A hybrid layered architecture for detection and analysis of network based Zero-day attack.

The main objectives of a Zero-day attack are for hackers or attackers to be able steal sensitive information, legal documents, enterprises data, and other information. We have analyzed the lifecycle of Zero-day vulnerabilities and different detection methodologies.In this paper, we propose a novel hybrid layered architecture framework for Zero-day attack detection and analysis in real-time, which is based on statistics, signatures, and behavior techniques. To enhance our architecture, we used an SVM approach in order to provide unsupervised learning and minimize false alarm detection capabilities.In this research, we focus on integrating the anomaly detection and signature generation based methods. In a layered approach, layers are supposed to execute dedicated functionality in parallel. Parallel work of each layer improves the performance of our proposed approach. In this paper, we also present the different experimental comparisons we made between our approach and various standard parameters and our result shows a high detection rate of Zero-day attacks. A Zero-day (0-day) susceptibility is an undisclosed computer software or application vulnerability that could be exploited to affect hardware, applications, data, or networks negatively. The main objectives of a Zero-day attack are for hackers or attackers to be able steal sensitive information, legal documents, enterprises data, and other information. We have analyzed the lifecycle of Zero-day vulnerabilities and different detection methodologies. In this paper, we propose a novel hybrid layered architecture framework for Zero-day attack detection and analysis in real-time, which is based on statistics, signatures, and behavior techniques. To enhance our architecture, we used an SVM approach in order to provide unsupervised learning and minimize false alarm detection capabilities. In this paper, we also present the different experimental comparisons we made between our approach and various standard parameters and our result shows a high detection rate of Zero-day attacks