Network Intrusion Detection in the Wild - the Orange use case in the SIMARGL project
Autor: | Mikołaj Komisarek, Marek Pawlicki, Mikołaj Kowalski, Adrian Marzecki, Michał Choraś, Rafał Kozik |
---|---|
Jazyk: | angličtina |
Předmět: |
021103 operations research
Network security business.industry Computer science Network packet Orange (software) 0211 other engineering and technologies 02 engineering and technology Computer security computer.software_genre Set (abstract data type) Server 0202 electrical engineering electronic engineering information engineering Systems architecture 020201 artificial intelligence & image processing Anomaly detection business computer Hacker |
Zdroj: | The 16th International Conference on Availability, Reliability and Security ARES |
DOI: | 10.1145/3465481.3470091 |
Popis: | There is a profuse abundance of network security incidents around the world every day. Increasingly, services and data stored on servers fall victim to sophisticated techniques that cause all sorts of damage. Hackers invent new ways to bypass security measures and modify the existing viruses in order to deceive defense systems. Therefore, in response to these illegal procedures, new ways to defend against them are being developed. In this paper, a method for anomaly detection based on machine learning technique is presented and a near real-time processing system architecture is proposed. The main contribution is a test-run of ML algorithms on real-world data coming from a world-class telecom operator. This work investigates the effectiveness of detecting malicious behaviour in network packets using several machine learning techniques. The results achieved are expressed with a set of metrics. For better clarity on the classifier performance, 10-fold cross-validation was used. |
Databáze: | OpenAIRE |
Externí odkaz: |