当前位置: X-MOL 学术Future Gener. Comput. Syst. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Deep transfer learning framework for the identification of malicious activities to combat cyberattack
Future Generation Computer Systems ( IF 6.2 ) Pub Date : 2021-07-17 , DOI: 10.1016/j.future.2021.07.015
Deepak Singh 1 , Anurag Shukla 1 , Mohit Sajwan 2
Affiliation  

The people having a perpetrating mind and the facilitation in advanced technologies cause the criminogenic activities in cyberspace, thereby creating societal problems. Darknet is an internet-based technology that builds on an encrypted network. Darknet networks can be accessed using a specific software with a specific network configuration; its content does not index by any search engines. Since its beginning, Darknet has been used for criminogenic tasks and applauded primarily for cybercrime promotion, including arms and drug dealing. Few countries have control over digital media and are ruled by a suppressive government. They have formulated strict policies for freedom fighters and journalism, using the Darknet anonymously. Also, many people use it for illegal purposes. Therefore, we have both positive and negative impacts of the darknet on human society and just cannot be discarded. However, in this paper, our prime concern emanates from the darknet network detection from the network traffic data through the deep transfer learning model. To provide a more accurate result, we transform time-based features into a three-dimensional image and then feed it into a pre-trained model for the extraction of promising features. In this study, we considered the DeepInsight method to transform the numerical features into image data. These features were then used in a proposed bi-level classification system to classify the input data into malicious activities. To identify the optimized pretrained network this paper utilized 10 pre-trained models: AlexNet, ResNet18, ResNet50, ResNet101, DenseNet, GoogLeNet, VGG16, VGG19, Inceptionv3, and SqueezeNet with three different baseline classifiers, namely support vector machine, decision tree, and random forest. In addition to malicious activity prediction, the proposed model could also predict the type of traffic. The experiment results illustrate that the VGG19 based features along with random forest can classify the traffic data with 96% of accuracy.



中文翻译:

用于识别恶意活动以对抗网络攻击的深度迁移学习框架

有心者和先进技术的推动导致网络空间的犯罪活动,从而造成社会问题。暗网是一种建立在加密网络上的基于互联网的技术。可以使用具有特定网络配置的特定软件访问暗网网络;它的内容不会被任何搜索引擎索引。从一开始,暗网就被用于犯罪活动,主要用于网络犯罪宣传,包括武器和毒品交易。很少有国家能够控制数字媒体并由专制政府统治。他们为自由战士和新闻业制定了严格的政策,匿名使用暗网。此外,许多人将其用于非法目的。所以,暗网对人类社会的影响既有正面影响,也有负面影响,不能被抛弃。然而,在本文中,我们主要关注的是通过深度迁移学习模型从网络流量数据中检测暗网网络。为了提供更准确的结果,我们将基于时间的特征转换为 3 维图像,然后将其输入到预训练模型中以提取有希望的特征。在这项研究中,我们考虑了 DeepInsight 方法将数值特征转换为图像数据。然后将这些特征用于建议的双层分类系统,将输入数据分类为恶意活动。为了识别优化的预训练网络,本文使用了 10 个预训练模型:AlexNet、ResNet18、ResNet50、ResNet101、DenseNet、GoogLeNet、VGG16、VGG19、Inceptionv3、SqueezeNet 具有三种不同的基线分类器,即支持向量机、决策树和随机森林。除了恶意活动预测之外,所提出的模型还可以预测流量类型。实验结果表明,基于 VGG19 的特征和随机森林可以以 96% 的准确率对交通数据进行分类。

更新日期:2021-07-23
down
wechat
bug