Mobile Agents for Detecting Network Attacks Using Timing Covert Channels.
TL;DR: The proposed algorithm is based on the Change Observation Theory, and employs two types of agents: base and flying ones, which can establish a new type of multi-agent intrusion detection system that can be applied to a wider group of IT systems.
read more
Abstract: This article addresses the problem of network attacks using steganographic techniques based on the manipulation of time relationships between IP packets. In the study, an efficient method to detect such attacks is presented. The proposed algorithm is based on the Change Observation Theory, and employs two types of agents: base and flying ones. The agents observe the time parameters of the network traffic, using proposed meta-histograms and trained machine learning algorithms, in the node where they were installed. The results of experiments using various machine learning algorithm are presented and discussed. The study showed that the Random Forest and MLP classifiers achieved the best detection results, yielding an area under the ROC curve (AUC) above 0.85 for the evaluation data. We showed a proof-of-concept for an attack detection method that combined the classification algorithm, the proposed anomaly metrics and the mobile agents. We claim that due to a unique feature of self-regulation, realized by destroying unnecessary agents, the proposed method can establish a new type of multi-agent intrusion detection system that can be applied to a wider group of IT systems.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection
Luca Caviglione,Michal Choras,Igino Corona,Artur Janicki,Wojciech Mazurczyk,Marek Pawlicki,Katarzyna Wasielewska +6 more
TL;DR: A detailed meta-review of the existing surveys related to malware and its detection techniques, showing an arms race between these two sides of a barricade, is presented in this article.
Multilayer Detection of Network Steganography
TL;DR: A new method based on a multilayer approach for the selective analysis of derived and aggregated metrics utilizing machine learning algorithms to provide steganalysis capability for networks with large numbers of devices and connections is presented.
15
A New Approach for Network Steganography Detection based on Deep Learning Techniques
Cho Do Xuan,Lai Van Duong +1 more
TL;DR: In this paper, the authors proposed a network steganography detection method using deep learning techniques, which is based on different components of the packet and combines these many components to improve the ability to detect many steganographic techniques in the network and to accurately detect abnormal packets.
References
•Journal Article
Scikit-learn: Machine Learning in Python
Fabian Pedregosa,Gaël Varoquaux,Alexandre Gramfort,Vincent Michel,Bertrand Thirion,Olivier Grisel,Mathieu Blondel,Peter Prettenhofer,Ron Weiss,Vincent Dubourg,Jake Vanderplas,Alexandre Passos,David Cournapeau,Matthieu Brucher,Matthieu Perrot,Edouard Duchesnay +15 more
TL;DR: Scikit-learn is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems, focusing on bringing machine learning to non-specialists using a general-purpose high-level language.
•Posted Content
Scikit-learn: Machine Learning in Python
Fabian Pedregosa,Gaël Varoquaux,Alexandre Gramfort,Vincent Michel,Bertrand Thirion,Olivier Grisel,Mathieu Blondel,Andreas Müller,Joel Nothman,Gilles Louppe,Peter Prettenhofer,Ron Weiss,Vincent Dubourg,Jake Vanderplas,Alexandre Passos,David Cournapeau,Matthieu Brucher,Matthieu Perrot,Edouard Duchesnay +18 more
TL;DR: Scikit-learn as mentioned in this paper is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems.
28.9K
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
TL;DR: The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/ DM for cyber security is presented, and some recommendations on when to use a given method are provided.
2.5K
A survey of network anomaly detection techniques
TL;DR: This paper presents an in-depth analysis of four major categories of anomaly detection techniques which include classification, statistical, information theory and clustering and evaluates effectiveness of different categories of techniques.
1.4K
On the limits of steganography
TL;DR: It is shown that public key information hiding systems exist, and are not necessarily constrained to the case where the warden is passive, and the use of parity checks to amplify covertness and provide public key steganography.
Related Papers (5)
Sarode Harshal Vasudeo,Pravin R. Patil,R. Vinoth Kumar +2 more
- 06 May 2015
Yongquan Mo,Yizhong Ma,Liang Xu +2 more
- 01 Dec 2008