Efficient Learning of Communication Profiles from IP Flow Records
| Autor: | Hammerschmidt, C.A., Marchal, Samuel, State, Radu, Pellegrino, G., Verwer, S.E., Kellenberger, Patrick |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2016 |
| Předmět: |
ta113
Finite-state machine SIMPLE (military communications protocol) Learning automata Computer science business.industry intrusion detection Fingerprint (computing) Botnet 020206 networking & telecommunications netflow 02 engineering and technology Intrusion detection system computer.software_genre ip flow analysis botnet detection Task (computing) machine learning communication profiling 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Data mining business computer Computer network |
| Zdroj: | LCN Proceedings-2016 IEEE 41st Conference on Local Computer Networks, LCN 2016 |
| Popis: | The task of network traffic monitoring has evolved drastically with the ever-increasing amount of data flowing in large scale networks. The automated analysis of this tremendous source of information often comes with using simpler models on aggregated data (e.g. IP flow records) due to time and space constraints. A step towards utilizing IP flow records more effectively are stream learning techniques. We propose a method to collect a limited yet relevant amount of data in order to learn a class of complex models, finite state machines, in real-time. These machines are used as communication profiles to fingerprint, identify or classify hosts and services and offer high detection rates while requiring less training data and thus being faster to compute than simple models. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|