Compartir
Título
Malicious traffic detection on sampled network flow data with novelty-detection-based models
Autor
Facultad/Centro
Área de conocimiento
Título de la revista
Scientific Reports
Número de la revista
1
Cita Bibliográfica
Campazas-Vega, A., Crespo-Martínez, I. S., Guerrero-Higueras, Á. M., Álvarez-Aparicio, C., Matellán, V., & Fernández-Llamas, C. (2023). Malicious traffic detection on sampled network flow data with novelty-detection-based models. Scientific Reports, 13(1). https://doi.org/10.1038/S41598-023-42618-9
Editorial
Nature Research
Fecha
2023-09-18
Resumen
[EN] Cyber-attacks are a major problem for users, businesses, and institutions. Classical anomaly detection techniques can detect malicious traffic generated in a cyber-attack by analyzing individual network packets. However, routers that manage large traffic loads can only examine some packets. These devices often use lightweight flow-based protocols to collect network statistics. Analyzing flow data also allows for detecting malicious network traffic. But even gathering flow data has a high computational cost, so routers usually apply a sampling rate to generate flows. This sampling reduces the computational load on routers, but much information is lost. This work aims to demonstrate that malicious traffic can be detected even on flow data collected with a sampling rate of 1 out of 1,000 packets. To do so, we evaluate anomaly-detection-based models using synthetic sampled flow data and actual sampled flow data from RedCAYLE, the Castilla y León regional subnet of the Spanish academic and research network. The results presented show that detection of malicious traffic on sampled flow data is possible using novelty-detection-based models with a high accuracy score and a low false alarm rate.
Materia
Palabras clave
Peer review
SI
ID proyecto
- info:eu-grantAgreement/AEI/Programa Estatal para Impulsar la Investigación Científico-Técnica y su Transferencia/PID2021-126592OB-C21/ES/EXPLICABILIDAD EN LA TOMA DE DECISIONES DE ROBOTS AUTÓNOMOS (EDMAR)
URI
DOI
Aparece en las colecciones
- Artículos [5048]
Ficheros en el ítem
Tamaño:
1.250
xmlui.dri2xhtml.METS-1.0.size-megabytes
Formato:
Adobe PDF
Descripción:
Versión publicada