A Contextual Anomaly Detection Approach to Discover Zero-Day Attacks

被引:18
|
作者
AlEroud, Ahmed [1 ]
Karabatis, George [1 ]
机构
[1] Univ Maryland Baltimore Cty, Dept Informat Syst, Baltimore, MD 21228 USA
来源
2012 ASE INTERNATIONAL CONFERENCE ON CYBER SECURITY (CYBERSECURITY) | 2012年
关键词
cyber security; zero-day attack; misuse detection; contextual anomaly; one class nearest neighbor;
D O I
10.1109/CyberSecurity.2012.12
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
There is a considerable interest in developing techniques to detect zero-day (unknown) cyber-attacks, and considering context is a promising approach. This paper describes a contextual misuse approach combined with an anomaly detection technique to detect zero-day cyber attacks. The contextual misuse detection utilizes similarity with attack context profiles, and the anomaly detection technique identifies new types of attacks using the One Class Nearest Neighbor (1-NN) algorithm. Experimental results on the NSL-KDD intrusion detection dataset have shown that the proposed approach is quite effective in detecting zero-day attacks.
引用
收藏
页码:40 / 45
页数:6
相关论文
共 50 条
  • [1] Detection of Zero-day Attacks on IoT
    Reardon, Shay
    Hssayeni, Murtadha D.
    Mahgoub, Imadeldin
    [J]. 2024 INTERNATIONAL CONFERENCE ON SMART APPLICATIONS, COMMUNICATIONS AND NETWORKING, SMARTNETS-2024, 2024,
  • [2] Anomaly Detection of Zero-Day Attacks Based on CNN and Regularization Techniques
    Ibrahim Hairab, Belal
    Aslan, Heba K.
    Elsayed, Mahmoud Said
    Jurcut, Anca D.
    Azer, Marianne A.
    [J]. ELECTRONICS, 2023, 12 (03)
  • [3] Detection of zero-day attacks: An unsupervised port-based approach
    Blaise, Agathe
    Bouet, Mathieu
    Conan, Vania
    Secci, Stefano
    [J]. COMPUTER NETWORKS, 2020, 180 (180)
  • [4] Anomaly Detection Based on CNN and Regularization Techniques Against Zero-Day Attacks in IoT Networks
    Hairab, Belal Ibrahim
    Elsayed, Mahmoud Said
    Jurcut, Anca D.
    Azer, Marianne A.
    [J]. IEEE ACCESS, 2022, 10 : 98427 - 98440
  • [5] A survey of zero-day malware attacks and its detection methodology
    Radhakrishnan, Kiran
    Menon, Rajeev R.
    Nath, Hiran V.
    [J]. PROCEEDINGS OF THE 2019 IEEE REGION 10 CONFERENCE (TENCON 2019): TECHNOLOGY, KNOWLEDGE, AND SOCIETY, 2019, : 533 - 539
  • [6] Detecting zero-day attacks using context-aware anomaly detection at the application-layer
    Duessel, Patrick
    Gehl, Christian
    Flegel, Ulrich
    Dietrich, Sven
    Meier, Michael
    [J]. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2017, 16 (05) : 475 - 490
  • [7] Detecting zero-day attacks using context-aware anomaly detection at the application-layer
    Patrick Duessel
    Christian Gehl
    Ulrich Flegel
    Sven Dietrich
    Michael Meier
    [J]. International Journal of Information Security, 2017, 16 : 475 - 490
  • [8] Signature Based Intrusion Detection for Zero-Day Attacks: (Not) A Closed Chapter?
    Holm, Hannes
    [J]. 2014 47TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2014, : 4895 - 4904
  • [9] An unsupervised approach for the detection of zero-day distributed denial of service attacks in Internet of Things networks
    Roopak, Monika
    Parkinson, Simon
    Tian, Gui Yun
    Ran, Yachao
    Khan, Saad
    Chandrasekaran, Balasubramaniyan
    [J]. IET NETWORKS, 2024, : 513 - 527
  • [10] An Asset-Based Approach to Mitigate Zero-Day Ransomware Attacks
    Azzedin, Farag
    Suwad, Husam
    Rahman, Md Mahfuzur
    [J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2022, 73 (02): : 3003 - 3020
12345