scholarly journals Supervised Learning-Based Fast, Stealthy, and Active NAT Device Identification Using Port Response Patterns

Symmetry ◽  
2020 ◽  
Vol 12 (9) ◽  
pp. 1444
Author(s):  
Seungwoon Lee ◽  
Si Jung Kim ◽  
Jungtae Lee ◽  
Byeong-hee Roh
Keyword(s):  
Supervised Learning ◽  
Response Patterns ◽  
Learning Approaches ◽  
Security Issue ◽  
Ip Address ◽  
Device Identification ◽  
Address Translation ◽  
Proposed Model ◽  
Network Operations ◽  
Network Administrators

Although network address translation (NAT) provides various advantages, it may cause potential threats to network operations. For network administrators to operate networks effectively and securely, it may be necessary to verify whether an assigned IP address is using NAT or not. In this paper, we propose a supervised learning-based active NAT device (NATD) identification using port response patterns. The proposed model utilizes the asymmetric port response patterns between NATD and non-NATD. In addition, to reduce the time and to solve the security issue that supervised learning approaches exhibit, we propose a fast and stealthy NATD identification method. The proposed method can perform the identification remotely, unlike conventional methods that should operate in the same network as the targets. The experimental results demonstrate that the proposed method is effective, exhibiting a F1 score of over 90%. With the efficient features of the proposed methods, we recommend some practical use cases that can contribute to managing networks securely and effectively.

An Opcode-Based Malware Detection Model Using Supervised Learning Algorithms

2021 ◽  
Vol 15 (4) ◽  
pp. 18-30
Author(s):  
Om Prakash Samantray ◽  
Satya Narayan Tripathy
Keyword(s):  
Supervised Learning ◽  
Learning Algorithms ◽  
Malware Detection ◽  
Support Vector ◽  
Detection Accuracy ◽  
Detection Techniques ◽  
Detection Model ◽  
Proposed Model ◽  
Tree Classifier ◽  
Supervised Learning Algorithms

There are several malware detection techniques available that are based on a signature-based approach. This approach can detect known malware very effectively but sometimes may fail to detect unknown or zero-day attacks. In this article, the authors have proposed a malware detection model that uses operation codes of malicious and benign executables as the feature. The proposed model uses opcode extract and count (OPEC) algorithm to prepare the opcode feature vector for the experiment. Most relevant features are selected using extra tree classifier feature selection technique and then passed through several supervised learning algorithms like support vector machine, naive bayes, decision tree, random forest, logistic regression, and k-nearest neighbour to build classification models for malware detection. The proposed model has achieved a detection accuracy of 98.7%, which makes this model better than many of the similar works discussed in the literature.

Spatio-Temporal Gaussianization Flows for Extreme Event Detection

2021 ◽  
Author(s):  
Miguel-Ángel Fernández-Torres ◽  
J. Emmanuel Johnson ◽  
María Piles ◽  
Gustau Camps-Valls
Keyword(s):  
Event Detection ◽  
Land Surface ◽  
Extreme Event ◽  
Learning Approaches ◽  
Proposed Model ◽  
Individual Contributions ◽  
Current Context ◽  
Spatio Temporal ◽  
The Individual ◽  
Anomaly Score

<p>Automatic anticipation and detection of extreme events constitute a major challenge in the current context of climate change. Machine learning approaches have excelled in detection of extremes and anomalies in Earth data cubes recently, but are typically both computationally costly and supervised, which hamper their wide adoption. We alternatively present here an unsupervised, efficient, generative approach for extreme event detection, whose performance is illustrated for drought detection in Europe during the severe Russian heat wave in 2010. The core architecture of the model is generic and could naturally be extended to the detection of other kinds of anomalies. First, it computes hierarchical appearance (spatial) and motion (temporal) representations of several informative Essential Climate Variables (ECVs), including soil moisture, land surface temperature, as well as features describing vegetation health. Then, these representations are combined using Gaussianization Flows that yield a spatio-temporal anomaly score. This allows the proposed model not only to detect droughts areas, but also to explain why they were produced, monitoring the individual contributions of each of the ECVs to the indicator at its output.</p>

scholarly journals A strategy learning model for autonomous agents based on classification

2015 ◽  
Vol 25 (3) ◽  
pp. 471-482 ◽  
Author(s):  
Bartłomiej Śnieżyński
Keyword(s):  
Reinforcement Learning ◽  
Supervised Learning ◽  
Learning Process ◽  
Autonomous Agents ◽  
Good Alternative ◽  
Learning Model ◽  
Learning Method ◽  
Complex Environments ◽  
Agent Based ◽  
Proposed Model

AbstractIn this paper we propose a strategy learning model for autonomous agents based on classification. In the literature, the most commonly used learning method in agent-based systems is reinforcement learning. In our opinion, classification can be considered a good alternative. This type of supervised learning can be used to generate a classifier that allows the agent to choose an appropriate action for execution. Experimental results show that this model can be successfully applied for strategy generation even if rewards are delayed. We compare the efficiency of the proposed model and reinforcement learning using the farmer-pest domain and configurations of various complexity. In complex environments, supervised learning can improve the performance of agents much faster that reinforcement learning. If an appropriate knowledge representation is used, the learned knowledge may be analyzed by humans, which allows tracking the learning process

scholarly journals NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network

Electronics ◽  
2020 ◽  
Vol 9 (9) ◽  
pp. 1510 ◽  
Author(s):  
Prakash Veeraraghavan ◽  
Dalal Hanna ◽  
Eric Pardede
Keyword(s):  
Internet Protocol ◽  
The Internet ◽  
Network Address Translation ◽  
Ip Address ◽  
Address Translation ◽  
Corporate Network ◽  
Ip Spoofing ◽  
Simulation Results ◽  
Ip Packet

The Internet Protocol (IP) version 4 (IPv4) has several known vulnerabilities. One of the important vulnerabilities is that the protocol does not validate the correctness of the source address carried in an IP packet. Users with malicious intentions may take advantage of this vulnerability and launch various attacks against a target host or a network. These attacks are popularly known as IP Address Spoofing attacks. One of the classical IP-spoofing attacks that cost several million dollars worldwide is the DNS-amplification attack. Currently, the availability of solutions is limited, proprietary, expensive, and requires expertise. The Internet is subjected to several other forms of amplification attacks happening every day. Even though IP-Spoofing is one of the well-researched areas since 2005, there is no holistic solution available to solve this problem from the gross-root. Also, every solution assumes that the attackers are always from outside networks. In this paper, we provide an efficient and scalable solution to solve the IP-Spoofing problem that arises from malicious or compromised inside hosts. We use a modified form of Network Address Translation (NAT) to build our solution framework. We call our framework as NAT++. The proposed infrastructure is robust, crypto-free, and easy to implement. Our simulation results have shown that the proposed NAT++ infrastructure does not consume more than the resources required by a simple NAT.

Unsupervised and Supervised Learning Approaches Together for Microarray Analysis

2011 ◽  
Vol 106 (1) ◽  
pp. 45-73 ◽  
Author(s):  
Indrajit Saha ◽  
Ujjwal Maulik ◽  
Sanghamitra Bandyopadhyay ◽  
Dariusz Plewczynski
Keyword(s):  
Supervised Learning ◽  
Microarray Analysis ◽  
Learning Approaches
Sign in / Sign up

Export Citation Format

Share Document