Stabilized quantum-enhanced SIEM architecture and speed-up through Hoeffding tree algorithms enable quantum cybersecurity analytics in botnet detection

Jun 23, 2023
32 pages
Published in:
  • Sci.Rep. 14 (2024) 1, 1732
  • Published: Jan 19, 2024
e-Print:

Citations per year

2023202420251
Abstract: (Springer)
For the first time, we enable the execution of hybrid quantum machine learning (HQML) methods on real quantum computers with 100 data samples and real-device-based simulations with 5000 data samples, thereby outperforming the current state of research of Suryotrisongko and Musashi from 2022 who were dealing with 1000 data samples and quantum simulators (pure software-based emulators) only. Additionally, we beat their reported accuracy of 76.8% by an average accuracy of 91.2%, all within a total execution time of 1687 s. We achieve this significant progress through two-step strategy: Firstly, we establish a stable quantum architecture that enables us to execute HQML algorithms on real quantum devices. Secondly, we introduce new hybrid quantum binary classifiers (HQBCs) based on Hoeffding decision tree algorithms. These algorithms speed up the process via batch-wise execution, reducing the number of shots required on real quantum devices compared to conventional loop-based optimizers. Their incremental nature serves the purpose of online large-scale data streaming for domain generation algorithm (DGA) botnet detection, and allows us to apply HQML to the field of cybersecurity analytics. We conduct our experiments using the Qiskit library with the Aer quantum simulator, and on three different real quantum devices from Azure Quantum: IonQ, Rigetti, and Quantinuum. This is the first time these tools are combined in this manner.
Note:
  • 32 pages, 4 figures, 5 tables
  • machine learning: quantum
  • stability
  • hybrid
  • quantum device
  • binary
  • on-line
  • Qiskit
  • [1]
    review on cybersecurity: Challenges & emerging threats. In Proc. 3rd International Conference on Networking, Information Systems & Security 1-7
    • A. Hussain
      ,
    • A. Mohamed
      ,
    • S.A Razali
  • [2]

    Machine learning techniques applied to cybersecurity

    • J. Martínez Torres
      ,
    • C. Iglesias Comesaña
      ,
    • PJ García-Nieto
  • [3]
    Quantum Computation and Quantum Information
    • M.A. Nielsen
      ,
    • I.L. Chuang
  • [6]

    Cybersecurity Analytics

    • RM Verma
      ,
    • DJ Marchette
  • [7]

    Cybersecurity Data Science: Best Practices in an Emerging Profession

    • S. Mongeau
      ,
    • A. Hajdasinski
  • [8]

    Hands-On Artificial Intelligence for Cybersecurity

    • A. Parisi
  • [9]

    Practical AI for Cybersecurity

    • R. Das
  • [10]

    Machine Learning for Cybersecurity Cookbook

    • E. Tsukerman
  • [11]

    Hoeffding tree algorithms for anomaly detection in streaming datasets: A survey

    • A. Muallem
      ,
    • S. Shetty
      ,
    • JW Pan
      ,
    • J. Zhao
      ,
    • B. Biswal
      • J. Inf. Secur. 8 (2017) 4
  • [12]

    Hybrid quantum deep learning and variational quantum classifier-based model for botnet DGA attack detection

    • H. Suryotrisongko
      ,
    • Y. Musashi
  • [13]
    Source Code: Enabling Quantum Cybersecurity Analytics in Botnet Detection: Stable Architecture and Speed-Up Through Tree Algorithms
    • Tehrani
      ,
    • M. G. et al
  • [15]
    Quantinuum H1-2
  • [16]
    Quantinuum H1-2 Emulator
  • [17]
    Botnet DGA detection
    • H. Suryotrisongko
  • [18]

    UMUDGA: A dataset for profiling algorithmically generated domain names in botnet detection

    • M. Zago
      ,
    • MG Pérez
      ,
    • GM Pérez
  • [19]

    SGD generalizes better than GD (and regularization doesn't help)

    • M. Belkin
      ,
    • S. Kpotufe
      ,
    • I. Amir
      ,
    • T. Koren
      ,
    • R. Livni
    et al.
  • [20]
    Mining high-speed data streams. In Proc. Sixth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining 71-80
    • P. Domingos
      ,
    • G. Hulten
  • [22]

    Hoeffding races: Accelerating model selection search for classification and function approximation

    • JD Cowan
      ,
    • G. Tesauro
      ,
    • J. Alspector
      ,
    • O. Maron
      ,
    • AW Moore
    et al.
      • Adv.Neural Inf.Process.Syst. 59 (1994) 66
  • [23]

    Scikit-multiflow: A multi-output streaming framework

    • J. Montiel
      ,
    • J. Read
      ,
    • A. Bifet
      ,
    • T. Abdessalem
      • J.Machine Learning Res. 19 (2018) 1-5