-
SPS
IEEE Members: $11.00
Non-members: $15.00Length: 13:44
Detecting and classifying anomalous behaviors in computer networks remains a formidable challenge. This work outlines a machine learning technique that uses deep neural networks to detect and classify a variety of network attacks. Our approach is based on that hypothesis that different network attacks generate a distinguishable change in entropy of certain network flow features. To generate a training and validation dataset, we inject synthetic attacks of different types and intensities into raw packet capture data collected from an internet backbone link by the MAWI group. Experimental results show that our machine learning classification model can achieve high accuracy for network attacks in which attack intensities are as low as 5% of overall traffic.