icon-carat-right menu search cmu-wordmark

Using Deep Neural Networks to Detect Compromised Hosts in Large Scale Networks

Presentation
In this presentation, the authors discuss the generation of a new dataset based on recent, real network data from global research and education that is fused with actual threat lists and contextual information.
Publisher

University of Tennessee

Topic or Tag

Abstract

Detecting compromised hosts in networks is an important cyber security challenge. Investing in defenses on the perimeter of the network is key to prevent compromises within the network. However, hosts are compromised at an alarming rate due to security breaches and insider threats. It is becoming impossible for network security analysts to keep up with the barrage of data to manually detect compromises. Automating the detection of compromises and providing decision support play a key role in optimizing the analyst's workflow. Various statistical modeling techniques have been proposed to assist analysts with detecting compromised hosts by examining their behavior on the network at flow level. But most of this research lacks real datasets that reflect modern attacks, preventing their use in real-world scenarios. Literature tends to use benchmark data sets that are simulated and outdated.

Part of a Collection

FloCon 2020 Presentations

This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.