IDS Malicious Flow Classification
- 10.2991/jrnal.k.200528.006How to use a DOI?
- NIDS; dynamic analysis; deep learning
We will display two different kinds of experiments, which are Network-based Intrusion Detection System (NIDS)-based and dynamic-based analysis shows how artificial intelligence helps us detecting and classify malware. On the NID, we use CICIDS2017 as a research dataset, embedding high dimensional features and find out redundant features in the raw dataset by Random Forest algorithm, reach 99.93% accuracy and 0.3% of the false alert rate. We extract the function calls in malware data by the method proposed in this paper to generate text data. The algorithm n-gram and Term Frequency-Inverse Document Frequency (TF-IDF) are used to process text data, converts them into numeric features, and by another feature selection methods, we reduce the training time, achieve 87.08% accuracy, and save 87.97% training time in dynamic-based analysis.
- © 2020 The Authors. Published by Atlantis Press SARL.
- Open Access
- This is an open access article distributed under the CC BY-NC 4.0 license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - I-Hsien Liu AU - Cheng-Hsiang Lo AU - Ta-Che Liu AU - Jung-Shian Li AU - Chuan-Gang Liu AU - Chu-Fen Li PY - 2020 DA - 2020/06/02 TI - IDS Malicious Flow Classification JO - Journal of Robotics, Networking and Artificial Life SP - 103 EP - 106 VL - 7 IS - 2 SN - 2352-6386 UR - https://doi.org/10.2991/jrnal.k.200528.006 DO - 10.2991/jrnal.k.200528.006 ID - Liu2020 ER -