AN ATTENTION-ENHANCED CNN–BILSTM FRAMEWORK FOR ZERO-DAY EXPLOIT DETECTION IN NETWORK TRAFFIC
Vigneswari V, Velsabarigiri K and R Manimegalai
Keywords: Zero-day Exploit Detection,, CNN-BiLSTM, Attention Mechanism,, Anomaly Detection, Logistics Network Traffic
Abstract
Zero-day exploits have a very significant threat to modern computing systems as they are focused on exploiting the unknown vulnerabilities of the computing system. Conventional computing systems are unable to detect such attacks as the patterns of the attacks keep changing, and the aforementioned techniques of detection are rule-based or signature-based. This paper presents a deep learning-based approach that can detect the existence of zero-day exploits on network traffic using a hybrid Convolutional Neural Network (CNN) and Bidirectional Long Short-Term Memory (BiLSTM) network that is enhanced by the attention mechanism. The proposed approach emphasizes the key features that are relevant to the abnormal behavior and effectively models the spatial as well as the temporal patterns. Techniques such as threshold optimization, class-weighted focal loss, injection of gaussian noise, and dimensionality reduction are utilized to handle the issue of imbalance in the classes. Accuracy, recall, and a low value of the positive predictive rate are demonstrated in the experimental results on the publicly available network traffic dataset of the logistics network, and the proposed approach is thus demonstrated to be fitting and effective for proactive detection of zero-day exploits.