Key points are not available for this paper at this time.
Deep Learning (DL) provides powerful solutions for detecting network attacks by attempting to discover patterns of abnormal traffic in the network. Previous studies have demonstrated the effectiveness of DL in detecting attacks with known profiles, i.e. attack patterns with which DL-based methods have been trained. However, their performance against unknown attacks or attacks with dynamically changing profiles have not been comprehensively examined. Given the increasing sophistication of cyberattacks on network-based resources, it is crucial to understand how DL-based methods would perform in such scenarios and to what extent they can handle deviation from their training models. In this paper, we focus specifically on the performance of two commonly proposed DL-based techniques, DNN and LSTM, for binary prediction of unknown DoS and DDoS attacks. We train these models using the benchmark CICIDS2017 dataset, and then we generate a new test dataset in a simulated environment to measure the performance of the proposed models. We also demonstrate that retraining the models on a dataset with new unknown attacks improves the True Positive Rate (TPR) by 99.8% and 99.9% for DNN and LSTM respectively.
Sabeel et al. (Sun,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: