5,040 research outputs found
Self-Learning Classifier for Internet traffic
Network visibility is a critical part of traffic engineering, network management, and security. Recently, unsupervised algorithms have been envisioned as a viable alternative to automatically identify classes of traffic. However, the accuracy achieved so far does not allow to use them for traffic classification in practical scenario. In this paper, we propose SeLeCT, a Self-Learning Classifier for Internet traffic. It uses unsupervised algorithms along with an adaptive learning approach to automatically let classes of traffic emerge, being identified and (easily) labeled. SeLeCT automatically groups flows into pure (or homogeneous) clusters using alternating simple clustering and filtering phases to remove outliers. SeLeCT uses an adaptive learning approach to boost its ability to spot new protocols and applications. Finally, SeLeCT also simplifies label assignment (which is still based on some manual intervention) so that proper class labels can be easily discovered. We evaluate the performance of SeLeCT using traffic traces collected in different years from various ISPs located in 3 different continents. Our experiments show that SeLeCT achieves overall accuracy close to 98%. Unlike state-of-art classifiers, the biggest advantage of SeLeCT is its ability to help discovering new protocols and applications in an almost automated fashio
LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes
While there are various methods to detect application layer attacks or
intrusion attempts on an individual end host, it is not efficient to provide
all end hosts in the network with heavy-duty defense systems or software
firewalls. In this work, we leverage a new concept of programmable data planes,
to directly react on alerts raised by a victim and prevent further attacks on
the whole network by blocking the attack at the network edge. We call our
design LAMP, Layer 7 Attack Mitigation with Programmable data planes. We
implemented LAMP using the P4 data plane programming language and evaluated its
effectiveness and efficiency in the Behavioral Model (bmv2) environment
Comprehensive Security Framework for Global Threats Analysis
Cyber criminality activities are changing and becoming more and more professional. With the growth of financial flows through the Internet and the Information System (IS), new kinds of thread arise involving complex scenarios spread within multiple IS components. The IS information modeling and Behavioral Analysis are becoming new solutions to normalize the IS information and counter these new threads. This paper presents a framework which details the principal and necessary steps for monitoring an IS. We present the architecture of the framework, i.e. an ontology of activities carried out within an IS to model security information and User Behavioral analysis. The results of the performed experiments on real data show that the modeling is effective to reduce the amount of events by 91%. The User Behavioral Analysis on uniform modeled data is also effective, detecting more than 80% of legitimate actions of attack scenarios
Homo Datumicus : correcting the market for identity data
Effective digital identity systems offer great economic and civic potential. However, unlocking this potential requires dealing with social, behavioural, and structural challenges to efficient market formation. We propose that a marketplace for identity data can be more efficiently formed with an infrastructure that provides a more adequate representation of individuals online. This paper therefore introduces the ontological concept of Homo Datumicus: individuals as data subjects transformed by HAT Microservers, with the axiomatic computational capabilities to transact with their own data at scale. Adoption of this paradigm would lower the social risks of identity orientation, enable privacy preserving transactions by default and mitigate the risks of power imbalances in digital identity systems and markets
mPSAuth: Privacy-Preserving and Scalable Authentication for Mobile Web Applications
As nowadays most web application requests originate from mobile devices,
authentication of mobile users is essential in terms of security
considerations. To this end, recent approaches rely on machine learning
techniques to analyze various aspects of user behavior as a basis for
authentication decisions. These approaches face two challenges: first,
examining behavioral data raises significant privacy concerns, and second,
approaches must scale to support a large number of users. Existing approaches
do not address these challenges sufficiently. We propose mPSAuth, an approach
for continuously tracking various data sources reflecting user behavior (e.g.,
touchscreen interactions, sensor data) and estimating the likelihood of the
current user being legitimate based on machine learning techniques. With
mPSAuth, both the authentication protocol and the machine learning models
operate on homomorphically encrypted data to ensure the users' privacy.
Furthermore, the number of machine learning models used by mPSAuth is
independent of the number of users, thus providing adequate scalability. In an
extensive evaluation based on real-world data from a mobile application, we
illustrate that mPSAuth can provide high accuracy with low encryption and
communication overhead, while the effort for the inference is increased to a
tolerable extent.Comment: This work has been submitted to the IEEE for possible publication.
Copyright may be transferred without notice, after which this version may no
longer be accessibl
- …