Flow based Sequential Grouping System for Malicious Traffic Detection |
Park, Jee-Tae
(Dept. Of Computer and Information Science Korea University)
Baek, Ui-Jun (Dept. Of Computer and Information Science Korea University) Lee, Min-Seong (Dept. Of Computer and Information Science Korea University) Goo, Young-Hoon (Advanced KREONET Center, Korea Institute of Science and Technology Information) Lee, Sung-Ho (AhnLab) Kim, Myung-Sup (Dept. Of Computer and Information Science Korea University) |
1 | Z. B. Celik, R. J. Walls, P. McDaniel and A. Swami, "Malware Traffic Detection using Tamper Resistant Features," in Proc. of Military Communications Conference, MILCOM 2015 -2015 IEEE, Tampa, FL, pp. 330-335, 2015. |
2 | W. Wang, M. Zhu, X. Zeng, X. Ye, and Y. Sheng, "Malware Traffic Classification using Convolutional Neural Network for Representation Learning," in Proc. of 2017 International Conference on Information Networking (ICOIN), IEEE, Jan, pp. 712-717, 2017. |
3 | R. K. Sharma, H. K. Kalita, and P. Borah, "Analysis of Machine Learning Techniques based Intrusion Detection Systems," in Proc. of 3rd International Conference on Advanced. Computing, Network Informatics, pp. 485-493, 2015. |
4 | M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," in Proc. of 2009 IEEE symposium on computational intelligence for security and defense applications, IEEE, 2009. |
5 | I. Letteri, G. D. Penna, L. D. Vita, and M. T. Grifa, "MTA-KDD'19: A Dataset for Malware Traffic Detection," ITASEC, 2020. |
6 | Malware traffic analysis.net. https://www.malware-traffic-analysis.net. |
7 | D, Tirtharaj, "A Study on Intrusion Detection using Neural Networks Trained with Evolutionary Algorithms," Soft Computing, 21(10), pp. 2687-2700, 2017. DOI |
8 | C. Yin, Y. Zhu, J. Fei, and X. He, "A Deep Learning Approach for Intrusion Detection using Recurrent Neural Networks," IEEE Access, 5, pp. 21954-21961, 2017. DOI |
9 | B. Yu, D. L. Gray, J. Pan, M. D. Cock and A. C. A. Nascimento, "Inline DGA Detection with Deep Networks," in Proc. of 2017 IEEE International Conference on Data Mining Workshops (ICDMW), New Orleans, LA, pp. 683-692, 2017. |
10 | L. Dhanabal, and S. P. Shantharajah, "A study on NSL-KDD dataset for intrusion detection system based on classification algorithms," International Journal of Advanced Research in Computer and Communication Engineering, Vol. 4, no. 6, pp. 446-452, 2015. |
11 | M. S. Kim, Y. J. Won, and J. W. K. Hong, "Application-Level Traffic Monitoring and an Analysis on IP Networks," ETRI Journal, Vol. 27, pp. 22-42, 2015. DOI |
12 | K. S. Shim, S.H. Yoon, S.K. Lee, S.M. Kim, W.S. Jung, M.S. Kim, "Automatic Generation of Snort Content Rule for Network Traffic Analysis,," KICS, Vol.40, No.04, pp.666-677, April, 2015. DOI |
13 | J. S. Park, S. H. Yoon and M. S. Kim, "Performance Improvement of the Payload Signature based Traffic Classification System using Application Traffic Temporal Locality," The Journal of Korean Institute of Communications and Information Sciences, vol. 38B, pp. 519-525, 2013. DOI |
14 | A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, and B. Stiller, "An Overview of IP Flow-Based Intrusion Detection," IEEE Commun. Surveys Tutorials, Vol. 12, no. 3, pp. 343-356, quarter 2010. DOI |
15 | R. Perdisci, W. Lee, and N. Feamster, "Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces," NSDI, Vol. 10, 2010. |
16 | H. M. An, S. K. Lee, J. H. Ham, and M. S. Kim, "Traffic Identification based on Applications using Statistical Signature free from Abnormal TCP Behavior," JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, Vol.31, no.5, pp.1669-1692, Sep. 2015. |
