Detecting zero-day attacks using Recurrent Neural Network
Ndungu, George Muchiri
MetadataShow full item record
The development of Information and Communications Technology (ICT) and an increase in the use of mobile technology has enabled organisations to implement and adopt the use of information and management systems to conduct their day to day activities. However, as cyber-attacks against organisations are becoming more frequent and more sophisticated there is a need for advanced measures to help prevent against the known cybersecurity attacks and zero day attacks. In view of the above shortcoming, this study developed an anomaly-based cybersecurity threats detection model using the Recurrent Neural Network (RNN) technique that can be used to detect zero-day vulnerabilities. This approach functions with the assumption that a cybersecurity attack is different from a normal system activity of a legitimate user and can be detected by a system that identifies the differences. The RNN algorithm has a strong modelling ability for anomaly detection, and high accuracy in both binary and multiclass classification. Compared to traditional classification methods its performance includes a higher detection accuracy rate with a low false-positive rate. This research adopts RAD methodology, which heavily emphasizes rapid prototyping and iterative delivery, to develop the RNN system for anomaly detection. This research aimed to develop an RNN model which will be used to detect zero-day vulnerabilities. The predictive model had an accuracy of 93% which was achieved through tests using model demo data. The main objective of the research was met and it proved that the Neural Network Algorithm can be used to detect zero-day attacks in a network.