FlowHacker: Detecting Unknown Network Attacks in Big Traffic Data using Network Flows

被引:13
|
作者
Sacramento, Luis [1 ,3 ]
Medeiros, Iberia [2 ]
Bota, Joao [3 ]
Correial, Miguel [1 ]
机构
[1] Univ Lisbon, Inst Super Tecn, INESC ID, Lisbon, Portugal
[2] Univ Lisbon, Fac Ciencias, LASIGE, Lisbon, Portugal
[3] Vodafone Portugal, Lisbon, Portugal
来源
2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE) | 2018年
基金
欧盟地平线“2020”;
关键词
Intrusion detection; flows; machine learning;
D O I
10.1109/TrustCom/BigDataSE.2018.00086
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Traditional Network Intrusion Detection Systems (NIDSs) inspect the payload of the packets looking for known intrusion signatures or deviations from normal behavior, but inspecting traffic at the current speed of Internet Service Provider (ISP) networks is difficult or even unfeasible. This paper presents an approach to detect malicious traffic and identify malicious hosts by inspecting flows, leveraging a combination of unsupervised machine learning and threat intelligence, without requiring either previous knowledge about attacks or traffic without attacks. The approach was implemented in the FlowHacker NIDS and evaluated with two kinds of traffic flows: synthetic traffic flows and real ISP traffic flows.
引用
收藏
页码:567 / 572
页数:6
相关论文
共 50 条
  • [1] Big Data Analytics of Network Traffic and Attacks
    Wang, Lidong
    Jones, Randy
    NAECON 2018 - IEEE NATIONAL AEROSPACE AND ELECTRONICS CONFERENCE, 2018, : 117 - 123
  • [2] Detecting unknown network attacks using language models
    Rieck, Konrad
    Laskov, Pavel
    DETECTION OF INTRUSIONS AND MALWARE & VULNERABILITY ASSESSMENT, PROCEEDINGS, 2006, 4064 : 74 - 90
  • [3] Big Data Analytics in Cyber Security: Network Traffic and Attacks
    Wang, Lidong
    Jones, Randy
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2021, 61 (05) : 410 - 417
  • [4] Detecting Web Attacks in Severely Imbalanced Network Traffic Data
    Zuech, Richard
    Hancock, John
    Khoshgoftaar, Taghi M.
    2021 IEEE 22ND INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2021), 2021, : 267 - 273
  • [5] Transfer learning for detecting unknown network attacks
    Juan Zhao
    Sachin Shetty
    Jan Wei Pan
    Charles Kamhoua
    Kevin Kwiat
    EURASIP Journal on Information Security, 2019
  • [6] Transfer learning for detecting unknown network attacks
    Zhao, Juan
    Shetty, Sachin
    Pan, Jan Wei
    Kamhoua, Charles
    Kwiat, Kevin
    EURASIP JOURNAL ON INFORMATION SECURITY, 2019, 2019 (1)
  • [7] Detecting anomalies from big network traffic data using an adaptive detection approach
    Zhang, Ji
    Li, Hongzhou
    Gao, Qigang
    Wang, Hai
    Luo, Yonglong
    INFORMATION SCIENCES, 2015, 318 : 91 - 110
  • [8] Big Data Analysis System Concept for Detecting Unknown Attacks
    Ahn, Sung-Hwan
    Kim, Nam-Uk
    Chung, Tai-Myoung
    2014 16TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2014,
  • [9] Detecting Attacks in Network Traffic Using Normality Models: The Cellwise Estimator
    Heine, Felix
    Kleiner, Carsten
    Klostermeyer, Philip
    Ahlers, Volker
    Laue, Tim
    Wellermann, Nils
    FOUNDATIONS AND PRACTICE OF SECURITY, FPS 2021, 2022, 13291 : 265 - 282
  • [10] Detecting DDoS Attacks Using the Analysis of Network Traffic as Dynamical System
    Krasnov, A. E.
    Nikol'skii, D. N.
    Repin, D. S.
    Galyaev, V. S.
    Zykova, E. A.
    2018 INTERNATIONAL SCIENTIFIC AND TECHNICAL CONFERENCE MODERN COMPUTER NETWORK TECHNOLOGIES (MONETEC 2018), 2018,
12345