TY - GEN
T1 - Zero Trust-NIDS
T2 - 21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
AU - Alalmaie, Abeer Z.
AU - Nanda, Priyadarsi
AU - He, Xiangjian
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - As the enterprise networks are being constantly targeted by sophisticated cyber threats, Zero Trust Security has been suggested to address existing threats. Zero Trust Security models have been recently proposed for outsourcing network security monitoring to third-party analysts. Therefore, the current trends of security monitoring needs to shift to "Never Trust, Always Verify". There are no concerns about analysis accuracy, if a zero trust model is resistant against security attacks. In this paper, a modified multi-view approach is proposed to preserve privacy in network traces, emphasizing the challenges needed to be tackled. We then extend the multi-view approach for the features that are not in the known list of the analyzer and extend the partitioning methods to a more balanced approach. In addition, in order to send any data to the analyzer, we propose to use an Auto-Encoder Convolutional Neural Network, which has the ability to receive any type of input attributes for detecting intrusive behavior. Our proposed multi-view approach outperforms existing works and improves efficiency by improving indistinguishability and preserving privacy for any attributes. The proposed Intrusion Detection System also outperforms existing works by up to 1% higher accuracy without any need for feature engineering.
AB - As the enterprise networks are being constantly targeted by sophisticated cyber threats, Zero Trust Security has been suggested to address existing threats. Zero Trust Security models have been recently proposed for outsourcing network security monitoring to third-party analysts. Therefore, the current trends of security monitoring needs to shift to "Never Trust, Always Verify". There are no concerns about analysis accuracy, if a zero trust model is resistant against security attacks. In this paper, a modified multi-view approach is proposed to preserve privacy in network traces, emphasizing the challenges needed to be tackled. We then extend the multi-view approach for the features that are not in the known list of the analyzer and extend the partitioning methods to a more balanced approach. In addition, in order to send any data to the analyzer, we propose to use an Auto-Encoder Convolutional Neural Network, which has the ability to receive any type of input attributes for detecting intrusive behavior. Our proposed multi-view approach outperforms existing works and improves efficiency by improving indistinguishability and preserving privacy for any attributes. The proposed Intrusion Detection System also outperforms existing works by up to 1% higher accuracy without any need for feature engineering.
KW - Cyber Security
KW - Deep Neural Networks
KW - Network Intrusion Detection
KW - Network Trace Anonymization
KW - Zero Trust Security
UR - http://www.scopus.com/inward/record.url?scp=85151656608&partnerID=8YFLogxK
U2 - 10.1109/TrustCom56396.2022.00069
DO - 10.1109/TrustCom56396.2022.00069
M3 - Conference contribution
AN - SCOPUS:85151656608
T3 - Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
SP - 449
EP - 456
BT - Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 9 December 2022 through 11 December 2022
ER -