Exploring RNNs for analyzing Zeek HTTP data
No Thumbnail Available
Authors
Andrews, Daniel K.
Behn, Jennifer
Jaksha, Danielle
Seo, Jinwon
Schneider, Madeleine
Yoon, James
Matthews, Suzanne J.
Agrawal, Rajeev K.
Mentis, Alexander S.
Issue Date
2019-04
Type
proceedings-article
Language
Keywords
Security and privacy , Intrusion/anomaly detection and malware mitigation
Alternative Title
Abstract
Cyber vulnerabilities pose a threat across systems in the Department of Defense. Finding ways to analyze network traffic and detect malicious behavior on a network will help keep these systems safe. This poster looks at the data collection techniques, model creation, and results of building a recurrent neural network to classify incoming traffic as normal or malicious. Additionally, it considers how the information will be best portrayed on a GUI to network administrators. The model's initial accuracy is 83.45% when trained on 500,017 connections. With increased accuracy, this tool may be used by the Department of Defense to help defend its networks.
Description
Citation
Daniel Andrews, Jennifer Behn, Danielle Jaksha, Jinwon Seo, Madeleine Schneider, James Yoon, Suzanne J. Matthews, Rajeev Agrawal, and Alexander S. Mentis. 2019. Exploring RNNs for analyzing Zeek HTTP data. In Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security (HotSoS '19). Association for Computing Machinery, New York, NY, USA, Article 18, 1–2. https://doi.org/10.1145/3314058.3317291
Publisher
ACM