Next Article in Journal
Enhancement of Exit Flow Uniformity by Modifying the Shape of a Gas Torch to Obtain a Uniform Temperature Distribution on a Steel Plate during Preheating
Previous Article in Journal
Research Progress of Visual Inspection Technology of Steel Products—A Review
Open AccessArticle

Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic

Institute of Telecommunications, TU Wien, 1040 Wien, Austria
*
Author to whom correspondence should be addressed.
Appl. Sci. 2018, 8(11), 2196; https://doi.org/10.3390/app8112196
Received: 25 October 2018 / Revised: 5 November 2018 / Accepted: 6 November 2018 / Published: 9 November 2018
The consolidation of encryption and big data in network communications have made deep packet inspection no longer feasible in large networks. Early attack detection requires feature vectors which are easy to extract, process, and analyze, allowing their generation also from encrypted traffic. So far, experts have selected features based on their intuition, previous research, or acritically assuming standards, but there is no general agreement about the features to use for attack detection in a broad scope. We compared five lightweight feature sets that have been proposed in the scientific literature for the last few years, and evaluated them with supervised machine learning. For our experiments, we use the UNSW-NB15 dataset, recently published as a new benchmark for network security. Results showed three remarkable findings: (1) Analysis based on source behavior instead of classic flow profiles is more effective for attack detection; (2) meta-studies on past research can be used to establish satisfactory benchmarks; and (3) features based on packet length are clearly determinant for capturing malicious activity. Our research showed that vectors currently used for attack detection are oversized, their accuracy and speed can be improved, and are to be adapted for dealing with encrypted traffic. View Full-Text
Keywords: feature selection; network attack detection; supervised learning feature selection; network attack detection; supervised learning
Show Figures

Figure 1

MDPI and ACS Style

Meghdouri, F.; Zseby, T.; Iglesias, F. Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic. Appl. Sci. 2018, 8, 2196. https://doi.org/10.3390/app8112196

AMA Style

Meghdouri F, Zseby T, Iglesias F. Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic. Applied Sciences. 2018; 8(11):2196. https://doi.org/10.3390/app8112196

Chicago/Turabian Style

Meghdouri, Fares; Zseby, Tanja; Iglesias, Félix. 2018. "Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic" Appl. Sci. 8, no. 11: 2196. https://doi.org/10.3390/app8112196

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop