Journal
2022 IEEE INTERNATIONAL SYMPOSIUM ON MEASUREMENTS & NETWORKING (M&N 2022)
Volume -, Issue -, Pages -Publisher
IEEE
DOI: 10.1109/MN55117.2022.9887775
Keywords
Network intrusion detection; Security; Machine learning; CSE-CIC-IDS2018; Early detection
Ask authors/readers for more resources
Current intrusion detection techniques are incapable of dealing with the growing quantity and complexity of cyber attacks. Machine Learning techniques have been proposed for postmortem detection of network attacks, with many datasets available for training and validation purposes. This paper presents an early classification approach using CSE-CIC-IDS2018 dataset to detect malicious attacks before they can cause harm to an organization, by investigating a different set of features and analyzing the sensitivity of five classification algorithms to the number of observed packets. Results indicate that satisfactory results can be achieved with ML approaches relying on only ten packets.
Current intrusion detection techniques cannot keep up with the increasing amount and complexity of cyber attacks. In fact, most of the traffic is encrypted and does not allow to apply deep packet inspection approaches. In recent years, Machine Learning techniques have been proposed for postmortem detection of network attacks, and many datasets have been shared by research groups and organizations for training and validation. Differently from the vast related literature, in this paper we propose an early classification approach conducted on CSE-CIC-IDS2018 dataset, which contains both benign and malicious traffic, for the detection of malicious attacks before they could damage an organization. To this aim, we investigated a different set of features, and the sensitivity of performance of five classification algorithms to the number of observed packets. Results show that ML approaches relying on ten packets provide satisfactory results.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available