期刊论文

【摘要】

In recent years, deep learning gained proliferating popularity in the cybersecurity application domain, since when being compared to traditional machine learning methods, it usually involves less human efforts, produces better results, and provides better generalizability. However, the imbalanced data issue is very common in cybersecurity, which can substantially deteriorate the performance of the deep learning models. This paper introduces a transfer learning based method to tackle the imbalanced data issue in cybersecurity using return-oriented programming payload detection as a case study. We achieved 0.0290 average false positive rate, 0.9705 average F1 score and 0.9521 average detection rate on 3 different target domain programs using 2 different source domain programs, with 0 benign training data sample in the target domain. The performance improvement compared to the baseline is a trade-off between false positive rate and detection rate. Using our approach, the total number of false positives is reduced by 23.16%, and as a trade-off, the number of detected malicious samples decreases by 0.68%.

【授权许可】

CC BY
© The Author(s) 2023

【预览】

附件列表
Files	Size	Format	View
RO202305118895842ZK.pdf	1863KB	PDF	download
41116_2022_35_Article_IEq281.gif	1KB	Image	download
41116_2022_35_Article_IEq283.gif	1KB	Image	download
Fig. 1	154KB	Image	download
41116_2022_35_Article_IEq286.gif	1KB	Image	download
41116_2022_35_Article_IEq287.gif	1KB	Image	download
MediaObjects/12888_2022_4462_MOESM1_ESM.docx	2349KB	Other	download
Fig. 2	192KB	Image	download
Fig. 3	194KB	Image	download
41116_2022_35_Article_IEq295.gif	1KB	Image	download
41116_2022_35_Article_IEq296.gif	1KB	Image	download
41116_2022_35_Article_IEq299.gif	1KB	Image	download
41116_2022_35_Article_IEq300.gif	1KB	Image	download
41116_2022_35_Article_IEq301.gif	1KB	Image	download
41116_2022_35_Article_IEq302.gif	1KB	Image	download
41116_2022_35_Article_IEq303.gif	1KB	Image	download
41116_2022_35_Article_IEq304.gif	1KB	Image	download
41116_2022_35_Article_IEq305.gif	1KB	Image	download
41116_2022_35_Article_IEq306.gif	1KB	Image	download
41116_2022_35_Article_IEq307.gif	1KB	Image	download
MediaObjects/12888_2022_4483_MOESM2_ESM.docx	19KB	Other	download
41116_2022_35_Article_IEq309.gif	1KB	Image	download
41116_2022_35_Article_IEq311.gif	1KB	Image	download
MediaObjects/12888_2022_4462_MOESM2_ESM.docx	3498KB	Other	download
41116_2022_35_Article_IEq313.gif	1KB	Image	download
MediaObjects/12888_2023_4558_MOESM1_ESM.docx	41KB	Other	download
41116_2022_35_Article_IEq315.gif	1KB	Image	download

【图表】

41116_2022_35_Article_IEq315.gif

41116_2022_35_Article_IEq313.gif

41116_2022_35_Article_IEq311.gif

41116_2022_35_Article_IEq309.gif

41116_2022_35_Article_IEq307.gif

41116_2022_35_Article_IEq306.gif

41116_2022_35_Article_IEq305.gif

41116_2022_35_Article_IEq304.gif

41116_2022_35_Article_IEq303.gif

41116_2022_35_Article_IEq302.gif

41116_2022_35_Article_IEq301.gif

41116_2022_35_Article_IEq300.gif

41116_2022_35_Article_IEq299.gif

41116_2022_35_Article_IEq296.gif

41116_2022_35_Article_IEq295.gif

Fig. 3

Fig. 2

41116_2022_35_Article_IEq287.gif

41116_2022_35_Article_IEq286.gif

Fig. 1

41116_2022_35_Article_IEq283.gif

41116_2022_35_Article_IEq281.gif

【参考文献】

[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
[25]
[26]
[27]
[28]
[29]
[30]
[31]
[32]
[33]
[34]
[35]
[36]
[37]
[38]
[39]
[40]
[41]
[42]
[43]
[44]

Cybersecurity
Tackling imbalanced data in cybersecurity with transfer learning: a case with ROP payload detection
Research
Haizhou Wang¹ Peng Liu¹ Anoop Singhal²
[1] College of Information Sciences and Technology, The Pennsylvania State University, State College, USA;The National Institute of Standards and Technology, Gaithersburg, USA;
关键词: Domain adaptation; Return-oriented programming; Imbalanced dataset;
DOI : 10.1186/s42400-022-00135-8
received in 2022-06-28, accepted in 2022-12-22, 发布年份 2022
来源: Springer
PDF


	文献评价指标
	下载次数：1次	浏览次数：2次

【 摘 要 】

【 授权许可】

【 预 览 】

【 图 表 】

【 参考文献 】

【摘要】

【授权许可】

【预览】

【图表】

【参考文献】