Cyber threat hunting using unsupervised federated learning and adversary emulation

被引:0
|
作者
Sheikhi, Saeid [1 ]
Kostakos, Panos [1 ]
机构
[1] Univ Oulu, Fac Informat Technol & Elect Engn, Ctr Ubiquitous Comp, Oulu, Finland
来源
2023 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR | 2023年
基金
芬兰科学院;
关键词
Threat hunting; Cyber threats; Threat actors; Federated learning; adversary emulation;
D O I
10.1109/CSR57506.2023.10224990
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The rapid growth of communication networks, coupled with the increasing complexity of cyber threats, necessitates the implementation of proactive measures to protect networks and systems. In this study, we introduce a federated learning-based approach for cyber threat hunting at the endpoint level. The proposed method utilizes the collective intelligence of multiple devices to effectively and confidentially detect attacks on individual machines. A security assessment tool is also developed to emulate the behavior of adversary groups and Advanced Persistent Threat (APT) actors in the network. This tool provides network security experts with the ability to assess their network environment's resilience and aids in generating authentic data derived from diverse threats for use in subsequent stages of the federated learning (FL) model. The results of the experiments demonstrate that the proposed model effectively detects cyber threats on the devices while safeguarding privacy.
引用
收藏
页码:315 / 320
页数:6
相关论文
共 50 条
  • [41] Cyber threat prediction using dynamic heterogeneous graph learning
    Zhao, Jun
    Shao, Minglai
    Wang, Hong
    Yu, Xiaomei
    Li, Bo
    Liu, Xudong
    KNOWLEDGE-BASED SYSTEMS, 2022, 240
  • [42] A Semantic Approach for Cyber Threat Prediction Using Machine Learning
    Goyal, Yojana
    Sharma, Anand
    PROCEEDINGS OF THE 2019 3RD INTERNATIONAL CONFERENCE ON COMPUTING METHODOLOGIES AND COMMUNICATION (ICCMC 2019), 2019, : 435 - 438
  • [43] LUUNU - BLOCKCHAIN, MISP, MODEL CARDS AND FEDERATED LEARNING ENABLED CYBER THREAT INTELLIGENCE SHARING PLATFORM
    Bandara, Eranga
    Shetty, Sachin
    Mukkamala, Ravi
    Rahaman, Abdul
    Liang, Xueping
    PROCEEDINGS OF THE 2022 ANNUAL MODELING AND SIMULATION CONFERENCE (ANNSIM'22), 2022, : 235 - 245
  • [44] Detecting Advanced Persistent Threat Malware Using Machine Learning-Based Threat Hunting
    Lin, Tien-Chih
    Guo, Cheng-Chung
    Yang, Chu -Sing
    PROCEEDINGS OF THE 18TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY (ECCWS 2019), 2019, : 760 - 768
  • [45] Unsupervised Speaker Diarization in Distributed IoT Networks Using Federated Learning
    Bhuyan, Amit Kumar
    Dutta, Hrishikesh
    Biswas, Subir
    IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTATIONAL INTELLIGENCE, 2024,
  • [47] Cyber threat attribution using unstructured reports in cyber threat intelligence
    Irshad, Ehtsham
    Siddiqui, Abdul Basit
    EGYPTIAN INFORMATICS JOURNAL, 2023, 24 (01) : 43 - 59
  • [48] Practical Vertical Federated Learning With Unsupervised Representation Learning
    Wu, Zhaomin
    Li, Qinbin
    He, Bingsheng
    IEEE TRANSACTIONS ON BIG DATA, 2024, 10 (06) : 864 - 878
  • [49] A flexible approach for cyber threat hunting based on kernel audit records
    Fengyu Yang
    Yanni Han
    Ying Ding
    Qian Tan
    Zhen Xu
    Cybersecurity, 5
  • [50] OntoHunt - A Semantic Reasoning Approach to Cyber Threat Hunting with Indicators of Behaviour
    Chetwyn, Robert Andrew
    Eian, Martin
    Josang, Audun
    2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR, 2024, : 853 - 859