A zero-day attack is a type of emerging cyberattack that exploits unknown vulnerabilities to evade detection by existing cybersecurity tools. Zero-day network attacks pose a significant challenge, as traditional machine learning methods - which detect attacks by analyzing network behavior patterns and training classification models - often prove ineffective. Typically, such models require large labeled datasets, but the rapid pace and unpredictability of cyberattacks make real-time labeling impractical for zero-day attacks and malware, which provide no practical way to "prepare" for them due to their unforeseen nature. Addressing the detection of novel, previously unknown attacks may be achievable through deep machine learning and transfer learning techniques, leveraging knowledge from known attacks. To conduct an analytical review of existing machine learning-based methods and models for detecting zero-day cyberattacks and malware, enabling a comparative analysis of their strengths and weaknesses, as well as identifying key challenges in the development and evaluation of such methods. In addressing zero-day attack detection, classifiers based on artificial neural networks (ANNs), such as autoencoders, demonstrate satisfactory accuracy. The use of generative adversarial networks (GANs) is particularly effective. Additionally, transfer learning technologies - which utilize knowledge acquired from solving similar tasks in related domains with sufficiently large labeled datasets - represent a promising direction for developing models and algorithms to detect zero-day cyberattacks and malware. The research findings can be applied to the development of models and algorithms for detecting zero-day cyberattacks and malware.
Sheluhin et al. (Wed,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: