Abstract
As the world becomes increasingly connected, the number of bad actors exploiting aws in networks is increasing. Network intrusion prevention systems (NIPS) are used to guard personal networks, but this can become a bottleneck for a rapidly growing network, as every single packet needs to be analyzed and the NIPS needs to keep track of all network conversations without running out of resources like RAM. This paper implements a new NIPS that uses an aggregated conversation summary called NetFlow, by Cisco, analyzed through a machine learning algorithm, to detect malicious activity while packets pass through at full speed. Additionally, this paper will perform a comparative analysis to determine which NetFlow features will passed into the ML classifer using feature subsets proposed by previous works.
| Original language | English |
|---|---|
| Publication status | Published - 2024 |
| Event | 18th International Conference on Information Technology and Applications 2024 - Sydney, Australia Duration: 17 Oct 2024 → 19 Oct 2024 https://2024.icita.world/#/ |
Conference
| Conference | 18th International Conference on Information Technology and Applications 2024 |
|---|---|
| Abbreviated title | ICITA 2024 |
| Country/Territory | Australia |
| City | Sydney |
| Period | 17/10/24 → 19/10/24 |
| Internet address |