Sniffing Detection Based on Network Traffic Probing and Machine Learning

被引：10

作者：

Gregorczyk, Marcin ^{[1
]}

Zorawski, Piotr ^{[1
]}

Nowakowski, Piotr ^{[1
]}

Cabaj, Krzysztof ^{[2
]}

Mazurczyk, Wojciech ^{[2
]}

机构：

[1] Warsaw Univ Technol, Inst Telecommun, PL-00665 Warsaw, Poland

[2] Warsaw Univ Technol, Inst Comp Sci, PL-00665 Warsaw, Poland

来源：

IEEE ACCESS | 2020年 / 8卷

基金：

欧盟地平线“2020”;

关键词：

Security; Machine learning; Protocols; Tools; Internet; Software; AI; artificial intelligence; ML; machine learning; network security; sniffing; threat detection;

D O I：

10.1109/ACCESS.2020.3016076

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocols and applications that can be exploited within the targeted network. It relies mainly on passively analyzing the traffic exchanged within the network, and due to its nature, such an activity is difficult to discover. That is why, in this article, we first revisit existing techniques and tools that can be used to perform sniffing as well as the corresponding mitigation methods. Based on this background, we propose a novel measurement-based detection method that infers whether the sniffing software is active on the suspected machine by network traffic probing and machine learning techniques. The presented experimental results prove that the proposed solution is effective.

引用

页码：149255 / 149269

页数：15

共 50 条

[11] Network Traffic Anomaly Detection using Machine Learning Approaches
Limthong, Kriangkrai
Tawsook, Thidarat
2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS), 2012, : 542 - 545
[12] Anomaly detection in network traffic using extreme learning machine
Imamverdiyev, Yadigar
Sukhostat, Lyudmila
2016 IEEE 10TH INTERNATIONAL CONFERENCE ON APPLICATION OF INFORMATION AND COMMUNICATION TECHNOLOGIES (AICT), 2016, : 418 - 421
[13] Unsupervised Machine Learning for Anomaly Detection in Synchrophasor Network Traffic
Donner, Phillip
Leger, Aaron St.
Blaine, Raymond
2019 51ST NORTH AMERICAN POWER SYMPOSIUM (NAPS), 2019,
[14] Investigation of Machine Learning Based Network Traffic Classification
Fan, Zhong
Liu, Ran
2017 INTERNATIONAL SYMPOSIUM ON WIRELESS COMMUNICATION SYSTEMS (ISWCS), 2017, : 1 - 6
[15] Machine learning based network traffic classification: a survey
Shen, Y. (shenyi_1979@njau.edu.cn), 2012, Binary Information Press, Flat F 8th Floor, Block 3, Tanner Garden, 18 Tanner Road, Hong Kong (09):
[16] Encrypted network traffic classification based on machine learning
Elmaghraby, Reham T.
Aziem, Nada M. Abdel
Sobh, Mohammed A.
Bahaa-Eldin, Ayman M.
AIN SHAMS ENGINEERING JOURNAL, 2024, 15 (02)
[17] Extreme Learning Machine based Traffic Sign Detection
Huang, Zhiyong
Yu, Yuanlong
Ye, Shaozhen
Liu, Huaping
PROCESSING OF 2014 INTERNATIONAL CONFERENCE ON MULTISENSOR FUSION AND INFORMATION INTEGRATION FOR INTELLIGENT SYSTEMS (MFI), 2014,
[18] Deep Learning Network Intrusion Detection Based on Network Traffic
Wang, Hanyang
Zhou, Sirui
Li, Honglei
Hu, Juan
Du, Xinran
Zhou, Jinghui
He, Yunlong
Fu, Fa
Yang, Houqun
ARTIFICIAL INTELLIGENCE AND SECURITY, ICAIS 2022, PT III, 2022, 13340 : 194 - 207
[19] Sniffing and Chaffing Network Traffic in Stepping-Stone Intrusion Detection
Yang, Jianhua
Zhang, Yongzhong
King, Robert
Tolbert, Tim
2018 32ND INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS (WAINA), 2018, : 515 - 520
[20] Investigating the Effect of Traffic Sampling on Machine Learning-Based Network Intrusion Detection Approaches
Alikhanov, Jumabek
Jang, Rhongho
Abuhamad, Mohammed
Mohaisen, David
Nyang, Daehun
Noh, Youngtae
IEEE ACCESS, 2022, 10 : 5801 - 5823

← 1 2 3 4 5 →