Header menu link for other important links

Exploiting SNMP-MIB Data to Detect Network Anomalies using Machine Learning Techniques

, Mouhammd Al-kasassbeh, Eshraq Al-Hawari
Published in Springer Verlag
Volume: 869
Pages: 1204 - 1210

The exponential increase in the number of malicious threats on computer networks and Internet services due to a large number of attacks makes the network security at continuous risk. One of the most prevalent network attacks that threaten networks is Denial of Service (DoS) flooding attack. DoS attacks have recently become the most attractive type of attacks to attackers and these have posed devastating threats to network services. So, there is a need for effective approaches, which can efficiently detect any intrusion in the network. This paper presents an efficient mechanism for network attacks detection and types of attack classification using the Management Information Base (MIB) database associated with the Simple Network Management Protocol (SNMP) through machine learning techniques. This paper also investigates the impact of SNMP-MIB data on network anomalies detection. Three classifiers, namely, Random Forest, AdaboostM1 and MLP are used to build the detection model. The use of different classifiers presents a comprehensive study on the effectiveness of SNMP-MIB data in detecting different types of attack. Empirical results show that the machine learning techniques were quite successful in detecting and classifying the attacks with a high detection rate.

About the journal
JournalData powered by TypesetIntelligent Systems Conference 2018
PublisherData powered by TypesetSpringer Verlag
Open AccessNo