Exploring RNNs for analyzing Zeek HTTP data

Date
2019-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
ACM
Abstract
Cyber vulnerabilities pose a threat across systems in the Department of Defense. Finding ways to analyze network traffic and detect malicious behavior on a network will help keep these systems safe. This poster looks at the data collection techniques, model creation, and results of building a recurrent neural network to classify incoming traffic as normal or malicious. Additionally, it considers how the information will be best portrayed on a GUI to network administrators. The model's initial accuracy is 83.45% when trained on 500,017 connections. With increased accuracy, this tool may be used by the Department of Defense to help defend its networks.
Description
Keywords
Security and privacy, Intrusion/anomaly detection and malware mitigation
Citation
Daniel Andrews, Jennifer Behn, Danielle Jaksha, Jinwon Seo, Madeleine Schneider, James Yoon, Suzanne J. Matthews, Rajeev Agrawal, and Alexander S. Mentis. 2019. Exploring RNNs for analyzing Zeek HTTP data. In Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security (HotSoS '19). Association for Computing Machinery, New York, NY, USA, Article 18, 1–2. https://doi.org/10.1145/3314058.3317291
URI
https://hdl.handle.net/20.500.14216/1086
DOI
https://doi.org/10.1145/3314058.3317291
Collections
Works of Scholarship