Real-Time Cyberattack Detection with Offline and Online Learning

Abstract

This paper presents several novel algorithms for real-Time cyberattack detection using the Auto-Associative Deep Random Neural Network. Some of these algorithms require offline learning while others allow the algorithm to learn during its normal operation while it is also testing the flow of incoming traffic to detect possible attacks. Most of the methods we present are designed to be used at a single node while one specific method collects data from multiple network ports to detect and monitor the spread of a Botnet. The evaluation of the accuracy of all these methods is carried out with real attack traces. The novel methods presented here are compared with other state-of-The-Art approaches showing that they offer better or equal performance with lower learning times and shorter detection times as compared to the existing state-of-The-Art approaches. © 2023 Elsevier B.V. All rights reserved.