ABSTRACT:
The degree of severity of cyberattacks in recent times has led to the compromise of more than a billion records of users in the cyberspace. The expansion in the attack surfaces raises more concerns about the security architecture of network defence and prediction systems. With more sophisticated exploits available in the wild such as zero days, it is significant to improve upon current attack mitigation techniques. Most machine learning techniques, which are predominantly used for attack prediction depend largely on task specific algorithms. This is likely to limit the extent to which predictions can be made hence the need for approaches that rely more on representation learning. This paper proposes an ensemble model that is underpinned by unsupervised and supervised learning techniques for predicting attacks. The model uses unsupervised learning for dimensionality reduction and clustering of attack data. The labeled clusters are trained using supervised deep learning that uses rectified linear units (RELU) in the hidden layers as the activation function and a softmax function at the output layer. The model is trained per cluster with each cluster representing an attack type. We intend to achieve clustering with the Expectation-Maximisation (EM) algorithm on NSL-KDD dataset. Furthermore, we intend to evaluate the performance of the model using such metrics as accuracy, false positive rate, precision rate, recall rate, F-measure and entropy in future work.
Keywords:
Cybersecurity, Cyberattack Prediction, PCA, Expectation-Maximisation, Deep Learning
