Abstract
Network security represents a keystone to ISPs, who need to cope with an increasing number of network attacks that put the network's integrity at risk. The high-dimensionality of network data provided by current network monitoring systems opens the door to the massive application of Machine Learning (ML) approaches to improve the detection and classification of network attacks. In recent years, machine learning-based systems have gained popularity for network security applications, usually considering the application of shallow models, where a set of expert handcrafted features are needed to pre-process the data before training. Deep Learning (DL) models can alleviate the need of domain expert knowledge by relying on their ability to learn feature representations from input raw or basic, non-processed data. Still, it is not clear today which is the best model or best model-category to manage network security, as in general, only adhoc and tailored approaches have been proposed and evaluated so far. In this paper we train and benchmark different ML models for detection of network attacks in different real network data. We consider an extensive battery of supervised ML models, including both shallow and deep models, taking as input either pre-computed domain-knowledge based input features, or raw, byte-stream inputs. Proposed models are evaluated either using real, in the wild network measurements coming from the WIDE backbone network – the well-known MAWILab dataset, and through publicly available datasets. Results suggest that deep learning models can provide similar results to the best-performing shallow models, but without any sort of expert handcrafted inputs.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.