A self-organizing map and its modeling for discovering malignant network traffic

Chet Langin, Hongbo Zhou, Shahram Rahimi, Bidyut Gupta, Mehdi Zargham, Mohammad R. Sayeh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Citations (Scopus)

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

Original languageEnglish
Title of host publication2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings
DOIs
StatePublished - 20 Jul 2009
Event2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Nashville, TN, United States
Duration: 30 Mar 20092 Apr 2009

Publication series

Name2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

Conference

Conference2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009
CountryUnited States
CityNashville, TN
Period30/03/092/04/09

Fingerprint

Self organizing maps
Computer system firewalls
Intrusion detection
Data mining
Internet
Botnet

Cite this

Langin, C., Zhou, H., Rahimi, S., Gupta, B., Zargham, M., & Sayeh, M. R. (2009). A self-organizing map and its modeling for discovering malignant network traffic. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings [4925099] (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings). https://doi.org/10.1109/CICYBS.2009.4925099
Langin, Chet ; Zhou, Hongbo ; Rahimi, Shahram ; Gupta, Bidyut ; Zargham, Mehdi ; Sayeh, Mohammad R. / A self-organizing map and its modeling for discovering malignant network traffic. 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings. 2009. (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings).
@inproceedings{f7682818bd484998ab0d494efc68f489,
title = "A self-organizing map and its modeling for discovering malignant network traffic",
abstract = "Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.",
author = "Chet Langin and Hongbo Zhou and Shahram Rahimi and Bidyut Gupta and Mehdi Zargham and Sayeh, {Mohammad R.}",
year = "2009",
month = "7",
day = "20",
doi = "10.1109/CICYBS.2009.4925099",
language = "English",
isbn = "9781424427697",
series = "2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings",
booktitle = "2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings",

}

Langin, C, Zhou, H, Rahimi, S, Gupta, B, Zargham, M & Sayeh, MR 2009, A self-organizing map and its modeling for discovering malignant network traffic. in 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings., 4925099, 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings, 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009, Nashville, TN, United States, 30/03/09. https://doi.org/10.1109/CICYBS.2009.4925099

A self-organizing map and its modeling for discovering malignant network traffic. / Langin, Chet; Zhou, Hongbo; Rahimi, Shahram; Gupta, Bidyut; Zargham, Mehdi; Sayeh, Mohammad R.

2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings. 2009. 4925099 (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - A self-organizing map and its modeling for discovering malignant network traffic

AU - Langin, Chet

AU - Zhou, Hongbo

AU - Rahimi, Shahram

AU - Gupta, Bidyut

AU - Zargham, Mehdi

AU - Sayeh, Mohammad R.

PY - 2009/7/20

Y1 - 2009/7/20

N2 - Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

AB - Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

UR - http://www.scopus.com/inward/record.url?scp=67650462942&partnerID=8YFLogxK

U2 - 10.1109/CICYBS.2009.4925099

DO - 10.1109/CICYBS.2009.4925099

M3 - Conference contribution

AN - SCOPUS:67650462942

SN - 9781424427697

T3 - 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

BT - 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

ER -

Langin C, Zhou H, Rahimi S, Gupta B, Zargham M, Sayeh MR. A self-organizing map and its modeling for discovering malignant network traffic. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings. 2009. 4925099. (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings). https://doi.org/10.1109/CICYBS.2009.4925099

Access to Document