Compartir
Título
Analysis of NetFlow Features’ Importance in Malicious Network Traffic Detection
Autor
Facultad/Centro
Área de conocimiento
Asignaturas
14th International Conference on Computational Intelligence in Security for Information Systems and 12th International Conference on European Transnational Educational (CISIS 2021 and ICEUTE 2021)
Datos de la obra
Crespo-Martínez, I. S., Matellán, V., Guerrero-Higueras, Á. M., Campazas-Vega, A., & Álvarez-Aparicio, C. (2021). Analysis of NetFlow Features’ Importance in Malicious Network Traffic Detection. En 14th International Conference on Computational Intelligence in Security for Information Systems and 12th International Conference on European Transnational Educational (CISIS 2021 and ICEUTE 2021) (pp. 52-61). https://doi.org/10.1007/978-3-030-87872-6_6
Editor
Springer
Fecha
2021
Abstract
[EN] Malicious traffic detection allows for preventing cybersecurity-related threats. Machine learning algorithms are commonly used to detect such traffic in computer networks by analyzing packets. In wide-area networks, such as RedCAYLE (Red de Ciencia y Tecnolog´ıa de Castilla y Le´on), it is not possible to analyze every packet routed. So we pose that in such networks sampled flow data may be used to provide malicious traffic detection. This work presents the analysis carried out of the relevance that every NetFlow feature has in the K-Nearest Neighbors (KNN) algorithm in order to detect malicious traffic. Validation of the model has been carried out with real network data from RedCAYLE. Results show that it is necessary to train the models with sampled flow data. They also show that the nexthop feature has a negative influence on malicious traffic detection in wide-area networks such as RedCAYLE.
Materia
Palabras clave
URI
Aparece en las colecciones
- Capítulos de monografías [1578]
Files in questo item
Tamaño:
206.2
xmlui.dri2xhtml.METS-1.0.size-kilobytes
Formato:
Adobe PDF