Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

BLATTA: early exploit setection on network traffic with recurrent neural networks

Pratomo, Baskoro, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Theodorakopoulos, Georgios ORCID: https://orcid.org/0000-0003-2701-7809 2020. BLATTA: early exploit setection on network traffic with recurrent neural networks. Security and Communication Networks 2020 , 8826038. 10.1155/2020/8826038

[thumbnail of 8826038.pdf]
Preview
 PDF - Published Version
Available under License Creative Commons Attribution.
Download (4MB) | Preview

Abstract

Detecting exploits is crucial since the effect of undetected ones can be devastating. Identifying their presence on the network allows us to respond and block their malicious payload before they cause damage to the system. Inspecting the payload of network traffic may offer better performance in detecting exploits as they tend to hide their presence and behave similarly to legitimate traffic. Previous works on deep packet inspection for detecting malicious traffic regularly read the full length of application layer messages. As the length varies, longer messages will take more time to analyse, during which time the attack creates a disruptive impact on the system. Hence, we propose a novel early exploit detection mechanism that scans network traffic, reading only 35.21% of application layer messages to predict malicious traffic while retaining 97.57% detection rate, and a 1.93% false positive rate. Our recurrent neural network (RNN)-based model is the first work to our knowledge that provides early prediction of malicious application layer messages, thus detecting a potential attack earlier than other state-of-the-art approaches, and enabling a form of early warning system.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Publisher: Hindawi
ISSN: 1939-0114
Date of First Compliant Deposit: 2 July 2020
Date of Acceptance: 29 June 2020
Last Modified: 12 Jun 2023 16:38
URI: https://orca.cardiff.ac.uk/id/eprint/132917

Citation Data

Cited 5 times in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item
Altmetric
Dimensions
Download Statistics

Downloads

Downloads per month over past year

View more statistics

CORE (COnnecting REpositories)


Maintained by Cardiff University Information Services