乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,7,9]],"date-time":"2024-07-09T03:10:17Z","timestamp":1720494617473},"reference-count":31,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2021,3,4]],"date-time":"2021-03-04T00:00:00Z","timestamp":1614816000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"Cyber-attacks continue to grow, both in terms of volume and sophistication. This is aided by an increase in available computational power, expanding attack surfaces, and advancements in the human understanding of how to make attacks undetectable. Unsurprisingly, machine learning is utilised to defend against these attacks. In many applications, the choice of features is more important than the choice of model. A range of studies have, with varying degrees of success, attempted to discriminate between benign traffic and well-known cyber-attacks. The features used in these studies are broadly similar and have demonstrated their effectiveness in situations where cyber-attacks do not imitate benign behaviour. To overcome this barrier, in this manuscript, we introduce new features based on a higher level of abstraction of network traffic. Specifically, we perform flow aggregation by grouping flows with similarities. This additional level of feature abstraction benefits from cumulative information, thus qualifying the models to classify cyber-attacks that mimic benign traffic. The performance of the new features is evaluated using the benchmark CICIDS2017 dataset, and the results demonstrate their validity and effectiveness. This novel proposal will improve the detection accuracy of cyber-attacks and also build towards a new direction of feature extraction for complex ones.<\/jats:p>","DOI":"10.3390\/s21051761","type":"journal-article","created":{"date-parts":[[2021,3,5]],"date-time":"2021-03-05T05:39:07Z","timestamp":1614922747000},"page":"1761","source":"Crossref","is-referenced-by-count":2,"title":["Utilising Flow Aggregation to Classify Benign Imitating Attacks"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"http:\/\/orcid.org\/0000-0002-5195-8193","authenticated-orcid":false,"given":"Hanan","family":"Hindy","sequence":"first","affiliation":[{"name":"Division of Cybersecurity, Abertay University, Dundee DD1 1HG, UK"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-6206-2229","authenticated-orcid":false,"given":"Robert","family":"Atkinson","sequence":"additional","affiliation":[{"name":"Electronic and Electrical Engineering Department, University of Strathclyde, Glasgow G1 1XQ, UK"}]},{"ORCID":"http:\/\/orcid.org\/0000-0001-9150-6805","authenticated-orcid":false,"given":"Christos","family":"Tachtatzis","sequence":"additional","affiliation":[{"name":"Electronic and Electrical Engineering Department, University of Strathclyde, Glasgow G1 1XQ, UK"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-1853-2921","authenticated-orcid":false,"given":"Ethan","family":"Bayne","sequence":"additional","affiliation":[{"name":"Division of Cybersecurity, Abertay University, Dundee DD1 1HG, UK"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-2994-7826","authenticated-orcid":false,"given":"Miroslav","family":"Bures","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Electrical Engineering, Czech Technical University in Prague, Karlovo Namesti 13, 121 35 Praha 2, Czech Republic"}]},{"ORCID":"http:\/\/orcid.org\/0000-0003-1849-5788","authenticated-orcid":false,"given":"Xavier","family":"Bellekens","sequence":"additional","affiliation":[{"name":"Electronic and Electrical Engineering Department, University of Strathclyde, Glasgow G1 1XQ, UK"}]}],"member":"1968","published-online":{"date-parts":[[2021,3,4]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1186\/s42400-019-0038-7","article-title":"Survey of Intrusion Detection Systems: Techniques, Datasets and Challenges","volume":"2","author":"Khraisat","year":"2019","journal-title":"Cybersecurity"},{"key":"ref_2","unstructured":"Hindy, H., Tachtatzis, C., Atkinson, R., Brosset, D., Bures, M., Andonovic, I., Michie, C., and Bellekens, X. (2020). Leveraging Siamese Networks for One-Shot Intrusion Detection Model. arXiv."},{"key":"ref_3","unstructured":"Pattnaik, P.K., Rautaray, S.S., Das, H., and Nayak, J. (2018). A Survey of Feature Selection Techniques in Intrusion Detection System: A Soft Computing Perspective. Progress in Computing, Springer."},{"key":"ref_4","first-page":"56","article-title":"Software Vulnerability Analysis and Discovery Using Machine-Learning and Data-Mining Techniques: A Survey","volume":"50","author":"Ghaffarian","year":"2017","journal-title":"ACM Comput. Surv. CSUR"},{"key":"ref_5","unstructured":"Alaidaros, H., Mahmuddin, M., and Al Mazari, A. (2011, January 28\u201330). An overview of flow-based and packet-based intrusion detection performance in high speed networks. Proceedings of the International Arab Conference on Information Technology, Zarqa, Jordan."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Sharafaldin, I., Lashkari, A.H., and Ghorbani, A.A. (2018, January 22\u201324). Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018), Madeira, Portugal.","DOI":"10.5220\/0006639801080116"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Liu, H., and Lang, B. (2019). Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey. Appl. Sci., 9.","DOI":"10.3390\/app9204396"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s40537-020-00318-5","article-title":"Cybersecurity data science: An overview from machine learning perspective","volume":"7","author":"Sarker","year":"2020","journal-title":"J. Big Data"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"104650","DOI":"10.1109\/ACCESS.2020.3000179","article-title":"A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems","volume":"8","author":"Hindy","year":"2020","journal-title":"IEEE Access"},{"key":"ref_10","unstructured":"(2019, October 07). Canadian Institute for Cybersecurity. Available online: http:\/\/www.unb.ca\/cic\/datasets\/ids-2017.html."