A self-organizing map and its modeling for discovering malignant network traffic

Chet Langin, Hongbo Zhou, Shahram Rahimi, Bidyut Gupta, Mehdi Zargham, Mohammad R. Sayeh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

Original languageEnglish
Title of host publication2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings
DOIs
StatePublished - 20 Jul 2009
Event2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Nashville, TN, United States
Duration: 30 Mar 20092 Apr 2009

Publication series

Name2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings

Conference

Conference2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009
CountryUnited States
CityNashville, TN
Period30/03/092/04/09

    Fingerprint

Cite this

Langin, C., Zhou, H., Rahimi, S., Gupta, B., Zargham, M., & Sayeh, M. R. (2009). A self-organizing map and its modeling for discovering malignant network traffic. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings [4925099] (2009 IEEE Symposium on Computational Intelligence in Cyber Security, CICS 2009 - Proceedings). https://doi.org/10.1109/CICYBS.2009.4925099