Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach

Published

Author(s)

Qingtian Zou, Anoop Singhal, Xiaoyan Sun, Peng Liu

Abstract

Network attacks have become a major security concern for organizations worldwide. A category of network attacks that exploit the logic (security) flaws of a few widely-deployed authentication protocols has been commonly observed in recent years. Such logic-flaw-exploiting network attacks often do not have distinguishing signatures, and can thus easily evade the typical signature-based network intrusion detection systems. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public network data sets have major drawbacks such as limited data sample variations and unbalanced data with respect to malicious and benign samples. In this paper, we present a new end-to-end approach based on protocol fuzzing to automatically generate high-quality network data, on which deep learning models can be trained for network attack detection. Our findings show that protocol fuzzing can generate data samples that cover real-world data, and deep learning models trained with fuzzed data can successfully detect the logic-flaw-exploiting network attacks.
Citation
Journal of Computer Security
Volume
30

Keywords

Network Attack, Data Set, Protocol Fuzzing, Machine Learning

Citation

Zou, Q. , Singhal, A. , Sun, X. and Liu, P. (2022), Deep Learning for Detecting Logic-flaw-exploiting Network Attacks: An End-to-end Approach, Journal of Computer Security, [online], https://doi.org/10.3233/JCS-210101, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=933314 (Accessed November 23, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created August 25, 2022, Updated April 23, 2024