2014 |
Filasiak, Robert; Grzenda, Maciej; Luckner, Marcin; Zawistowski, Pawel On the testing of network cyber threat detection methods on spam example Journal Article Annales des Telecommunications/Annals of Telecommunications, 69 (7-8), pp. 363–377, 2014, ISSN: 19589395. Abstract | Links | BibTeX | Tagi: Flow analysis, Network data sets, Network Intrusion Detection Systems (NIDS), Spam detection @article{Filasiak2014, title = {On the testing of network cyber threat detection methods on spam example}, author = {Robert Filasiak and Maciej Grzenda and Marcin Luckner and Pawel Zawistowski}, url = {http://dx.doi.org/10.1007/s12243-013-0412-5}, doi = {10.1007/s12243-013-0412-5}, issn = {19589395}, year = {2014}, date = {2014-01-01}, journal = {Annales des Telecommunications/Annals of Telecommunications}, volume = {69}, number = {7-8}, pages = {363--377}, publisher = {Springer Paris}, abstract = {As a response to the increasing number of cyber threats, novel detection and prevention methods are constantly being developed. One of the main obstacles hindering the development and evaluation of such methods is the shortage of reference data sets. What is proposed in this work is a way of testing methods detecting network threats. It includes a procedure for creating realistic reference data sets describing network threats and the processing and use of these data sets in testing environments. The proposed approach is illustrated and validated on the basis of the problem of spam detection. Reference data sets for spam detection are developed, analysed and used to both generate the requested volume of simulated traffic and analyse it using machine learning algorithms. The tests take into account both the accuracy and performance of threat detection methods under real load and constrained computing resources. textcopyright 2014 The Author(s).}, keywords = {Flow analysis, Network data sets, Network Intrusion Detection Systems (NIDS), Spam detection}, pubstate = {published}, tppubtype = {article} } As a response to the increasing number of cyber threats, novel detection and prevention methods are constantly being developed. One of the main obstacles hindering the development and evaluation of such methods is the shortage of reference data sets. What is proposed in this work is a way of testing methods detecting network threats. It includes a procedure for creating realistic reference data sets describing network threats and the processing and use of these data sets in testing environments. The proposed approach is illustrated and validated on the basis of the problem of spam detection. Reference data sets for spam detection are developed, analysed and used to both generate the requested volume of simulated traffic and analyse it using machine learning algorithms. The tests take into account both the accuracy and performance of threat detection methods under real load and constrained computing resources. textcopyright 2014 The Author(s). |
Filasiak, Robert; Grzenda, Maciej; Luckner, Marcin; Zawistowski, Pawel On the testing of network cyber threat detection methods on spam example Journal Article Annales des Telecommunications/Annals of Telecommunications, 69 (7-8), pp. 363–377, 2014, ISSN: 19589395. Abstract | Links | BibTeX | Tagi: Flow analysis, Network data sets, Network Intrusion Detection Systems (NIDS), Spam detection @article{Filasiak2014b, title = {On the testing of network cyber threat detection methods on spam example}, author = {Robert Filasiak and Maciej Grzenda and Marcin Luckner and Pawel Zawistowski}, url = {http://dx.doi.org/10.1007/s12243-013-0412-5}, doi = {10.1007/s12243-013-0412-5}, issn = {19589395}, year = {2014}, date = {2014-01-01}, journal = {Annales des Telecommunications/Annals of Telecommunications}, volume = {69}, number = {7-8}, pages = {363--377}, publisher = {Springer Paris}, abstract = {As a response to the increasing number of cyber threats, novel detection and prevention methods are constantly being developed. One of the main obstacles hindering the development and evaluation of such methods is the shortage of reference data sets. What is proposed in this work is a way of testing methods detecting network threats. It includes a procedure for creating realistic reference data sets describing network threats and the processing and use of these data sets in testing environments. The proposed approach is illustrated and validated on the basis of the problem of spam detection. Reference data sets for spam detection are developed, analysed and used to both generate the requested volume of simulated traffic and analyse it using machine learning algorithms. The tests take into account both the accuracy and performance of threat detection methods under real load and constrained computing resources. textcopyright 2014 The Author(s).}, keywords = {Flow analysis, Network data sets, Network Intrusion Detection Systems (NIDS), Spam detection}, pubstate = {published}, tppubtype = {article} } As a response to the increasing number of cyber threats, novel detection and prevention methods are constantly being developed. One of the main obstacles hindering the development and evaluation of such methods is the shortage of reference data sets. What is proposed in this work is a way of testing methods detecting network threats. It includes a procedure for creating realistic reference data sets describing network threats and the processing and use of these data sets in testing environments. The proposed approach is illustrated and validated on the basis of the problem of spam detection. Reference data sets for spam detection are developed, analysed and used to both generate the requested volume of simulated traffic and analyse it using machine learning algorithms. The tests take into account both the accuracy and performance of threat detection methods under real load and constrained computing resources. textcopyright 2014 The Author(s). |
2013 |
