Anomaly Detection Module for Network Traffic Monitoring in Public Institutions-Reference-Cited by-同舟云学术

Anomaly Detection Module for Network Traffic Monitoring in Public Institutions

Published:2023-03-09 Issue:6 Volume:23 Page:2974
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Wawrowski Łukasz¹^ORCID,Białas Andrzej¹^ORCID,Kajzer Adrian²,Kozłowski Artur¹^ORCID,Kurianowicz Rafał¹,Sikora Marek¹³^ORCID,Szymańska-Kwiecień Agnieszka²^ORCID,Uchroński Mariusz²^ORCID,Białczak Miłosz²,Olejnik Maciej²,Michalak Marcin¹³^ORCID

Affiliation:

1. Łukasiewicz Research Network—Institute of Innovative Technologies EMAG, ul. Leopolda 31, 40-189 Katowice, Poland

2. Wroclaw Centre for Networking and Supercomputing, Wroclaw University of Science and Technology, Wybrzeże Wyspiańskiego 27, 50-370 Wrocław, Poland

3. Department of Computer Networks and Systems, Silesian University of Technology, ul. Akademicka 16, 44-100 Gliwice, Poland

Abstract

It seems to be a truism to say that we should pay more and more attention to network traffic safety. Such a goal may be achieved with many different approaches. In this paper, we put our attention on the increase in network traffic safety based on the continuous monitoring of network traffic statistics and detecting possible anomalies in the network traffic description. The developed solution, called the anomaly detection module, is mostly dedicated to public institutions as the additional component of the network security services. Despite the use of well-known anomaly detection methods, the novelty of the module is based on providing an exhaustive strategy of selecting the best combination of models as well as tuning the models in a much faster offline mode. It is worth emphasizing that combined models were able to achieve 100% balanced accuracy level of specific attack detection.

Funder

the statutory research project of ITI EMAG

the Wroclaw Centre for Networking and Supercomputing, Wroclaw University of Science and Technology, Wroclaw, Poland

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/6/2974/pdf

Reference74 articles.

1. Zimmerman, Z. (2014). Ten Strategies of a World–Class Cybersecurity Operations Center, The MITRE Corp.

2. Muniz, J., McIntyre, G., and AlFardan, N. (2016). Security Operations Center: Building, Operating, and Maintaining Your SOC, Cisco Press.

3. (2023, January 15). Snort IDS. Available online: www.snort.org.

4. Evaluating protection motivation based cybersecurity awareness training on Kirkpatrick’s Model;Khan;Comput. Secur.,2023

5. A review of Machine Learning-based zero-day attack detection: Challenges and future directions;Guo;Comput. Commun.,2023

Cited by 4 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. SSHAA: A Python Package Index for visualizing features of SSH attacks with text mining in classification;Information Security Journal: A Global Perspective;2024-05-23

2. Enhancing the Efficiency of a Cybersecurity Operations Center Using Biomimetic Algorithms Empowered by Deep Q-Learning;Biomimetics;2024-05-21

3. An Anomaly Intrusion Detection Systems in IoT Based on Autoencoder: A Review;Lecture Notes on Data Engineering and Communications Technologies;2024

4. Smart Preventive Maintenance of Hybrid Networks and IoT Systems Using Software Sensing and Future State Prediction;Sensors;2023-06-28