ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Malware Attack Detection in Large Scale Network Using Ensemble Deep Restricted Boltzmann Machine
In recent times cyber attackers can use Artificial Intelligence (AI) to boost the sophistication and scope of attacks. On the defense side, AI is used to enhance defense plans, to boost the robustness, flexibility, and efficiency of defense systems, which means adapting to environmental changes to reduce impacts. With increased developments in information and communication technologies, various exploits occur as a danger sign to cyber security, and these exploitations are changing rapidly. Cybercriminals use new, sophisticated tactics to boost their attack speed and size. Consequently, there is a need for more flexible, adaptable and strong cyber defense systems that can identify a wide range of threats in real-time. In recent years, the adoption of AI approaches has increased and maintained a vital role in the detection and prevention of cyber threats. In this study, an Ensemble Deep Restricted Boltzmann Machine (EDRBM) is developed to classify cybersecurity threats in a large-scale network environment. The EDRBM acts as a classification model that enables the classification of malicious flowsets from the largescale network. The simulation is conducted to test the efficacy of the proposed EDRBM under various malware attacks. The F1 score of 0.9 effectively reduces the total false positive rates. According to the data, there are approximately 100 adware flowsets/hour and ransomware flowsets of lesser than 20 per hour on average are obtained. The simulation results show that the proposed method achieves a higher classification rate in classifying the malware in the flowsets, i.e., malicious flowsets, than other methods.