Automated Network Incident Identification through Genetic Algorithm-Driven Feature Selection

被引:1
|
作者
Aksoy, Ahmet [1 ]
Valle, Luis [1 ]
Kar, Gorkem [1 ]
机构
[1] Univ Cent Missouri, Dept Comp Sci & Cybersecur, Warrensburg, MO 64093 USA
关键词
network traffic analysis; incident classification; automated incident detection; network security; traffic pattern recognition; cybersecurity; machine learning in networking; protocol analysis; network forensics; CLASSIFICATION APPROACH; BOTNET DETECTION; SERVICE ATTACK; DOS;
D O I
10.3390/electronics13020293
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The cybersecurity landscape presents daunting challenges, particularly in the face of Denial of Service (DoS) attacks such as DoS Http Unbearable Load King (HULK) attacks and DoS GoldenEye attacks. These malicious tactics are designed to disrupt critical services by overwhelming web servers with malicious requests. In contrast to DoS attacks, there exists nefarious Operating System (OS) scanning, which exploits vulnerabilities in target systems. To provide further context, it is essential to clarify that NMAP, a widely utilized tool for identifying host OSes and vulnerabilities, is not inherently malicious but a dual-use tool with legitimate applications, such as asset inventory services in company networks. Additionally, Domain Name System (DNS) botnets can be incredibly damaging as they harness numerous compromised devices to inundate a target with malicious DNS traffic. This can disrupt online services, leading to downtime, financial losses, and reputational damage. Furthermore, DNS botnets can be used for other malicious activities like data exfiltration, spreading malware, or launching other cyberattacks, making them a versatile tool for cybercriminals. As attackers continually adapt and modify specific attributes to evade detection, our paper introduces an automated detection method that requires no expert input. This innovative approach identifies the distinct characteristics of DNS botnet attacks, DoS HULK attacks, DoS GoldenEye attacks, and OS-Scanning, explicitly using the NMAP tool, even when attackers alter their tactics. By harnessing a representative dataset, our proposed method ensures robust detection of such attacks against varying attack parameters or behavioral shifts. This heightened resilience significantly raises the bar for attackers attempting to conceal their malicious activities. Significantly, our approach delivered outstanding outcomes, with a mid 95% accuracy in categorizing NMAP OS scanning and DNS botnet attacks, and 100% for DoS HULK attacks and DoS GoldenEye attacks, proficiently discerning between malevolent and harmless network packets. Our code and the dataset are made publicly available.
引用
收藏
页数:25
相关论文
共 50 条
  • [11] Protein Similarity Networks and Genetic Algorithm Driven Feature Selection for Fold Recognition
    Valavanis, Ioannis K.
    Spyrou, George M.
    Nikita, Konstantina S.
    8TH IEEE INTERNATIONAL CONFERENCE ON BIOINFORMATICS AND BIOENGINEERING, VOLS 1 AND 2, 2008, : 333 - +
  • [12] Enhancing UAV Security Against GPS Spoofing Attacks Through a Genetic Algorithm-Driven Deep Learning Framework
    Al-Sabbagh, Abdallah
    El-Bokhary, Aya
    El-Koussa, Sana
    Jaber, Abdulrahman
    Elkhodr, Mahmoud
    INFORMATION, 2025, 16 (02)
  • [13] GECO: gene expression correlation analysis after genetic algorithm-driven deconvolution
    Najafov, Jamil
    Najafov, Ayaz
    BIOINFORMATICS, 2019, 35 (01) : 156 - 159
  • [14] Genetic Algorithm-Driven Surface-Enhanced Raman Spectroscopy Substrate Optimization
    Bilgin, Buse
    Yanik, Cenk
    Torun, Hulya
    Onbasli, Mehmet Cengiz
    NANOMATERIALS, 2021, 11 (11)
  • [15] Genetic Programming as a Feature Selection Algorithm
    Suarez, Ranyart R.
    Maria Valencia-Ramirez, Jose
    Graff, Mario
    2014 IEEE INTERNATIONAL AUTUMN MEETING ON POWER, ELECTRONICS AND COMPUTING (ROPEC), 2014,
  • [16] Automated feature selection based on an adaptive genetic algorithm for brain-computer interfaces
    Yan, Guo-zheng
    Wu, Ting
    Yang, Bang-hua
    SIMULATED EVOLUTION AND LEARNING, PROCEEDINGS, 2006, 4247 : 575 - 582
  • [17] Automated feature selection based on adaptive genetic algorithm for brain-computer interfaces
    Dept. of Instrument Science and Engineering, Shanghai Jiaotong University, Shanghai 200240, China
    不详
    Xitong Fangzhen Xuebao, 2008, 7 (1729-1733):
  • [18] An algorithm-driven intelligent mining and identification strategy for natural product mass spectrometry
    Yu, Wenyi
    Zheng, Xunhao
    Li, Xiaonong
    Zhu, Jinfeng
    Liu, Hongjiang
    Xu, Qing
    Shen, Aijin
    Liu, Yanfang
    Liang, Xinmiao
    JOURNAL OF CHROMATOGRAPHY A, 2024, 1734
  • [19] Identification of a prognostic signature in colorectal cancer using combinatorial algorithm-driven analysis
    Alnabulsi, Abdo
    Wang, Tiehui
    Pang, Wei
    Ionescu, Marius
    Craig, Stephanie G.
    Humphries, Matthew P.
    McCombe, Kris
    Tellez, Manuel Salto
    Alnabulsi, Ayham
    Murray, Graeme, I
    JOURNAL OF PATHOLOGY CLINICAL RESEARCH, 2022, 8 (03): : 245 - 256
  • [20] Optimization of Effective Thermal Conductivity of Thermal Interface Materials Based on the Genetic Algorithm-Driven Random Thermal Network Model
    Su, Yunpeng
    Ma, Qiangqiang
    Liang, Ting
    Yao, Yimin
    Jiao, Zhenjun
    Han, Meng
    Pang, Yunsong
    Ren, Linlin
    Zeng, Xiaoliang
    Xu, Jianbin
    Sun, Rong
    ACS APPLIED MATERIALS & INTERFACES, 2021, 13 (37) : 45050 - 45058