Mario Di Mauro scite author profile

Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean number of flows, etc. Dealing with the vast diversity and number of features that typically characterize data traffic is a hard problem. This results in the following issues: i) the presence of so many features leads to lengthy training processes (particularly when features are highly correlated), while prediction accuracy does not proportionally improve; ii) some of the features may introduce bias during the classification process, particularly those that have scarce relation with the data traffic to be classified. To this end, by reducing the feature space and retaining only the most significant features, Feature Selection (FS) becomes a crucial pre-processing step in network management and, specifically, for the purposes of network intrusion detection. In this review paper, we complement other surveys in multiple ways: i) evaluating more recent datasets (updated w.r.t. obsolete KDD 99) by means of a designed-from-scratch Python-based procedure; ii) providing a synopsis of most credited FS approaches in the field of intrusion detection, including Multi-Objective Evolutionary techniques; iii) assessing various experimental analyses such as feature correlation, time complexity, and performance. Our comparisons offer useful guidelines to network/security managers who are considering the incorporation of ML concepts into network intrusion detection, where trade-offs between performance and resource consumption are crucial.

show abstract

Availability Evaluation of Multi-Tenant Service Function Chaining Infrastructures by Multidimensional Universal Generating Function

Mauro

Longo

Postiglione

2021

IEEE Trans. Serv. Comput.

View full text Add to dashboard Cite

The Network Function Virtualization (NFV) paradigm has been devised as an enabler of next generation network infrastructures by speeding up the provisioning and the composition of novel network services. The latter are implemented via a chain of virtualized network functions, a process known as Service Function Chaining. In this paper, we evaluate the availability of multi-tenant SFC infrastructures, where every network function is modeled as a multi-state system and is shared among different and independent tenants. To this aim, we propose a Universal Generating Function (UGF) approach, suitably extended to handle performance vectors, that we call Multidimensional UGF. This novel methodology is validated in a realistic multi-tenant telecommunication network scenario, where the service chain is composed by the network elements of an IP Multimedia Subsystem implemented via NFV. A steady-state availability evaluation of such an exemplary system is presented and a redundancy optimization problem is solved, so providing the SFC infrastructure which minimizes deployment cost while respecting a given availability requirement.

show abstract

DDoS Attacks With Randomized Traffic Innovation: Botnet Identification Challenges and Strategies

Matta

Mauro

Longo

2017

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Distributed Denial-of-Service (DDoS) attacks are usually launched through the botnet, an "army" of compromised nodes hidden in the network. Inferential tools for DDoS mitigation should accordingly enable an early and reliable discrimination of the normal users from the compromised ones. Unfortunately, the recent emergence of attacks performed at the application layer has multiplied the number of possibilities that a botnet can exploit to conceal its malicious activities. New challenges arise, which cannot be addressed by simply borrowing the tools that have been successfully applied so far to earlier DDoS paradigms. In this work, we offer basically three contributions: i) we introduce an abstract model for the aforementioned class of attacks, where the botnet emulates normal traffic by continually learning admissible patterns from the environment; ii) we devise an inference algorithm that is shown to provide a consistent (i.e., converging to the true solution as time elapses) estimate of the botnet possibly hidden in the network; and iii) we verify the validity of the proposed inferential strategy over real network traces.

show abstract

Experimental Review of Neural-Based Approaches for Network Intrusion Management

Mauro

Galatro

Liotta

2020

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mario Di Mauro

Smart anomaly detection in sensor systems: A multi-perspective review

Supervised feature selection techniques in network intrusion detection: A critical review

Availability Evaluation of Multi-Tenant Service Function Chaining Infrastructures by Multidimensional Universal Generating Function

DDoS Attacks With Randomized Traffic Innovation: Botnet Identification Challenges and Strategies

Experimental Review of Neural-Based Approaches for Network Intrusion Management

Contact Info

Product

Resources

About