Abstract
This paper proposes a threat detection system based on Machine Learning classifiers that are trained using darknet traffic. Traffic destined to Darknet is either malicious or by misconfiguration. Darknet traffic contains traces of several threats such as DDoS attacks, botnets, spoofing, probes and scanning attacks. We analyse darknet traffic by extracting network traffic features from it that help in finding patterns of these advanced threats. We collected the darknet traffic from the network sensors deployed at SURFnet and extracted several network-based features. In this study, we proposed a framework that uses supervised machine learning and a concept drift detector. Our experimental results show that our classifiers can easily distinguish between benign and malign traffic and are able to detect known and unknown threats effectively with an accuracy above 99%.
Original language | English |
---|---|
Title of host publication | 2019 IEEE International Conference on Big Data |
Place of Publication | Los Angeles, USA |
Publisher | IEEE |
Pages | 4273-4279 |
Number of pages | 7 |
ISBN (Electronic) | 978-1-7281-0858-2 |
ISBN (Print) | 978-1-7281-0859-9 |
DOIs | |
Publication status | Published - Dec 2019 |
Event | 2019 IEEE International Conference on Big Data - Los Angeles, United States Duration: 9 Dec 2019 → 12 Dec 2019 https://bigdataieee.org/BigData2019/ |
Conference
Conference | 2019 IEEE International Conference on Big Data |
---|---|
Abbreviated title | IEEE BigData 2019 |
Country/Territory | United States |
City | Los Angeles |
Period | 9/12/19 → 12/12/19 |
Internet address |