A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic

Author(s)

Chet Langin, Southern Illinois University Carbondale
Hongbo Zhou, Southern Illinois University Carbondale
Shahram Rahimi, Southern Illinois University Carbondale
Bidyut Gupta, Southern Illinois University Carbondale
Mehdi Zargham, University of DaytonFollow
Mohammad R. Sayeh, Southern Illinois University Carbondale

Document Type

Conference Paper

Publication Date

3-2009

Publication Source

IEEE Symposium on Computational Intelligence in Cyber Security

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

Inclusive pages

122-129

ISBN/ISSN

9781424427697

Comments

Permission documentation on file.

Copyright

Copyright © 2009, IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Publisher

Institute of Electrical and Electronics Engineers

Peer Reviewed

yes

eCommons Citation

Langin, Chet; Zhou, Hongbo; Rahimi, Shahram; Gupta, Bidyut; Zargham, Mehdi; and Sayeh, Mohammad R., "A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic" (2009). Computer Science Faculty Publications. 158.
https://ecommons.udayton.edu/cps_fac_pub/158