CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 9850 > Article
Paper
12 May 2016 Function and activity classification in network traffic data: existing methods, their weaknesses, and a path forward
Georgiy Levchuk
Author Affiliations +
Proceedings Volume 9850, Machine Intelligence and Bio-inspired Computation: Theory and Applications X; 985004 (2016) https://doi.org/10.1117/12.2225949
Event: SPIE Defense + Security, 2016, Baltimore, MD, United States
Abstract
The cyber spaces are increasingly becoming the battlefields between friendly and adversary forces, with normal users caught in the middle. Accordingly, planners of enterprise defensive policies and offensive cyber missions alike have an essential goal to minimize the impact of their own actions and adversaries’ attacks on normal operations of the commercial and government networks. To do this, the cyber analysis need accurate "cyber battle maps", where the functions, roles, and activities of individual and groups of devices and users are accurately identified.

Most of the research in cyber exploitation has focused on the identification of attacks, attackers, and their devices. Many tools exist for device profiling, malware identification, user attribution, and attack analysis. However, most of the tools are intrusive, sensitive to data obfuscation, or provide anomaly flagging and not able to correctly classify the semantics and causes of network activities. In this paper, we review existing solutions that can identify functional and social roles of entities in cyberspace, discuss their weaknesses, and propose an approach for developing functional and social layers of cyber battle maps.
© (2016) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Georgiy Levchuk "Function and activity classification in network traffic data: existing methods, their weaknesses, and a path forward", Proc. SPIE 9850, Machine Intelligence and Bio-inspired Computation: Theory and Applications X, 985004 (12 May 2016); https://doi.org/10.1117/12.2225949
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 13 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Lens.org Logo
CITATIONS
Cited by 2 scholarly publications.
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Network security
Analytical research
Data modeling
Expectation maximization algorithms
Image classification
Inspection
Performance modeling
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top