Multivalued Classification of Computer Attacks Using Artificial Neural Networks with Multiple Outputs

Cover Page

Cite item

Full Text

Abstract

Modern computer networks (CN), having a complex and often heterogeneous structure, generate large volumes of multi-dimensional multi-label data. Accounting for information about multi-label experimental data (ED) can improve the efficiency of solving a number of information security problems: from CN profiling to detecting and preventing computer attacks on CN. The aim of the work is to develop a multi-label artificial neural network (ANN) architecture for detecting and classifying computer attacks in multi-label ED, and its comparative analysis with known analogues in terms of binary metrics for assessing the quality of classification. A formalization of ANN in terms of matrix algebra is proposed, which allows taking into account the case of multi-label classification and the new architecture of ANN with multiple output using the proposed formalization. The advantage of the proposed formalization is the conciseness of a number of entries associated with the ANN operating mode and learning mode. Proposed architecture allows solving the problems of detecting and classifying multi-label computer attacks, on average, 5% more efficiently than known analogues. The observed gain is due to taking into account multi-label patterns between class labels at the training stage through the use of a common first layer. The advantages of the proposed ANN architecture are scalability to any number of class labels and fast convergence.

About the authors

O. I. Shelukhin

Moscow Technical University of Communications and Informatics

Email: sheluhin@mail.ru
ORCID iD: 0000-0001-7564-6744

D. I. Rakovsky

Moscow Technical University of Communications and Informatics

Email: Prophet_alpha@mail.ru
ORCID iD: 0000-0001-7689-4678

References

  1. Большаков А.С. Губанкова Е.В. Обнаружение аномалий в компьютерных сетях с использованием методов машинного обучения // REDS: Телекоммуникационные устройства и системы. 2020. Т. 10. № 1. С. 37‒42.
  2. Sheluhin O.I., Rakovskiy D.I. Multi-Label Learning in Computer Networks // Proceedings of the Conference at 2023 Systems of Signals Generating and Processing in the Field of on Board Communications (Moscow, Russian Federation, 14‒16 March 2023). IEEE, 2023. doi: 10.1109/IEEECONF56737.2023.10092157
  3. Чечулин А.А. Проблемы сбора корректной и непротиворечивой информации о состоянии компьютерной сети // Информатизация и связь. 2023. № 1. С. 91‒94. doi: 10.34219/2078-8320-2023-14-1-91-94
  4. Шелухин О.И., Раковский Д.И. Прогнозирование профиля функционирования компьютерной системы на основе многозначных закономерностей // Вопросы кибербезопасности. 2022. № 6(52). С. 53‒70. doi: 10.21681/2311-3456-2022-6-53-70
  5. Sheluhin O.I., Osin A.V., Rakovsky D.I. New Algorithm for Predicting the States of a Computer Network Using Multivalued Dependencies // Automatic Control and Computer Sciences. 2023. Vol. 57. Iss. 1. PP. 48–60. doi: 10.3103/S0146411623010091
  6. Rakovskiy D.I. Analysis of the problem of multivalued of class labels on the security of computer networks» // Synchroinfo journal. 2022. Iss. 6. PP. 10‒17. doi: 10.36724/2664-066X-2022-8-6-10-17
  7. Васильев В.И., Вульфин А.М., Гвоздев В.Е., Картак В.М., Атарская Е.А. Обеспечение информационной безопасности киберфизических объектов на основе прогнозирования и обнаружения аномалий их состояния // Системы управления, связи и безопасности. 2021. № 6. С. 90‒119. doi: 10.24412/2410-9916-2021-6-90-119
  8. Sheluhin O.I., Barkov V.V., Sekretarev S.A. The online classification of the mobile applications traffic using data mining techniques // T-Comm. 2019. Т. 13. № 10. С. 60‒67. doi: 10.24411/2072-8735-2018-10317
  9. Шелухин О.И., Барков В.В., Полковников М.В. Классификация зашифрованного трафика мобильных приложений методом машинного обучения // Вопросы кибербезопасности. 2018. № 4(28). С. 21‒28. doi: 10.21681/2311-3456-2018-4-21-28
  10. Ismailov V.E. A three layer neural network can represent any multivariate function // Journal of Mathematical Analysis and Applications. 2023. Vol. 523. Iss. 1. P. 127096. doi: 10.1016/j.jmaa.2023.127096
  11. Vaswani A., Shazeer N., Parmar N., Uszkoreit J., Jones L., Gomez A.N., et al. Attention Is All You Need // arXiv:1706.03762v7. 2017. doi: 10.48550/arXiv.1706.03762
  12. Elbayad M., Besacier L., Verbeek J. Pervasive Attention: 2D Convolutional Neural Networks for Sequence-to-Sequence Prediction // arXiv:1808.03867v3. 2018. doi: 10.48550/arXiv.1808.03867
  13. Евграфов В.А., Ильюшин Е.А. Спайковые нейронные сети // International Journal of Open Information Technologies. 2021. Т. 9. № 7. С. 21‒31.
  14. Trentin E. Multivariate Density Estimation with Deep Neural Mixture Models // Neural Processing Letters. 2023. Vol. 53. Iss. 2. PP. 1‒17. doi: 10.1007/s11063-023-11196-2
  15. Воронцов К.В. Математические методы обучения по прецедентам (теория обучения машин). URL: http://www.machinelearning.ru/wiki/images/6/6d/Voron-ML-1.pdf (дата обращения 17.05.2023)
  16. Молодцов Д.А. Сравнение и продолжение многозначных зависимостей // Нечеткие системы и мягкие вычисления. 2016. Т. 11. № 2. С. 115–145.
  17. Olson D.L., Araz Ö.M. Cluster Analysis // Data Mining and Analytics in Healthcare Management. International Series in Operations Research & Management Science. Cham: Springer, 2023. Vol. 341. PP. 53–68. doi: 10.1007/978-3-031-28113-6_5
  18. Молодцов Д.А., Осин А.В. Новый метод применения многозначных закономерностей // Нечеткие системы и мягкие вычисления. 2020. Т. 15. № 2. С. 83‒95. doi: 10.26456/fssc72
  19. Кафтанников И.Л., Парасич А.В. Проблемы формирования обучающей выборки в задачах машинного обучения // Вестник Южно-Уральского государственного университета. Серия: Компьютерные технологии, управление, радиоэлектроника. 2016. Т. 16. № 3. С. 15‒24. doi: 10.14529/ctcr160302
  20. Javed R.K., Ayub N., Shiraz M. A Novel Approach Using Deep Learning for Network Based Intrusion Detection System // Thesis for: MS CS Advisor: Nasir Ayub and Prof. Dr. Muhammad Shiraz. doi: 10.13140/RG.2.2.21108.01922
  21. Camargo J.T.F., Veraszto E.V., Barreto G., Amaral S.F Neural Networks and the Study of Time Series: An Application in Engineering Education // Journal of Mechanics Engineering and Automation. 2015. Vol. 5. P. 2159-5275153-160. doi: 10.17265/2159-5275/2015.03.003
  22. Andrychowicz M., Denil M., Gómez S., Hoffman M., Pfau D., Schaul T., et al. Learning to learn by gradient descent by gradient descent // arXiv:1606.04474v2. 2016. doi: 10.48550/arXiv.1606.04474
  23. Sheluhin O.I., Rybakov S.Y., Vanyushina A.V. Detection of Network Anomalies with the Method of Fixing Jumps of the Fractal Dimension in the Online Mode // Wave Electronics and Its Application in Information and Telecommunication Systems. 2022. Vol. 5. Iss. 1. PP. 430‒435.
