Zooming Into the Darknet: Characterizing Internet Background Radiation
and its Structural Changes
- URL: http://arxiv.org/abs/2108.00079v1
- Date: Thu, 29 Jul 2021 00:54:02 GMT
- Title: Zooming Into the Darknet: Characterizing Internet Background Radiation
and its Structural Changes
- Authors: Michalis Kallitsis, Vasant Honavar, Rupesh Prajapati, Dinghao Wu, and
John Yen
- Abstract summary: "Darknets" provide a unique window into Internet-wide malicious activities.
Large Darknets observe millions of nefarious events on a daily basis.
We present a novel framework for characterizing Darknet behavior and its temporal evolution.
- Score: 11.053245096756639
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Network telescopes or "Darknets" provide a unique window into Internet-wide
malicious activities associated with malware propagation, denial of service
attacks, scanning performed for network reconnaissance, and others. Analyses of
the resulting data can provide actionable insights to security analysts that
can be used to prevent or mitigate cyber-threats. Large Darknets, however,
observe millions of nefarious events on a daily basis which makes the
transformation of the captured information into meaningful insights
challenging. We present a novel framework for characterizing Darknet behavior
and its temporal evolution aiming to address this challenge. The proposed
framework: (i) Extracts a high dimensional representation of Darknet events
composed of features distilled from Darknet data and other external sources;
(ii) Learns, in an unsupervised fashion, an information-preserving
low-dimensional representation of these events (using deep representation
learning) that is amenable to clustering; (iv) Performs clustering of the
scanner data in the resulting representation space and provides interpretable
insights using optimal decision trees; and (v) Utilizes the clustering outcomes
as "signatures" that can be used to detect structural changes in the Darknet
activities. We evaluate the proposed system on a large operational Network
Telescope and demonstrate its ability to detect real-world, high-impact
cybersecurity incidents.
Related papers
- Adversarial Challenges in Network Intrusion Detection Systems: Research Insights and Future Prospects [0.33554367023486936]
This paper provides a comprehensive review of machine learning-based Network Intrusion Detection Systems (NIDS)
We critically examine existing research in NIDS, highlighting key trends, strengths, and limitations.
We discuss emerging challenges in the field and offer insights for the development of more robust and resilient NIDS.
arXiv Detail & Related papers (2024-09-27T13:27:29Z) - KiNETGAN: Enabling Distributed Network Intrusion Detection through Knowledge-Infused Synthetic Data Generation [0.0]
We propose a knowledge-infused Generative Adversarial Network for generating synthetic network activity data (KiNETGAN)
Our approach enhances the resilience of distributed intrusion detection while addressing privacy concerns.
arXiv Detail & Related papers (2024-05-26T08:02:02Z) - Darknet Traffic Analysis A Systematic Literature Review [0.0]
The objective of an anonymity tool is to protect the anonymity of its users through the implementation of strong encryption and obfuscation techniques.
The strong anonymity feature also functions as a refuge for those involved in illicit activities who aim to avoid being traced on the network.
This paper presents a comprehensive analysis of methods of darknet traffic using machine learning techniques to monitor and identify the traffic attacks inside the darknet.
arXiv Detail & Related papers (2023-11-27T19:27:50Z) - A Survey on Transferability of Adversarial Examples across Deep Neural Networks [53.04734042366312]
adversarial examples can manipulate machine learning models into making erroneous predictions.
The transferability of adversarial examples enables black-box attacks which circumvent the need for detailed knowledge of the target model.
This survey explores the landscape of the adversarial transferability of adversarial examples.
arXiv Detail & Related papers (2023-10-26T17:45:26Z) - Forensic Data Analytics for Anomaly Detection in Evolving Networks [13.845204373507016]
Many cybercrimes and attacks have been launched in evolving networks to perform malicious activities.
This chapter presents a digital analytics framework for network anomaly detection.
Experiments on real-world evolving network data show the effectiveness of the proposed forensic data analytics solution.
arXiv Detail & Related papers (2023-08-17T20:09:33Z) - Influencer Detection with Dynamic Graph Neural Networks [56.1837101824783]
We investigate different dynamic Graph Neural Networks (GNNs) configurations for influencer detection.
We show that using deep multi-head attention in GNN and encoding temporal attributes significantly improves performance.
arXiv Detail & Related papers (2022-11-15T13:00:25Z) - Explainable Adversarial Attacks in Deep Neural Networks Using Activation
Profiles [69.9674326582747]
This paper presents a visual framework to investigate neural network models subjected to adversarial examples.
We show how observing these elements can quickly pinpoint exploited areas in a model.
arXiv Detail & Related papers (2021-03-18T13:04:21Z) - Information Obfuscation of Graph Neural Networks [96.8421624921384]
We study the problem of protecting sensitive attributes by information obfuscation when learning with graph structured data.
We propose a framework to locally filter out pre-determined sensitive attributes via adversarial training with the total variation and the Wasserstein distance.
arXiv Detail & Related papers (2020-09-28T17:55:04Z) - A Privacy-Preserving Distributed Architecture for
Deep-Learning-as-a-Service [68.84245063902908]
This paper introduces a novel distributed architecture for deep-learning-as-a-service.
It is able to preserve the user sensitive data while providing Cloud-based machine and deep learning services.
arXiv Detail & Related papers (2020-03-30T15:12:03Z) - Firearm Detection and Segmentation Using an Ensemble of Semantic Neural
Networks [62.997667081978825]
We present a weapon detection system based on an ensemble of semantic Convolutional Neural Networks.
A set of simpler neural networks dedicated to specific tasks requires less computational resources and can be trained in parallel.
The overall output of the system given by the aggregation of the outputs of individual networks can be tuned by a user to trade-off false positives and false negatives.
arXiv Detail & Related papers (2020-02-11T13:58:16Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.