Deep Learning for Classifying Malicious Network Traffic
| Autor: | Kyle Millar, Cheng-Chew Lim, Adriel Cheng, Hong Gunn Chew |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
021110 strategic
defence & security studies Artificial neural network Network packet business.industry Computer science Deep learning 0211 other engineering and technologies Deep packet inspection 02 engineering and technology Machine learning computer.software_genre Convolutional neural network Metadata Traffic classification 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Artificial intelligence business Classifier (UML) computer |
| Zdroj: | Lecture Notes in Computer Science ISBN: 9783030045029 PAKDD (Workshops) |
| DOI: | 10.1007/978-3-030-04503-6_15 |
| Popis: | As the sophistication of cyber malicious attacks increase, so too must the techniques used to detect and classify such malicious traffic in these networks. Deep learning has been deployed in many application domains as it is able to learn patterns from large feature sets. Given that the implementation of deep learning for network traffic classification is only just starting to emerge, the question of how best to utilise and represent network data to such a classifier still remains. This paper addresses this question by devising and evaluating three different ways of representing data to a deep neural network in the context of malicious traffic classification. We show that although deep learning does not show significant improvement over other machine learning techniques using metadata features, its use on payload data highlights the potential for deep learning to be incorporated into novel deep packet inspection techniques. Furthermore, we show that useful predictions of malicious classes can still be made when the input is limited to just the first 50 bytes of a packet’s payload. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|