Comprehensive Review of Advanced Machine Learning Techniques for Detecting and Mitigating Zero-Day Exploits

Authors

DOI:

https://doi.org/10.4108/eetsis.6111

Keywords:

Machine Learning, Zero-Day Exploits, Cybersecurity, Threat Detection, Adaptive Algorithms, Deep Learning in Security

Abstract

This paper provides an in-depth examination of the latest machine learning (ML) methodologies applied to the detection and mitigation of zero-day exploits, which represent a critical vulnerability in cybersecurity. We discuss the evolution of machine learning techniques from basic statistical models to sophisticated deep learning frameworks and evaluate their effectiveness in identifying and addressing zero-day threats. The integration of ML with other cybersecurity mechanisms to develop adaptive, robust defense systems is also explored, alongside challenges such as data scarcity, false positives, and the constant arms race against cyber attackers. Special attention is given to innovative strategies that enhance real-time response and prediction capabilities. This review aims to synthesize current trends and anticipate future developments in machine learning technologies to better equip researchers, cybersecurity professionals, and policymakers in their ongoing battle against zero-day exploits.

Author Biography

Hamed Taherdoost, Global University Systems

Hamed Taherdoost is an award-winning leader and R&D professional. He is founder of the Hamta Group | Hamta Business Corporation, Associate Professor and Chair of RSAC at University Canada West, and Director of R&D at Q Minded | Quark Minded Technology Inc. He has over 20 years of experience in both industry and academia sectors. He has worked at international companies from Cyprus, the UK, Malta, Iran, Malaysia, and Canada and has been highly involved in development of several projects in different industries; healthcare, transportation, residential, oil and gas and IT. Apart from industry, he has been a university lecturer in three different parts of the world, Southeast Asia, the Middle East, and North America. Currently, he is an Adjunct Professor at Westcliff University, mentor at Futurpreneur Canada, Advisory Board of Cambridge Scholars Publishing, UK, Senior Technical Consultant at CI Solutions Ltd, and Innotek Consulting Ltd. 

He is a certified cybersecurity technologist and a senior member of IEEE, IAEEEE, IASED, & IEDRC, Fellow Member of ISAC, WGM of IFIP TC11, member of CSIAC, ACT-IAC and AASHE. Hamed has been an active multidisciplinary researcher and R&D specialist involved in several academic and industrial research projects. Currently, he is involved in several multidisciplinary research projects, including studying innovation in information technology, blockchain, and cybersecurity, people’s behavior, and technology acceptance.

References

[1] Guo, Y. (2023). A review of Machine Learning-based zero-day attack detection: Challenges and future directions. Computer Communications, 198, 175-185.

[2] He, Z., Miari, T., Makrani, H. M., Aliasgari, M., Homayoun, H., & Sayadi, H. (2021, April). When machine learning meets hardware cybersecurity: Delving into accurate zero-day malware detection. In 2021 22nd International Symposium on Quality Electronic Design (ISQED) (pp. 85-90). IEEE.

[3] Choi, W. S., Lee, S. Y., & Choi, S. G. (2022). Implementation and design of a zero-day intrusion detection and response system for responding to network security blind spots. Mobile Information Systems, 2022.

[4] Mbona, I., & Eloff, J. H. (2022). Detecting zero-day intrusion attacks using semi-supervised machine learning approaches. IEEE Access, 10, 69822-69838.

[5] Topcu, A. E., Alzoubi, Y. I., Elbasi, E., & Camalan, E. (2023). Social Media Zero-Day Attack Detection Using TensorFlow. Electronics, 12(17), 3554.

[6] Soltani, M., Ousat, B., Siavoshani, M. J., & Jahangir, A. H. (2023). An adaptable deep learning-based Intrusion Detection System to zero-day attacks. Journal of Information Security and Applications, 76, 103516.

[7] Millar, S., McLaughlin, N., del Rincon, J. M., & Miller, P. (2021). Multi-view deep learning for zero-day Android malware detection. Journal of Information Security and Applications, 58, 102718.

[8] Sarhan, M., Layeghy, S., Gallagher, M., & Portmann, M. (2023). From zero-shot machine learning to zero-day attack detection. International Journal of Information Security, 1-13.

[9] Mbona, I., & Eloff, J. H. (2022). Detecting zero-day intrusion attacks using semi-supervised machine learning approaches. IEEE Access, 10, 69822-69838.

[10] Ali, S., Rehman, S. U., Imran, A., Adeem, G., Iqbal, Z., & Kim, K. I. (2022). Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection. Electronics, 11(23), 3934.

[11] Mohamed, N., Bajaj, M., Almazrouei, S. K., Jurado, F., Oubelaid, A., & Kamel, S. (2023, June). Artificial Intelligence (AI) and Machine Learning (ML)-based Information Security in Electric Vehicles: A Review. In 2023 5th Global Power, Energy and Communication Conference (GPECOM) (pp. 108-113). IEEE.

