A Comparison of Re-Sampling Techniques for Detection of Multi-Step Attacks on Deep Learning Models

Jamal, Muhammad Hassan and Naz, Naila and Khattak, Muazzam A. Khan and Saeed, Faisal and Altamimi, Saad Nasser and Qasem, Sultan Noman (2023) A Comparison of Re-Sampling Techniques for Detection of Multi-Step Attacks on Deep Learning Models. IEEE Access, 11. pp. 127446-127457. ISSN 2169-3536

A_Comparison_of_Re-Sampling_Techniques_for_Detection_of_Multi-Step_Attacks_on_Deep_Learning_Models.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (1MB)


The increasing dependence on data analytics and artificial intelligence (AI) methodologies across various domains has prompted the emergence of apprehensions over data security and integrity. There exists a consensus among scholars and experts that the identification and mitigation of Multi-step attacks pose significant challenges due to the intricate nature of the diverse approaches utilized. This study aims to address the issue of imbalanced datasets within the domain of Multi-step attack detection. To achieve this objective, the research explores three distinct re-sampling strategies, namely over-sampling, under-sampling, and hybrid re-sampling techniques. The study offers a comprehensive assessment of several re-sampling techniques utilized in the detection of Multi-step attacks on deep learning (DL) models. The efficacy of the solution is evaluated using a Multi-step cyber attack dataset that emulates attacks across six attack classes. Furthermore, the performance of several re-sampling approaches with numerous traditional machine learning (ML) and deep learning (DL) models are compared, based on performance metrics such as accuracy, precision, recall, F-1 score, and G-mean. In contrast to preliminary studies, the research focuses on Multi-step attack detection. The results indicate that the combination of Convolutional Neural Networks (CNN) with Deep Belief Networks (DBN), Long Short-Term Memory (LSTM), and Recurrent Neural Networks (RNN) provides optimal results as compared to standalone ML/DL models. Moreover, the results also depict that SMOTEENN, a hybrid re-sampling technique, demonstrates superior effectiveness in enhancing detection performance across various models and evaluation metrics. The findings indicate the significance of appropriate re-sampling techniques to improve the efficacy of Multi-step attack detection on DL models.

Item Type: Article
Identification Number: https://doi.org/10.1109/ACCESS.2023.3332512
1 November 2023Accepted
13 November 2023Published Online
Uncontrolled Keywords: Data models, Data analysis, Cyberattack, Organizations, Deep learning, Training, Prediction algorithms, Machine learning, Artificial intelligence
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Gemma Tonks
Date Deposited: 08 Dec 2023 16:59
Last Modified: 08 Dec 2023 16:59
URI: https://www.open-access.bcu.ac.uk/id/eprint/15049

Actions (login required)

View Item View Item


In this section...