Open Access iconOpen Access

ARTICLE

crossmark

User Behavior Traffic Analysis Using a Simplified Memory-Prediction Framework

Rahmat Budiarto1,*, Ahmad A. Alqarni1, Mohammed Y. Alzahrani1, Muhammad Fermi Pasha2, Mohamed Fazil Mohamed Firdhous3, Deris Stiawan4

1 College of Computer Science & IT, Albaha University, Alaqiq, 65779-7738, Saudi Arabia
2 Malaysia School of Information Technology, Monash University, Bandar Sunway, 47500, Malaysia
3 Department of Information Technology, University of Moratuwa, Moratuwa, 10400, Sri Lanka
4 Faculty of Computer Science, Universitas Sriwijaya, Indralaya, 30662, Indonesia

* Corresponding Author: Rahmat Budiarto. Email: email

(This article belongs to the Special Issue: Machine Learning Applications in Medical, Finance, Education and Cyber Security)

Computers, Materials & Continua 2022, 70(2), 2679-2698. https://doi.org/10.32604/cmc.2022.019847

Abstract

As nearly half of the incidents in enterprise security have been triggered by insiders, it is important to deploy a more intelligent defense system to assist enterprises in pinpointing and resolving the incidents caused by insiders or malicious software (malware) in real-time. Failing to do so may cause a serious loss of reputation as well as business. At the same time, modern network traffic has dynamic patterns, high complexity, and large volumes that make it more difficult to detect malware early. The ability to learn tasks sequentially is crucial to the development of artificial intelligence. Existing neurogenetic computation models with deep-learning techniques are able to detect complex patterns; however, the models have limitations, including catastrophic forgetfulness, and require intensive computational resources. As defense systems using deep-learning models require more time to learn new traffic patterns, they cannot perform fully online (on-the-fly) learning. Hence, an intelligent attack/malware detection system with on-the-fly learning capability is required. For this paper, a memory-prediction framework was adopted, and a simplified single cell assembled sequential hierarchical memory (s.SCASHM) model instead of the hierarchical temporal memory (HTM) model is proposed to speed up learning convergence to achieve on-the-fly learning. The s.SCASHM consists of a Single Neuronal Cell (SNC) model and a simplified Sequential Hierarchical Superset (SHS) platform. The s.SCASHM is implemented as the prediction engine of a user behavior analysis tool to detect insider attacks/anomalies. The experimental results show that the proposed memory model can predict users’ traffic behavior with accuracy level ranging from 72% to 83% while performing on-the-fly learning.

Keywords


Cite This Article

APA Style
Budiarto, R., Alqarni, A.A., Alzahrani, M.Y., Pasha, M.F., Firdhous, M.F.M. et al. (2022). User behavior traffic analysis using a simplified memory-prediction framework. Computers, Materials & Continua, 70(2), 2679-2698. https://doi.org/10.32604/cmc.2022.019847
Vancouver Style
Budiarto R, Alqarni AA, Alzahrani MY, Pasha MF, Firdhous MFM, Stiawan D. User behavior traffic analysis using a simplified memory-prediction framework. Comput Mater Contin. 2022;70(2):2679-2698 https://doi.org/10.32604/cmc.2022.019847
IEEE Style
R. Budiarto, A.A. Alqarni, M.Y. Alzahrani, M.F. Pasha, M.F.M. Firdhous, and D. Stiawan "User Behavior Traffic Analysis Using a Simplified Memory-Prediction Framework," Comput. Mater. Contin., vol. 70, no. 2, pp. 2679-2698. 2022. https://doi.org/10.32604/cmc.2022.019847



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1838

    View

  • 1354

    Download

  • 0

    Like

Share Link