TY - GEN
T1 - Deep Reinforcement Learning for Advanced Persistent Threat Detection in Wireless Networks
AU - Saheed, Kazeem
AU - Henna, Shagufta
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Recent cyberattacks have shifted their focus from causing financial loss or service disruption to covertly exfil-trating confidential data. Advanced Persistent Threats (APTs) pose a significant challenge due to their dynamic and sophis-ticated attack mechanisms. Unlike other cyberattacks, APTs are coordinated and targeted, executed by high-profile hackers who exploit identified vulnerabilities and deliver novel malware through phishing attacks to infiltrate networks. Traditional deep learning approaches for APT detection are static and lack adaptability, making them unsuitable for handling the dynamic and evolving attack scenarios commonly found in uncertain network traffic flows, such as multi-stage APT attacks. To address these challenges, this study proposes a Deep Reinforcement Learning approach for APT detection, referred to as APT-DRL. This approach dynamically learns from interactions with the environment, continuously adapting to emerging attack patterns. Performance evaluations demonstrate that APT-DRL effectively learns from dynamic network interactions, enabling it to formulate new policies for APT detection. Consequently, APT-DRL learns faster and achieves better accuracy compared to Feed Forward Neural Network (FNN) models, which lack the adaptability and learning capabilities of the proposed APT-DRL approach.
AB - Recent cyberattacks have shifted their focus from causing financial loss or service disruption to covertly exfil-trating confidential data. Advanced Persistent Threats (APTs) pose a significant challenge due to their dynamic and sophis-ticated attack mechanisms. Unlike other cyberattacks, APTs are coordinated and targeted, executed by high-profile hackers who exploit identified vulnerabilities and deliver novel malware through phishing attacks to infiltrate networks. Traditional deep learning approaches for APT detection are static and lack adaptability, making them unsuitable for handling the dynamic and evolving attack scenarios commonly found in uncertain network traffic flows, such as multi-stage APT attacks. To address these challenges, this study proposes a Deep Reinforcement Learning approach for APT detection, referred to as APT-DRL. This approach dynamically learns from interactions with the environment, continuously adapting to emerging attack patterns. Performance evaluations demonstrate that APT-DRL effectively learns from dynamic network interactions, enabling it to formulate new policies for APT detection. Consequently, APT-DRL learns faster and achieves better accuracy compared to Feed Forward Neural Network (FNN) models, which lack the adaptability and learning capabilities of the proposed APT-DRL approach.
KW - APT detection
KW - Reinforcement learning
KW - deep learning
KW - interactions with the environment
KW - novel malware
UR - http://www.scopus.com/inward/record.url?scp=85189929723&partnerID=8YFLogxK
U2 - 10.1109/AICS60730.2023.10470498
DO - 10.1109/AICS60730.2023.10470498
M3 - Conference contribution
AN - SCOPUS:85189929723
T3 - 2023 31st Irish Conference on Artificial Intelligence and Cognitive Science, AICS 2023
BT - 2023 31st Irish Conference on Artificial Intelligence and Cognitive Science, AICS 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 31st Irish Conference on Artificial Intelligence and Cognitive Science, AICS 2023
Y2 - 7 December 2023 through 8 December 2023
ER -