NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach

Published

Author(s)

Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu

Abstract

Network attacks have become a major security concern for organizations worldwide. A category of network attacks that exploit the logic (security) flaws of a few widely-deployed authentication protocols has been commonly observed in recent years. Such logic-flaw-exploiting network attacks often do not have distinguishing signatures, and can thus easily evade the typical signature-based network intrusion detection systems. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach based on protocol fuzzing to automatically generate high-quality network data, on which deep learning models can be trained for network attack detection. Our findings show that protocol fuzzing can generate data samples that cover real-world data, and deep learning models trained with fuzzed data can successfully detect the logic-flaw-exploiting network attacks.
Citation
Journal of Computer Security
Volume
30
Pub Type
Journals

Download Paper

https://doi.org/10.3233/JCS-210101
Local Download

Keywords

Network Attack, Data Set, Protocol Fuzzing, Machine Learning
Information technology

Citation

Zou, Q. , Singhal, A. , Sun, X. and Liu, P. (2022), Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach, Journal of Computer Security, [online], https://doi.org/10.3233/JCS-210101, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=933314 (Accessed October 14, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created August 25, 2022, Updated April 23, 2024
Was this page helpful?