Detection of Malicious Network Activity by Artificial Neural Network

Anotace: This paper presents a deep learning approach to detect malicious communication in a computer network. The intercepted communication is transformed into behavioral feature vectors that are reduced (using principal component analysis and stepwise selection methods) and normalized to create training and test sets. A feed-forward artificial neural network is then used as a classifier to determine the type of malicious communication. Three training algorithms were used to train the neural network: the Levenberg-Marquardt algorithm, Bayesian regularization, and the scaled conjugate gradient backpropagation algorithm. The proposed artificial neural network topology after reducing the size of the training and test sets achieves a correct classification probability of 81.5 % for each type of malicious communication and of 99.6 % (and better) for normal communication.