Improving SSH detection model using IPA time and WGAN-GP
- Authors
- Lee, Junwon; Lee, Heejo
- Issue Date
- 5월-2022
- Publisher
- ELSEVIER ADVANCED TECHNOLOGY
- Keywords
- GAN; WGAN-GP; SSH detection; Inter -packet arrival time; Session -based data; Random forest; Generator loss; PCA
- Citation
- COMPUTERS & SECURITY, v.116
- Indexed
- SCIE
SCOPUS
- Journal Title
- COMPUTERS & SECURITY
- Volume
- 116
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/141083
- DOI
- 10.1016/j.cose.2022.102672
- ISSN
- 0167-4048
- Abstract
- In the machine learning-based detection model, the detection accuracy tends to be proportional to the quantity and quality of the training dataset. The machine learning-based SSH detection model's performance is affected by the size of the training dataset and the ratio of target classes. However, in an actual network environment within a short period, it is inconvenient to collect a sufficient and diverse training dataset. Even though many training data samples are collected, it takes a lot of effort and time to prepare the training dataset through data classification. To overcome these limitations, we generate sophisticated samples using the WGAN-GP algorithm and present how to select samples by comparing generator loss. The synthetic training dataset with generated samples improves the performance of the SSH detection model. Furthermore, we add the new features to include the distinction of inter-packet arrival time. The enhanced SSH detection model decreases false positives and provides a 0.999 F 1-score by applying the synthetic dataset and the packet inter-arrival time features.& nbsp;(c) 2022 Elsevier Ltd. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.