},{"key":"ref_11","first-page":"479","article-title":"A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection Systems","volume":"7","author":"Panigrahi","year":"2018","journal-title":"Int. J. Eng. Technol."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"41525","DOI":"10.1109\/ACCESS.2019.2895334","article-title":"Deep Learning Approach for Intelligent Intrusion Detection System","volume":"7","author":"Vinayakumar","year":"2019","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Hossain, M.D., Ochiai, H., Doudou, F., and Kadobayashi, Y. (2020, January 22\u201324). SSH and FTP brute-force Attacks Detection in Computer Networks: LSTM and Machine Learning Approaches. Proceedings of the 2020 5th International Conference on Computer and Communication Systems (ICCCS), Shanghai, China.","DOI":"10.1109\/ICCCS49078.2020.9118459"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"012018","DOI":"10.1088\/1742-6596\/1192\/1\/012018","article-title":"Improving adaboost-based intrusion detection system (IDS) performance on CIC IDS 2017 dataset","volume":"1192","author":"Yulianto","year":"2019","journal-title":"J. Phys. Conf. Ser."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Aksu, D., and Ali Aydin, M. (2018, January 3\u20134). Detecting Port Scan Attempts with Comparative Analysis of Deep Learning and Support Vector Machine Algorithms. Proceedings of the 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), Ankara, Turkey.","DOI":"10.1109\/IBIGDELFT.2018.8625370"},{"key":"ref_16","first-page":"49","article-title":"Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms","volume":"1","author":"Abdulrahman","year":"2018","journal-title":"Iraqi J. Inf. Commun. Technol."},{"key":"ref_17","unstructured":"Bishop, C.M. (2006). Pattern Recognition and Machine Learning, Springer."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.inffus.2018.11.008","article-title":"Ensembles for Feature Selection: A Review and Future Trends","volume":"52","year":"2019","journal-title":"Infor. Fusion"},{"key":"ref_19","unstructured":"Hamon, J. (2013). Combinatorial Optimization for Variable Selection in High Dimensional Regression: Application in Animal Genetic. [Ph.D. Thesis, Universit\u00e9 des Sciences et Technologie de Lille]."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Phuong, T.M., Lin, Z., and Altman, R.B. (2005, January 8\u201311). Choosing SNPs using feature selection. Proceedings of the 2005 IEEE Computational Systems Bioinformatics Conference (CSB\u201905), Stanford, CA, USA.","DOI":"10.1109\/CSB.2005.22"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Hernandez, J.C.H., Duval, B., and Hao, J.K. (2007). A genetic embedded approach for gene selection and classification of microarray data. European Conference on Evolutionary Computation, Machine Learning and Data Mining in Bioinformatics, Springer.","DOI":"10.1007\/978-3-540-71783-6_9"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1154","DOI":"10.1109\/TPAMI.2004.71","article-title":"Simultaneous feature selection and clustering using mixture models","volume":"26","author":"Law","year":"2004","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"1389","DOI":"10.1016\/0031-3203(94)00009-B","article-title":"Feature selection based on the approximation of class densities by finite mixtures of special type","volume":"28","author":"Pudil","year":"1995","journal-title":"Pattern Recogn."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"301","DOI":"10.1109\/34.990133","article-title":"Unsupervised feature selection using feature similarity","volume":"24","author":"Mitra","year":"2002","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1007\/BF02478259","article-title":"A logical calculus of the ideas immanent in nervous activity","volume":"5","author":"McCulloch","year":"1943","journal-title":"Bull. Math. Biophys."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"McClelland, J.L., and Rumelhart, D.E. (1986). A distributed model of human learning and memory. Parallel Distributed Processing: Explorations in the Microstructure of Cognition, Vol. 2: Psychological and Biological Models, MIT Press.","DOI":"10.7551\/mitpress\/5237.001.0001"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Xu, G., Qiu, S., Ahmad, H., Xu, G., Guo, Y., Zhang, M., and Xu, H. (2018). A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography. Sensors, 18.","DOI":"10.3390\/s18072394"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Qiu, S., Wang, D., Xu, G., and Kumari, S. (2020). Practical and Provably Secure Three-Factor Authentication Protocol Based on Extended Chaotic-Maps for Mobile Lightweight Devices. IEEE Trans. Depend. Secure Comput.","DOI":"10.1109\/TDSC.2020.3022797"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Kuhn, M., and Johnson, K. (2019). Recursive Feature Elimination|Feature Engineering and Selection: A Practical Approach for Predictive Models, Taylor & Francis Group. Chapter 11.3.","DOI":"10.1201\/9781315108230"},{"key":"ref_30","unstructured":"Services, O. (2020, July 29). SlowHTTPTest|Penetration Testing Tools. Available online: https:\/\/tools.kali.org\/stress-testing\/slowhttptest."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Hindy, H., Atkinson, R., Tachtatzis, C., Colin, J.N., Bayne, E., and Bellekens, X. (2020). Utilising Deep Learning Techniques for Effective Zero-Day Attack Detection. Electronics, 9.","DOI":"10.3390\/electronics9101684"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/5\/1761\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,9]],"date-time":"2024-07-09T02:08:25Z","timestamp":1720490905000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/5\/1761"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,3,4]]},"references-count":31,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2021,3]]}},"alternative-id":["s21051761"],"URL":"https:\/\/doi.org\/10.3390\/s21051761","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,3,4]]}}}