Network Attack Detection on Netflow Data using Machine Learning Techniques

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

VEISI HADI; MOUSAVI SEYED HADI; KHANSARI MOHAMMAD

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: INFORMATION AND COMMUNICATION TECHNOLOGY IN POLICING Year:2020 | Volume:1 | Issue:1 Page(s): 15-24

Download Full-Text

Persian Verion

View:

1,958

Download:

Cites:

Information Journal Paper

Title

Network Attack Detection on Netflow Data using Machine Learning Techniques

Author(s)

VEISI HADI | MOUSAVI SEYED HADI | KHANSARI MOHAMMAD | Issue Writer Certificate

Keywords

Network attack detection

Netflow data

Classification

machine learning

Abstract

The rapid growth of IT applications and providing more services on computer networks comes with security threats with malicious and business targets. One method to deal with network traffic analysis complexities is to analyze a summary of network data that is extracted from network connections. Netflow is a defacto standard for generating network flow data introduced by Cisco and integrated into Cisco switches and routers which produce flow records about underlying network traffic. In this paper, we use machine learning techniques to analyze Netflow data and classifying connections pertain to network attacks and do respective prevention measures after the Classification. machine learning algorithms including Naï ve Bayes, SVM, and NBTree has been used to model different attacks based on network flow data. In the evaluation phase, KDDcup99 dataset used and related features to Netflow data are selected (7 features), and then, Classification has been done with both original KDDcup99 features (41 features) and our selected Netflow features. Average Classification accuracy for different 22 attack classes and one benign class shows that using just seven Netflow related features does not affect the accuracy obviously while the computation overhead is obviously decreased. Average detection accuracy for our selected features in different algorithms is 97% whereas, for the best case (i. e, SVM) with 41 features, the average accuracy is 99% which is not so much better than our less complex Netflow based method.

Cites

No record.

References

No record.

Cite

APA: Copy

VEISI, HADI, MOUSAVI, SEYED HADI, & KHANSARI, MOHAMMAD. (2020). Network Attack Detection on Netflow Data using Machine Learning Techniques. INFORMATION AND COMMUNICATION TECHNOLOGY IN POLICING, 1(1 ), 15-24. SID. https://sid.ir/paper/401087/en

Vancouver: Copy

VEISI HADI, MOUSAVI SEYED HADI, KHANSARI MOHAMMAD. Network Attack Detection on Netflow Data using Machine Learning Techniques. INFORMATION AND COMMUNICATION TECHNOLOGY IN POLICING[Internet]. 2020;1(1 ):15-24. Available from: https://sid.ir/paper/401087/en

IEEE: Copy

HADI VEISI, SEYED HADI MOUSAVI, and MOHAMMAD KHANSARI, “Network Attack Detection on Netflow Data using Machine Learning Techniques,” INFORMATION AND COMMUNICATION TECHNOLOGY IN POLICING, vol. 1, no. 1 , pp. 15–24, 2020, [Online]. Available: https://sid.ir/paper/401087/en

Related Journal Papers