A Self-Organizing Map and Its Modeling for Discovering Malignant Network Traffic

Authors

Chet Langin, Southern Illinois UniversityFollow
Hongbo Zhou, Montclair State UniversityFollow
Shahram Rahimi, Southern Illinois UniversityFollow
Bidyut Gupta, Southern Illinois University
Mehdi Zargham, Southern Illinois UniversityFollow
Mohammad R. Sayeh, Southern Illinois University

Document Type

Conference Proceeding

Publication Date

7-20-2009

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

DOI

10.1109/CICYBS.2009.4925099

Montclair State University Digital Commons Citation

Langin, Chet; Zhou, Hongbo; Rahimi, Shahram; Gupta, Bidyut; Zargham, Mehdi; and Sayeh, Mohammad R., "A Self-Organizing Map and Its Modeling for Discovering Malignant Network Traffic" (2009). Department of Computer Science Faculty Scholarship and Creative Works. 67.
https://digitalcommons.montclair.edu/compusci-facpubs/67