Abstract
In recent years, insider threats within computers have been overgrowing because a high quantity of malware and its variants have been spread massively by spam mail, malvertising attack, and users' carelessness. Moreover, some of the dormant malware would not be inspected by ant-virus software, and the risk exists continually until finally becoming a disastrous economic loss. Several studies developed signature-based methods to detect insider threats, but we are more interested in how to simplify the network behavior from sophisticated traffic flow. Without inspecting network payload and packet with time-consuming, we focus on the traffic behavior that we only consider the features of source IP, destination IP, timestamp of connection, and quantity of connection. To conquer the black box of complicated network traffic, this work applies the deep learning paradigm and proposes the variant version of VGG16 to examine the features within traffic flow. Finally, this paper proposes a method to support more explanation on traffic behavior with learning model.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
