Communication Papers of the 18th Conference on Computer Science and Intelligence Systems

DOI: http://dx.doi.org/10.15439/2023F1425

Citation: Communication Papers of the 18th Conference on Computer Science and Intelligence Systems, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 37, pages 229–234 (2023)

Full text

Abstract. Botnet attacks now pose a significant hazard to the security and integrity of computer networks and information systems. However, due to technological advancements and the proliferation of malware, machine learning-based Intrusion Detection Systems (IDS) are incapable of protecting against such cyberattacks. IDS cannot detect novel bots because the vast majority of them are programmed systems. Keeping IDS up-to-date with new malware varieties is, therefore, a crucial task. In this paper, we employ  Generative Adversarial Networks (GANs) in which two neural networks compete and endeavor to outperform each other, which will serve as self-training for IDS. Our paper's primary objective is to develop an IDS capable of detecting novel malware with fewer attributes in real time. In order to accomplish this, we present a method for feature selection that trains GAN models with a minimal subset of features so that the Generator can generate similar false bots with fewer features and the discriminator's ability to identify fake data improves. We used Pearson Correlation, the Wrapper method, and Mutual Information to select the best training model characteristics. The experimental evaluation suggests the GAN model in conjunction with Mutual Information is superior at detecting novel malware.

References

1. Check point, title=Cyber security report 2023, url=https://pages.checkpoint.com/cyber-security-report-2023.html, note=(Date last accessed 27-July-2023)
2. Michali, title = Biggest Cybersecurity Challenges in 2022, Check Point Software url=https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cybersecurity/biggest-cybersecurity-challenges-in-2022, note=(Date last accessed 27-July-2023)
3. Jnguyen, title =What is cyber security? the different types of cybersecurity, Check Point Software, url = https://pages.checkpoint.com/cyber-security-report-2023.html, note=(Date last accessed 27-July-2023)
4. Goodfellow, Ian, et al. "Generative adversarial nets in advances in neural information processing systems (NIPS)." Curran Associates, Inc. Red Hook, NY, USA (2014): 2672-2680, http://dx.doi.org/10.1145/3422622, https://doi.org/10.1145\%2F3422622,year = 2020
5. Chih-Fong Tsai and Hsu, Yu-Feng and Lin, Chia-Ying and Lin, Wei-Yang. "Intrusion detection by machine learning: A review." expert systems with applications 36.10 (2009): 11994-12000, https://www.sciencedirect.com/science/article/abs/pii/S0957417409004801, http://dx.doi.org/10.1016/j.eswa.2009.05.029, https://doi.org/10.1016/j.eswa.2009.05. 029
6. Modi, Chirag, et al. "A survey of intrusion detection techniques in cloud." Journal of network and computer applications 36.1 (2013): 42-57, http://dx.doi.org/10.1016/j.jnca.2012.05.003, https://doi.org/10.1016%2Fj.jnca.2012.05.003 year = 2013.
7. Yin, Chuanlong, et al. "An enhancing framework for botnet detection using generative adversarial networks." 2018 International Conference on Artificial Intelligence and Big Data (ICAIBD). IEEE, 2018, http://dx.doi.org/10.1109/icaibd.2018.8396200, https://doi.org/10.1109%2Ficaibd.2018.8396200