Earlier this week i was privileged to be among the amazing speakers at Cisco DevNet Create 2021 Conference to speak on how we can use deep learning techniques to detect network attacks, in this article i am going to convert my session slides into a technical article, i hope you enjoys reading the article.
Introduction
With the continuous development of computer network technology, security problems in the network are emerging one after another, and hence new threats and challenges have emerged to wireless communication system, especially in cybersecurity and it is becoming more and more difficult to ignore.
For the current network administrators, how to successfully prevent malicious network hackers from invading, so that network systems and computers are at Safe and normal operation is an urgent task.
With the recent vast amount of data being produced everyday, we have access to extensible dataset to learn from and tackle sophisticated attackers who can easily bypass basic intrusion detection systems (IDS). This is where deep learning comes into play. During this presentation we will discover how we can use deep learning to detect network attacks.
But first let understand network attacks and deep learning as different domain.
What is Deep Learning
Deep Learning is a machine learning technique that teaches computers to do what comes naturally to human, learning by examples.
Deep learning is a key technology behind driverless cars, enabling them to recognise important traffic signs. It is the key to voice control consumers devices like tablets laptops and mobile phone, and currently it is becoming the key technology in network attack detection, using deep learning we can detect an irregular patterns that may be cause my malicious software in the users devices, let say laptop and be able to detect, clean or recover system from the malicious software.
Imagine of a case where the attacker is using brute force attack, where they are trying to submit many passphrases with hopes of eventually guessing the password correctly, we can analyses the closeness of the correct password and the passphrases being submitted and enhance more security measures like asking for secrete name that the user submitted while creating let say the user account to identify if the person or the system (eg bot) trying to login is really the legitimate owner of the account.
What is Network Attack
Network attacks as defined by forcepoint are unauthorised actions on the digital assets within an organisation network, here malicious parties usually executes network attacks to alter destroy or steal data, where the perpetrators in network attacks tends to target network perimeters to gain access to internal systems.
The two network attacks are the passive network attack where the malicious party gains unauthorised access to network monitors and steals private data with out making any alterations and the active network attack which involves modifying, encrypting or damaging data.
Some of the common methods which we use protecting the network includes use of antivirus, use of firewalls intrusion detecting systems, information technology policies, encryption, ensuring every device in a network is capable of restricting access using passwords, and detecting the attacks early using machine learning and deep learning techniques.
Why use deep learning techniques ?
Nowadays deep learning has dominated the various fields and disrupting the way we used to do many thing especially with the recent breakthrough in the artificial general intelligence, not only do these deep learning techniques enabled rapid progress in every field they are applied, but even surpassing human performance in many of them.
Artificial general Intelligence is on par with human capabilities, that is artificial general intelligence systems can perform any task that human can with greater efficacy than human can in several activities.
One of these tasks is image classification and pattern recognition.
Unlike more traditional methods of machine learning techniques, deep learning classifiers are trained through feature learning rather than task-specific algorithms.
What this means is that the machine will learn patterns in the images that it is presented with rather than requiring the human operator to define the patterns that the machine should look for in the image.
In short, it can automatically extract features and classify data into various classes.
Use case detecting Cloud Network Attack
When trying to detect cloud network attacks, you first you should start by understanding the problem, then follow the following steps:
1). Collect the cloud network dataset.
2). Clean the data and perform feature engineer.
3). Choose the deep learning model to use.
- Recurrent neural network, deep neural, network, grey wolf optimisation, or convolutional neural network are major choices to consider.
4). Test the performance of our trained model and optimise the results
5). Deploy the best performing model in our network.
Bravo we now have our network batman.
- Remember it is very important to understand the detection framework that is the approach you are using to detect the network attack, now enough of learn go practice.
Let Connect:
You can get in touch with me easily via the following channels:
Twitter: https://twitter.com/HarunMbaabu
LinkedIn: https://www.linkedin.com/in/mbaabu-harun-mwenda-8a89ab174/
Instagram: https://www.instagram.com/harunmbaabu/
Am also the creator and founder of Lux Academy and Data Science East Africa communities, you can check all the activities by the communities using the following links, be sure to follow and turn on the notification button to get the latest announcements from the communities.
1). Lux Tech Academy: https://twitter.com/lux_academy
2). Data Science East Africa: https://twitter.com/DSEAfrica
Cheers 🥂 and Happy Coding 🎊