FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4308393471> ?p ?o ?g. }

• W4308393471 abstract "Recent self-propagating malware (SPM) campaigns compromised hundred of thousands of victim machines on the Internet. It is challenging to detect these attacks in their early stages, as adversaries utilize common network services, use novel techniques, and can evade existing detection mechanisms. We propose PORTFILER (PORT-Level Network Traffic ProFILER), a new machine learning system applied to network traffic for detecting SPM attacks. PORTFILER extracts port-level features from the Zeek connection logs collected at a border of a monitored network, applies anomaly detection techniques to identify suspicious events, and ranks the alerts across ports for investigation by the Security Operations Center (SOC). We propose a novel ensemble methodology for aggregating individual models in PORTFILER that increases resilience against several evasion strategies compared to standard ML baselines. We extensively evaluate PORTFILER on traffic collected from two university networks, and show that it can detect SPM attacks with different patterns, such as WannaCry and Mirai, and performs well under evasion. Ranking across ports achieves precision over 0.94 with low false positive rates in the top ranked alerts. When deployed on the university networks, PORTFILER detected anomalous SPM-like activity on one of the campus networks, confirmed by the university SOC as malicious. PORTFILER also detected a Mirai attack recreated on the two university networks with higher precision and recall than deep-learning-based autoencoder methods." @default.
• W4308393471 created "2022-11-11" @default.
• W4308393471 creator A5015580240 @default.
• W4308393471 creator A5025677911 @default.
• W4308393471 creator A5028251070 @default.
• W4308393471 creator A5035574749 @default.
• W4308393471 creator A5041857439 @default.
• W4308393471 creator A5060286120 @default.
• W4308393471 creator A5068264173 @default.
• W4308393471 creator A5077370062 @default.
• W4308393471 creator A5080731595 @default.
• W4308393471 creator A5086514103 @default.
• W4308393471 date "2021-12-27" @default.
• W4308393471 modified "2023-09-27" @default.
• W4308393471 title "PORTFILER: Port-Level Network Profiling for Self-Propagating Malware Detection" @default.
• W4308393471 doi "https://doi.org/10.48550/arxiv.2112.13798" @default.
• W4308393471 hasPublicationYear "2021" @default.
• W4308393471 type Work @default.
• W4308393471 citedByCount "0" @default.
• W4308393471 crossrefType "posted-content" @default.
• W4308393471 hasAuthorship W4308393471A5015580240 @default.
• W4308393471 hasAuthorship W4308393471A5025677911 @default.
• W4308393471 hasAuthorship W4308393471A5028251070 @default.
• W4308393471 hasAuthorship W4308393471A5035574749 @default.
• W4308393471 hasAuthorship W4308393471A5041857439 @default.
• W4308393471 hasAuthorship W4308393471A5060286120 @default.
• W4308393471 hasAuthorship W4308393471A5068264173 @default.
• W4308393471 hasAuthorship W4308393471A5077370062 @default.
• W4308393471 hasAuthorship W4308393471A5080731595 @default.
• W4308393471 hasAuthorship W4308393471A5086514103 @default.
• W4308393471 hasBestOaLocation W43083934711 @default.
• W4308393471 hasConcept C101738243 @default.
• W4308393471 hasConcept C108583219 @default.
• W4308393471 hasConcept C110875604 @default.
• W4308393471 hasConcept C111919701 @default.
• W4308393471 hasConcept C119599485 @default.
• W4308393471 hasConcept C119857082 @default.
• W4308393471 hasConcept C121332964 @default.
• W4308393471 hasConcept C124101348 @default.
• W4308393471 hasConcept C127413603 @default.
• W4308393471 hasConcept C136764020 @default.
• W4308393471 hasConcept C154945302 @default.
• W4308393471 hasConcept C182590292 @default.
• W4308393471 hasConcept C187191949 @default.
• W4308393471 hasConcept C188067584 @default.
• W4308393471 hasConcept C203014093 @default.
• W4308393471 hasConcept C2779585090 @default.
• W4308393471 hasConcept C2781251061 @default.
• W4308393471 hasConcept C32802771 @default.
• W4308393471 hasConcept C35525427 @default.
• W4308393471 hasConcept C38652104 @default.
• W4308393471 hasConcept C38822068 @default.
• W4308393471 hasConcept C41008148 @default.
• W4308393471 hasConcept C541664917 @default.
• W4308393471 hasConcept C739882 @default.
• W4308393471 hasConcept C86803240 @default.
• W4308393471 hasConcept C8891405 @default.
• W4308393471 hasConcept C97355855 @default.
• W4308393471 hasConceptScore W4308393471C101738243 @default.
• W4308393471 hasConceptScore W4308393471C108583219 @default.
• W4308393471 hasConceptScore W4308393471C110875604 @default.
• W4308393471 hasConceptScore W4308393471C111919701 @default.
• W4308393471 hasConceptScore W4308393471C119599485 @default.
• W4308393471 hasConceptScore W4308393471C119857082 @default.
• W4308393471 hasConceptScore W4308393471C121332964 @default.
• W4308393471 hasConceptScore W4308393471C124101348 @default.
• W4308393471 hasConceptScore W4308393471C127413603 @default.
• W4308393471 hasConceptScore W4308393471C136764020 @default.
• W4308393471 hasConceptScore W4308393471C154945302 @default.
• W4308393471 hasConceptScore W4308393471C182590292 @default.
• W4308393471 hasConceptScore W4308393471C187191949 @default.
• W4308393471 hasConceptScore W4308393471C188067584 @default.
• W4308393471 hasConceptScore W4308393471C203014093 @default.
• W4308393471 hasConceptScore W4308393471C2779585090 @default.
• W4308393471 hasConceptScore W4308393471C2781251061 @default.
• W4308393471 hasConceptScore W4308393471C32802771 @default.
• W4308393471 hasConceptScore W4308393471C35525427 @default.
• W4308393471 hasConceptScore W4308393471C38652104 @default.
• W4308393471 hasConceptScore W4308393471C38822068 @default.
• W4308393471 hasConceptScore W4308393471C41008148 @default.
• W4308393471 hasConceptScore W4308393471C541664917 @default.
• W4308393471 hasConceptScore W4308393471C739882 @default.
• W4308393471 hasConceptScore W4308393471C86803240 @default.
• W4308393471 hasConceptScore W4308393471C8891405 @default.
• W4308393471 hasConceptScore W4308393471C97355855 @default.
• W4308393471 hasLocation W43083934711 @default.
• W4308393471 hasOpenAccess W4308393471 @default.
• W4308393471 hasPrimaryLocation W43083934711 @default.
• W4308393471 hasRelatedWork W120592872 @default.
• W4308393471 hasRelatedWork W2100537916 @default.
• W4308393471 hasRelatedWork W2166715167 @default.
• W4308393471 hasRelatedWork W2363068348 @default.
• W4308393471 hasRelatedWork W2377356555 @default.
• W4308393471 hasRelatedWork W2942650110 @default.
• W4308393471 hasRelatedWork W2968586400 @default.
• W4308393471 hasRelatedWork W3120593623 @default.
• W4308393471 hasRelatedWork W4283466124 @default.
• W4308393471 hasRelatedWork W1631718513 @default.
• W4308393471 isParatext "false" @default.
• W4308393471 isRetracted "false" @default.

• next