Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Network Intrusion Detection and Attack Identification
share announcement

Network Intrusion Detection and Attack Identification

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: 31 December 2024 | Viewed by 1503

Special Issue Editors

Dr. Sin Gee Teo

E-Mail Website
Guest Editor
Cybersecurity Department, Institute for Infocomm Research, A*STAR Singapore, Singapore 138632, Singapore
Interests: network anomaly; malware classification; deep learning; machine learning; privacy-preserving technologies; applied cryptography
Prof. Dr. Rongxing Lu

grade E-Mail Website
Guest Editor
Faculty of Computer Science, University of New Brunswick, Fredericton, NB E3A 0A1, Canada
Interests: blockchain; distributed concensus; distributed ledger; smart contract; security; privacy, trust, applications
Special Issues, Collections and Topics in MDPI journals
Dr. Ruitao Feng

E-Mail Website
Guest Editor Assistant
School of Computing and Information Systems, Singapore Management University, Singapore 188065, Singapore
Interests: mobile security; AI for software security; AI security and reliability; human-computer interaction security; IoT security

Special Issue Information

Dear Colleagues,

Network security is becoming more and more complicated and challenging than ever with the emergence of the IoT, 5G and beyond networks. For example, effectively handling massive network traffic data and detecting new attacks are still challenging problems. As artificial intelligence has been tremendously successfully in computer vision, robotics, natural language processing, etc., many propose network intrusion detection and attack identification based on artificial intelligence to solve the problems. Furthermore, many of these solutions can outperform traditional methods, e.g., rule-based, signature-based, etc. However, AI-based network intrusion and attack identification solutions still encounter issues such as robustness, reliability, explainability, trustworthiness, adaptability, etc. Attackers may use adversarial techniques (e.g., data poisoning and backdoor attacks) to fool AI-based models. Many AI-based solutions are black-box ones, which means how the solutions make the decisions are not evident to the user. Therefore, reliable network intrusion detection and attack identification need to be able to explain the result to the user. Many AI-based solutions are still not robust enough to detect sophisticated network attacks exploiting zero-day vulnerabilities due to the overfitting problem. In other words, the models cannot perform well using traffic data with slightly different characteristics. One way to solve the problem may be to use transfer learning and domain adaption to make AI-based models more adaptable to varying network data characteristics. Lastly, effective AI-based network intrusion detection and attack identification methods can also detect evasive attacks (e.g., using obfuscation/encryption techniques in payload data, traffic fragmentation, etc.) using attack types.

This Special Issue encourages artificial intelligence and security researchers and practitioners to submit their novelty solutions for the robustness, reliability, explainability, trustworthiness, and adaptability of AI-based Network Intrusion Detection and Attack Identification models with corresponding network traffic datasets.

Topics of interest include, but are not limited to:

  • AI-based Network Attack Detection, Classification and Mitigation;
  • Threat Detection and Mitigation using MITRE ATT&CK;
  • Robust and Reliable Attack Detection and Identification;
  • AI-based Network Attack Generation and Defense;
  • Adversarial Learning for Network Intrusion Detection;
  • Interpretable Network Intrusion Detection;
  • Next-generation of Network Intrusion Detection and Attack Identification Systems;
  • Unsupervised Network Anomaly Detection;
  • Network Anomaly Detection with Domain Adaption;
  • Network Anomaly Detection based on Transfer Learning;
  • Network Anomaly Detection using Federated Learning and Transfer Learning.

Dr. Sin Gee Teo
Dr. Rongxing Lu
Guest Editors

Dr. Ruitao Feng
Guest Editor Assistant

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • network attack
  • attack type
  • ai-based model
  • adversarial technique
  • evasive attack

