted the emergence of apprehensions over data security and integrity. There exists a consensus among scholars and experts that the identification and mitigation of Multi-step attacks pose significant challenges due to the intricate nature of the diverse approaches utilized. This study aims to address the issue of imbalanced datasets within the domain of Multi-step attack detection. To achieve this objective, the research explores three distinct re-sampling strategies, namely over-sampling, under-sampling, and hybrid re-sampling techniques. The study offers a comprehensive assessment of several re-sampling techniques utilized in the detection of Multi-step attacks on deep learning (DL) models. The efficacy of the solution is evaluated using a Multi-step cyber attack dataset that emulates attacks across six attack classes. Furthermore, the performance of several re-sampling approaches with numerous traditional machine learning (ML) and deep learning (DL) models are compared, based on performance metrics such as accuracy, precision, recall, F-1 score, and G-mean. In contrast to preliminary studies, the research focuses on Multi-step attack detection. The results indicate that the combination of Convolutional Neural Networks (CNN) with Deep Belief Networks (DBN), Long Short-Term Memory (LSTM), and Recurrent Neural Networks (RNN) provides optimal results as compared to standalone ML/DL models. Moreover, the results also depict that SMOTEENN, a hybrid re-sampling technique, demonstrates superior effectiveness in enhancing detection performance across various models and evaluation metrics. The findings indicate the significance of appropriate re-sampling techniques to improve the efficacy of Multi-step attack detection on DL models.
| Item Type: | Article |
|---|---|
| Identification Number: | 10.1109/ACCESS.2023.3332512 |
| Dates: | Date Event 1 November 2023 Accepted 13 November 2023 Published Online |
| Uncontrolled Keywords: | Data models, Data analysis, Cyberattack, Organizations, Deep learning, Training, Prediction algorithms, Machine learning, Artificial intelligence |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science |
| Divisions: | Faculty of Computing, Engineering and the Built Environment > College of Computing |
| Depositing User: | Gemma Tonks |
| Date Deposited: | 08 Dec 2023 16:59 |
| Last Modified: | 08 Dec 2023 16:59 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/15049 |
Actions (login required)
 |
View Item |
Tools
Tools
