Skip to content

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

License

Notifications You must be signed in to change notification settings

AbertayMachineLearningGroup/network-threats-taxonomy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Network Threats And Tools Taxonomy

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies "A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets” and “A Taxonomy of Malicious Traffic for Intrusion Detection Systems”, classifying threats as well as evaluating current datasets. The result shows that a large portion of current research published train IDS algorithms against outdated datasets and outdated threats. To this end, we provide the source of our threat taxonomy, allowing other researchers to contribute and modify it.

The taxonomy is a collaboration between Abertay University, The University of Strathclyde, The Naval Academy Research Institute and Middlesex University (Mauritius Campus)

Taxonomy Structure

The taxonomy classifies each network threat according to:

  • Its Source (i.e. Networking, Host, Software, Hardware, Human)
  • OSI Layer
  • Active / Passive

Prerequisites for a push request

Ensure that the latex source compiles correctly

Manuscript & Citations

The final version of our manuscript is published in IEEE Access Jounral. The paper "A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems" can be found here.

We have released a pre-print of our article on Arxiv, it includes the original taxonomies in a paper called "A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets". The paper can be found here.

If you want to cite the paper please use the following format;

@ARTICLE{9108270,  
	author={H. {Hindy} and D. {Brosset} and E. {Bayne} and A. {Seeam} and C. {Tachtatzis} and R. {Atkinson} and X. {Bellekens}},  
	journal={IEEE Access},   
	title={A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems},   
	year={2020},  
	volume={},  
	number={},  
	pages={1-1},}

Contributors

  • Hanan Hindy
  • Dr Xavier Bellekens

Samples from taxonomy

  • Threats

The threats are organised using the 7 layers of the OSI Models as shown below.

Taxonomy_1 Taxonomy_2 Taxonomy_3

  • Tools

The Threats are then associated with the tools used to carry the attacks.

Tools

About

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages