Anomalous IP Address Detection on Traffic Logs Using Novel Word Embedding
作者: Satoru Koda , Yusuke Kambara , Takanori Oikawa , Kazuyoshi Furukawa , Yuki Unno
DOI: 10.1109/COMPSAC48688.2020.00-42
关键词:
摘要: This paper presents an anomalous IP address detection algorithm for network traffic logs. It is based on word embedding techniques derived from natural language processing to extract the representative features of addresses. However, extracted vanilla embeddings are not always compatible with machine learning-based anomaly algorithms. Therefore, we developed that enables extraction more addresses than conventional methods. The proposed optimizes objective functions embedding-based feature and detection, simultaneously. According experimental results, outperformed approaches; it improved performance 0.876 0.990 in area under curve criterion a task detecting attackers
sci-hub.st 参考文章(12)
David M.J. Tax, Robert P.W. Duin, Support Vector Data Description Machine Learning. ,vol. 54, pp. 45- 66 ,(2004) , 10.1023/B:MACH.0000008084.60811.49
Benjamin Recht, Ali Rahimi, Random Features for Large-Scale Kernel Machines neural information processing systems. ,vol. 20, pp. 1177- 1184 ,(2007)
Ilya Sutskever, Tomas Mikolov, Greg S Corrado, Kai Chen, Jeff Dean, Distributed Representations of Words and Phrases and their Compositionality neural information processing systems. ,vol. 26, pp. 3111- 3119 ,(2013)
Guiqin Yuan, Bo Li, Yiyang Yao, Simin Zhang, A deep learning enabled subspace spectral ensemble clustering approach for web anomaly detection 2017 International Joint Conference on Neural Networks (IJCNN). pp. 3896- 3903 ,(2017) , 10.1109/IJCNN.2017.7966347
Christophe Bertero, Matthieu Roy, Carla Sauvanaud, Gilles Tredan, Experience Report: Log Mining Using Natural Language Processing and Application to Anomaly Detection international symposium on software reliability engineering. pp. 351- 360 ,(2017) , 10.1109/ISSRE.2017.43
Markus Ring, Alexander Dallmann, Dieter Landes, Andreas Hotho, IP2Vec: Learning Similarities Between IP Addresses 2017 IEEE International Conference on Data Mining Workshops (ICDMW). pp. 657- 666 ,(2017) , 10.1109/ICDMW.2017.93
Mamoru Mimura, Hidema Tanaka, Heavy Log Reader: Learning the Context of Cyber Attacks Automatically with Paragraph Vector Information Systems Security. pp. 146- 163 ,(2017) , 10.1007/978-3-319-72598-7_9
Amit Pande, Vishal Ahuja, WEAC: Word embeddings for anomaly classification from event logs 2017 IEEE International Conference on Big Data (Big Data). pp. 1095- 1100 ,(2017) , 10.1109/BIGDATA.2017.8258034
Robert Vandermeulen, Emmanuel Müller, Alexander Binder, Marius Kloft, Nico Goernitz, Shoaib Ahmed Siddiqui, Lucas Deecke, Lukas Ruff, Deep One-Class Classification. international conference on machine learning. pp. 4390- 4399 ,(2018)
Rafael San Miguel Carrasco, Miguel-Angel Sicilia, Unsupervised intrusion detection through skip-gram models of network behavior Computers & Security. ,vol. 78, pp. 187- 197 ,(2018) , 10.1016/J.COSE.2018.07.003