Published Papers (2 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

28 pages, 548 KiB  
Article
Enhancing Network Attack Detection Accuracy through the Integration of Large Language Models and Synchronized Attention Mechanism
by Yuzhe Bai, Min Sun, Liman Zhang, Yinong Wang, Sihan Liu, Yanqiu Liu, Jingling Tan, Yingqiu Yang and Chunli Lv
Appl. Sci. 2024, 14(9), 3829; https://0-doi-org.brum.beds.ac.uk/10.3390/app14093829 - 30 Apr 2024
Viewed by 261
Abstract
In this study, we propose a novel method for detecting cyberattack behaviors by leveraging the combined strengths of large language models and a synchronized attention mechanism. Extensive experiments conducted on diverse datasets, including server logs, financial behaviors, and comment data, demonstrate the significant [...] Read more.
In this study, we propose a novel method for detecting cyberattack behaviors by leveraging the combined strengths of large language models and a synchronized attention mechanism. Extensive experiments conducted on diverse datasets, including server logs, financial behaviors, and comment data, demonstrate the significant advantages of this method over existing models such as Transformer, BERT, OPT-175B, LLaMa, and ChatGLM3-6B in key performance metrics such as precision, recall, and accuracy. For instance, on the server log dataset, the method achieved a precision of 93%, a recall of 91%, and an accuracy of 92%; on the financial behavior dataset, it reached a precision of 90%, a recall of 87%, and an accuracy of 89%; and on the comment data dataset, it excelled with a precision of 95%, a recall of 93%, and an accuracy of 94%. The introduction of a synchronized attention mechanism and a newly designed synchronized loss function proved especially effective, enhancing the method’s ability to process multi-source data and providing superior performance in identifying complex cyberattack patterns. Ablation experiments further validated the crucial roles of these innovations in boosting model performance: the synchronous attention mechanism substantially improved the model’s precision, recall, and accuracy to 93%, 89%, and 91% respectively, far exceeding other attention mechanisms. Similarly, the synchronized loss showcased a significant advantage, achieving the best performance across all tested metrics compared to traditional cross-entropy loss, focal loss, and MSE. These results underscore the method’s ability to deeply mine and analyze semantic information and contextual relationships within text data as well as to effectively integrate and process multimodal data, thereby offering strong technical support for the accurate and efficient detection of cyberattack behaviors. Full article
(This article belongs to the Special Issue Network Intrusion Detection and Attack Identification)
Show Figures

Figure 1

21 pages, 1225 KiB  
Article
An Effective Method for Detecting Unknown Types of Attacks Based on Log-Cosh Variational Autoencoder
by Li Yu, Liuquan Xu and Xuefeng Jiang
Appl. Sci. 2023, 13(22), 12492; https://0-doi-org.brum.beds.ac.uk/10.3390/app132212492 - 19 Nov 2023
Cited by 1 | Viewed by 904
Abstract
The increasing prevalence of unknown-type attacks on the Internet highlights the importance of developing efficient intrusion detection systems. While machine learning-based techniques can detect unknown types of attacks, the need for innovative approaches becomes evident, as traditional methods may not be sufficient. In [...] Read more.
The increasing prevalence of unknown-type attacks on the Internet highlights the importance of developing efficient intrusion detection systems. While machine learning-based techniques can detect unknown types of attacks, the need for innovative approaches becomes evident, as traditional methods may not be sufficient. In this research, we propose a deep learning-based solution called the log-cosh variational autoencoder (LVAE) to address this challenge. The LVAE inherits the strong modeling abilities of the variational autoencoder (VAE), enabling it to understand complex data distributions and generate reconstructed data. To better simulate discrete features of real attacks and generate unknown types of attacks, we introduce an effective reconstruction loss term utilizing the logarithmic hyperbolic cosine (log-cosh) function in the LVAE. Compared to conventional VAEs, the LVAE shows promising potential in generating data that closely resemble unknown attacks, which is a critical capability for improving the detection rate of unknown attacks. In order to classify the generated unknown data, we employed eight feature extraction and classification techniques. Numerous experiments were conducted using the latest CICIDS2017 dataset, training with varying amounts of real and unknown-type attacks. Our optimal experimental results surpassed several state-of-the-art techniques, achieving accuracy and average F1 scores of 99.89% and 99.83%, respectively. The suggested LVAE strategy also demonstrated outstanding performance in generating unknown attack data. Overall, our work establishes a solid foundation for accurately and efficiently identifying unknown types of attacks, contributing to the advancement of intrusion detection techniques. Full article
(This article belongs to the Special Issue Network Intrusion Detection and Attack Identification)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-2
Back to TopTop