Title

A Self-Organizing Map and Its Modeling for Discovering Malignant Network Traffic

Document Type

Conference Proceeding

Publication Date

7-20-2009

Abstract

Model-based intrusion detection and knowledge discovery are combined to cluster and classify P2P botnet traffic and other malignant network activity by using a Self-Organizing Map (SOM) self-trained on denied Internet firewall log entries. The SOM analyzed new firewall log entries in a case study to classify similar network activity, and discovered previously unknown local P2P bot traffic and other security issues.

DOI

10.1109/CICYBS.2009.4925099

This document is currently not available here.

Share

COinS