[12] Azib, A., Oubelaid, A., Ziane, D., Mohamed, N., Bajaj, M., Jurado, F., & Kamel, S. (2023, June). Reduced Switch Converter Topology For Double Traction Motors Electric Vehicles. In 2023 5th Global Power, Energy and Communication Conference (GPECOM) (pp. 114-119). IEEE.

[13] Mohamed, N., Kumar, K. S., Sharma, S., Kumar, R. D., Mehta, S., & Mishra, I. (2022). Wireless Sensor Network Security with the Probability Based Neighbourhood Estimation. International Journal of Intelligent Systems and Applications in Engineering, 10(2s), 231-235.

[14] Oubelaid, A., Mohamed, N., Taib, N., Rekioua, T., Bajaj, M., Parashar, D., & Blazek, V. (2022, December). Robust Controllers Design and Performance Investigation of a Vector Controlled Electric Vehicle. In 2022 2nd International Conference on Innovative Sustainable Computational Technologies (CISCT) (pp. 1-6). IEEE.

[15] Mohamed, N., Almazrouei, S. K., Oubelaid, A., Ahmed, A. A., Jomah, O. S., & Aghnaiya, A. (2023, May). Understanding the Threat Posed by Chinese Cyber Warfare Units. In 2023 IEEE 3rd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering (MI-STA) (pp. 359-364). IEEE.

[16] Mohamed, N., Kumar, K. S., Sharma, S., Kumar, R. D., Mehta, S., & Mishra, I. (2022). Wireless Sensor Network Security with the Probability Based Neighbourhood Estimation. International Journal of Intelligent Systems and Applications in Engineering, 10(2s), 231-235.

[17] Mohamed, N. (2023). Current trends in AI and ML for cybersecurity: A state-of-the-art survey. Cogent Engineering, 10(2), 2272358.

[18] Mohamed, N., Solanki, M. S., Praveena, H. D., Princy, A., Das, S., & Verma, D. (2023, May). Artificial Intelligence Integrated Biomedical Implants System Developments in Healthcare. In 2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 588-591). IEEE.

[19] Mohamed, N., Baskaran, N. K., Patil, P. P., Alatba, S. R., & Aich, S. C. (2023, May). Thermal Images Captured and Classifier-based Fault Detection System for Electric Motors Through ML Based Model. In 2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 649-654). IEEE.

[20] Mohamed, N., El-Guindy, M., Oubelaid, A., & khameis Almazrouei, S. (2023). Smart Energy Meets Smart Security: A Comprehensive Review of AI Applications in Cybersecurity for Renewable Energy Systems. International Journal of Electrical and Electronics Research, 11(3), 728-732.

[21] Mohamed, N. (2022, December). Importance of Artificial Intelligence in Neural Network through using MediaPipe. In 2022 6th International Conference on Electronics, Communication and Aerospace Technology (pp. 1207-1215). IEEE.

[22] Mohamed, N., Oubelaid, A., Bajaj, M., Kandpal, M., & Mahmoud, M. M. (2023, October). Using AI and Kinetic Energy to Charge Mobile Devices with Human Movement. In 2023 4th IEEE Global Conference for Advancement in Technology (GCAT) (pp. 1-6). IEEE.

[23] Mohamed, N., Singh, V. K., Islam, A. U., Saraswat, P., Sivashankar, D., & Pant, K. (2022, December). Role of Machine Learning In Health Care System for The Prediction of Different Diseases. In 2022 Fourth International Conference on Emerging Research in Electronics, Computer Science and Technology (ICERECT) (pp. 1-4). IEEE.

[24] Mohamed, N., Awasthi, M. A., Kulkarni, N., Thota, S., Singh, M., & Dhole, S. V. INTELLIGENT SYSTEMS AND APPLICATIONS IN ENGINEERING.

[25] Mohamed, N., Josphineleela, R., Madkar, S. R., Sena, J. V., Alfurhood, B. S., & Pant, B. (2023, May). The Smart Handwritten Digits Recognition Using Machine Learning Algorithm. In 2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 340-344). IEEE.

[26] Mohamed, N., Upadhyay, R., Jakka, G., Rambabu, P. V., Alfurhood, B. S., & Singh, D. P. (2023, May). Framework for the Deployment of Intelligent Smart Cities (ISC) using Artificial Intelligence and Software Networking Technologies. In 2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE) (pp. 667-671). IEEE.

[27] Barros, P. H., Chagas, E. T., Oliveira, L. B., Queiroz, F., & Ramos, H. S. (2022). Malware‐SMELL: A zero‐shot learning strategy for detecting zero‐day vulnerabilities. Computers & Security, 120, 102785.

[28] Serinelli, B. M., Collen, A., & Nijdam, N. A. (2021). On the analysis of open source datasets: validating IDS implementation for well-known and zero day attack detection. Procedia Computer Science, 191, 192-199.

[29] Amoli, P. V., Hamalainen, T., David, G., Zolotukhin, M., & Mirzamohammad, M. (2016). Unsupervised network intrusion detection systems for zero-day fast-spreading attacks and botnets. JDCTA (International Journal of Digital Content Technology and its Applications, 10(2), 1-13.

