A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic
IEEE Symposium on Computational Intelligence in Cyber Security
Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.
Copyright © 2009, IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Institute of Electrical and Electronics Engineers
Langin, Chet; Zhou, Hongbo; Rahimi, Shahram; Gupta, Bidyut; Zargham, Mehdi; and Sayeh, Mohammad R., "A Self-Organizing Map and its Modeling for Discovering Malignant Network Traffic" (2009). Computer Science Faculty Publications. 158.