  24. Kox J.H.A.M., van der Zwan J.S, Groenewoud J.H., Runhaar J., Bierma-Zeinstra S.M.A., Bakker E.J.M., et al. Predicting late dropout from nursing education or early dropout from the profession // Science Talks. 2022. Vol. 5. P. 100106. doi: 10.1016/j.sctalk.2022.100106
  25. Lamia A.N.M. Role of data normalization in k-means algorithm results // Al-Kadhum 2nd International Conference on Modern Applications of Information and Communication Technology (Baghdad, Iraq, 8–9 December 2021). 2023. doi: 10.1063/5.0119267
  26. Avant T., Morgansen K.A. Analytical Bounds on the Local Lipschitz Constants of ReLU Networks // IEEE Transactions on Neural Networks and Learning Systems. 2023. PP. 1–12. doi: 10.1109/TNNLS.2023.3273228
  27. Bressan R. Building a multi-output Convolutional Neural Network with Keras // Medium. URL: https://towardsdatascience.com/building-a-multi-output-convolutional-neural-network-with-keras-ed24c7bc1178 (дата обращения 28.06.2023)
  28. Do N.-T., Hoang V.-P., Doan V.S. A novel non-profiled side channel attack based on multi-output regression neural network // Journal of Cryptographic Engineering. 2023. doi: 10.1007/s13389-023-00314-4
  29. Prasad J.R., Saikumar S., Subbarao B.V. Design and Development of Financial Fraud Detection using Machine Learning // International Journal of Emerging Trends in Engineering Research. 2020. Vol. 8. Iss. 9. PP. 5838‒5843. DOI:10.30534/ ijeter/2020/152892020
  30. Kitsune Network Attack Dataset // Kaggle. URL: https://www.kaggle.com/datasets/ymirsky/network-attack-dataset-kitsune (дата обращения 22.02.2023)
  31. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection // Github. URL: https://github.com/ymirsky/Kitsune-py (дата обращения 22.02.2023)
  32. Mirsky Y., Doitshman T., Elovici Y., Shabtai A. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection // arXiv:1802.09089. 2018. URL: https://arxiv.org/pdf/1802.09089.pdf (дата обращения 28.08.2023)
  33. Miyamoto K., Goto H., Ishibashi R., Han C., Ban T., Takahashi T. et al. Malicious Packet Classification Based on Neural Network Using Kitsune Features // Poceedings of the Second International Conference on Intelligent Systems and Pattern Recognition (ISPR, Hammamet, Tunisia, 24–26 March 2022). Communications in Computer and Information Science. Cham: Springer, 2022. Vol. 1589. PP. 306‒314. doi: 10.1007/978-3-031-08277-1_25
  34. Preprocessing data // Scikit-Learn. URL: https://scikit-learn.org/stable/modules/preprocessing.html (дата обращения 28.06.2023)
  35. Лукьянова О.А., Никитин О.Ю., Кунин А.С. Применение матричных фильтров и теории кос для процедурной генерации архитектур нейронных сетей // Вычислительные технологии. 2019. Т. 24. № 6. С. 69‒78. DOI:10.25743/ ICT.2019.24.6.009
  36. Scheliga D., Maeder P., Seeland M. Dropout Is NOT All You Need to Prevent Gradient Leakage // Proceedings of the 37th AAAI Conference on Artificial Intelligence and Thirty-Fifth Conference on Innovative Applications of Artificial Intelligence and Thirteenth Symposium on Educational Advances in Artificial Intelligence (Washington, USA, 7–14 February 2023). AAAI Press, 2023. Vol. 37. № 8. PP. 9733‒9741. doi: 10.1609/aaai.v37i8.26163

Supplementary files

Supplementary Files
Action
1. JATS XML
Download


Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Согласие на обработку персональных данных

 

Используя сайт https://journals.rcsi.science, я (далее – «Пользователь» или «Субъект персональных данных») даю согласие на обработку персональных данных на этом сайте (текст Согласия) и на обработку персональных данных с помощью сервиса «Яндекс.Метрика» (текст Согласия).