Preliminary study on artificial intelligence methods for cybersecurity threat detection in computer networks based on raw data packets
Most of the intrusion detection methods in computer networks are based on traffic flow characteristics. However, this approach may not fully exploit the potential of deep learning algorithms to directly extract features and patterns from raw packets. Moreover, it impedes real-time monitoring due to...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Journal Article |
| Language: | English |
| Published: |
24-07-2024
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Most of the intrusion detection methods in computer networks are based on
traffic flow characteristics. However, this approach may not fully exploit the
potential of deep learning algorithms to directly extract features and patterns
from raw packets. Moreover, it impedes real-time monitoring due to the
necessity of waiting for the processing pipeline to complete and introduces
dependencies on additional software components.
In this paper, we investigate deep learning methodologies capable of
detecting attacks in real-time directly from raw packet data within network
traffic. We propose a novel approach where packets are stacked into windows and
separately recognised, with a 2D image representation suitable for processing
with computer vision models. Our investigation utilizes the CIC IDS-2017
dataset, which includes both benign traffic and prevalent real-world attacks,
providing a comprehensive foundation for our research. |
|---|---|
| DOI: | 10.48550/arxiv.2407.17339 |