تشخیص نفوذ امنیت سایبری و رویکردهای مربوطه
ترجمه نشده

تشخیص نفوذ امنیت سایبری و رویکردهای مربوطه

عنوان فارسی مقاله: یادگیری عمیق برای تشخیص نفوذ امنیت سایبری: رویکردها، مجموعه داده ها و مطالعه مقایسه ای
عنوان انگلیسی مقاله: Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study
مجله/کنفرانس: مجله امنیت اطلاعات و برنامه های کاربردی - Journal Of Information Security And Applications
رشته های تحصیلی مرتبط: کامپیوتر
گرایش های تحصیلی مرتبط: مهندسی الگوریتم ها و محاسبات، هوش مصنوعی، امنیت اطلاعات
کلمات کلیدی فارسی: یادگیری ماشینی، یادگیری عمیق، امنیت سایبری، تشخیص نفوذ
کلمات کلیدی انگلیسی: Machine learning، Deep learning، Cyber security، Intrusion detection
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
نمایه: Scopus - Master Journals List - JCR
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.jisa.2019.102419
دانشگاه: Department of Computer Science, Guelma University, Guelma 24000, Algeria
صفحات مقاله انگلیسی: 19
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2020
ایمپکت فاکتور: 2/569 در سال 2019
شاخص H_index: 31 در سال 2020
شاخص SJR: 0/387 در سال 2019
شناسه ISSN: 2214-2126
شاخص Quartile (چارک): Q2 در سال 2019
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: بله
آیا این مقاله مدل مفهومی دارد: دارد
آیا این مقاله پرسشنامه دارد: ندارد
آیا این مقاله متغیر دارد: ندارد
کد محصول: E14413
رفرنس: دارای رفرنس در داخل متن و انتهای مقاله
فهرست مطالب (انگلیسی)

Abstract

1- Introduction

2- Related studies

3- Deep learning approaches-based intrusion detection systems

4- Public datasets

5- Deep learning approaches

6- Experimentation

7- Conclusion

References

بخشی از مقاله (انگلیسی)

Abstract

In this paper, we present a survey of deep learning approaches for cyber security intrusion detection, the datasets used, and a comparative study. Specifically, we provide a review of intrusion detection systems based on deep learning approaches. The dataset plays an important role in intrusion detection, therefore we describe 35 well-known cyber datasets and provide a classification of these datasets into seven categories; namely, network traffic-based dataset, electrical network-based dataset, internet traffic-based dataset, virtual private network-based dataset, android apps-based dataset, IoT traffic-based dataset, and internet-connected devices-based dataset. We analyze seven deep learning models including recurrent neural networks, deep neural networks, restricted Boltzmann machines, deep belief networks, convolutional neural networks, deep Boltzmann machines, and deep autoencoders. For each model, we study the performance in two categories of classification (binary and multiclass) under two new real traffic datasets, namely, the CSE-CIC-IDS2018 dataset and the Bot-IoT dataset. In addition, we use the most important performance indicators, namely, accuracy, false alarm rate, and detection rate for evaluating the efficiency of several methods.

Introduction

Critical National Infrastructures (CNIs) such as ports, water and gas distributors, hospitals, energy providers are becoming the main targets of cyber attacks. Supervisory Control and Data Acquisitions (SCADA) or Industrial Control Systems (ICS) in general are the core systems that CNIs rely on in order to manage their production. Protection of ICSs and CNIs has become an essential issue to be considered in an organizational, national and European level. For instance, in order to cope with the increasing risk of CNIs, Europe has issued during the past years a number of directives and regulations that try to create a coherent framework for securing networks, information and electronic communications. Apart from regulations, directives and policies, specific security measures are also needed to cover all legal, organizational, capacity building and technical aspects of cyber security [1]. Intrusion detection systems (IDS) [2] are part of the second defense line of a system. IDSs can be deployed along with other secu-rity measures, such as access control, authentication mechanisms and encryption techniques in order to better secure the systems against cyber attacks. Using patterns of benign traffic or normal behavior or specific rules that describe a specific attack, IDSs can distinguish between normal and malicious actions [3]. According to Dewa and Maglaras [4], data mining which is used to describe knowledge discovery can help to implement and deploy IDSs with higher accuracy and robust behavior as compared to traditional IDSs that may not be as effective against modern sophisticated cyber attacks [5].