NetFlow Anomaly Detection Though Parallel Cluster Density Analysis in Continuous Time-Series

Flanagan, Kieran; Fallon, Enda; Connolly, Paul; Awad, Abir

doi:10.1007/978-3-319-61382-6_18

Cited by 4 publications

(2 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…False positives can also be the result of data transformations (from raw packets to streams). Finally, and more specifically related to the research presented in this paper, the work given in [12] proves that network flow data analysis can achieve good performance. It is important to add that this research is focused on the deployment of unsupervised clustering algorithm(s).…”

Section: A Anomaly Detectionmentioning

confidence: 54%

Anomaly Detection in IoT Networks: From Architectures to Machine Learning Transparency

Huc

Trček

2021

IEEE Access

View full text Add to dashboard Cite

Machine learning (ML) is becoming an integral part of networks security arsenal, where Internet of Things (IoT) structures play an increasingly important role. However, IoT networks have many specific requirements, mostly due to limited energy availability and stringent computing resources. This results in limitations for traditional ML approaches to security, in particular for anomaly detection. Consequently, new focuses for solutions that range from architectural to data processing ones are necessary. Therefore, appropriate lightweight ML algorithms have to be designed and deployed in appropriate architectural settings, which is the main contribution of this paper. In addition, insights into ML functioning are needed to better understand the observed anomalies. To enable these insights (and support a wider applicability of ML based approaches), the results have to be as explainable as possible. The research presented in this paper addresses this problem through the functional and data transparency of ML applications, tailored to the specifics of anomaly detection in IoT networks. To tackle accordingly also the architectural issues, the presented approach builds on the well-established layering principle from computer communications reference models. This principle not only supports flexibility but also increases security in these new environments of growing importance.

show abstract

Section: A Anomaly Detectionmentioning

confidence: 54%

Anomaly Detection in IoT Networks: From Architectures to Machine Learning Transparency

Huc

Trček

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The network traffic intrusion detection architecture proposed in [29] is based on the use of a time series clustering algorithm. The authors show that the algorithm is able to detect anomalies in live data without any prior knowledge of the data.…”

Section: Related Workmentioning

confidence: 99%

How to Effectively Collect and Process Network Data for Intrusion Detection?

Komisarek

Pawlicki

Kozik

et al. 2021

Entropy

View full text Add to dashboard Cite

The number of security breaches in the cyberspace is on the rise. This threat is met with intensive work in the intrusion detection research community. To keep the defensive mechanisms up to date and relevant, realistic network traffic datasets are needed. The use of flow-based data for machine-learning-based network intrusion detection is a promising direction for intrusion detection systems. However, many contemporary benchmark datasets do not contain features that are usable in the wild. The main contribution of this work is to cover the research gap related to identifying and investigating valuable features in the NetFlow schema that allow for effective, machine-learning-based network intrusion detection in the real world. To achieve this goal, several feature selection techniques have been applied on five flow-based network intrusion detection datasets, establishing an informative flow-based feature set. The authors’ experience with the deployment of this kind of system shows that to close the research-to-market gap, and to perform actual real-world application of machine-learning-based intrusion detection, a set of labeled data from the end-user has to be collected. This research aims at establishing the appropriate, minimal amount of data that is sufficient to effectively train machine learning algorithms in intrusion detection. The results show that a set of 10 features and a small amount of data is enough for the final model to perform very well.

show abstract

Innovative Solutions for Maritime Infrastructures Monitoring and Protection

Pacini,

Marroccella,

Lagudi

et al. 2024

Studies in Computational Intelligence

View full text Add to dashboard Cite

The global economy heavily relies on maritime commerce, commonly known as the “Blue Economy,” which involves the transportation of raw materials and products via maritime traffic and the utilization of marine resources, including oil, gas, and underwater mines. The importance of various infrastructures linked to the sea, such as fish farms, pipelines, underwater power and data cables, cannot be overstated as they have significant impacts on both local and global economies. Therefore, safeguarding these infrastructures against both symmetric and asymmetric threats is crucial to prevent disruptions to vital services and avoid negative impacts on the economy and quality of life. This book chapter presents an underwater access control system designed to monitor and prevent unauthorized access to port areas from the seaside to safeguard maritime infrastructures. The system consists of acoustic and magnetic barriers connected to a wireless communication network that can collect and transmit data to the infrastructure control centre. The system provides robust, dependable, and secure solutions for near real-time data transfer, enabling continuous monitoring and prompt response to potential threats. This chapter provides a detailed description of the system architecture and its primary components, focusing on the technological aspects and innovative solutions used to meet the proposed requirements.

show abstract

NetFlow Anomaly Detection Though Parallel Cluster Density Analysis in Continuous Time-Series

Cited by 4 publications

References 23 publications

Anomaly Detection in IoT Networks: From Architectures to Machine Learning Transparency

Anomaly Detection in IoT Networks: From Architectures to Machine Learning Transparency

How to Effectively Collect and Process Network Data for Intrusion Detection?

Innovative Solutions for Maritime Infrastructures Monitoring and Protection

Contact Info

Product

Resources

About