ABSTRACT
Most devices are now connected through the Internet, so cybersecurity issues have raised concerns. This study proposes network services in a virtual environment to collect, analyze and identify network attacks with various techniques. Our contributions include multi-fold. First, we deployed Honeynet architecture to collect network packets, including actual cyber-attacks performed by real hackers and crackers. In the second contribution, we have leveraged some techniques to normalize data and extract header information with 29 features from 200,000 samples of many types of network attacks for abnormal packet identification with machine learning algorithms. Furthermore, we introduce an Adaptive Cybersecurity (AC) system to detect attacks and provide warnings. The system can automatically collect more data for further analysis to improve performance. Our proposed method performs better than Snort in detecting dangerous malicious attacks. Finally, we have experimented with different cyber-attack approaches to exploit the ten website security risks recommended by the Open Web Application Security Project (OWASP). From the research results, the system is expected to be able to detect cybercriminal attacks and provide early warnings to prevent a potential cyber-attack.
Disclosure statement
All authors declare that they have no conflicts of interest.
Availability of data, code, and material
Data and experimental scripts and data of this study are published at the Github repository link https://github.com/dzokha/ids-ac.
Notes
1 https://www.arcyber.army.mil, accessed on 01 September 2021.
Additional information
Funding
Notes on contributors
Kha Van Nguyen
Kha Van Nguyen completed his Master's degree in Computer Science from Can Tho University. He serves as an administrative civil servant at the Can Tho Department of Science & Technology. He is responsible for the administrative management of provincial-level scientific projects in the field of information technology (2010-2019), supporting the application of information technology in enterprises (2019-2021), and supporting the development of intellectual property for individuals and businesses (2021 to present). His research interests include data security in cyberspace and intellectual property protection.
Hai Thanh Nguyen
Hai Thanh Nguyen is a lecturer of the College of Information and Communication Technology, Can Tho University, Vietnam. He received his master's degree in Computer Science and Engineering from National Chiao Tung University, Taiwan, in 2014, and his Ph.D. degree in Computer Science from Sorbonne University, France, in 2018. His current research includes bioinformatics, healthcare system, recommendation systems, and machine learning-based applications.
Thang Quyet Le
Thang Quyet Le received his Master' and Doctor's Degrees in Mathematics from Orsay University, Paris, France. He worked for a long time at Cantho University as a lecturer and researcher on Statistics and Computer of Science. His research interests include Machine Learning and Cyphergraphy. Currently, he is retired, and he works as a collaborator with Cantho University.
Quang Nhat Minh Truong
Quang Nhat Minh Truong is a senior lecturer at the College of Information Technology, Cantho University of Technology. He completed the Master's program in Information Technology at the Institute of Francophone International (IFI) in 1997 and the Ph.D. in Mathematical Assurance for Computers and Computational Systems at the University of Science and Technology, Vietnam National University, Ho Chi Minh City in 2009. His research field includes Soft Computing, Machine Learning, Artificial Intelligence.