Cognitive artificial intelligence – a complexity based machine learning approach for advanced cyber threats

Thumbnail Image
2016-03, 2017-05, 2017, 2017, 2017-07
Siddiqui, Sana
Journal Title
Journal ISSN
Volume Title
Application of machine intelligence is severely challenged in the domain of cyber security due to the surreptitious nature of advanced cyber threats which are persistent and defy existing cyber defense mechanisms. Further, zero day attacks are also on the rise although many of these new attacks are merely a variant of an old and known threat. Machine enabled intelligence is limited in solving advanced and complex problems of detecting these mutated threats. This problem can be attributed to the single scale analysis nature of all the machine learning algorithms including but not limited to artificial neural networks, evolutionary algorithms, bio-inspired machine intelligence et al. This M.Sc. thesis addresses the challenge of detecting advanced cyber threats which conceal themselves under normal or benign activity. Three novel cognitive complexity analysis based algorithms have been proposed which modify the existing single scale machine learning algorithms by incorporating the notion of multiscale complexity in them. Particularly, network based threats are considered using two different publicly available data sets. Moreover, fractal and wavelet based multiscale analysis approach is incorporated in decision making backbone of k-Nearest Neighbours (k-NN) algorithm, Gradient Descent based Artificial Neural Network (ANN), and Hebbian learning algorithm. The classification performance of these algorithms is compared with their traditional single scale counterparts and an improvement in performance is observed consistently. This improvement is attributed to the usage of multiscale based complexity measures in the analysis of algorithm, features and error curve. The notion of multiscale evaluation reveals the hidden relationship which otherwise are averaged out when observed on a single scale. Also, the problem of class overlap which arises due to the stealth nature of cyber-attacks is addressed using the same concept. Conceptually, it is analogous of human cognitive capability employed in pattern discovery from complex objects based on their knowledge about how to connect and correlate various aspects together. It is imperative to note that this multiscale relationship should be a representative of the complexity measure of whole object so that it can characterize patterns based on various scales.
Artificial Neural Network, Classification, Multiscale, Cognitive Intelligence, Dimensionality, Wavelets, Machine Intelligence, Fractals, Multifractals, Hebbian Learning, Instance Based Learners, Complexity Analysis, Packet Captures, Network Threats, Malware Detection, Machine Learning, Computational Intelligence, Cognitive Computing, Cognitive Informatics, Cyber Kill Chain, Cyber Threat, Cyber Security, Obfuscated Cyber Threats, Advanced Indistinguishable Threats
Sana Siddiqui, Muhammad Salman Khan, Ken Ferens and Witold Kinsner, "Detecting Advanced Persistent Threats using fractal dimension based machine learning classification," in proc. of the 2016 ACM Intl. Workshop on Security And Privacy Analytics (IWSPA), New Orleans, Louisiana, USA, Mar. 2016.
Sana Siddiqui, Muhammad Salman Khan and Ken Ferens, "Multiscale Hebbian neural network for cyber threat detection," in proc. of 2017 IEEE Intl. Joint Conference on Neural Networks (IJCNN), May 2017.
Muhammad Salman Khan, Sana Siddiqui and Ken Ferens, "A cognitive and concurrent cyber kill chain model," in Computer and Network Security Essentials Book, Springer International Publishing AG, 2017.
Sana Siddiqui, Muhammad Salman Khan and Ken Ferens, "Cognitive computing and multiscale analysis for cyber security," in Computer and Network Security Essentials Book, Springer International Publishing AG, 2017.
Sana Siddiqui, Muhammad Salman Khan, Ken Ferens and Witold Kinsner, "Fractal based cognitive neural network to detect obfuscated and indistinguishable Internet threats," in proc. of IEEE Intl. Conference on Cognitive Informatics and Cognitive Computing (ICCI*CC), Jul. 2017.