A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems

Seo, Jung Woo T.; Lee, Sang Jin

doi:10.1186/s40064-016-3569-3

Cited by 11 publications

(4 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Besides, the unique connection ID (uid) is dropped because it is not useful to train the classifier. The source (source_ip) and destination IP (dest_ip) addresses are excluded from the machine learning features because IP can be spoofed by the attackers [30]. Therefore, IP is infeasible to be used as an attack detection and classification feature.…”

Section: A Phase 1: Identification Of Useful Attribute In Dataset To ...mentioning

confidence: 99%

Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic

Zi Wei,

Md-Arshad,

Abdul Samad

et al. 2023

Int J Innov Comp

View full text Add to dashboard Cite

Most IoT devices are designed and built for cheap and basic functions, therefore, the security aspects of these devices are not taken seriously. Yet, IoT devices tend to play an important role in this era, where the amount of IoT devices is predicted to exceed the number of traditional computing devices such as desktops and laptops. This causes more and more cybersecurity attacks to target IoT devices and malware attack is known to be the most common attack in IoT networks. However, most research only focuses on malware detection in traditional computing devices. The purpose of this research is to compare the performance of Random Forest and Naïve Bayes algorithm in terms of accuracy, precision, recall and F1-score in classifying the malware attack and benign traffic in IoT network traffic. Research is conducted with the Aposemat IoT-23 dataset, a labelled dataset that contains IoT malware infection traffic and IoT benign traffic. To determine the data in IoT network traffic packets that are useful for threat detection, a study is conducted and the threat data is cleaned up and prepared using RStudio and RapidMiner Studio. Random Forest and Naïve Bayes algorithm is used to train and classify the cleaned dataset. Random Forest can prevent the model from overfitting while Naïve Bayes requires less training time. Lastly, the accuracy, precision, recall and F1-score of the machine learning algorithms are compared and discussed. The research result displays the Random Forest as the best machine learning algorithm in classifying the malware attack traffic.

show abstract

Section: A Phase 1: Identification Of Useful Attribute In Dataset To ...mentioning

confidence: 99%

Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic

Zi Wei,

Md-Arshad,

Abdul Samad

et al. 2023

Int J Innov Comp

View full text Add to dashboard Cite

show abstract

“…Суть метода заключается в анализе влияния атаки на энтропию IP-адресов. DDoS-атака представляет собой большое количество запросов к конкретному сервису от одного узла-источника, то есть в общем трафике можно увидеть большое количество пакетов с одинаковыми IP-адресами -источника атаки и атакуемого сервера [6]. Атака за счет концентрации трафика на портах источника и портах назначения характеризуется уменьшением энтропии IP-адресов источника и IP-адресов назначения.…”

Section: возможность использования энтропии для обнаружения Ddos-атакunclassified

Overview of the Methods for Predicting Network Anomalies

Liznev

2023

jour

View full text Add to dashboard Cite

show abstract

“…Existem diferentes abordagens para a definição das características que podem ser coletadas do tráfego das redes. Por exemplo, Seo and Lee (2016) utilizam 14 atributos para representar o fluxo normal e malicioso em seu trabalho de detecção de ataques DDoS, enquanto Lu et al (2017) utilizam 22 atributos para detecção de seções de C&C. Como o objetivo deste trabalhoé identificar a diferença comportamental dos dispositivos, e necessário utilizar características que sejam representativas. A quantidade de pacotes enviados, o tamanho dos pacotes, a frequência de envio e recebimento dos pacotes são características importantes para diferenciar usuários reais dos bots.…”

Section: Captura E Pré-processamento Do Tráfego De Redeunclassified

Identificação Antecipada de Botnets por Aprendizagem de Máquina

Neira¹,

Medeiro²,

Nogueira³

2020

Anais XXXVIII Simpósio Brasileiro De Redes De Computadores E Sistemas Distribuídos (SBRC 2020)

View full text Add to dashboard Cite

O envio de spam, o roubo de dados pessoais e o ataque de negação de serviço são exemplos de ações resultantes da exploração de vulnerabilidades em dispositivos inseguros conectados à Internet. A constante evolução dos ataques, o aumento na quantidade de dispositivos vulneráveis devido à Internet das Coisas (IoT) e os elevados custos com os danos causados reforçam a necessidade de antecipar a ação de redes de dispositivos infectados (bots) geradoras de ataques. Neste contexto, os algoritmos de aprendizagem de máquina são relevantes para identificar essas redes, pois oferecem adaptação e tratamento de uma quantidade massiva de dados. Este trabalho apresenta o sistema ANTE, identificação ANTecipada de botnEts com base em algoritmos de aprendizagem de máquina. Instanciamos o sistema e comparamos os resultados obtidos de diferentes cenários e sob a análise de dados, como as bases de dados CTU-13 (cenários 10 e 11), CICDDoS2019, ISOT HTTP Botnet, CAIDA DDoS Attack 2007 e CSE-CIC-IDS2018. Embora as instâncias do sistema sejam capazes de identificar os bots, não existe uma única capaz de atender todos os cenários.

show abstract

A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems

Cited by 11 publications

References 21 publications

Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic

Comparing Malware Attack Detection using Machine Learning Techniques in IoT Network Traffic

Overview of the Methods for Predicting Network Anomalies

Identificação Antecipada de Botnets por Aprendizagem de Máquina

Contact Info

Product

Resources

About