Knowledge Discovery from Honeypot Data for Monitoring Malicious Attacks

被引:0
作者
Jin, Huidong [1 ,2 ]
de Vel, Olivier [3 ]
Zhang, Ke [1 ,2 ]
Liu, Nianjun [1 ,2 ]
机构
[1] NICTA Canberra Lab, Locked Bag 8001, Canberra, ACT 2601, Australia
[2] Australian Natl Univ, RSISE, Canberra, ACT 0200, Australia
[3] Def Sci & Technol Org, Command Ctrl Commun & Intelligence Div, Edinburg, SA 5111, Australia
来源
AI 2008: ADVANCES IN ARTIFICIAL INTELLIGENCE, PROCEEDINGS | 2008年 / 5360卷
基金
澳大利亚研究理事会;
关键词
Knowledge discovery; outlier detection; density-based cluster visualisation; botnet; honeypot data; Internet security;
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Owing to the spread of worms and botnets, cyber attacks have significantly increased in volume, coordination and sophistication. Cheap rentable botnet services, e.g., have resulted in sophisticated botnets becoming an effective and popular tool for committing online crime these days. Honeypots, as information system traps, axe monitoring or deflecting malicious attacks on the Internet. To understand the attack patterns generated by botnets by virtue of the analysis of the data collected by honeypots, we propose an approach that integrates a clustering structure visualisation technique with outlier detection techniques. These techniques complement each other and provide end users both a big-picture view and actionable knowledge of high-dimensional data. We introduce KNOF (K-nearest Neighbours Outlier Factor) as the outlier definition technique to reach a trade-off between global and local outlier definitions, i.e., K-th-Nearest Neighbour (KNN) and Local Outlier Factor (LOF) respectively. We propose an algorithm to discover the most significant KNOF outliers. We implement these techniques in our hpdAnalyzer tool. The tool is successfully used to comprehend honeypot data. A series of experiments show that our proposed KNOF technique substantially outperforms LOF and, to a lesser degree, KNN for real-world honeypot data.
引用
收藏
页码:470 / +
页数:2
相关论文
共 50 条
  • [21] An algorithm for protecting knowledge discovery data
    Brumen, B
    Golob, I
    Welzer, T
    Rozman, I
    Druzovec, M
    Jaakkola, H
    INFORMATICA, 2003, 14 (03) : 277 - 288
  • [22] Knowledge Discovery in Large Data Sets
    Simas, Tiago
    Silva, Gabriel
    Miranda, Bruno
    Moitinho, Andre
    Ribeiro, Rita
    CLASSIFICATION AND DISCOVERY IN LARGE ASTRONOMICAL SURVEYS, 2008, 1082 : 196 - +
  • [23] Knowledge Discovery from Satellite Images for Drought Monitoring in Food Insecure Areas
    Berhan, Getachew
    Hovav, Anat
    Atnafu, Solomon
    AMCIS 2010 PROCEEDINGS, 2010,
  • [24] An integrated interactive environment for knowledge discovery from heterogeneous data resources
    Chen, M
    Zhu, QM
    Chen, ZX
    INFORMATION AND SOFTWARE TECHNOLOGY, 2001, 43 (08) : 487 - 496
  • [25] Knowledge Discovery from Academic Data using Association Rule Mining
    Ahmed, Shibbir
    Paul, Rajshakhar
    Hoque, Abu Sayed Md Latiful
    2014 17TH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY (ICCIT), 2014, : 314 - 319
  • [26] Fuzzy Knowledge Discovery from Time Series Data for Events Prediction
    Gholami, Ehsanollah
    Borujerdi, Mohammadreza Matash
    PRICAI 2008: TRENDS IN ARTIFICIAL INTELLIGENCE, 2008, 5351 : 646 - 657
  • [27] A Review of the Enabling Methodologies for Knowledge Discovery from Smart Grids Data
    De Caro, Fabrizio
    Andreotti, Amedeo
    Araneo, Rodolfo
    Panella, Massimo
    Vaccaro, Alfredo
    Villacci, Domenico
    2020 20TH IEEE INTERNATIONAL CONFERENCE ON ENVIRONMENT AND ELECTRICAL ENGINEERING AND 2020 4TH IEEE INDUSTRIAL AND COMMERCIAL POWER SYSTEMS EUROPE (EEEIC/I&CPS EUROPE), 2020,
  • [28] Knowledge Discovery from Unstructured Data in Financial Services (KDF) Workshop
    Shah, Sameena
    Zhu, Xiandan
    Chen, Wenhu
    Li, Manling
    Nourbakhsh, Armineh
    Liu, Xiaomo
    Ma, Zhiqiang
    Smiley, Charese
    Pei, Yulong
    Gupta, Akshat
    PROCEEDINGS OF THE 46TH INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH AND DEVELOPMENT IN INFORMATION RETRIEVAL, SIGIR 2023, 2023, : 3464 - 3467
  • [29] A Review of the Enabling Methodologies for Knowledge Discovery from Smart Grids Data
    De Caro, Fabrizio
    Andreotti, Amedeo
    Araneo, Rodolfo
    Panella, Massimo
    Rosato, Antonello
    Vaccaro, Alfredo
    Villacci, Domenico
    ENERGIES, 2020, 13 (24)
  • [30] Knowledge Discovery Method from Text Big Data for Earthquake Emergency
    Liu T.
    Zhang X.
    Du P.
    Du Q.
    Li A.
    Gong L.
    Wuhan Daxue Xuebao (Xinxi Kexue Ban)/Geomatics and Information Science of Wuhan University, 2020, 45 (08): : 1205 - 1213