LADS: A Live Anomaly Detection System based on Machine Learning Methods

Gustavo Gonzalez-Granadillo; Rodrigo Diaz; Ibéria Medeiros; Susana Gonzalez-Zarzosa; Dawid Machnicki

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

LADS: A Live Anomaly Detection System based on Machine Learning Methods

Topics: Management of Computing Security; Network Security; Security Management; Security Verification and Validation

In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications SECRYPT - Volume 1, 464-469, 2019 , Prague, Czech Republic

Authors: Gustavo Gonzalez-Granadillo ¹ ; Rodrigo Diaz ¹ ; Ibéria Medeiros ² ; Susana Gonzalez-Zarzosa ¹ and Dawid Machnicki ¹

Affiliations: ¹ Atos Research & Innovation, Cybersecurity Laboratory and Spain ; ² LASIGE, Faculty of Sciences, University of Lisboa and Portugal

Keyword(s): Machine Learning, One-class SVM, Anomaly Detection, Network Traffic Behavior, NetFlow.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Information and Systems Security ; Information Assurance ; Management of Computing Security ; Network Security ; Security Management ; Security Verification and Validation ; Wireless Network Security

Abstract: Network anomaly detection using NetFlow has been widely studied during the last decade. NetFlow provides the ability to collect network traffic attributes (e.g., IP source, IP destination, source port, destination port, protocol) and allows the use of association rule mining to extract the flows that have caused a malicious event. Despite of all the developments in network anomaly detection, the most popular procedure to detect non-conformity patterns in network traffic is still manual inspection during the period under analysis (e.g., visual analysis of plots, identification of variations in the number of bytes, packets, flows). This paper presents a Live Anomaly Detection System (LADS) based on One class Support Vector Machine (One-class SVM) to detect traffic anomalies. Experiments have been conducted using a valid data-set containing over 1.4 million packets (captured using NetFlow v5 and v9) that build models with one and several features in order to identify the approach that m ost accurately detects traffic anomalies in our system. A multi-featured approach that restricts the analysis to one IP address and extends it in terms of samples (valid and invalid ones) is considered as a promising approach in terms of accuracy of the detected malicious instances. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.145.191.214

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Gonzalez-Granadillo, G.; Diaz, R.; Medeiros, I.; Gonzalez-Zarzosa, S. and Machnicki, D. (2019). LADS: A Live Anomaly Detection System based on Machine Learning Methods. In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-378-0; ISSN 2184-3236, SciTePress, pages 464-469. DOI: 10.5220/0007948904640469

@conference{secrypt19,
author={Gustavo Gonzalez{-}Granadillo. and Rodrigo Diaz. and Ibéria Medeiros. and Susana Gonzalez{-}Zarzosa. and Dawid Machnicki.},
title={LADS: A Live Anomaly Detection System based on Machine Learning Methods},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2019},
pages={464-469},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007948904640469},
isbn={978-989-758-378-0},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - LADS: A Live Anomaly Detection System based on Machine Learning Methods
SN - 978-989-758-378-0
IS - 2184-3236
AU - Gonzalez-Granadillo, G.
AU - Diaz, R.
AU - Medeiros, I.
AU - Gonzalez-Zarzosa, S.
AU - Machnicki, D.
PY - 2019
SP - 464
EP - 469
DO - 10.5220/0007948904640469
PB - SciTePress