Deep-Net: Deep Neural Network for Cyber Security Use Cases

Deep neural networks (DNNs) have witnessed as a powerful approach in this year by solving long-standing Artificial intelligence (AI) supervised and unsupervised tasks exists in natural language processing, speech processing, computer vision and others. In this paper, we attempt to apply DNNs on three different cyber security use cases: Android malware classification, incident detection and fraud detection. The data set of each use case contains real known benign and malicious activities samples. The efficient network architecture for DNN is chosen by conducting various trails of experiments for network parameters and network structures. The experiments of such chosen efficient configurations of DNNs are run up to 1000 epochs with learning rate set in the range [0.01-0.5]. Experiments of DNN performed well in comparison to the classical machine learning algorithms in all cases of experiments of cyber security use cases. This is due to the fact that DNNs implicitly extract and build better features, identifies the characteristics of the data that lead to better accuracy. The best accuracy obtained by DNN and XGBoost on Android malware classification 0.940 and 0.741, incident detection 1.00 and 0.997 fraud detection 0.972 and 0.916 respectively.

💡 Research Summary

The paper “Deep‑Net: Deep Neural Network for Cyber Security Use Cases” investigates the application of deep neural networks (DNNs) to three distinct cybersecurity problems: Android malware classification, incident detection in a Unified Threat Management (UTM) environment, and financial fraud detection. For each task, the authors assemble real‑world datasets: 61,730 Android APKs with 37,107 unique API calls, 100,000 UTM log entries comprising nine sensor measurements, and 100,000 synthetic financial transaction records with twelve features. The data are split 70 % for training and 30 % for testing, and a 10‑fold cross‑validation protocol is employed to assess model robustness.

A systematic hyper‑parameter search is performed. The number of hidden units per layer is varied from 128 to 1024, and 1024 units consistently yield the highest validation accuracy across all tasks. Learning rates in the interval