IEEE Open Journal of the Communications Society (Jan 2020)

Incidents Information Sharing Platform for Distributed Attack Detection

  • Konstantina Fotiadou,
  • Terpsichori-Helen Velivassaki,
  • Artemis Voulkidis,
  • Konstantinos Railis,
  • Panagiotis Trakadas,
  • Theodore Zahariadis

DOI
https://doi.org/10.1109/OJCOMS.2020.2989925
Journal volume & issue
Vol. 1
pp. 593 – 605

Abstract

Read online

Intrusion detection plays a critical role in cyber-security domain since malicious attacks cause irreparable damages to cyber-systems. In this work, we propose the I2SP prototype, which is a novel Information Sharing Platform, able to gather, pre-process, model, and distribute network-traffic information. Within the I2SP prototype we build several challenging deep feature learning models for network-traffic intrusion detection. The learnt representations will be utilized for classifying each new network measurement into its corresponding threat level. We evaluate our prototype's performance by conducting case studies using cyber-security data extracted from the Malware Information Sharing Platform (MISP)-API. To the best of our knowledge, we are the first that combine the MISP-API in order to construct an information sharing mechanism that supports multiple novel deep feature learning architectures for intrusion detection. Experimental results justify that the proposed deep feature learning techniques are able to predict accurately MISP threat-levels.

Keywords