2,876 research outputs found
DoWitcher: Effective Worm Detection and Containment in the Internet Core
Enterprise networks are increasingly offloading the responsibility for worm detection and containment to the carrier networks. However, current approaches to the zero-day worm detection problem such as those based on content similarity of packet payloads are not scalable to the carrier link speeds (OC-48 and up-wards). In this paper, we introduce a new system, namely DoWitcher, which in contrast to previous approaches is scalable as well as able to detect the stealthiest worms that employ low-propagation rates or polymorphisms to evade detection. DoWitcher uses an incremental approach toward worm detection: First, it examines the layer-4 traffic features to discern the presence of a worm anomaly; Next, it determines a flow-filter mask that can be applied to isolate the suspect worm flows and; Finally, it enables full-packet capture of only those flows that match the mask, which are then processed by a longest common subsequence algorithm to extract the worm content signature. Via a proof-of-concept implementation on a commercially available network analyzer processing raw packets from an OC-48 link, we demonstrate the capability of DoWitcher to detect low-rate worms and extract signatures for even the polymorphic worm
Thirty Years of Machine Learning: The Road to Pareto-Optimal Wireless Networks
Future wireless networks have a substantial potential in terms of supporting
a broad range of complex compelling applications both in military and civilian
fields, where the users are able to enjoy high-rate, low-latency, low-cost and
reliable information services. Achieving this ambitious goal requires new radio
techniques for adaptive learning and intelligent decision making because of the
complex heterogeneous nature of the network structures and wireless services.
Machine learning (ML) algorithms have great success in supporting big data
analytics, efficient parameter estimation and interactive decision making.
Hence, in this article, we review the thirty-year history of ML by elaborating
on supervised learning, unsupervised learning, reinforcement learning and deep
learning. Furthermore, we investigate their employment in the compelling
applications of wireless networks, including heterogeneous networks (HetNets),
cognitive radios (CR), Internet of things (IoT), machine to machine networks
(M2M), and so on. This article aims for assisting the readers in clarifying the
motivation and methodology of the various ML algorithms, so as to invoke them
for hitherto unexplored services as well as scenarios of future wireless
networks.Comment: 46 pages, 22 fig
LiPar: A Lightweight Parallel Learning Model for Practical In-Vehicle Network Intrusion Detection
With the development of intelligent transportation systems, vehicles are
exposed to a complex network environment. As the main network of in-vehicle
networks, the controller area network (CAN) has many potential security
hazards, resulting in higher requirements for intrusion detection systems to
ensure safety. Among intrusion detection technologies, methods based on deep
learning work best without prior expert knowledge. However, they all have a
large model size and rely on cloud computing, and are therefore not suitable to
be installed on the in-vehicle network. Therefore, we propose a lightweight
parallel neural network structure, LiPar, to allocate task loads to multiple
electronic control units (ECU). The LiPar model consists of multi-dimensional
branch convolution networks, spatial and temporal feature fusion learning, and
a resource adaptation algorithm. Through experiments, we prove that LiPar has
great detection performance, running efficiency, and lightweight model size,
which can be well adapted to the in-vehicle environment practically and protect
the in-vehicle CAN bus security.Comment: 13 pages, 13 figures, 6 tables, 51 referenc
- âŠ