Zero-day attack detection with deep learning

Çakır, Berna
The rise of the IoT paradigm in the past decade has resulted in an unprecedented number of zero-day attacks launched against IoT systems, which are capable of causing major damages. Deep learning has recently become a popular technique for many learning tasks including intrusion detection, with high potential to detect zero-day attacks in addition to ones with well-known signatures. In this thesis, we analyzed the efficacy of supervised and unsupervised deep learning algorithms for detecting zero-day attacks. We experimented with different neural network architectures including fully connected, recurrent and temporal convolutional models. The proposed deep learning models were proven to be effective in intrusion detection with achievement of 95.3% classification accuracy and 97% f1-score. The models were tested on datasets created using the same environment with the training dataset as well as datasets created in different environments through transfer learning. The tests on the datasets, which were created in different environments showed that deep learning algorithms are capable of detecting some of the attacks with low false positive rates.
Citation Formats
B. Çakır, “Zero-day attack detection with deep learning,” Thesis (M.S.) -- Graduate School of Natural and Applied Sciences. Computer Engineering., Middle East Technical University, 2019.