Do et al., 2020 - Google Patents
Classifying anomalies for network securityDo et al., 2020
- Document ID
- 17258498129489886899
- Author
- Do E
- Gadepally V
- Publication year
- Publication venue
- ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)
External Links
Snippet
Detecting and classifying anomalous behaviors in computer networks remains a formidable challenge. This work outlines a machine learning technique that uses deep neural networks to detect and classify a variety of network attacks. Our approach is based on that hypothesis …
- 230000001537 neural 0 abstract description 9
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
- H04L43/062—Report generation for traffic related reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/12—Arrangements for monitoring or testing packet switching networks using dedicated network monitoring probes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/14—Arrangements for maintenance or administration or management of packet switching networks involving network analysis or design, e.g. simulation, network model or planning
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Moustafa et al. | Big data analytics for intrusion detection system: Statistical decision-making using finite dirichlet mixture models | |
| Do Xuan et al. | APT attack detection based on flow network analysis techniques using deep learning | |
| Zhang et al. | Low-rate DoS attack detection using PSD based entropy and machine learning | |
| Singh et al. | Collaborative ids framework for cloud | |
| Robinson et al. | Ranking of machine learning algorithms based on the performance in classifying DDoS attacks | |
| Do et al. | Classifying anomalies for network security | |
| Farhan et al. | Performance analysis of intrusion detection for deep learning model based on CSE-CIC-IDS2018 dataset | |
| Alasmary et al. | Shieldrnn: A distributed flow-based ddos detection solution for iot using sequence majority voting | |
| Tian et al. | A digital evidence fusion method in network forensics systems with Dempster-shafer theory | |
| Xia et al. | An abnormal traffic detection method for IoT devices based on federated learning and depthwise separable convolutional neural networks | |
| Eslahi et al. | Correlation-based HTTP Botnet detection using network communication histogram analysis | |
| Kumar et al. | Unsupervised outlier detection technique for intrusion detection in cloud computing | |
| Shukla et al. | Entropy-based anomaly detection in a network | |
| Kozik et al. | Pattern extraction algorithm for NetFlow‐based botnet activities detection | |
| Qin et al. | Symmetry degree measurement and its applications to anomaly detection | |
| Zwane et al. | Ensemble learning approach for flow-based intrusion detection system | |
| Rustam et al. | A novel approach for real-time server-based attack detection using meta-learning | |
| Mimura et al. | Leaving all proxy server logs to paragraph vector | |
| Thomas et al. | Performance enhancement of intrusion detection systems using advances in sensor fusion | |
| Abdullah et al. | TiSEFE: Time series evolving fuzzy engine for network traffic classification | |
| Padmavathi et al. | A deep recursively learning LSTM model to improve cyber security Botnet attack intrusion detection | |
| Tian et al. | A transductive scheme based inference techniques for network forensic analysis | |
| Subramani et al. | Comprehensive review on distributed denial of service attacks in wireless sensor networks | |
| Barrionuevo et al. | An anomaly detection model in a lan using k-nn and high performance computing techniques | |
| Le et al. | Towards a webshell detection approach using rule-based and deep http traffic analysis |