https://elib.vku.udn.vn/handle/123456789/4263 2026-04-16T09:43:16Z https://elib.vku.udn.vn/handle/123456789/4306 Title: Advancing Phishing Attack Detection with a Novel Dataset and Deep Learning Solution Authors: Le, Quoc Khanh; Nguyen, Quoc An; Nguyen, Dat Thinh; Nguyen, Xuan Ha; Le, Kim Hung Abstract: Phishing attacks, increasingly complex and accessible due to low cost and technical requirements, demand advanced detection methods. While recent machine learning-based approaches show promising results in preventing these threats, they still face limitations in terms of outdated training datasets and the number of extracted features. Therefore, in this paper, we introduce a novel phishing attack dataset with a high number of samples and dimensionality. We also propose a transformer-based deep learning model to detect phishing attacks accurately. Our experimental results on our dataset show a significant performance gain, achieving 98.13% accuracy, surpassing popular machine learning models and SAINT, a state-of-the-art deep learning model for tabular data. Description: Lecture Notes in Networks and Systems (LNNS,volume 882); The 13th Conference on Information Technology and Its Applications (CITA 2024) ; pp: 536-547. 2024-11-01T00:00:00Z https://elib.vku.udn.vn/handle/123456789/4305 Title: Multimodal Deep Learning Feedback for Generating Evasive Malware Samples Against Malware Detector Authors: Luu, Nguyen Cong Minh; Le, Trong Nhan; To, Trong Nghia; Hoang, Khoa Nghi; Phan, The Duy; Pham, Van Hau Abstract: As data driven-based Windows malware detectors become increasingly prevalent, the need for robust evaluation and enhancement of adversarial malware generation techniques also becomes imperative, as malicious actors will adapt and enhance their malware to evade detection. There are numerous works that introduce new techniques or enhancements for adversarial malware. One of these approaches is to leverage an iterative process, dynamically modifying adversarial malware with populations of injections based on feedback from a machine learning-based detector, aiming to enhance evasion capabilities through successive iterations. It is obvious that the effectiveness of a robust adversarial malware is influenced not only by the quality of the manipulation payload injected into the malware, but also by the capabilities and strength of the detector that interacts with the manipulated malware. In this paper, we introduce a multimodal approach to generate adversarial malware with robustness specifically fortified through the feedback of a deep learning (DL) detector with multiple modalities in the progress of adversaries generation. We evaluate the effectiveness of our approach in comparison to the implementation of conventional unimodal detectors such as MalConv in previous works with our proper adaptation in manipulation technique. We also consider the malware detection performance of the common antivirus platform VirusTotal with adversarial samples, and notably that the robust adversarial malware were able to evade up to average 3 detection programs more than the initial malware does. Description: Lecture Notes in Networks and Systems (LNNS,volume 882); The 13th Conference on Information Technology and Its Applications (CITA 2024) ; pp: 523-535. 2024-11-01T00:00:00Z https://elib.vku.udn.vn/handle/123456789/4304 Title: Advancing Security in SDN-IoT Networks: DL-Based Autonomous Anomaly Detection with Enhanced Cross-Validation for Poisoning Attack Detection Authors: Yasarathna, Tharindu Lakshan; Le, Khac An Nhien Abstract: The convergence of Software-Defined Networking (SDN) and the Internet of Things (IoT) is the emergence of highly dynamic and heterogeneous SDN-IoT networks vulnerable to various cyber threats. In response, Autonomous Anomaly Detection (AAD) systems leveraging deep learning (DL) techniques have become crucial for securing SDN-IoT networks. However, DL-based AAD systems are susceptible to adversarial attacks, particularly in continual learning settings, where models must adapt to evolving threats and changing network conditions. This paper proposes an enhanced cross-validation strategy for poisoning attack detection in DL-based AAD systems deployed in SDN-IoT networks. By integrating advanced cross-validation techniques with anomaly detection algorithms, the framework aims to maintain DL model robustness against poisoning attacks and enhance overall security. Evaluations of popular baseline datasets have provided insights into the effectiveness of detection, highlighting strengths and limitations. The discussion emphasizes the challenges and improvements in existing detection methods and contributes to advancing DL-based AAD systems for SDN-IoT networks. In addition, Future research directions aim to enhance the proposed detection mechanism and optimize scalable detection algorithms. Description: Lecture Notes in Networks and Systems (LNNS,volume 882); The 13th Conference on Information Technology and Its Applications (CITA 2024) ; pp: 511-522. 2024-11-01T00:00:00Z https://elib.vku.udn.vn/handle/123456789/4303 Title: An Effective Unsupervised Cyber Attack Detection on Web Applications Using Gaussian Mixture Model Authors: Tran, Thi My Huyen; Ngo, Tuan Kiet; Le, Xuan Hoang; Nguyen, Dat Thinh; Nguyen, Xuan Ha; Le, Kim Hung Abstract: Due to the popularity of web applications, web attacks have become more prevalent and sophisticated, which poses a threat to cyber security. Many works have proposed training a supervised learning model to detect these attacks, which has also been demonstrated to deliver a high detection rate. However, this methodology is challenging to deploy in the real world. Firstly, it demands a sufficiently annotated dataset, which is often difficult and costly to collect. Secondly, a supervised learning-based detection system could only detect new variants of known attacks while unable to detect novel attack types. Recognizing these challenges, this paper introduces an unsupervised approach that employs a Gaussian Mixture Model (GMM) for web attack detection. This approach not only eliminates the need for annotated datasets but also improves the ability to detect zero-day attacks, as it only requires training on normal data. Our experiments on CSIC2012, AIoT-Sol, and SR-BH 2020 show that our proposal achieves high accuracy and F1-score, both of 91%, demonstrating the potential of unsupervised learning in web attack detection. Description: Lecture Notes in Networks and Systems (LNNS,volume 882); The 13th Conference on Information Technology and Its Applications (CITA 2024) ; pp: 485-496. 2024-11-01T00:00:00Z