Le et al., 2019 - Google Patents
Unsupervised monitoring of network and service behaviour using self organizing mapsLe et al., 2019
View PDF- Document ID
- 5034079461431185157
- Author
- Le D
- Zincir-Heywood N
- Heywood M
- Publication year
- Publication venue
- Journal of Cyber Security and Mobility
External Links
Snippet
Botnets represent one of the most destructive cybersecurity threats. Given the evolution of the structures and protocols botnets use, many machine learning approaches have been proposed for botnet analysis and detection. In the literature, intrusion and anomaly detection …
- 230000006399 behavior 0 abstract description 67
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/12—Arrangements for maintenance or administration or management of packet switching networks network topology discovery or management
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10721243B2 (en) | Apparatus, system and method for identifying and mitigating malicious network threats | |
| Kirubavathi et al. | Botnet detection via mining of traffic flow characteristics | |
| Moustafa | Designing an online and reliable statistical anomaly detection framework for dealing with large high-speed network traffic | |
| Zhao et al. | Botnet detection based on traffic behavior analysis and flow intervals | |
| Bijone | A survey on secure network: intrusion detection & prevention approaches | |
| Ali et al. | Effective network intrusion detection using stacking-based ensemble approach | |
| Kumar et al. | Intrusion detection systems: a review | |
| Thomas | Improving intrusion detection for imbalanced network traffic | |
| Le et al. | Unsupervised monitoring of network and service behaviour using self organizing maps | |
| Kovanen et al. | Survey: Intrusion detection systems in encrypted traffic | |
| Shaikh et al. | Advanced signature-based intrusion detection system | |
| Nazir et al. | Network intrusion detection: Taxonomy and machine learning applications | |
| Lah et al. | Proposed framework for network lateral movement detection based on user risk scoring in siem | |
| Kemp et al. | An approach to application-layer DoS detection | |
| Hamza et al. | Iot botnet detection: Challenges and issues | |
| Yusufovna | Integrating intrusion detection system and data mining | |
| Catak | Two-layer malicious network flow detection system with sparse linear model based feature selection | |
| Alauthman | An efficient approach to online bot detection based on a reinforcement learning technique | |
| Beg et al. | Feasibility of intrusion detection system with high performance computing: A survey | |
| Beqiri | Neural networks for intrusion detection systems | |
| Bahlali | Anomaly-based network intrusion detection system: A machine learning approach | |
| Nazir et al. | Combinatorial optimization based feature selection method: A study on network intrusion detection | |
| MR | An Empirical Assessment of Botnets and Detection Methods. | |
| Najafabadi | Machine Learning Algorithms for the Analysis and Detection of Network Attacks | |
| Faraji Daneshgar et al. | On the resilience of P2P botnet footprints in the presence of legitimate P2P traffic |