Predicting Network Attacks with CNN by Constructing Images from NetFlow Data

Algorithm

Abstract

Intrusion detection is a pivotal step for network protection. Usually, intrusion detection is performed at packet level by using deep packet or state-full protocol inspection to detect malicious requests in the network. However, flow based analyses were often overlooked. In addition, traditionally machine learning approaches were leveraged by the researchers, not much attempts have been explored to employ increasingly popular CNN approaches to detect the network intrusions from flow based NetFlow data. In this paper, we extracted and encoded the features from the NetFlow data published in VAST 2013 challenge by converting NetFlow data to NetFlow images through feature correlation analysis and surrounding correlation (SC) matrix. The generated NetFlow images were then fed to CNN models. Results showed that the proposed approach was able to detect intrusions with an accuracy of 95.86%.

Publication
2019 IEEE BigDataSecurity
Baijian Yang
Baijian Yang
Professor of Computer and Information Technology

My research interests include applied machine learning, big data and cybersecurity.

Next
Previous

Related