| Abstract |
Deep learning is a subfield of machine learning (ML) that focuses on the development of artificial intelligence. It is also often referred to by its acronym, DL (AI). This technique lays an emphasis on the use of big capacity, scalable models that are able to construct distributed representations depending on the input data set. This proposed illustrates the generalizability of these methods and the usage of them in a broad range of cyber security investigations that are peculiar to their environment. The neural network models have been continuously refined and extended during the whole of this research in order to achieve greater adaptability. The following is a list of the important contributions that this proposed makes, in order from most significant to least significant: Work is currently being done to create a comprehensive database for the identification of domain names that have been generated by a domain generation algorithm (DGA), as well as a one-of-a-kind architecture that will increase the overall effectiveness of DGA domain name detection. Both of these will help increase overall efficiency. The creation of a hybrid intrusion detection warning system that is founded on a deep neural network (DNN) and that has the capability to monitor network and host-level activities inside an Ethernet local area network (LAN) (LAN). The examination of information gathered from social media platforms, electronic mail (email), and uniform resource locators in order to design a unified, DL-based framework for the detection of spam and phishing (URL). The creation of a technique based on DL for the study of secure shell (SSH) traffic, the categorization of application network traffic, the classification of malicious traffic, and the detection of harmful traffic is being worked on. The name of the new framework that has been suggested, which is called ScaleMalNet, reflects how hybrid and scalable it is. In the first stage, the executables file is classified as malware or genuine by using static and dynamic analysis. In the second stage, the malicious executables le are grouped into corresponding malware families. This is a two-step process. For the aim of conducting investigations into Android ransomware and malware, an analogous hybrid DL framework is now in the process of being developed. This framework is better in its capacity to detect dangerous software and ransomware on Android when compared to the typical ML-based techniques that are presently in use. These approaches are already in widespread usage. The development of a framework for DNS-based botnet detection and DL-based network intrusion detection is now being worked on in the context of the Internet of things (IoT) and smart cities © 2022 IEEE. |
