Network based attacks are the major threat to security on the Internet. The volume of traffic and the high variability of the attacks place threat detection squarely in the domain of big data. Conventional approaches are mostly based on signatures. While these are relatively inexpensive computationally, they are inflexible and insensitive to small variations in the attack vector. Therefore we explored the use of machine learning techniques on real flow data. We found that benign traffic could be identified with high accuracy.
Freas, Christopher B., Robert W. Harrison, and Yuan Long. 2019. High Performance Attack Estimation in Large-Scale Network Flows. Proceedings - 2018 IEEE International Conference on Big Data, art. no. 8622125, pp. 5014-5020.