Detecting Advanced Network Threats Using a Similarity Search

Abstract : In this paper, we propose a novel approach for the detection of advanced network threats. We combine knowledge-based detections with similarity search techniques commonly utilized for automated image annotation. This unique combination could provide effective detection of common network anomalies together with their unknown variants. In addition, it offers a similar approach to network data analysis as a security analyst does. Our research is focused on understanding the similarity of anomalies in network traffic and their representation within complex behaviour patterns. This will lead to a proposal of a system for the real-time analysis of network data based on similarity. This goal should be achieved within a period of three years as a part of a PhD thesis.
Type de document :
Communication dans un congrès
Rémi Badonnel; Robert Koch; Aiko Pras; Martin Drašar; Burkhard Stiller. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9701, pp.137-141, 2016, Management and Security in the Age of Hyperconnectivity. 〈10.1007/978-3-319-39814-3_14〉
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01632739
Contributeur : Hal Ifip <>
Soumis le : vendredi 10 novembre 2017 - 15:27:27
Dernière modification le : vendredi 10 novembre 2017 - 15:31:18
Document(s) archivé(s) le : dimanche 11 février 2018 - 15:00:35

Fichier

 Accès restreint
Fichier visible le : 2019-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Milan Čermák, Pavel Čeleda. Detecting Advanced Network Threats Using a Similarity Search. Rémi Badonnel; Robert Koch; Aiko Pras; Martin Drašar; Burkhard Stiller. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9701, pp.137-141, 2016, Management and Security in the Age of Hyperconnectivity. 〈10.1007/978-3-319-39814-3_14〉. 〈hal-01632739〉

Partager

Métriques

Consultations de la notice

14