17 | Y. J. Won, S. C. Hong, B. C. Park, and J. W. K. Hong, "Automated Application Signature Generation for Traffic Identification," POSTECH, Korea, Aug. 16, 2008. |
18 | S. H. Yoon, J. S. Park, and M. S. Kim, "Behavior Signature for Fine-grained Traffic Identification," Applied Mathematics & Information Sciences, Vol. 9, No. 2L, pp. 523-534, Apr. 2015. |
19 | A. Dainotti, A. Pescape and K. Claffy, "Issues and Future Directions in Traffic Classification," Network IEEE, Vol. 26, no. 1, pp. 35-40, 2012. |
20 | A. Callado, C. Kamienski, G. Szabo, B. Gero, J. Kelner, S. Fernandes, et al., "A Survey on Internet Traffic Identification," IEEE Communications Surveys and Tutorials, Vol. 11, pp. 37-52, 2009. DOI |
21 | B. C. Park, Y. J. Won, M.-S. Kim, and J. W. Hong, "Towards Automated Application Signature Generation for Traffic Identification," in Proc. of Network Operations and Management Symposium, NOMS 2008, IEEE, pp. 160-167, 2008. |
22 | K. C. Lan and J. Heidemann, "A Measurement Study of Correlations of Internet Flow Characteristics," Computer Networks, Vol. 50, pp. 46-62, 2006. DOI |
23 | Y. Dhote, S. Agrawal, "A Survey on Feature Selection Techniques for Internet Traffic Classification," in Proc. of 2015 International Conference on Computational Intelligence and Communication Networks, Jabalpur, pp. 1375-1380, 2015. |
24 | M. Wang, Y. Cui, X. Wang, S. Xiao, and J. Jiang, "Machine Learning for Networking: WorkFlow, Advances and Opportunities," IEEE Network, Vol. 32, no. 2, pp. 92-99, Mar./Apr. 2018. DOI |
25 | S. Pouyanfar et al., "A Survey on Deep Learning: Algorithms, Techniques, and Applications," ACM Comput. Surveys, Vol. 51, no. 5, pp. 1-36, 2018. |
26 | X. Feng, X. Huang, X. Tian, and Y. Ma, "Automatic Traffic Signature Extraction based on Smith-Waterman Algorithm for Traffic Classification," in Proc. of Broadband Network and Multimedia Technology (IC-BNMT), 2010 3rd IEEE International Conference on, pp. 154-158, 2010. |
27 | M. Finsterbusch, C. Richter, E. Rocha, J. A. Muller and K. Hanssgen, "A Survey of PayloadBased Traffic Classification Approaches," Communications Surveys & Tutorials IEEE, Vol. 16, no. 2, pp. 1135-1156, 2014. DOI |
28 | C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, and M. Rajarajan, "A Survey of Intrusion Detection Techniques in Cloud," J. Netw. Comput. Appl., vol. 36, no. 1, pp. 42-57, 2013. DOI |
29 | F. Risso, M. Baldi, O. Morandi, A. Baldini, and P. Monclus, "Lightweight, Payload-Based Traffic Classification an Experimental Evaluation," in Proc. of IEEE International Conference on Communications, Beijing, China, pp. 5869-5875, May. 19-23, 2008. |
30 | T. T. T. Nguyen and G. Armitage, "A Survey of Techniques for Internet Traffic Classification using Machine Learning," IEEE Communications Surveys and Tutorials, Vol. 10, pp. 56-76, 2008. DOI |
31 | A. L. Buczak and E. Guven, "A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection," IEEE Communications Surveys Tutorials, Vol. 18, no. 2, pp. 1153-1176, Secondquater 2016. DOI |
32 | G. Loukas, T. Vuong, R. Heartfield, G. Sakellari, Y. Yoon, and D. Gan, "Cloud-based cyber-physical intrusion detection for vehicles using Deep Learning," IEEE Access, 6, pp. 3491-3508, 2018. DOI |
33 | M. J. De Lucia, and C. Cotton, "Detection of Encrypted Malicious Network Traffic using Machine Learning," in Proc. of MILCOM 2019-2019 IEEE Military Communications Conference (MILCOM), IEEE, pp. 1-6, 2019. |