127 Hits in 8.0 sec

A Closer Look at the HTTP and P2P Based Botnets from a Detector's Perspective [chapter]

Fariba Haddadi, A. Nur Zincir-Heywood
2016 Lecture Notes in Computer Science  
To evade the detection systems, recent botnets use the most common communication protocols on the Internet to hide themselves in the legitimate users traffic.  ...  Botnets are one of the main aggressive threats against cybersecurity.  ...  The CSSP is led by the Defense Research and Development Canada, Centre for Security Science (CSS) on behalf of the Government of Canada and its partners across all levels of government, response and emergency  ... 
doi:10.1007/978-3-319-30303-1_13 fatcat:37tngtd4qjeannpxxufwwujrbq

Machine Learning-Based Botnet Detection in Software-Defined Network: A Systematic Review

Khlood Shinan, Khalid Alsubhi, Ahmed Alzahrani, Muhammad Usman Ashraf
2021 Symmetry  
We evaluated various articles published since 2006 in the field of botnet detection, based on machine learning, and from 2015 in the field of SDN.  ...  Cybersecurity represents one of the most serious threats to society, and it costs millions of dollars each year. The most significant question remains: Where do these attacks come from?  ...  Therefore, the authors gratefully acknowledge the DSR for technical and financial support. Conflicts of Interest: The authors declare no conflict of interest. Symmetry 2021, 13, 866  ... 
doi:10.3390/sym13050866 fatcat:fw7k3xxwdvdb3fa2ch6hvbywwe

Unsupervised Monitoring of Networkand Service Behaviour Using SelfOrganizing Maps

Duc C. Le, A. Nur Zincir-Heywood, Malcolm I. Heywood, Faculty of Computer Science, Dalhousie University, Halifax, NS, Canada, Faculty of Computer Science, Dalhousie University, Halifax, NS, Canada, Faculty of Computer Science, Dalhousie University, Halifax, NS, Canada
2018 Journal of Cyber Security and Mobility  
Given the evolution of the structures and protocols botnets use, many machine learning approaches have been proposed for botnet analysis and detection.  ...  Botnets represent one of the most destructive cybersecurity threats.  ...  The research is conducted as part of the Dalhousie NIMS Lab at:  ... 
doi:10.13052/jcsm2245-1439.812 fatcat:jvutnccf75fb5ls6osvsmn7jb4

Benchmark-Based Reference Model for Evaluating Botnet Detection Tools Driven by Traffic-Flow Analytics

Katherinne Shirley Huancayo Ramos, Marco Antonio Sotelo Monge, Jorge Maestre Vidal
2020 Sensors  
The experimental validation was performed on two public datasets of real botnet traffic—CIC-AWS-2018 and ISOT HTTP Botnet.  ...  The proposal relies on observing, understanding and inferring the behavior of each botnet family based on network indicators measured at flow-level.  ...  of ML models on the CIC-AWS-2018 dataset filtered by Transmission Control Protocol (TCP) (A).  ... 
doi:10.3390/s20164501 pmid:32806550 fatcat:d4udmyk5uveqfhqud4g7jfzd6m

The Next Generation Cognitive Security Operations Center: Adaptive Analytic Lambda Architecture for Efficient Defense against Adversarial Attacks

Konstantinos Demertzis, Nikos Tziritas, Panayiotis Kikiras, Salvador Llopis Sanchez, Lazaros Iliadis
2019 Big Data and Cognitive Computing  
Those techniques are part of a reactive security strategy because they rely on the human factor, experience and the judgment of security experts, using supplementary technology to evaluate the risk impact  ...  It is a forensics tool for big data that can enhance the automate defense strategies of SOCs to effectively respond to the threats their environments face.  ...  Acknowledgments: Nikos Tziritas's work was partly supported by the PIFI International Scholarship, Y75601. Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/bdcc3010006 fatcat:qskf3u5xkfephh5tcis3ibo35i

Procedures, Criteria, and Machine Learning Techniques for Network Traffic Classification: A Survey

Muhammad Sameer Sheikh, Yinqiao Peng
2022 IEEE Access  
Additionally, traffic criteria are proposed, which could be beneficial to assess the effectiveness of the developed classification algorithm.  ...  It not only effectively improve the network service identifications and security issues of the traffic network, but also provide robust accuracy and efficiency in different Internet application behaviors  ...  Firstly, they study the characteristics of IRC and non-IRC botnet traffic flow. Secondly, they differentiate IRC traffic flow and botnet in a traffic network. Auld et al.  ... 
doi:10.1109/access.2022.3181135 fatcat:of55hyjgbjgl3pjlcp5kk6rcwe

A Survey of Network-based Intrusion Detection Data Sets [article]

Markus Ring and Sarah Wunderlich and Deniz Scheuring and Dieter Landes and Andreas Hotho
2019 arXiv   pre-print
This work provides a focused literature survey of data sets for network-based intrusion detection and describes the underlying packet- and flow-based network data in detail.  ...  Based on these properties, a comprehensive overview of existing data sets is given. This overview also highlights the peculiarities of each data set.  ...  S.W. is additionally funded by the Bavarian State Ministry of Science and Arts in the framework of the Centre Digitisation.Bavaria (ZD.B).  ... 
arXiv:1903.02460v1 fatcat:u2tphoibebhmplo34xnxim5mna

Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX

Rick Hofstede, Pavel Celeda, Brian Trammell, Idilio Drago, Ramin Sadre, Anna Sperotto, Aiko Pras
2014 IEEE Communications Surveys and Tutorials  
Flow monitoring embraces the complete chain of packet observation, flow export using protocols such as NetFlow and IPFIX, data collection, and data analysis.  ...  By focusing on the analysis of flows, rather than individual packets, it is often said to be more scalable than traditional packet-based traffic analysis.  ...  ACKNOWLEDGMENT The authors would like to thank Cyndi Mills, Benoit Claise (Cisco Systems Inc.) and Nevil Brownlee (University of Auckland) for their valuable contributions.  ... 
doi:10.1109/comst.2014.2321898 fatcat:eefcoigarrfwhkikqiib2svvga

Investigating the Effect of Traffic Sampling on Machine Learning-Based Network Intrusion Detection Approaches

Jumabek Alikhanov, Rhongho Jang, Mohammed Abuhamad, David Mohaisen, Daehun Nyang, Youngtae Noh
2021 IEEE Access  
Machine Learning (ML) based Network Intrusion Systems (NIDSs) operate on flow features which are obtained from flow exporting protocols (i.e., NetFlow).  ...  Our results provide valuable insights for network practitioners and researchers regarding on how packet sampling effects ML-based NIDS in the presence of sampling.  ...  Therefore, the effect of sampling on NIDS affected by the underlying flow size distribution of the traffic and type of deployed sampling technique.  ... 
doi:10.1109/access.2021.3137318 fatcat:s2wtif5bgrb3fkqspxancnkd2i

Machine Learning Based Approach to Anomaly and Cyberattack Detection in Streamed Network Traffic Data

Mikolaj Komisarek, Marek Pawlicki, Rafal Kozik, Michal Choras
2021 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
In this paper, the performance of a solution providing stream processing is evaluated, and its accuracy in the classification of suspicious flows in simulated network traffic is investigated.  ...  The tool allows easy definition of streams and implementation of any machine learning algorithm.  ...  This work has been also supported by the SIMARGL Project -Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware, with the support of the European Commission and the Horizon 2020  ... 
doi:10.22667/jowua.2021.03.31.003 dblp:journals/jowua/KomisarekPKC21 fatcat:u67e3qikzrau3aky6e7tdr5u5y

Intelligent Techniques for Detecting Network Attacks: Review and Research Directions

Malak Aljabri, Sumayh S. Aljameel, Rami Mustafa A. Mohammad, Sultan H. Almotiri, Samiha Mirza, Fatima M. Anis, Menna Aboulnour, Dorieh M. Alomari, Dina H. Alhamed, Hanan S. Altamimi
2021 Sensors  
The main components of any intelligent-based system are the training datasets, the algorithms, and the evaluation metrics; these were the main benchmark criteria used to assess the intelligent-based systems  ...  The significant growth in the use of the Internet and the rapid development of network technologies are associated with an increased risk of network attacks.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/s21217070 pmid:34770375 pmcid:PMC8587628 fatcat:tnedw4hhcze7foqps3jfpiog7u

LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection

Robertas Damasevicius, Algimantas Venckauskas, Sarunas Grigaliunas, Jevgenijus Toldinas, Nerijus Morkevicius, Tautvydas Aleliunas, Paulius Smuikys
2020 Electronics  
The dataset presents real-world examples of normal and under-attack network traffic. We describe and analyze 85 network flow features of the dataset and 12 attack types.  ...  Network intrusion detection is one of the main problems in ensuring the security of modern computer networks, Wireless Sensor Networks (WSN), and the Internet-of-Things (IoT).  ...  The effectiveness of NIDS is evaluated based on their performance to recognize attacks, which requires a network dataset that provides examples of both normal and abnormal network traffic [36] .  ... 
doi:10.3390/electronics9050800 fatcat:hotzdpegnncflbf5dwvq6dkuci

Machine Learning based Anomaly Detection for 5G Networks [article]

Jordan Lam, Robert Abbas
2020 arXiv   pre-print
This demonstrates the effectiveness of network flow analysis for a variety of common malicious attacks and also provides a viable option for detection of encrypted malicious network traffic.  ...  The results from this method are promising as the model has identified benign traffic with a 100% accuracy rate and anomalous traffic with a 96.4% detection rate.  ...  In the case of a CNN it can predict filter height, filter width, stride height, stride width and a number of filters per layer [16] .  ... 
arXiv:2003.03474v1 fatcat:wa6xygxqkrhsths3kt5xu427we

Towards Generating Real-life Datasets for Network Intrusion Detection

Monowar H. Bhuyan, Dhruba K. Bhattacharyya, Jugal K. Kalita
2015 International Journal of Network Security  
The majority of network intrusion detection research and development is still based on simulated datasets due to non-availability of real datasets.  ...  We establish the importance of an intrusion dataset in the development and validation process of detection mechanisms, identify a set of requirements for effective dataset generation, and discuss several  ...  The authors are thankful to the funding agencies and also gratefully acknowledge the anonymous reviewers for their valuable comments.  ... 
dblp:journals/ijnsec/BhuyanBK15 fatcat:ls2c2ummibembjgayyo7yeigge

How to Effectively Collect and Process Network Data for Intrusion Detection?

Mikołaj Komisarek, Marek Pawlicki, Rafał Kozik, Witold Hołubowicz, Michał Choraś
2021 Entropy  
To keep the defensive mechanisms up to date and relevant, realistic network traffic datasets are needed.  ...  The main contribution of this work is to cover the research gap related to identifying and investigating valuable features in the NetFlow schema that allow for effective, machine-learning-based network  ...  They point out at the very beginning of the paper that these protocols are used for scaled fast network flow export.  ... 
doi:10.3390/e23111532 pmid:34828230 pmcid:PMC8619486 fatcat:gxa4szblkzg2fowihnqoazmrge
« Previous Showing results 1 — 15 out of 127 results