Luckner, Marcin; Filasiak, Robert Flow-level Spam Modelling using separate data sources Inproceedings Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on, pp. 91 – 98, IEEE, 2013. Abstract | Links | BibTeX | Tagi: Detection, Flow analysis, Intrusion, Network, Network data sets, Spam detection, Systems (NIDS) @inproceedings{Luckner2013b, title = {Flow-level Spam Modelling using separate data sources}, author = {Marcin Luckner and Robert Filasiak}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6643981}, year = {2013}, date = {2013-01-01}, booktitle = {Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on}, pages = {91 -- 98}, publisher = {IEEE}, abstract = {Spam detection based on flow-level statistics is a new approach in anti-spam techniques. The approach reduces number of collected data but still can obtain relative good results in a spam detection task. The main problems in the approach are selection of flow-level features that describe spam and detection of discrimination rules. In this work, flow-level model of spam is presented. The model describes spam subclasses and brings information about major features of a spam detection task. The model is the base for decision trees that detect spam. The analysis of detectors, which was learned from data collected from different mail servers, results in the universal spam description consists of the most significant features. Flows described by selected features and collected on Broadband Remote Access Server were analysed by an ensemble of created classifiers. The ensemble detected major sources of spam among senders IP addresses.}, keywords = {Detection, Flow analysis, Intrusion, Network, Network data sets, Spam detection, Systems (NIDS)}, pubstate = {published}, tppubtype = {inproceedings} } Spam detection based on flow-level statistics is a new approach in anti-spam techniques. The approach reduces number of collected data but still can obtain relative good results in a spam detection task. The main problems in the approach are selection of flow-level features that describe spam and detection of discrimination rules. In this work, flow-level model of spam is presented. The model describes spam subclasses and brings information about major features of a spam detection task. The model is the base for decision trees that detect spam. The analysis of detectors, which was learned from data collected from different mail servers, results in the universal spam description consists of the most significant features. Flows described by selected features and collected on Broadband Remote Access Server were analysed by an ensemble of created classifiers. The ensemble detected major sources of spam among senders IP addresses. |
Luckner, Marcin; Filasiak, Robert Flow-level Spam Modelling using separate data sources Inproceedings Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on, pp. 91 – 98, IEEE, 2013. Abstract | Links | BibTeX | Tagi: Detection, Flow analysis, Intrusion, Network, Network data sets, Spam detection, Systems (NIDS) @inproceedings{Luckner2013bb, title = {Flow-level Spam Modelling using separate data sources}, author = {Marcin Luckner and Robert Filasiak}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6643981}, year = {2013}, date = {2013-01-01}, booktitle = {Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on}, pages = {91 -- 98}, publisher = {IEEE}, abstract = {Spam detection based on flow-level statistics is a new approach in anti-spam techniques. The approach reduces number of collected data but still can obtain relative good results in a spam detection task. The main problems in the approach are selection of flow-level features that describe spam and detection of discrimination rules. In this work, flow-level model of spam is presented. The model describes spam subclasses and brings information about major features of a spam detection task. The model is the base for decision trees that detect spam. The analysis of detectors, which was learned from data collected from different mail servers, results in the universal spam description consists of the most significant features. Flows described by selected features and collected on Broadband Remote Access Server were analysed by an ensemble of created classifiers. The ensemble detected major sources of spam among senders IP addresses.}, keywords = {Detection, Flow analysis, Intrusion, Network, Network data sets, Spam detection, Systems (NIDS)}, pubstate = {published}, tppubtype = {inproceedings} } Spam detection based on flow-level statistics is a new approach in anti-spam techniques. The approach reduces number of collected data but still can obtain relative good results in a spam detection task. The main problems in the approach are selection of flow-level features that describe spam and detection of discrimination rules. In this work, flow-level model of spam is presented. The model describes spam subclasses and brings information about major features of a spam detection task. The model is the base for decision trees that detect spam. The analysis of detectors, which was learned from data collected from different mail servers, results in the universal spam description consists of the most significant features. Flows described by selected features and collected on Broadband Remote Access Server were analysed by an ensemble of created classifiers. The ensemble detected major sources of spam among senders IP addresses. |
Publikacje
2014 |
On the testing of network cyber threat detection methods on spam example Journal Article Annales des Telecommunications/Annals of Telecommunications, 69 (7-8), pp. 363–377, 2014, ISSN: 19589395. |
On the testing of network cyber threat detection methods on spam example Journal Article Annales des Telecommunications/Annals of Telecommunications, 69 (7-8), pp. 363–377, 2014, ISSN: 19589395. |
2013 |
Flow-level Spam Modelling using separate data sources Inproceedings Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on, pp. 91 – 98, IEEE, 2013. |
Flow-level Spam Modelling using separate data sources Inproceedings Computer Science and Information Systems (FedCSIS), 2013 Federated Conference on, pp. 91 – 98, IEEE, 2013. |