A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic
Document Type
Conference Paper
Publication Date
3-2009
Publication Source
IEEE Symposium on Computational Intelligence in Cyber Security
Abstract
Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.
Inclusive pages
122-129
ISBN/ISSN
9781424427697
Copyright
Copyright © 2009, IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Publisher
Institute of Electrical and Electronics Engineers
Peer Reviewed
yes
eCommons Citation
Langin, Chet; Zhou, Hongbo; Rahimi, Shahram; Gupta, Bidyut; Zargham, Mehdi; and Sayeh, Mohammad R., "A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic" (2009). Computer Science Faculty Publications. 158.
https://ecommons.udayton.edu/cps_fac_pub/158
Comments
Permission documentation on file.