Abstract
The ongoing growth in the complexity of malicious software has rendered the long-established solutions for cyber attack detection inadequate. Specifically, at any time novel malware emerges, the conventional security systems prove inept until the signatures are brought up to date. Moreover, the bulk of machine-learning based solutions rely on supervised training, which generally leads to an added burden for the admin to label the network traffic and to re-train the system periodically. Consequently, the major contribution of this paper is an outline of an unsupervised machine learning approach to cybersecurity, in particular, a proposal to use sparse autoencoders to detect the malicious behaviour of hosts in the network. We put forward a means of botnet detection through the analysis of data in the form of Netflows for a use case.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
The Malware Capture Facility Project. https://mcfp.weebly.com/
Grill, M., Nikolaev, I., Valeros, V., Rehak, M.: Detecting DGA malware using NetFlow. In: IFIP/IEEE International Symposium on Integrated Network Management (IM), Ottawa, pp. 1304–1309 (2015). https://doi.org/10.1109/INM.2015.7140486
Abt, S., Baier, H.: Towards efficient and privacy-preserving network-based botnet detection using NetFlow data. In: Proceedings of the Ninth International Network Conference (INC 2012) (2012)
Tran, Q.A., Jiang, F., Hu, J.: A real-time NetFlow-based intrusion detection system with improved BBNN and high-frequency field programmable gate arrays. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, Liverpool, pp. 201–208 (2012). https://doi.org/10.1109/TrustCom.2012.51
Flanagan, K., Fallon, E., Awad, A., Connolly, P.: Self-configuring NetFlow anomaly detection using cluster density analysis. In: 19th International Conference on Advanced Communication Technology (ICACT), Bongpyeong, pp. 421–427. https://doi.org/10.23919/ICACT.2017.7890124
Yuan, X.: PhD forum: deep learning-based real-time malware detection with multi-stage analysis. In: IEEE International Conference on Smart Computing (SMARTCOMP), Hong Kong, pp. 1–2 (2017). https://doi.org/10.1109/SMARTCOMP.2017.7946997
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kozik, R., Pawlicki, M., Choraś, M. (2019). Sparse Autoencoders for Unsupervised Netflow Data Classification. In: Choraś, M., Choraś, R. (eds) Image Processing and Communications Challenges 10. IP&C 2018. Advances in Intelligent Systems and Computing, vol 892. Springer, Cham. https://doi.org/10.1007/978-3-030-03658-4_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-03658-4_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03657-7
Online ISBN: 978-3-030-03658-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)