Nothing Special   »   [go: up one dir, main page]

Hammerschmidt et al., 2016 - Google Patents

Behavioral clustering of non-stationary IP flow record data

Hammerschmidt et al., 2016

View PDF
Document ID
3186356516985810133
Author
Hammerschmidt C
Marchal S
State R
Verwer S
Publication year
Publication venue
2016 12th International Conference on Network and Service Management (CNSM)

External Links

Snippet

Automated network traffic analysis using machine learning techniques plays an important role in managing networks and IT infrastructure. A key challenge to the correct and effective application of machine learning is dealing with non-stationary learning data sources and …
Continue reading at orbilu.uni.lu (PDF) (other versions)

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/62Methods or arrangements for recognition using electronic means
    • G06K9/6267Classification techniques
    • G06K9/6279Classification techniques relating to the number of classes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06KRECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K9/00Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
    • G06K9/62Methods or arrangements for recognition using electronic means
    • G06K9/6217Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/02Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
    • H04L43/026Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/26Monitoring arrangements; Testing arrangements
    • H04L12/2602Monitoring arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06NCOMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N99/00Subject matter not provided for in other groups of this subclass
    • G06N99/005Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks
    • H04L41/12Arrangements for maintenance or administration or management of packet switching networks network topology discovery or management
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks
    • H04L41/06Arrangements for maintenance or administration or management of packet switching networks involving management of faults or events or alarms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems

Similar Documents

Publication Publication Date Title
Tan et al. A system for denial-of-service attack detection based on multivariate correlation analysis
Javaid et al. A deep learning approach for network intrusion detection system
Gogoi et al. MLH-IDS: a multi-level hybrid intrusion detection method
Farid et al. Combining naive bayes and decision tree for adaptive intrusion detection
Farhadi et al. Alert correlation and prediction using data mining and HMM.
Saxena et al. Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain
CN109150859B (en) Botnet detection method based on network traffic flow direction similarity
Su et al. Hierarchical clustering based network traffic data reduction for improving suspicious flow detection
Yeganeh et al. Cute: Traffic classification using terms
CN114143037B (en) Malicious encrypted channel detection method based on process behavior analysis
Bolzoni et al. Panacea: Automating attack classification for anomaly-based network intrusion detection systems
Hammerschmidt et al. Behavioral clustering of non-stationary IP flow record data
WO2020193333A1 (en) Computer security
Al-mamory et al. Evaluation of different data mining algorithms with kdd cup 99 data set
Abdulrahman et al. Toward constructing a balanced intrusion detection dataset based on CICIDS2017
Zwane et al. Ensemble learning approach for flow-based intrusion detection system
Rajora Reviews research on applying machine learning techniques to reduce false positives for network intrusion detection systems
Özdel et al. Payload-based network traffic analysis for application classification and intrusion detection
Ourston et al. Coordinated internet attacks: responding to attack complexity
Hammerschmidt et al. Efficient learning of communication profiles from ip flow records
EP3948603A1 (en) Pre-emptive computer security
Nalavade et al. Evaluation of k-means clustering for effective intrusion detection and prevention in massive network traffic data
Shin et al. False alarm classification model for network-based intrusion detection system
Abdullah et al. TiSEFE: Time series evolving fuzzy engine for network traffic classification
Guven et al. Multiple classification of cyber attacks using machine learning