Intrusion detection plays a critical role in cyber-security domain since malicious attacks cause irreparable damages to cyber-systems. In this work, we propose the I2SP prototype, which is a novel Information Sharing Platform, able to gather, pre-process, model, and distribute network-traffic information. Within the I2SP prototype we build several challenging deep feature learning models for network-traffic intrusion detection. The learnt representations will be utilized for classifying each new network measurement into its corresponding threat level. We evaluate our prototype’s performance by conducting case studies using cyber-security data extracted from the Malware Information Sharing Platform (MISP)-API. To the best of our knowledge, we are the first that combine the MISP-API in order to construct an information sharing mechanism that supports multiple novel deep feature learning architectures for intrusion detection. Experimental results justify that the proposed deep feature learning techniques are able to predict accurately MISP threat-levels.

中文翻译：

---

事件信息共享平台，用于分布式攻击检测

入侵检测在网络安全领域起着至关重要的作用，因为恶意攻击会对网络系统造成不可弥补的损害。在这项工作中，我们建议I2SP原型，这是一个新颖的信息共享平台，能够收集，预处理，建模和分发网络流量信息。在I2SP原型中，我们为网络流量入侵检测构建了几个具有挑战性的深度特征学习模型。学习到的表示将用于将每个新的网络度量分类到其相应的威胁级别。我们通过使用从恶意软件信息共享平台（MISP）-API中提取的网络安全数据进行案例研究来评估原型的性能。据我们所知，我们是第一个结合MISP-API来构建信息共享机制的机制，该机制支持多种新颖的深度特征学习体系结构以进行入侵检测。