Více než 4 miliony titulů v angličtině i dalších jazycích! Objevte svůj nový příběh ještě dnes!

Holistic Network Defense

Name: Holistic Network Defense
Brand: Biblioscholar
SKU: 9781286862728
Price: 410 CZK
Availability: InStock

Fusing Host and Network Features for Attack Classification

Autor: Jenny W Ji

Jazyk:

Vazba: Brožovaná

Vydavatel: Biblioscholar

Dostupnost: Skladem u dodavatele

Odesíláme za 9-15 dnů

410 Kč

This work presents a hybrid network-host monitoring strategy, which fuses data from both the network...

Informace o knize

Autor

Jenny W Ji

Jazyk

Angličtina

Vazba

Kniha - Brožovaná

Vydáno

2012

Stránek

126

EAN

9781286862728

ISBN

9781286862728

Enbook ID

08218151

Vydavatel

Biblioscholar

Hmotnost

240

Rozměry

189 x 246 x 7

Kompletní popis

This work presents a hybrid network-host monitoring strategy, which fuses data from both the network and the host to recognize malware infections. This work focuses on three categories: Normal, Scanning, and Infected. The network-host sensor fusion is accomplished by extracting 248 features from network traffic using the Fullstats Network Feature generator and from the host using text mining, looking at the frequency of the 500 most common strings and analyzing them as word vectors. Improvements to detection performance are made by synergistically fusing network features obtained from IP packet flows and host features, obtained from text mining port, processor, logon information among others. In addition, the work compares three different machine learning algorithms and updates the script required to obtain network features. Hybrid method results outperformed host only classification by 31.7% and network only classification by 25%. The new approach also reduces the number of alerts while remaining accurate compared with the commercial IDS SNORT. These results make it such that even the most typical users could understand alert classification messages.