Browse wiki

From Navigators

Jump to: navigation, search
Publication:Sacramento TrustCom 2018
Abstract Traditional Network Intrusion Detection Sy Traditional Network Intrusion Detection Systems (NIDSs) inspect the payload of the packets looking for known intrusion signatures or deviations from normal behavior, but inspecting traffic at the current speed of Internet Service Provider (ISP) networks is difficult or even unfeasible. This paper presents an approach to detect malicious traffic and identify malicious hosts by inspecting flows, leveraging a combination of unsupervised machine learning and threat intelligence, without requiring either previous knowledge about attacks or traffic without attacks. The approach was implemented in the FlowHacker NIDS and evaluated with two kinds of traffic flows: synthetic traffic flows and real ISP traffic flows. traffic flows and real ISP traffic flows.
Author Luis Sacramento + , Ibéria Medeiros + , João Bota + , Miguel Correia +
Booktitle Proceedings of the 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)  +
Key Sacramento TrustCom 2018  +
Month jul  +
NumPubDate 2,018.07  +
Project Project:DiSIEM +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
Title FlowHacker: Detecting Unknown Network Attacks in Big Traffic Data using Network Flows  +
Type inproceedings  +
Year 2018  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 10 June 2018 12:18:37  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox