Traffic Similarity Observation Using a Genetic Algorithm and Clustering

Traffic Similarity Observation Using a Genetic Algorithm and Clustering

Článek WoS

This article presents a technique of traffic similarity observation based on the statistical method of survival analysis by using a genetic algorithm. The basis comes from the k-means clustering algorithm. The observed traffic is collected from different network sources by using a NetFlow collector. The purpose of this technique is to propose a process of finding spread malicious traffic, e.g., ransomware, and considers the possibility of implementing a genetic-based algorithm. In our solution, a chromosome is created from clustering k-means centers, and the Davies–Bouldin validity index is used as the second fitness value in the solution.

This article presents a technique of traffic similarity observation based on the statistical method of survival analysis by using a genetic algorithm. The basis comes from the k-means clustering algorithm. The observed traffic is collected from different network sources by using a NetFlow collector. The purpose of this technique is to propose a process of finding spread malicious traffic, e.g., ransomware, and considers the possibility of implementing a genetic-based algorithm. In our solution, a chromosome is created from clustering k-means centers, and the Davies–Bouldin validity index is used as the second fitness value in the solution.

Clustering algorithms, Evolutionary computation, IP networks, Information security, Programming.

Clustering algorithms, Evolutionary computation, IP networks, Information security, Programming.

OUJEZSKÝ, V.; HORVÁTH, T.

2019

11.11.2018

MDPI

Switzerland

2227-7080

Technologies

6

4

Švýcarská konfederace

1

10

10

https://www.mdpi.com/2227-7080/6/4/103

http://hdl.handle.net/11012/137212

technologies-06-00103