[30] Garre, J. T. M., Pérez, M. G., & Ruiz-Martínez, A. (2021). A novel Machine Learning-based approach for the detection of SSH botnet infection. Future Generation Computer Systems, 115, 387-396.

[31] Haider, Waqas, Gideon Creech, Yi Xie, and Jiankun Hu. "Windows based data sets for evaluation of robustness of host based intrusion detection systems (IDS) to zero-day and stealth attacks." Future Internet 8, no. 3 (2016): 29.

[32] Tayyab, U. E. H., Khan, F. B., Durad, M. H., Khan, A., & Lee, Y. S. (2022). A survey of the recent trends in deep learning based malware detection. Journal of Cybersecurity and Privacy, 2(4), 800-829.

[33] Sohi, S. M., Seifert, J. P., & Ganji, F. (2021). RNNIDS: Enhancing network intrusion detection systems through deep learning. Computers & Security, 102, 102151.

[34] Applebaum, S., Gaber, T., & Ahmed, A. (2021). Signature-based and machine-learning-based web application firewalls: A short survey. Procedia Computer Science, 189, 359-367.

[35] Swathy Akshaya, M., & Padmavathi, G. (2022). Zero-Day Attack Path Identification using Probabilistic and Graph Approach based Back Propagation Neural Network in Cloud. Mathematical Statistician and Engineering Applications, 71(3s2), 1091-1106.

[36] Sameera, N., Jyothi, M. S., Lakshmaji, K., & Neeli, V. P. K. (2023). Clustering based Intrusion Detection System for effective Detection of known and Zero-day Attacks. Journal of Advanced Zoology, 44(4), 969-975.

[37] Usman, N., Usman, S., Khan, F., Jan, M. A., Sajid, A., Alazab, M., & Watters, P. (2021). Intelligent dynamic malware detection using machine learning in IP reputation for forensics data analytics. Future Generation Computer Systems, 118, 124-141.

[38] Batouche, A., & Jahankhani, H. (2021). Handling novel mobile malware attacks with optimised machine learning based detection and classification models. Artificial Intelligence in Cyber Security: Impact and Implications: Security Challenges, Technical and Ethical Issues, Forensic Investigative Challenges, 1-41.

[39] Hindy, H., Atkinson, R., Tachtatzis, C., Colin, J. N., Bayne, E., & Bellekens, X. (2020). Utilising deep learning techniques for effective zero-day attack detection. Electronics, 9(10), 1684.

[40] Bathala, H. V., Srihitha, P. P., Dodla, S. G. R., & Pasala, A. (2021, December). Zero-Day attack prevention Email Filter using Advanced Machine Learning. In 2021 5th Conference on Information and Communication Technology (CICT) (pp. 1-6). IEEE.

[41] Abou El Houda, Z., Hafid, A. S., & Khoukhi, L. (2021, December). A novel machine learning framework for advanced attack detection using sdn. In 2021 IEEE Global Communications Conference (GLOBECOM) (pp. 1-6). IEEE.

[42] Alam, N., & Ahmed, M. (2023). Zero-day Network Intrusion Detection using Machine Learning Approach. no. April, 194-201.

[43] Zhou, K. Q. (2022). Zero-Day Vulnerabilities: Unveiling the Threat Landscape in Network Security. Mesopotamian Journal of CyberSecurity, 2022, 57-64.

[44] Bai, Z., Wang, K., Zhu, H., Cao, Y., & Jin, X. (2021, May). Runtime recovery of web applications under zero-day redos attacks. In 2021 IEEE Symposium on Security and Privacy (SP) (pp. 1575-1588). IEEE.

[45] Ali, S., Rehman, S. U., Imran, A., Adeem, G., Iqbal, Z., & Kim, K. I. (2022). Comparative Evaluation of AI-Based Techniques for Zero-Day Attacks Detection. Electronics 2022, 11, 3934.

[46] Nandakumar, D., Schiller, R., Redino, C., Choi, K., Rahman, A., Bowen, E., ... & Shaha, A. (2022, December). Zero day threat detection using metric learning autoencoders. In 2022 21st IEEE International Conference on Machine Learning and Applications (ICMLA) (pp. 1318-1325). IEEE.

[47] Chen, Z., Liu, J., Shen, Y., Simsek, M., Kantarci, B., Mouftah, H. T., & Djukic, P. (2022). Machine learning-enabled iot security: Open issues and challenges under advanced persistent threats. ACM Computing Surveys, 55(5), 1-37.

[48] Teodorescu, C. A. (2022). Perspectives and reviews in the development and evolution of the zero-day attacks. Informatica Economica, 26(2), 46-56.

Downloads

Published

26-06-2024

How to Cite

1.
Mohamed N, Taherdoost H, Madanchian M. Comprehensive Review of Advanced Machine Learning Techniques for Detecting and Mitigating Zero-Day Exploits. EAI Endorsed Scal Inf Syst [Internet]. 2024 Jun. 26 [cited 2024 Dec. 22];12(1). Available from: https://publications.eai.eu/index.php/sis/article/view/6111