Zou, Q.
, Singhal, A.
, Sun, X.
and Liu, P.
(2022),
Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach, Journal of Computer Security, [online], https://doi.org/10.3233/JCS-210101, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=933314
(Accessed May 6, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach
Published
Author(s)
Qingtian Zou, , Xiaoyan Sun, Peng Liu
Abstract
Network attacks have become a major security concern for organizations worldwide. A category of network attacks that exploit the logic (security) flaws of a few widely-deployed authentication protocols has been commonly observed in recent years. Such logic-flaw-exploiting network attacks often do not have distinguishing signatures, and can thus easily evade the typical signature-based network intrusion detection systems. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach based on protocol fuzzing to automatically generate high-quality network data, on which deep learning models can be trained for network attack detection. Our findings show that protocol fuzzing can generate data samples that cover real-world data, and deep learning models trained with fuzzed data can successfully detect the logic-flaw-exploiting network attacks.Citation
Journal of Computer Security
Volume
30
Pub Type
Journals
Download Paper
Keywords
Network Attack, Data Set, Protocol Fuzzing, Machine Learning
Citation
Created August 25, 2022, Updated April 23, 2024