Network Intrusion Detection in the Wild - the Orange use case in the SIMARGL project

Download paper Download (from journal)

Details

DOI: 10.1145/3465481.3470091
Publication type: Conference paper
Conference: ARES 2021: International Conference on Availability, Reliability and Security
Location: Virtual
Online publication date: 2021-08-17

Abstract

There is a profuse abundance of network security incidents around the world every day. Increasingly, services and data stored on servers fall victim to sophisticated techniques that cause all sorts of damage. Hackers invent new ways to bypass security measures and modify the existing viruses in order to deceive defense systems. Therefore, in response to these illegal procedures, new ways to defend against them are being developed. In this paper, a method for anomaly detection based on machine learning technique is presented and a near real-time processing system architecture is proposed. The main contribution is a test-run of ML algorithms on real-world data coming from a world-class telecom operator. This work investigates the effectiveness of detecting malicious behaviour in network packets using several machine learning techniques. The results achieved are expressed with a set of of metrics. For better clarity on the classifier performance, 10-fold cross-validation was used.

Authors

  • Mikołaj Komisarek
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    ITTI Sp. z o.o. | UTP University of Science and Technology
    Poznań, Poland | Bydgoszcz, Poland
  • Marek Pawlicki
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    ITTI Sp. z o.o. | UTP University of Science and Technology
    Poznań, Poland | Bydgoszcz, Poland
  • Mikołaj Kowalski
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    Orange Poland
    Warsaw, Poland
  • Adrian Marzecki
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    Orange Poland
    Warsaw, Poland
  • Rafał Kozik
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    ITTI Sp. z o.o. | UTP University of Science and Technology
    Poznań, Poland | Bydgoszcz, Poland
  • Michał Choraś
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    FernUniversität in Hagen | UTP University of Science and Technology
    Hagen, Germany | Bydgoszcz, Poland