Comparison of recurrent and convolutional neural networks for analyzing and predicting cyber security threats

Cyberattacks are becoming increasingly complex and sophisticated, which requires the development of new methods for analyzing and predicting threats. Traditional methods such as signature analysis and statistical models are often ineffective against advanced threats. Recurrent neural networks (RNN) represent a promising tool for this task due to their ability to process time-series data and identify complex patterns. Today's information systems face an ever-increasing number of cyber threats. These threats range from simple phishing attacks to sophisticated campaigns carried out by organized criminal groups. Securing information resources requires the development of effective methods to analyze and anticipate potential threats. Current approaches include the use of machine learning and artificial intelligence (AI). In order to use AI as part of information security challenges, particularly cybersecurity, it is necessary to understand which algorithm is best suited for analyzing, predicting and detecting cyber threats in modern and complex information systems. This paper discusses the potential applications of RNN for analyzing and predicting cyber threats and provides examples of successful implementations of these models in the cybersecurity domain. A database consisting of 40000 cyberattacks was used to train the model. The purpose of this paper is to investigate the potential applications of recurrent neural networks in the context of analyzing and predicting information security threats. The scientific novelty of this article lies in the comparison of the results of different neural networks. Research methods: system analysis of existing machine learning methods, theoretical formalization, experimentation.

1. Pavlychev, A. V. Using the Random Forest machine learning algorithm to identify complex computer incidents / A. V. Pavlychev, M. I. Starodubov, A. D. Galimov // Voprosy cybersecurity. - 2022. - № 5(51). - С. 74-81. - DOI 10.21681/2311-3456-2022-5-74-81. - EDN ZAPFHO.

2. Qin Y., Wei J., Yang W. Deep Learning Based Anomaly Detection Scheme in Software-Defined Networking // 20th Asia-Pacific Network Operations and Management Symposium (APNOMS), IEEE, 2019. P. 1-4

3. Karbab E.B., Debbabi M., Derhab A., Mouheb D. MalDozer: Automatic Framework for Android Malware Detection Using Deep Learning// Digital Investigation. 2018. Vol. 24. P. S48-S59.

4. Wang P., Ye F., Chen X., Qian Y. DataNet: Deep Learning Based Encrypted Network Traffic Classification in SDN Home Gateway // IEEE Access, 2018. Vol. 6. P. 55380-55391

5. Gaifulina, D. A. Application of deep learning methods in cybersecurity tasks. Part 2 / D. A. Gaifulina, I. V. Kotenko // Voprosy cybersecurity. - 2020. - № 4(38). - С. 11-21. - DOI 10.21681/2311-3456-2020-04-11-21. - EDN MEZKLH.

6. Yin C., Zhu Y., Fei J., He X. A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks // IEEE Access, 2017. Vol. 5. P. 21954-21961.

7. Zhu M., Ye K., Wang Y., Xu C.Z. A Deep Learning Approach for Network Anomaly Detection Based on AMF-LSTM // IFIP International Conference on Network and Parallel Computing Springer, Cham, 2018. P. 137-141.

8. Manavi M., Zhang Y. A New Intrusion Detection System Based on Gated Recurrent Unit (GRU) and Genetic Algorithm // International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, Springer, Cham, 2019. P. 368-383.

9. Shibahara T., Yagi T., Akiyama M., Chiba D., Hato K. Efficient Dynamic Malware Analysis for Collecting HTTP Requests using Deep Learning IEICE Transactions on Information and Systems, 2019. Vol. 102. No. 4. P. 725-736.

10. VirusTotal. Available at: https://virustotal.com (accessed November 06, 2024).

11. Jain G., Sharma M., Agarwal B. Optimizing semantic LSTM for spam detection // International Journal of Information Technology. 2019. Vol. 11. No. 2. P. 239-250.

12. Zuev, V. N. Detection of the network traffic anomalies by the deep learning method / V. N. Zuev // Software Products and Systems. - 2021. - № 1. - С. 91-97. - DOI 10.15827/0236-235X.133.091-097. - EDN YCVLDE.