Abstract
Due to the large processing capacity and high false alarm rate, current security defense technologies in enterprise networks are often deployed in practical environments, resulting in weak defense capabilities. Based on this, a proactive defense architecture is proposed based on diverse features and knowledge graphs, and its performance is analyzed. The experimental results showed that the detection rate of the detection method in malicious attack behavior could exceed 85% or more. The false alarm rate was significantly less than 10%. The detection rate of 9 types of malicious attack software remained between 76.1% and 98.7%. The detection method in normal access behavior detection had a minimum false alarm rate of 0.05% and a maximum false alarm rate of only 0.1%. The proactive defense effect of the proxy server was relatively obvious, which was more effective in blocking traffic data. At the same time, the defense effectiveness of proactive defense architecture varied under different attack methods, reaching a maximum of 98%, which was basically consistent with the detection rate in malicious attack behavior. Overall, the proactive defense architecture for network security maintenance and detection is effective and practical, which can be effectively applied in practical enterprise network security maintenance and detection.
References
Islam A, Othman F, Sakib N, Babu H M H. Prevention of Shoulder-Surfing Attack Using Shifting Condition with the Digraph Substitution Rules//Artificial Intelligence and Applications. 2023, 1(1): 58–68.
Kumar R, Kela R, Singh S, Trujillo-Rasua R. APT attacks on industrial control systems: A tale of three incidents. International Journal of Critical Infrastructure Protection, 2022, 37(1):1–11.
Sarker I H, Khan A I, Abushark Y B, Alsolami F. Internet of things (iot) security intelligence: a comprehensive overview, machine learning solutions and research directions. Mobile Networks and Applications, 2023, 28(1): 296–312.
Panahnejad M, Mirabi M. APT-Dt-KC: advanced persistent threat detection based on kill-chain model. The Journal of Supercomputing, 2022, 78(6):8644–8677.
Mohammadi E, Alizadeh M, Asgarimoghaddam M, Wang X, Simões M G. A review on application of artificial intelligence techniques in microgrids. IEEE Journal of Emerging and Selected Topics in Industrial Electronics, 2022, 3(4): 878–890.
Garg H, Sharma B, Shekhar S, Agarwal R. Spoofing detection system for e-health digital twin using EfficientNet Convolution Neural Network. Multimedia Tools and Applications, 2022, 81(19): 26873–26888.
Jakka G, Yathiraju N, Ansari M F. Artificial Intelligence in Terms of Spotting Malware and Delivering Cyber Risk Management. Journal of Positive School Psychology, 2022, 6(3): 6156–6165.
Zhao M, Gao H, Wei G, Wei C, Guo Y. Model for network security service provider selection with probabilistic uncertain linguistic TODIM method based on prospect theory. Technological and Economic Development of Economy, 2022, 28(3): 638–654.
Ullah M U, Hassan A, Asif M, Farooq M S, Saleem M. Intelligent Intrusion Detection System for Apache Web Server Empowered with Machine Learning Approaches. International Journal of Computational and Innovative Sciences, 2022, 1(1): 21–27.
Cvitić I, Peraković D, Periša M, Jurcut A D. Methodology for detecting cyber intrusions in e-learning systems during COVID-19 pandemic. Mobile networks and applications, 2023, 28(1): 231–242.
Saheed Y K, Abiodun A I, Misra S, Holone, M K, Colomo-Palacios, R. A machine learning-based intrusion detection for detecting internet of things network attacks. Alexandria Engineering Journal, 2022, 61(12): 9395–9409.
Li S, Qin D, Wu X, Li J, Li B, Han W. False alert detection based on deep learning and machine learning. International Journal on Semantic Web and Information Systems (IJSWIS), 2022, 18(1): 1–21.
Mehedi S T, Anwar A, Rahman Z, Ahmed K, Islam R. Dependable intrusion detection system for IoT: A deep transfer learning based approach. IEEE Transactions on Industrial Informatics, 2022, 19(1): 1006–1017.
Dwivedi S, Vardhan M, Tripathi S. Defense against distributed DoS attack detection by using intelligent evolutionary algorithm. International Journal of Computers and Applications, 2022, 44(3): 219–229.
Sun N, Lin G, Qiu J, Rimba P. Near real-time twitter spam detection with machine learning techniques. International Journal of Computers and Applications, 2022, 44(4): 338–348.
Tedyyana A, Ghazali O, Purbo O W. A real-time hypertext transfer protocol intrusion detection system on web server. TELKOMNIKA (Telecommunication Computing Electronics and Control), 2023, 21(3): 566–573.
Wagan S A, Koo J, Siddiqui I F, Qureshi, N M F, Attique M, Shin D R. A fuzzy-based duo-secure multi-modal framework for IoMT anomaly detection. Journal of King Saud University-Computer and Information Sciences, 2023, 35(1): 131–144.
Zhu Y, Yan W Q. Traffic sign recognition based on deep learning. Multimedia Tools and Applications, 2022, 81(13): 17779–17791.
Lyu M, Gharakheili H H, Sivaraman V. A survey on DNS encryption: Current development, malware misuse, and inference techniques. ACM Computing Surveys, 2022, 55(8): 1–28.
He C H, Amer T S, Tian D, Abolila A F, Galal A A. Controlling the kinematics of a spring-pendulum system using an energy harvesting device. Journal of Low Frequency Noise, Vibration and Active Control, 2022, 41(3): 1234–1257.
Kao H, Nguyen T T, Shieh C S, Horng, M F, Xian L Y, Miu D. Unknown DDoS Attack Detection Using Open-Set Recognition Technology and Fuzzy C-Means Clustering. Genetic and Evolutionary Computing, 2023, 1(2): 366–380.
Li X, Fan Z, Xiao Y, Xu Q, Zhu W. Improved automated graph and FCM based DDoS attack detection mechanism in software defined networks. Journal of Internet Technology, 2019, 20(7): 2117–2127.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright (c) 2025 Journal of Cyber Security and Mobility