BIBLIOS

   Sistema de Gestão de Referências Bibliográficas de Ciências

Modo Visitante (Login)
Need help?


Voltar

Detalhes Referência

Tipo
Artigos em Conferência

Tipo de Documento
Artigo Completo

Título
LADS: A Live Anomaly Detection System based on Machine Learning Methods

Participantes na publicação
Gustavo Gonzalez-Granadillo (Author)
Rodrigo Diaz (Author)
Ibéria Medeiros (Author)
Dep. Informática
 LASIGE
 Susana Gonzalez-Zarzosa (Author)
Dawid Machnicki (Author)

Resumo
Network anomaly detection using NetFlow has been widely studied during the last decade. NetFlow provides the ability to collect network traffic attributes (e.g., IP source, IP destination, source port, destination port, protocol) and allows the use of association rule mining to extract the flows that have caused a malicious event. Despite of all the developments in network anomaly detection, the most popular procedure to detect nonconformity patterns in network traffic is still manual inspection during the period under analysis (e.g., visual analysis of plots, identification of variations in the number of bytes, packets, flows). This paper presents a Live Anomaly Detection System (LADS) based on One class Support Vector Machine (One-class SVM) to detect traffic anomalies. Experiments have been conducted using a valid data-set containing over 1.4 million packets (captured using NetFlow v5 and v9) that build models with one and several features in order to identify the approach that most accurately detects traffic anomalies in our system. A multi-featured approach that restricts the analysis to one IP address and extends it in terms of samples (valid and invalid ones) is considered as a promising approach in terms of accuracy of the detected malicious instances.

Data de Publicação
2019

Instituição
FACULDADE DE CIÊNCIAS DA UNIVERSIDADE DE LISBOA

Evento
Proceedings of the 16th International Joint Conference on e-Business and Telecommunications

Identificadores da Publicação
ISBN - 9789897583780

Local
Prague, Czech Republic

Editora
SCITEPRESS - Science and Technology Publications

Identificadores do Documento
URL - http://dx.doi.org/10.5220/0007948904640469
DOI - https://doi.org/10.5220/0007948904640469

Identificadores de Qualidade
CORE B (2018) -
Google Metrics (2019) - 13


Exportar referência

APA
Gustavo Gonzalez-Granadillo, Rodrigo Diaz, Ibéria Medeiros, Susana Gonzalez-Zarzosa, Dawid Machnicki, (2019). LADS: A Live Anomaly Detection System based on Machine Learning Methods. Proceedings of the 16th International Joint Conference on e-Business and Telecommunications, -

IEEE
Gustavo Gonzalez-Granadillo, Rodrigo Diaz, Ibéria Medeiros, Susana Gonzalez-Zarzosa, Dawid Machnicki, "LADS: A Live Anomaly Detection System based on Machine Learning Methods" in Proceedings of the 16th International Joint Conference on e-Business and Telecommunications, Prague, Czech Republic, 2019, pp. -, doi: 10.5220/0007948904640469

BIBTEX
@InProceedings{43377, author = {Gustavo Gonzalez-Granadillo and Rodrigo Diaz and Ibéria Medeiros and Susana Gonzalez-Zarzosa and Dawid Machnicki}, title = {LADS: A Live Anomaly Detection System based on Machine Learning Methods}, booktitle = {Proceedings of the 16th International Joint Conference on e-Business and Telecommunications}, year = 2019, pages = {-}, address = {Prague, Czech Republic}, publisher = {SCITEPRESS - Science and Technology Publications} }