Securing from Unseen: Connected Pattern Kernels (CoPaK) for Zero-Day Intrusion Detection
Akshayraj Madhubalan, Priya Tiwary, Amit Gautam
Unverified — Be the first to reproduce this paper.
ReproduceAbstract
The digitization and public cloud adoption has led to a massive data surge, necessitating the development of efficient intrusion detection systems. However, the increased volume and the complexity in the structure of the data have made the detection of ever-growing threats by classic systems impossible as they lack the necessary generalization to detect novel patterns. Connected pattern discovery is a powerful technique for representing and analyzing complex structures. It allows for the representation of both the individual parts of the data structure and the relationships between those parts. We thus propose a deep learning based connected pattern kernel architecture to improve zero-day intrusion detection. At each layer, the input and hidden embeddings are compared for semantic similarity with an array of random normal vectors, known as pattern kernels. Once a set of connected patterns associated with intrusion attacks has been learned, those representations can be used to develop intrusion detection systems that can monitor network traffic. The entire process is encapsulated in the form of a single layer, which can be attached to any existing dense, convolutional, or other layers in deep learning architecture. Experiments demonstrated that the proposed approach outperforms existing techniques, highlighting the model's generalization capability.