2017 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), Kuala Lumpur, pp. 864-872.
ISSN/ISBN: Not available at this time. DOI: 10.1109/APSIPA.2017.8282154
Abstract: Computer networks are vital for the secure and fast communication of information in the modern society. To ensure that these networks are functioning properly and safely, it is essential that effective intrusion detection methods are available to accurately detect and classify malicious behaviors. In this paper, we introduce a fast detection method using the Benford’s Law to detect and classify certain types of network attacks so to provide an early warning system against potential intrusion by criminals. Our experiments and analysis are performed based on the KDD99 dataset, and the results have shown that the Benford’s Law can be very effective in distinguishing between normal and malicious network flows, especially when using multiple digits of the Benford’s Law. Moreover, certain types of malicious attack have been detected by our method to contain unique signatures or patterns that can be further used as features for classification so to distinguish them from other types of network attacks. More analysis will be performed based on additional datasets to be presented in our paper.
Bibtex:
@INPROCEEDINGS{,
author={Liuying {Sun} and Anthony T.~S. {Ho} and Zhe {Xia} and Jiageng {Chen} and Xuzhe {Huang} and Yidan {Zhang}},
booktitle={2017 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC)},
title={Detection and classification of malicious patterns in network traffic using Benford's law},
year={2017},
volume={},
number={},
pages={864-872},
doi={10.1109/APSIPA.2017.8282154},
url={https://ieeexplore.ieee.org/document/8282154},
}
Reference Type: Conference Paper
Subject Area(s): Computer Science