Data classification for artificial intelligence construct training to aid in network incident identification using network telescope data
- Cowie, Bradley, Irwin, Barry V W
- Authors: Cowie, Bradley , Irwin, Barry V W
- Date: 2010
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430125 , vital:72667 , https://doi.org/10.1145/1899503.1899544
- Description: This paper considers the complexities involved in obtaining training da-ta for use by artificial intelligence constructs to identify potential network incidents using passive network telescope data. While a large amount of data obtained from network telescopes exists, this data is not current-ly marked for known incidents. Problems related to this marking process include the accuracy of the markings, the validity of the original data and the time involved. In an attempt to solve these issues two methods of training data generation are considered namely; manual identification and automated generation. The manual technique considers heuristics for finding network incidents while the automated technique considers building simulated data sets using existing models of virus propagation and malicious activity. An example artificial intelligence system is then constructed using these marked datasets.
- Full Text:
- Authors: Cowie, Bradley , Irwin, Barry V W
- Date: 2010
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430125 , vital:72667 , https://doi.org/10.1145/1899503.1899544
- Description: This paper considers the complexities involved in obtaining training da-ta for use by artificial intelligence constructs to identify potential network incidents using passive network telescope data. While a large amount of data obtained from network telescopes exists, this data is not current-ly marked for known incidents. Problems related to this marking process include the accuracy of the markings, the validity of the original data and the time involved. In an attempt to solve these issues two methods of training data generation are considered namely; manual identification and automated generation. The manual technique considers heuristics for finding network incidents while the automated technique considers building simulated data sets using existing models of virus propagation and malicious activity. An example artificial intelligence system is then constructed using these marked datasets.
- Full Text:
Parallel packet classification using GPU co-processors
- Nottingham, Alistair, Irwin, Barry V W
- Authors: Nottingham, Alistair , Irwin, Barry V W
- Date: 2010
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430250 , vital:72677 , https://doi.org/10.1145/1899503.1899529
- Description: In the domain of network security, packet filtering for classification pur-poses is of significant interest. Packet classification provides a mecha-nism for understanding the composition of packet streams arriving at distinct network interfaces, and is useful in diagnosing threats and un-covering vulnerabilities so as to maximise data integrity and system se-curity. Traditional packet classifiers, such as PCAP, have utilised Con-trol Flow Graphs (CFGs) in representing filter sets, due to both their amenability to optimisation, and their inherent structural applicability to the metaphor of decision-based classification. Unfortunately, CFGs do not map well to cooperative processing implementations, and single-threaded CPU-based implementations have proven too slow for real-time classification against multiple arbitrary filters on next generation networks. In this paper, we consider a novel multithreaded classification algorithm, optimised for execution on GPU co-processors, intended to accelerate classification throughput and maximise processing efficien-cy in a highly parallel execution context.
- Full Text:
- Authors: Nottingham, Alistair , Irwin, Barry V W
- Date: 2010
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430250 , vital:72677 , https://doi.org/10.1145/1899503.1899529
- Description: In the domain of network security, packet filtering for classification pur-poses is of significant interest. Packet classification provides a mecha-nism for understanding the composition of packet streams arriving at distinct network interfaces, and is useful in diagnosing threats and un-covering vulnerabilities so as to maximise data integrity and system se-curity. Traditional packet classifiers, such as PCAP, have utilised Con-trol Flow Graphs (CFGs) in representing filter sets, due to both their amenability to optimisation, and their inherent structural applicability to the metaphor of decision-based classification. Unfortunately, CFGs do not map well to cooperative processing implementations, and single-threaded CPU-based implementations have proven too slow for real-time classification against multiple arbitrary filters on next generation networks. In this paper, we consider a novel multithreaded classification algorithm, optimised for execution on GPU co-processors, intended to accelerate classification throughput and maximise processing efficien-cy in a highly parallel execution context.
- Full Text:
- «
- ‹
- 1
- ›
- »