从不断发展的网络数据中学习可靠的僵尸网络检测

2019 15th International Conference on Network and Service Management (CNSM) Pub Date : 2019-10-01 DOI:10.23919/CNSM46954.2019.9012710

Duc C. Le, A. N. Zincir-Heywood

{"title":"从不断发展的网络数据中学习可靠的僵尸网络检测","authors":"Duc C. Le, A. N. Zincir-Heywood","doi":"10.23919/CNSM46954.2019.9012710","DOIUrl":null,"url":null,"abstract":"This work presents an emerging problem in real-world applications of machine learning (ML) in cybersecurity, particularly in botnet detection, where the dynamics and the evolution in the deployment environments may render the ML solutions inadequate. We propose an approach to tackle this challenge using Genetic Programming (GP) - an evolutionary computation based approach. Preliminary results show that GP is able to evolve pre-trained classifiers to work under evolved (expanded) feature space conditions. This indicates the potential use of such an approach for botnet detection under non-stationary environments, where much less data and training time are required to obtain a reliable classifier as new network conditions arise.","PeriodicalId":273818,"journal":{"name":"2019 15th International Conference on Network and Service Management (CNSM)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Learning From Evolving Network Data for Dependable Botnet Detection\",\"authors\":\"Duc C. Le, A. N. Zincir-Heywood\",\"doi\":\"10.23919/CNSM46954.2019.9012710\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This work presents an emerging problem in real-world applications of machine learning (ML) in cybersecurity, particularly in botnet detection, where the dynamics and the evolution in the deployment environments may render the ML solutions inadequate. We propose an approach to tackle this challenge using Genetic Programming (GP) - an evolutionary computation based approach. Preliminary results show that GP is able to evolve pre-trained classifiers to work under evolved (expanded) feature space conditions. This indicates the potential use of such an approach for botnet detection under non-stationary environments, where much less data and training time are required to obtain a reliable classifier as new network conditions arise.\",\"PeriodicalId\":273818,\"journal\":{\"name\":\"2019 15th International Conference on Network and Service Management (CNSM)\",\"volume\":\"64 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 15th International Conference on Network and Service Management (CNSM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/CNSM46954.2019.9012710\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 15th International Conference on Network and Service Management (CNSM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/CNSM46954.2019.9012710","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

这项工作提出了机器学习(ML)在网络安全中的实际应用中的一个新问题，特别是在僵尸网络检测中，其中部署环境的动态和演变可能会使ML解决方案不足。我们提出了一种利用遗传规划(GP)——一种基于进化计算的方法来解决这一挑战的方法。初步结果表明，GP能够进化出在演化(扩展)特征空间条件下工作的预训练分类器。这表明这种方法在非平稳环境下用于僵尸网络检测的潜在用途，在这种环境中，随着新网络条件的出现，获得可靠分类器所需的数据和训练时间要少得多。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Learning From Evolving Network Data for Dependable Botnet Detection

This work presents an emerging problem in real-world applications of machine learning (ML) in cybersecurity, particularly in botnet detection, where the dynamics and the evolution in the deployment environments may render the ML solutions inadequate. We propose an approach to tackle this challenge using Genetic Programming (GP) - an evolutionary computation based approach. Preliminary results show that GP is able to evolve pre-trained classifiers to work under evolved (expanded) feature space conditions. This indicates the potential use of such an approach for botnet detection under non-stationary environments, where much less data and training time are required to obtain a reliable classifier as new network conditions arise.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 15th International Conference on Network and Service Management (CNSM)

自引率

0.00%

发文量

期刊最新文献

Flow-based Throughput Prediction using Deep Learning and Real-World Network Traffic Learning From Evolving Network Data for Dependable Botnet Detection Exploring NAT Detection and Host Identification Using Machine Learning Lumped Markovian Estimation for Wi-Fi Channel Utilization Prediction An Access Control Implementation Targeting Resource-constrained Environments