首页>
外国专利>
SCALABLE NETWORK TRAFFIC ANALYSIS AND ATTACKER DETECTION
SCALABLE NETWORK TRAFFIC ANALYSIS AND ATTACKER DETECTION
展开▼
机译:可伸缩网络流量分析和攻击检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
A system for scalable network traffic analysis and attacker detection comprising a traffic collector configured to collect huge network traffic data, a query engine to convert PCAP file format into CSV format, a HADOOP cluster unit provided to store the huge network traffic data and produce datasets, a packet classifier configured to classify packet for detection of an anomaly, a loader unit to detect threat signatures and a tracing unit coupled to the packet classifier and the loader unit for detecting a geographical location of an attacker using digital maps. The packet classifier includes a machine learning algorithm for constructing a classifier model. The machine learning algorithm enables to predict traffic behavior from the constructed classifier model. The machine learning algorithm is at least one of k-nearest neighbours (KNN), Support Vector machines (SVM) and Local outlier factor (LOF). The proposed system detects both identified and novel attacks through signature-based and anomaly-based detection techniques.
展开▼