FlowHacker: Detecting Unknown Network Attacks in Big Traffic Data using Network Flows

被引：13

作者：

Sacramento, Luis ^{[1
,3
]}

Medeiros, Iberia ^{[2
]}

Bota, Joao ^{[3
]}

Correial, Miguel ^{[1
]}

机构：

[1] Univ Lisbon, Inst Super Tecn, INESC ID, Lisbon, Portugal

[2] Univ Lisbon, Fac Ciencias, LASIGE, Lisbon, Portugal

[3] Vodafone Portugal, Lisbon, Portugal

来源：

2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE) | 2018年

基金：

欧盟地平线“2020”;

关键词：

Intrusion detection; flows; machine learning;

D O I：

10.1109/TrustCom/BigDataSE.2018.00086

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Traditional Network Intrusion Detection Systems (NIDSs) inspect the payload of the packets looking for known intrusion signatures or deviations from normal behavior, but inspecting traffic at the current speed of Internet Service Provider (ISP) networks is difficult or even unfeasible. This paper presents an approach to detect malicious traffic and identify malicious hosts by inspecting flows, leveraging a combination of unsupervised machine learning and threat intelligence, without requiring either previous knowledge about attacks or traffic without attacks. The approach was implemented in the FlowHacker NIDS and evaluated with two kinds of traffic flows: synthetic traffic flows and real ISP traffic flows.

引用

页码：567 / 572

页数：6

共 50 条

[1] Detecting Attacks in Network Traffic Using Normality Models: The Cellwise Estimator
Heine, Felix
Kleiner, Carsten
Klostermeyer, Philip
Ahlers, Volker
Laue, Tim
Wellermann, Nils
FOUNDATIONS AND PRACTICE OF SECURITY, FPS 2021, 2022, 13291 : 265 - 282
[2] Detecting Web Attacks in Severely Imbalanced Network Traffic Data
Zuech, Richard
Hancock, John
Khoshgoftaar, Taghi M.
2021 IEEE 22ND INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2021), 2021, : 267 - 273
[3] Transfer learning for detecting unknown network attacks
Juan Zhao
Sachin Shetty
Jan Wei Pan
Charles Kamhoua
Kevin Kwiat
EURASIP Journal on Information Security, 2019
[4] Transfer learning for detecting unknown network attacks
Zhao, Juan
Shetty, Sachin
Pan, Jan Wei
Kamhoua, Charles
Kwiat, Kevin
EURASIP JOURNAL ON INFORMATION SECURITY, 2019, 2019 (1)
[5] Big Data Analysis System Concept for Detecting Unknown Attacks
Ahn, Sung-Hwan
Kim, Nam-Uk
Chung, Tai-Myoung
2014 16TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2014,
[6] Detecting APT Attacks Based on Network Traffic Using Machine Learning
Xuan, Cho Do
JOURNAL OF WEB ENGINEERING, 2021, 20 (01): : 171 - 190
[7] Detecting network attacks in the Internet via statistical network traffic normality prediction
Jiang J.
Papavassiliou S.
Journal of Network and Systems Management, 2004, 12 (1) : 51 - 72
[8] A peer-to-peer architecture for detecting attacks from network traffic and log data
Folino, Francesco
Folino, Gianluigi
Pontieri, Luigi
Sabatino, Pietro
2017 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION (HPCS), 2017, : 769 - 776
[9] HollywooDDoS: Detecting Volumetric Attacks in Moving Images of Network Traffic
Kopmann, Samuel
Heseding, Hauke
Zitterbart, Martina
PROCEEDINGS OF THE 2022 47TH IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2022), 2022, : 90 - 97
[10] Detecting Unknown Network Attacks with Attention Encoding and Deep Metric Learning
Fu, Chunlan
Han, Shirong
Shen, Gang
2022 IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM, 2022, : 283 - 290

← 1 2 3 4 5 →