Jiarong Wang scite author profile

Jiarong Wang

2Publications

0Citation Statements Received

0Citation Statements Given

How they've been cited

How they cite others

Affiliations

Institute of High Energy Physics, Chinese Academy of Sciences

Publications

Order By: Most citations

A Fusion Model Based on Dynamic Web Browsing Behavior Analysis for IoT Insider Threat Detection

Wang

Liu

Tian

et al. 2022

Sensors

View full text Add to dashboard Cite

With the wide application of Internet of things (IoT) devices in enterprises, the traditional boundary defense mechanisms are difficult to satisfy the demands of the insider threats detection. IoT insider threat detection can be more challenging, since internal employees are born with the ability to escape the deployed information security mechanism, such as firewalls and endpoint protection. In order to detect internal attacks more accurately, we can analyze users’ web browsing behaviors to identify abnormal users. The existing web browsing behavior anomaly detection methods ignore the dynamic change of the web browsing behavior of the target user and the behavior consistency of the target user in its peer group, which results in a complex modeling process, low system efficiency and low detection accuracy. Therefore, the paper respectively proposes the individual user behavior model and the peer-group behavior model to characterize the abnormal dynamic change of user browsing behavior and compare the mutual behavioral inconsistency among one peer-group. Furthermore, the fusion model is presented for insider threat detection which simultaneously considers individual behavioral abnormal dynamic changes and mutual behavioral dynamic inconsistency from peers. The experimental results show that the proposed fusion model can accurately detect insider threat based on the abnormal user web browsing behaviors in the enterprise networks.

show abstract

Unknown Traffic Recognition Based on Multi-Feature Fusion and Incremental Learning

et al. 2023

View full text Add to dashboard Cite

Accurate classification and identification of Internet traffic are crucial for maintaining network security. However, unknown network traffic in the real world can affect the accuracy of current machine learning models, reducing the efficiency of traffic classification. Existing unknown traffic classification algorithms are unable to optimize traffic features and require the entire system to be retrained each time new traffic data are collected. This results in low recognition efficiency, making the algoritms unsuitable for real-time application detection. To solve the above issues, we suggest a multi-feature fusion-based incremental technique for detecting unknown traffic in this paper. The approach employs a multiple-channel parallel architecture to extract temporal and spatial traffic features. It then uses the mRMR algorithm to rank and fuse the features extracted from each channel to overcome the issue of redundant encrypted traffic features. In addition, we combine the density-ratio-based clustering algorithm to identify the unknown traffic features and update the model via incremental learning. The cassifier enables real-time classification of known and unknown traffic by learning newly acquired class knowledge. Our model can identify encrypted unknown Internet traffic with at least 86% accuracy in various scenarios, using the public ISCX-VPN-Tor datasets. Furthermore, it achieves 90% accuracy on the intrusion detection dataset NSL-KDD. In our self-collected dataset from a real-world environment, the accuracy of our model exceeds 96%. This work offers a novel method for identifying unknown network traffic, contributing to the security preservation of network environments.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jiarong Wang

A Fusion Model Based on Dynamic Web Browsing Behavior Analysis for IoT Insider Threat Detection

Unknown Traffic Recognition Based on Multi-Feature Fusion and Incremental Learning

Contact Info

Product

Resources

About