Back to Search Start Over

A two-stage flow-based intrusion detection model for next-generation networks

Authors :
Muhammad Sher
Muhammad Fahad Umer
Yaxin Bi
Source :
PLoS ONE, PLoS ONE, Vol 13, Iss 1, p e0180945 (2018)
Publication Year :
2018
Publisher :
Public Library of Science, 2018.

Abstract

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

Details

Language :
English
ISSN :
19326203
Volume :
13
Issue :
1
Database :
OpenAIRE
Journal :
PLoS ONE
Accession number :
edsair.doi.dedup.....f087d1f7ae62f4819245fe5ec84bf67c