Forensic Data Analytics for Anomaly Detection in Evolving Networks

Forensic Data Analytics for Anomaly Detection in Evolving Networks

In the prevailing convergence of traditional infrastructure-based deployment (i.e., Telco and industry operational networks) towards evolving deployments enabled by 5G and virtualization, there is a keen interest in elaborating effective security controls to protect these deployments in-depth. By co...

Full description

Saved in:
Bibliographic Details
Main Authors: Yang, Li, Moubayed, Abdallah, Shami, Abdallah, Boukhtouta, Amine, Heidari, Parisa, Preda, Stere, Brunner, Richard, Migault, Daniel, Larabi, Adel
Format: Journal Article
Language:English
Published: 17-08-2023
Subjects:
Computer Science - Artificial Intelligence
Computer Science - Cryptography and Security
Computer Science - Learning
Computer Science - Networking and Internet Architecture
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the prevailing convergence of traditional infrastructure-based deployment (i.e., Telco and industry operational networks) towards evolving deployments enabled by 5G and virtualization, there is a keen interest in elaborating effective security controls to protect these deployments in-depth. By considering key enabling technologies like 5G and virtualization, evolving networks are democratized, facilitating the establishment of point presences integrating different business models ranging from media, dynamic web content, gaming, and a plethora of IoT use cases. Despite the increasing services provided by evolving networks, many cybercrimes and attacks have been launched in evolving networks to perform malicious activities. Due to the limitations of traditional security artifacts (e.g., firewalls and intrusion detection systems), the research on digital forensic data analytics has attracted more attention. Digital forensic analytics enables people to derive detailed information and comprehensive conclusions from different perspectives of cybercrimes to assist in convicting criminals and preventing future crimes. This chapter presents a digital analytics framework for network anomaly detection, including multi-perspective feature engineering, unsupervised anomaly detection, and comprehensive result correction procedures. Experiments on real-world evolving network data show the effectiveness of the proposed forensic data analytics solution.
DOI:10.48550/arxiv.2308.09171