Learning Flow Characteristics Distributions with ELM for Distributed Denial of Service Detection and Mitigation

Aapo Kalliola, Yoan Miche, Ian Oliver, Silke Holtmanns, Buse Atli, Amaury Lendasse, Kaj-Mikael Björk, Anton Akusok, Tuomas Aura

Forskningsoutput: Kapitel i bok/rapport/konferenshandlingKonferensbidragVetenskapligPeer review

Sammanfattning

We present a methodology for modeling the distributions of network flow statistics for the specific purpose of network anomaly detection, in the form of Distributed Denial of Service attacks. The proposed methodology offers to model (using Extreme Learning Machines, ELM), at the IP subnetwork level (or all the way down to the single IP level, if computations allow), the usual distributions of certain network flow characteristics (or statistics), and then to use a One-Class classifier in the detection of abnormal joint flow statistics. The methodology makes use of the original ELM for its good performance to computational time ratio, but also because of the needs in this methodology to have simple update rules for making the model evolve in time, as new traffic and hosts come in.
OriginalspråkEngelska
Titel på värdpublikationProceedings of ELM-2016
Antal sidor15
UtgivningsortCham
FörlagSpringer
Utgivningsdatum26.05.2017
Sidor129-143
ISBN (tryckt)978-3-319-57420-2
ISBN (elektroniskt)978-3-319-57421-9
DOI
StatusPublicerad - 26.05.2017
MoE-publikationstypA4 Artikel i en konferenspublikation
Evenemang2016 the 7th International Conference on Extreme Learning Machines (ELM) - Marina Bay Sands, Singapore
Varaktighet: 13.12.201615.12.2016

Publikationsserier

Namn Proceedings in Adaptation, Learning and Optimization (PALO)
Volym9

Nyckelord

  • 512 Företagsekonomi

Fingeravtryck

Fördjupa i forskningsämnen för ”Learning Flow Characteristics Distributions with ELM for Distributed Denial of Service Detection and Mitigation”. Tillsammans bildar de ett unikt fingeravtryck.

Citera det här