A transformer-based hierarchical learning model for the detection of cybersecurity threats

Cybersecurity is often stagnant, fighting a silent war against new attacks while developing much more slowly than other technologies. Due to the wide variety of attacks that we can find in technology, several branches of cybersecurity have also appeared. Deep learning has recently emerged as the machine learning technology best suited to predicting these attacks. This contribution presents a new hierarchical model based on deep learning able to handle accurately two different cybersecurity threat detection tasks. First, it will determine whether a given connection is an attack or not, thus dealing with a binary classification problem. Then, it will classify the malicious connections within a family of attacks. The proposed model offers accurate results when compared with those of state-of-the-art proposals, especially in the second task tackled. This study has been tested on three different datasets of real attack data, obtaining predictions with an accuracy of 99.92% on dataset CIC-IDS2017, 98.39% on CIC-CSE-IDS2018 and 93.74% on CIC-DDoS2019.