(Downloads - 0)
For more info about our services contact : help@bestpfe.com
Table of contents
1 Introduction
1.1 Context and motivation
1.2 Statistical and ML techniques
1.3 Data analysis applications to networking
1.4 Contributions and thesis outline
2 Related work
2.1 Statistical and machine learning techniques
2.1.1 Statistical learning
2.1.2 ML techniques: paradigms and addressed problems
2.1.3 Data collection
2.1.4 Feature design
2.1.5 Performance metrics and model validation
2.2 Intrusion detection
2.2.1 Intrusion detection methodologies
2.2.2 Large-scale intrusion detection
2.2.3 Application to botnet detection
2.3 Botnet Detection
2.3.1 Flow-based techniques
2.3.2 Graph-based techniques
2.4 Spatiotemporal anomaly detection in cellular networks
2.4.1 Detection of spatiotemporal anomalies
2.4.2 Per-app mobile traffic analysis
2.4.3 Group anomaly detection
2.5 Summary
3 Detection of zero-day attacks
3.1 Introduction
3.2 Split-and-Merge Port-centric Network Anomaly Detection
3.2.1 Rationale
3.2.2 Features design
3.2.3 Local anomaly detection
3.2.4 Central correlation
3.3 Network traffic datasets
3.4 Evaluation
3.4.1 Normal distribution fitting
3.4.2 Local anomaly detection
3.4.3 Comparison between aggregated and split views
3.4.4 Last years panorama
3.4.5 Anomaly score distribution
3.4.6 Features and parameters choice
3.4.7 Anomalies classification
3.4.8 Ground-truth
3.5 Complexity and performances analysis
3.5.1 Complexity analysis
3.5.2 Execution performance
3.6 Conclusion
4 Botnet Fingerprinting
4.1 Introduction
4.2 Dataset
4.3 Bots Fingerprints
4.3.1 Preliminary example
4.3.2 Methodology
4.3.3 Flow records collection and formatting
4.3.4 Quantification (attribute frequency distributions)
4.3.5 Signatures formatting
4.4 Bot Detection
4.4.1 BotFP-Clus
4.4.2 BotFP-ML
4.5 Evaluation
4.5.1 BotFP-Clus
4.5.2 Comparison between BotFP-Clus and BotFP-ML
4.5.3 Comparison to state-of-the-art detection techniques
4.6 Complexity
4.6.1 Attribute frequency distributions computation
4.6.2 Training
4.6.3 Classification
4.6.4 Comparison to other techniques
4.7 Conclusion
5 Group anomaly detection in mobile apps usages
5.1 Introduction
5.2 Measurements and dataset
5.3 ASTECH Methodology
5.3.1 Algorithmic approach
5.3.2 Notations
5.4 Time series anomaly detection
5.4.1 Time series decomposition
5.4.2 Detection of raw anomalies
5.5 Group anomalies
5.5.1 Identification of abnormal snapshots
5.5.2 Detection of group anomalies
5.5.3 Fine-grained characterization of group anomalies
5.6 Numerical results
5.6.1 Raw anomalies
5.6.2 Group anomalies
5.6.3 Group anomalies classification
5.7 Conclusion
6 Conclusion
6.1 Summary of contributions
6.2 Perspectives
6.2.1 Detection of zero-day attacks
6.2.2 Botnet Fingerprinting
6.2.3 Group anomaly detection in mobile app usages
