Network attack classification with few-shot learning methods

Download
2022-9-14
Tüzün, İsmail
As the number of devices using the Internet increases, the network attacks that these devices are exposed to also diversify. Identifying network attack types from network packets is important to prevent the damage of the attack and to minimize it in cases where it cannot be prevented. Classical machine learning methods and deep learning methods need a lot of data to get successful results. Unfortunately, preparing and labeling large amounts of data is costly in current conditions. This cost is mostly due to the training of the experts who will do the labeling process, the difficulty of generating attack environments, and the complexity of attacks. This study examines the problem of classifying network attacks with limited data in the learning process by applying few-shot learning methods. To investigate the problem, we generate three different datasets using previously labeled large datasets including CIC-IDS2017 and UNSW-NB15. We apply three promising approaches, where two of them are based on Prototypical Networks, and one of them is based on Relation Networks.

Suggestions

Throughput analysis of UDP and VPN traffic in 802.11g networks
Ikiz, Suheyla; Erten, Y. M. (2006-11-03)
In this study the effects of using VPNs on the throughput of wireless LANs are investigated. To this end we have set up a test bed and based our observations on the actual measurements obtained from the experiments performed using this test bed. The wireless LAN we have used is an IEEE 802.11g network and we compared the throughput values obtained by employing IPSec in this network with the calculated ones. We performed the tests using periodically generated traffic with 1ms and 5 ms intervals between succe...
Green Femtocells in the IoT Era: Traffic Modeling and Challenges - An Overview
Al-Turjman, Fadi; Ever, Enver; Zahmatkesh, Hadi (2017-11-01)
The rapid increase in numbers of communicating devices, such as smartphones, PDAs, and notebooks, is causing the demand for mobile data traffic to grow significantly. In recent years, mobile operators have been trying to find solutions to increase the network capacity in order to satisfy mobile users' requests and meet the requirements in terms of various quality of service measures in the case of high mobile data traffic. With ever increasing demand from mobile users and implementations in the area of IoT,...
Mobile multi-access IP: a proposal for mobile multi-access management in future wireless IP networks
Altuntas, S; Baykal, Buyurman (Elsevier BV, 2005-03-15)
As the wireless networking technologies advance rapidly, providing mobile users with roaming freely in heterogeneous wireless access domains, the need for multi-access arises. This paper introduces the Mobile Multi-Access Management Architecture (MMA-IP) for IP-based future wireless networks. MMA-IP enables mobile users to utilize multiple access domains synchronously and to switch between different access domains. In order to handle multi-access operations, MMA-IP defines a new special mobility agent, call...
Energy-aware routing algorithms for wireless ad hoc networks with heterogeneous power supplies
Vazifehdan, Javad; Prasad, R. Venkatesha; Onur, Ertan; Niemegeers, Ignas (Elsevier BV, 2011-10-27)
Although many energy-aware routing schemes have been proposed for wireless ad hoc networks, they are not optimized for networks with heterogeneous power supplies, where nodes may run on battery or be connected to the mains (grid network). In this paper, we propose several energy-aware routing algorithms for such ad hoc networks. The proposed algorithms feature directing the traffic load dynamically towards mains-powered devices keeping the hop count of selected routes minimal. We unify these algorithms into...
Improving performance of network intrusion detection systems through concurrent mechanisms
Atakan, Mustafa; Şener, Cevat; Department of Computer Engineering (2003)
As the bandwidth of present networks gets larger than the past, the demand of Network Intrusion Detection Systems (NIDS) that function in real time becomes the major requirement for high-speed networks. If these systems are not fast enough to process all network traffic passing, some malicious security violations may take role using this drawback. In order to make that kind of applications schedulable, some concurrency mechanism is introduced to the general flowchart of their algorithm. The principal aim is...
Citation Formats
İ. Tüzün, “Network attack classification with few-shot learning methods,” M.S. - Master of Science, Middle East Technical University, 2022.