A neural network application for attack detection in computer networks

Silva, L. de Sa; Santos, Adriana C. Ferrari dos; Silva, J.D.S. da; Montes, Agustín

doi:10.1109/ijcnn.2004.1380190

Cited by 17 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many dedicated efforts are made to detect attack or malware in network by combining the ML with Snort signatures [22][23][24][25]. De Lima et al [22] extracted the feature of attack and benign files from the packet flows.…”

Section: Related Workmentioning

confidence: 99%

“…Based on this fact the neural network is trained to identify new attack, which is implemented on a MLP 256-21-1 network to achieve detection accuracy about 74%. Other research such as [23,24] used neural network (NN) in attack detection and extracted the feature of attack and benign from the packet content. They combined the Hamming Net NN (HNNN) with 46 Snort signatures for training to classify the illegitimate information in TCP/IP packet payload.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Pre-filters in-transit malware packets detection in the network

Khammas¹,

Ismail

Marsono

2019

TELKOMNIKA

View full text Add to dashboard Cite

Conventional malware detection systems cannot detect most of the new malware in the network without the availability of their signatures. In order to solve this problem, this paper proposes a technique to detect both metamorphic (mutated malware) and general (non-mutated) malware in the network using a combination of known malware sub-signature and machine learning classification. This network-based malware detection is achieved through a middle path for efficient processing of non-malware packets. The proposed technique has been tested and verified using multiple data sets (metamorphic malware, non-mutated malware, and UTM real traffic), this technique can detect most of malware packets in the network-based before they reached the host better than the previous works which detect malware in host-based. Experimental results showed that the proposed technique can speed up the transmission of more than 98% normal packets without sending them to the slow path, and more than 97% of malware packets are detected and dropped in the middle path. Furthermore, more than 75% of metamorphic malware packets in the test dataset could be detected. The proposed technique is 37 times faster than existing technique.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Pre-filters in-transit malware packets detection in the network

Khammas¹,

Ismail

Marsono

2019

TELKOMNIKA

View full text Add to dashboard Cite

show abstract

“…Liangboonprakong and Sornil [13] have extracted sequential n-gram pattern features instead of each feature, individually. However, some researchers have used the Snort signatures to detect attack and malware in the network after combining them with ML [19]- [21].…”

Section: Related Workmentioning

confidence: 99%

Malware Detection using Sub-Signatures and Machine Learning Technique

Khammas¹

2018

Journal of Information Security Research

View full text Add to dashboard Cite

Malware is a major computer security concern as many computing systems are connected to the Internet. The number of malware has increased over the years and new malware has emerged, where new variants are capable of evading conventional system detection through obfuscations. One of the promising methods used to detect malware is machine learning (ML) techniques. This work presents a static malware detection system using n-gram and machine learning techniques, using known malware subsignatures to reduce large feature search spaces, which are generated due to n-gram feature extraction methods. The feature space directly affects the performance and the detection accuracy of malware ML classifiers. Analysis of multiple feature selection methods to minimize the number of features and analysis of multiple ML classifiers are also presented to improve the malware detection accuracy. The results show that analyzing n-gram with Snort sub-signature features using machine learning give good malware detection accuracy of more than 99.78% and zero FPR when 4-gram features are used for most of the verified ML classifiers.

show abstract