ConTraGAN - A conditional transformer-based generative adversarial network for zero-day network attack analysis and detection
The Domain Name Service (DNS) protocol has become a sophisticated tool for malicious actors to bypass network firewalls and Intrusion Detection Systems (IDS) for cybercrimes, such as exfiltrating stolen data through tunnelled DNS traffic. This paper proposes a solution, named as ConTraGAN, to generate unknown zero-day network attack vectors for the purpose of training IDS and detecting malicious traffic. The ConTraGAN encompasses a hybrid conditional transformer-based generative adversarial network model and is trained using exfiltrated data that are tunnelled over DNS traffic. A self-attention mechanism is also built into the ConTraGAN, which serves as a module of providing attention weights to each feature of the captured DNS traffic. The preliminary results show that the proposed network can function as an effective generator of new attack vectors for IDS training and detection.
Funding
HappierFeet-Disrupting the vicious cycle of healthcare decline in Diabetic Foot Ulceration through active prevention: The future of self-managed care
Engineering and Physical Sciences Research Council
Find out more...History
School
- Loughborough University London
Published in
Proceedings of the 5th International Conference on Advances in Signal Processing and Artificial IntelligencePages
64-69Source
5th International Conference on Advances in Signal Processing and Artificial Intelligence (ASPAI 2023)Publisher
IFSA PublishingVersion
- AM (Accepted Manuscript)
Rights holder
© International Frequency Sensor Association (IFSA) Publishing, S. LPublisher statement
This work may not be translated or copied in whole or in part without the written permission of the publisher (IFSA Publishing, S. L., Barcelona, Spain). The paper has been made available through permission from the publisher.Acceptance date
2023-04-25Copyright date
2023ISBN
9788409485611ISSN
2938-5350Publisher version
Language
- en