Security within Security: Attack Detection Model with Defenses Against Attacks Capability for Zero-trust Networks
Wang, Tingting Fang, Kai Cai, Jijing Wang, Lina Tian, Jinyu Feng, Hailin Li, Jianqing Guizani, Mohsen Wang, Wei
Wang, Tingting
Fang, Kai
Cai, Jijing
Wang, Lina
Tian, Jinyu
Feng, Hailin
Li, Jianqing
Guizani, Mohsen
Wang, Wei
Supervisor
Department
Machine Learning
Embargo End Date
Type
Journal article
Date
2025
License
Language
English
Collections
Research Projects
Organizational Units
Journal Issue
Abstract
Traditional traffic anomaly-based attack detection methods in Zero-trust Networks (ZTN) suffer from inherent security vulnerabilities, as they neglect considerations regarding their security defenses. Compromising the attack detection model itself can result in the breakdown of normal attack detection capabilities. Ensuring the security of the attack detection model during runtime presents a novel challenge. To address these shortcomings, we propose a novel attack detection model, termed Security within Security: Attack Detection Model with Defenses Against Attacks Capability for Zero-Trust Networks (SWS), aimed at enhancing the security of ZTN. SWS focuses on achieving attack detection in non-secure detection environments, to maintain its detection capability even when under attack. By employing a soft thresholding method, SWS adapts to the dynamic changes in network traffic, thus reducing the interference of attack signals. The incorporation of an attention mechanism enables SWS to concentrate on analyzing the most indicative traffic features of attack behavior. Additionally, we integrate Residual Networks (ResNet) and Bidirectional Long Short-Term Memory (BiLSTM) to enhance the robustness of identifying complex network attack behaviors. The effectiveness of the SWS is validated through ablation studies, model comparisons, experiments conducted over different training epochs, and experiments conducted on various components of the dataset. Experimental results demonstrate that compared to existing attack detection models, SWS achieves improvements in detection accuracy and recall rate by 13.4% and 10.6%, respectively, while reducing the False Positive Rate (FPR) by 16.9%.
Citation
“Security within Security: Attack Detection Model with Defenses Against Attacks Capability for Zero-trust Networks | IEEE Journals & Magazine | IEEE Xplore. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/10963974
Source
IEEE Journal on Selected Areas in Communications
Conference
Keywords
Zero-trust, Security, Detection Model, ResNet, BiLSTM
Subjects
Source
Publisher
IEEE