Malicious Node Identification Based on Behavioral Statistical Features and Social Relationships

Malicious Node Identification Based on Behavioral Statistical Features and Social Relationships

연구 분야: Networking

학회: International Conference on Information Security and Cryptology

The dramatic growth of the Internet scale has led to an increase in network attacks, and attack detection based on network flow statistical features has become a hot spot in recent years. Most of the current research focuses on using different machine learning methods to learn the network flow statistical features so as to identify the anomalies, and there are problems such as high feature dimension and high false alarm rate. In this paper, we propose a network flow feature extraction method based on behavioral statistical features and social relationships. The results of machine learning experiments on the datasets ISCX-IDS2012, UNSW-15 and CIC-IDS2017 show that the features extracted by this paper’s method achieve a maximum detection rate of 99.96% for malicious nodes and a false alarm rate of only 1.27%. This contributes to improving the accuracy of malicious node identification in machine learning-based intrusion detection systems.