A self-organizing map and its modeling for discovering malignant network traffic

Chet Langin; Hongbo Zhou; Shahram Rahimi; Bidyut Gupta; Mehdi Zargham; Mohammad R. Sayeh

doi:10.1109/CICYBS.2009.4925099

A self-organizing map and its modeling for discovering malignant network traffic

Chet Langin, Hongbo Zhou, Shahram Rahimi, Bidyut Gupta, Mehdi Zargham, Mohammad R. Sayeh

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

22 Scopus citations

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

Original language	English
Title of host publication	2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings
DOIs	https://doi.org/10.1109/CICYBS.2009.4925099
State	Published - 20 Jul 2009
Event	2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Nashville, TN, United States Duration: 30 Mar 2009 → 2 Apr 2009

Publication series

Name	2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

Conference

Conference	2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009
Country/Territory	United States
City	Nashville, TN
Period	30/03/09 → 2/04/09

Access to Document

10.1109/CICYBS.2009.4925099

Cite this

Langin, C., Zhou, H., Rahimi, S., Gupta, B., Zargham, M., & Sayeh, M. R. (2009). A self-organizing map and its modeling for discovering malignant network traffic. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings [4925099] (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings). https://doi.org/10.1109/CICYBS.2009.4925099

@inproceedings{f7682818bd484998ab0d494efc68f489,

title = "A self-organizing map and its modeling for discovering malignant network traffic",

abstract = "Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.",

author = "Chet Langin and Hongbo Zhou and Shahram Rahimi and Bidyut Gupta and Mehdi Zargham and Sayeh, {Mohammad R.}",

year = "2009",

month = jul,

day = "20",

doi = "10.1109/CICYBS.2009.4925099",

language = "English",

isbn = "9781424427697",

series = "2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings",

booktitle = "2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings",

note = "null ; Conference date: 30-03-2009 Through 02-04-2009",

}

Langin, C, Zhou, H, Rahimi, S, Gupta, B, Zargham, M & Sayeh, MR 2009, A self-organizing map and its modeling for discovering malignant network traffic. in 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings., 4925099, 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings, 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009, Nashville, TN, United States, 30/03/09. https://doi.org/10.1109/CICYBS.2009.4925099

A self-organizing map and its modeling for discovering malignant network traffic. / Langin, Chet; Zhou, Hongbo; Rahimi, Shahram et al.

2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings. 2009. 4925099 (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A self-organizing map and its modeling for discovering malignant network traffic

AU - Langin, Chet

AU - Zhou, Hongbo

AU - Rahimi, Shahram

AU - Gupta, Bidyut

AU - Zargham, Mehdi

AU - Sayeh, Mohammad R.

PY - 2009/7/20

Y1 - 2009/7/20

N2 - Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

AB - Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

UR - http://www.scopus.com/inward/record.url?scp=67650462942&partnerID=8YFLogxK

U2 - 10.1109/CICYBS.2009.4925099

DO - 10.1109/CICYBS.2009.4925099

M3 - Conference contribution

AN - SCOPUS:67650462942

SN - 9781424427697

T3 - 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

BT - 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

Y2 - 30 March 2009 through 2 April 2009

ER -

Langin C, Zhou H, Rahimi S, Gupta B, Zargham M, Sayeh MR. A self-organizing map and its modeling for discovering malignant network traffic. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings. 2009. 4925099. (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings). doi: 10.1109/CICYBS.2009.4925099

A self-organizing map and its modeling for discovering malignant network traffic

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this