Paper Info
Title
ALEAP: Attention-based LSTM with Event Embedding for Attack Projection
Abstract
Cyberattacks have developed rapidly in diversity and complexity in recent years. Despite the existence of various defense systems, it cannot provide early warnings and prevent catastrophic consequences in advance. Therefore, the need for prediction becomes more and more urgent, especially for those multiple step attacks in which several steps are required for achieving the attack successfully. In this paper, we focus on attack projection that is aimed to predict the next step of the attack based on historical information and gained knowledge of similar events happened in the past. Previous models on attack projection based on probability graph model or simple RNN models, which may limit their capability of noise tolerance and sequence association analysis. To remedy this, we propose a method called ALEAP which incorporates event embedding and attention mechanism into LSTM models to better predict the future events. We test ALEAP on a dataset of millions of security events collected from the multi-source security devices, and show that our approach is effective in event prediction. ALEAP also provides a useful method for security specialists and all computer environment-related parties to better predict attack projection and defend known attacks.
Year
DOI
Venue
2019
10.1109/IPCCC47392.2019.8958761
2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC)
Keywords
Field
DocType
attack projection,security event prediction,attention,event embedding,LSTM
Embedding,Computer science,Real-time computing,Artificial intelligence,Noise tolerance,Machine learning,Graph model
Conference
ISSN
ISBN
Citations 
1097-2641
978-1-7281-1026-4
0
PageRank 
References 
Authors
0.34
10
7
Name
Order
Citations
PageRank
Shuhan Fan100.34
Songyun Wu200.34
xie310636.98
Zimu Li4231.93
Jiahai Yang520053.58
Heng Liu600.34
Xinran Liu700.34