A4 Article in conference proceedings
Deep in the Dark : A Novel Threat Detection System using Darknet Traffic (2019)


Kumar, S., Vranken, H., Dijk, J. V., & Hämäläinen, T. (2019). Deep in the Dark : A Novel Threat Detection System using Darknet Traffic. In C. Baru, J. Huan, L. Khan, X. Hu, R. Ak, Y. Tian, R. Barga, C. Zaniolo, K. Lee, & Y. F. Ye (Eds.), IEEE Big Data 2019 : Proceedings of the 2019 IEEE International Conference on Big Data (pp. 4273-4279). IEEE. https://doi.org/10.1109/BigData47090.2019.9006374


JYU authors or editors


Publication details

All authors or editors: Kumar, Sanjay; Vranken, Harald; Dijk, Joost van; Hämäläinen, Timo

Parent publication: IEEE Big Data 2019 : Proceedings of the 2019 IEEE International Conference on Big Data

Parent publication editors: Baru, Chaitanya; Huan, Jun; Khan, Latifur; Hu, Xiaohua; Ak, Ronay; Tian, Yuanyan; Barga, Roger; Zaniolo, Carlo; Lee, Kisung; Ye, Yanfang Fanny

Place and date of conference: Los Angeles, USA, 9.-12.12.2019

ISBN: 978-1-7281-0859-9

eISBN: 978-1-7281-0858-2

Publication year: 2019

Pages range: 4273-4279

Publisher: IEEE

Publication country: United States

Publication language: English

DOI: https://doi.org/10.1109/BigData47090.2019.9006374

Publication open access: Not open

Publication channel open access:


Abstract

This paper proposes a threat detection system based on Machine Learning classifiers that are trained using darknet traffic. Traffic destined to Darknet is either malicious or by misconfiguration. Darknet traffic contains traces of several threats such as DDoS attacks, botnets, spoofing, probes and scanning attacks. We analyse darknet traffic by extracting network traffic features from it that help in finding patterns of these advanced threats. We collected the darknet traffic from the network sensors deployed at SURFnet and extracted several network-based features. In this study, we proposed a framework that uses supervised machine learning and a concept drift detector. Our experimental results show that our classifiers can easily distinguish between benign and malign traffic and are able to detect known and unknown threats effectively with an accuracy above 99%.


Keywords: cyber security; big data; anonymity networks; machine learning; data security

Free keywords: darknet traffic; DDoS; machine learning; threat detection; network telescope


Contributing organizations


Ministry reporting: Yes

Reporting Year: 2019

JUFO rating: 1


Last updated on 2021-15-07 at 07:32