A self-organizing map and its modeling for discovering malignant network traffic

Chet Langin, Hongbo Zhou, Shahram Rahimi, Bidyut Gupta, Mehdi Zargham, Mohammad R. Sayeh

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

22 Scopus citations

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

Original languageEnglish
Title of host publication2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings
DOIs
StatePublished - 2009
Event2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Nashville, TN, United States
Duration: 30 Mar 20092 Apr 2009

Publication series

Name2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

Conference

Conference2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009
Country/TerritoryUnited States
CityNashville, TN
Period30/03/092/04/09

Fingerprint

Dive into the research topics of 'A self-organizing map and its modeling for discovering malignant network traffic'. Together they form a unique fingerprint.

Cite this