Quinan et al., 2021 - Google Patents
Unsupervised anomaly detection using a new knowledge graph model for network activity and eventsQuinan et al., 2021
- Document ID
- 3658245406619679112
- Author
- Quinan P
- Traore I
- Gondhi U
- Woungang I
- Publication year
- Publication venue
- International Conference on Machine Learning for Networking
External Links
Snippet
The activity and event network (AEN) is a new knowledge graph used to develop and maintain a model for a whole network under monitoring and the relationships between the different network entities as they change through time. In this paper, we show how the AEN …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kevric et al. | An effective combining classifier approach using tree algorithms for network intrusion detection | |
| Kim et al. | Design of network threat detection and classification based on machine learning on cloud computing | |
| Kumar et al. | A robust intelligent zero-day cyber-attack detection technique | |
| Janeja | Data analytics for cybersecurity | |
| Ahmed et al. | A survey of network anomaly detection techniques | |
| Ahmed et al. | Novel approach for network traffic pattern analysis using clustering-based collective anomaly detection | |
| William et al. | Implementation of machine learning classification techniques for intrusion detection system | |
| Patel et al. | A survey and comparative analysis of data mining techniques for network intrusion detection systems | |
| Do Xuan et al. | A new approach for APT malware detection based on deep graph network for endpoint systems | |
| Jia et al. | {MAGIC}: Detecting advanced persistent threats via masked graph representation learning | |
| Mohammad et al. | Intrusion detection using Highest Wins feature selection algorithm | |
| Ahmad et al. | Role of machine learning and data mining in internet security: standing state with future directions | |
| Quinan et al. | Unsupervised anomaly detection using a new knowledge graph model for network activity and events | |
| Folorunso et al. | Ca-NIDS: A network intrusion detection system using combinatorial algorithm approach | |
| Gomes et al. | Cryingjackpot: Network flows and performance counters against cryptojacking | |
| Gaikwad et al. | DAREnsemble: Decision tree and rule learner based ensemble for network intrusion detection system | |
| Soliman et al. | Rank: Ai-assisted end-to-end architecture for detecting persistent attacks in enterprise networks | |
| Radivilova et al. | Statistical and signature analysis methods of intrusion detection | |
| Prabhakaran et al. | mLBOA-DML: modified butterfly optimized deep metric learning for enhancing accuracy in intrusion detection system | |
| Padmavathi et al. | An efficient botnet detection approach based on feature learning and classification | |
| Karuppiah et al. | UIoTN‐PMSE: Ubiquitous IoT network‐based predictive modeling in smart environment | |
| Chaithanya et al. | An efficient intrusion detection approach using enhanced random forest and moth-flame optimization technique | |
| Meryem et al. | Enhancing Cloud Security using advanced MapReduce k-means on log files | |
| Amar et al. | Weighted LSTM for intrusion detection and data mining to prevent attacks | |
| Beulah et al. | Detection of DDoS attack using ensemble machine learning techniques |