Your search keyword '"Ashima Chawla"' showing total 2 results

1. Bidirectional LSTM Autoencoder for Sequence Based Anomaly Detection in Cyber Security

Author

Ashima Chawla, Brian Lee, Paul Jacob, Sheila Fallon, and This project reported in this paper has received funding from the European Union Horizon 2020 research and innovation programme under grant agreement No. 700071 for the PROTECTIVE project.

Subjects

business.industry, Computer science, Pattern recognition, Autoencoders, Autoencoder, Embeddings, System call, Modeling and Simulation, Anomaly detection, Artificial intelligence, Host based intrusion, business, Software, CuDNNLSTM, Software Research Institute AIT, Sequence (medicine)

Abstract

Cyber-security is concerned with protecting information, a vital asset in today’s world. The volume of data that is generated can be usefully analyzed when cyber-security systems are effectively implemented with the aid of software support. Our approach is to determine normal behavior of a system based on sequences of system call traces made by the kernel processes in the system. This paper describes a robust and computationally efficient anomaly based host based intrusion detection system using an Encoder-Decoder mechanism. Using CuDNNLSTM networks, it is possible to obtain a set of comparable results with reduced training times. The Bidirectional Encoder and a unidirectional Decoder is trained on normal call sequences in the ADFA-LD dataset. Intrusion Detection is evaluated based on determining the probability of a sequence being reconstructed by the model yes

Published

2019

2. Host based intrusion detection system with combined CNN/RNN model

Author

Sheila Fallon, Ashima Chawla, Brian Lee, Paul Jacob, No. 70001, and European Union Horizon 2020

Subjects

Computer science, Anomaly-based intrusion detection system, Gated recurrent unit (GRU), Host based intrusion detection systems (HIDS), 020206 networking & telecommunications, 02 engineering and technology, Intrusion detection system, computer.software_genre, System calls, Set (abstract data type), Host-based intrusion detection system, Neural networks (Computer science), Recurrent neural network, Computers - Internet security, System call, 0202 electrical engineering, electronic engineering, information engineering, Convolution neural networks (CNN), 020201 artificial intelligence & image processing, Language model, Data mining, Recurrent neural network (RNN), Host (network), computer, Software Research Institute AIT

Abstract

Cyber security has become one of the most challenging aspects of modern world digital technology and it has become imperative to minimize and possibly avoid the impact of cybercrimes. Host based intrusion detection systems help to protect systems from various kinds of malicious cyber attacks. One approach is to determine normal behaviour of a system based on sequences of system calls made by processes in the system [1]. This paper describes a computational efficient anomaly based intrusion detection system based on Recurrent Neural Networks. Using Gated Recurrent Units rather than the normal LSTM networks it is possible to obtain a set of comparable results with reduced training times. The incorporation of stacked CNNs with GRUs leads to improved anomaly IDS. Intrusion Detection is based on determining the probability of a particular call sequence occurring from a language model trained on normal call sequences from the ADFA Data set of system call traces [2]. Sequences with a low probability of occurring are classified as an anomaly. yes

Published

2018