DL-based defense against polymorphic network attacks

dc.contributor.advisorHeydari, Shahram
dc.contributor.advisorEl-Khatib, Khalil
dc.contributor.authorSabeel, Ulya
dc.date.accessioned2024-02-27T20:50:23Z
dc.date.available2024-02-27T20:50:23Z
dc.date.issued2024-01-01
dc.degree.disciplineComputer Science
dc.degree.levelDoctor of Philosophy (PhD)
dc.description.abstractNetwork security is of vital importance in our world dominated by internet systems. These systems are vulnerable to large-scale rapidly evolving attacks by sophisticated cyber attackers who can have an upper edge over the defensive systems. Artificial Intelligence (AI) based intrusion detection systems provide effective defense mechanisms against cyber attacks. However, these techniques often rely on the same dataset for training and validation as well as evaluation of AI models. Current research [1] also confirms that such trained models can accurately identify known/typical network attacks but perform poorly when faced with continuously evolving atypical/polymorphic cyberattacks. Therefore, it is crucial to develop and train an AI-based Intrusion Detection System (IDS) that proactively learns to resist infiltration by such dynamically changing attacks. For this purpose, in this research work, we propose an AI-based IDS system that can monitor and detect polymorphic network attacks with high confidence levels. We propose a novel hybrid adversarial model that leverages the best characteristics of a Conditional Variational Autoencoder (CVAE) and a Generative Adversarial Network (GAN). Our system generates adversarial polymorphic attacks against the IDS to examine its performance and incrementally retrains it to strengthen its detection of new attacks, specifically for minority attack samples in the input data. The employed attack quality analysis ensures that the adversarial atypical/polymorphic attacks generated through our system resemble realistic network attacks. Our experiments showcase the exceptional performance of the proposed IDS by training it using the CICIDS2017 and CICIoT2023 benchmark datasets and evaluating its performance against several atypical/polymorphic attack flows. The results indicate that the proposed technique, through adaptive training, learns the pattern of dynamically changing atypical/polymorphic attacks and identifies such attacks with high IDS proficiency. Additionally, our IDS surpasses various state-of-the-art anomaly detection and class balancing techniques.en
dc.description.sponsorshipUniversity of Ontario Institute of Technologyen
dc.identifier.urihttps://hdl.handle.net/10155/1759
dc.language.isoenen
dc.subjectAttack qualityen
dc.subjectAtypical/polymorphic attacksen
dc.subjectDeep learningen
dc.subjectFeature profileen
dc.subjectIntrusion Detection Systemen
dc.titleDL-based defense against polymorphic network attacksen
dc.typeDissertationen
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of Ontario Institute of Technology
thesis.degree.nameDoctor of Philosophy (PhD)

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Sabeel_Ulya.pdf
Size:
8.14 MB
Format:
Adobe Portable Document Format
Description:

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.68 KB
Format:
Item-specific license agreed upon to submission
Description: