{"title":"基于流量的人工智能网络流量检测","authors":"B.O. Panchuk","doi":"10.15407/pp2022.03-04.376","DOIUrl":null,"url":null,"abstract":"This paper outlines the generalized framework for building end-to-end botnet network activity detection systems using artificial intelligence (AI) techniques. The paper describes network flows reconstruction as a primary feature-extraction method and considers different AI classifiers for achieving a better detection rate. The results of the latest research by other authors in the field are incorporated to implement a more efficient approach for botnet discovery. The described intrusion detection pipeline was tested on a dataset with real botnet activity traces. The performance metrics for different AI classification models were obtained and analyzed in detail. Different data preprocessing techniques were tried and described which helped improve the results even further. Some options for future enhancement of network feature selection were proposed as well. The comparison of the obtained performance metrics was drawn against the results provided by other researchers in this field.","PeriodicalId":313885,"journal":{"name":"PROBLEMS IN PROGRAMMING","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Flow based bonet traffic detection using AI\",\"authors\":\"B.O. Panchuk\",\"doi\":\"10.15407/pp2022.03-04.376\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper outlines the generalized framework for building end-to-end botnet network activity detection systems using artificial intelligence (AI) techniques. The paper describes network flows reconstruction as a primary feature-extraction method and considers different AI classifiers for achieving a better detection rate. The results of the latest research by other authors in the field are incorporated to implement a more efficient approach for botnet discovery. The described intrusion detection pipeline was tested on a dataset with real botnet activity traces. The performance metrics for different AI classification models were obtained and analyzed in detail. Different data preprocessing techniques were tried and described which helped improve the results even further. Some options for future enhancement of network feature selection were proposed as well. The comparison of the obtained performance metrics was drawn against the results provided by other researchers in this field.\",\"PeriodicalId\":313885,\"journal\":{\"name\":\"PROBLEMS IN PROGRAMMING\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"PROBLEMS IN PROGRAMMING\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.15407/pp2022.03-04.376\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"PROBLEMS IN PROGRAMMING","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15407/pp2022.03-04.376","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper outlines the generalized framework for building end-to-end botnet network activity detection systems using artificial intelligence (AI) techniques. The paper describes network flows reconstruction as a primary feature-extraction method and considers different AI classifiers for achieving a better detection rate. The results of the latest research by other authors in the field are incorporated to implement a more efficient approach for botnet discovery. The described intrusion detection pipeline was tested on a dataset with real botnet activity traces. The performance metrics for different AI classification models were obtained and analyzed in detail. Different data preprocessing techniques were tried and described which helped improve the results even further. Some options for future enhancement of network feature selection were proposed as well. The comparison of the obtained performance metrics was drawn against the results provided by other researchers in this field.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
