An Intelligent Defense and Filtration Platform for Network Traffic

  • Mehrnoosh MonshizadehEmail author
  • Vikramajeet Khatri
  • Buse Atli
  • Raimo Kantola
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10866)


Hybrid Anomaly Detection Model (HADM) is a security platform to detect and prevent cyber-attacks on communication networks. The platform uses a combination of linear and learning algorithms combined with protocol analyzer. The linear algorithms filter and extract distinctive attributes and features of the cyber-attacks while the learning algorithms use these attributes and features to identify new types of cyber-attacks. The protocol analyzer in this platform classifies and filters vulnerable protocols to avoid unnecessary computation load. The use of linear algorithms in conjunction with learning algorithms allows the HADM to achieve improved efficiency in terms of accuracy and computation time in order to detect cyber-attacks over existing solutions.


Security Cloud computing Internet of things Machine learning Anomaly detection 


  1. 1.
    Desale, K., Ade, R.: Genetic algorithm based feature selection approach for effective intrusion detection system. In: 2015 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, pp. 1–6 (2015)Google Scholar
  2. 2.
    Monshizadeh, M., Yan, Z.: Security related data mining. In: IEEE International Conference on Computer and Information Technology, Xi’an, pp. 775–782 (2014)Google Scholar
  3. 3.
    Di Pietro, A., et al.: Dynamic deep packet inspection for anomaly detection. US Patent 2017099310 (A1), 6 April 2017Google Scholar
  4. 4.
    Vasseur, J., et al.: Anomaly detection in a network coupling state information with machine learning outputs. US Patent 20170104774 (A1), 13 April 2017Google Scholar
  5. 5.
    Di Pietro, A., et al.: Signature creation for unknown attacks. US Patent 20160028750 (A1), 28 January 2016Google Scholar
  6. 6.
    Yadav, N., et al.: Network behavior data collection and analytics for anomaly detection. US Patent 20160359695 (A1), 8 December 2016Google Scholar
  7. 7.
    Atli, B.: Anomaly-based intrusion detection by modeling probability distributions of flow characteristics. MS thesis, Aalto University (2017)Google Scholar
  8. 8.
    ISCX-2012: University of New Brunswick.
  9. 9.
  10. 10.
    Monshizadeh, M., Khatri, V., Kantola, R.: Detection as a service: an SDN application. In: 19th International Conference on Advanced Communication Technology (ICACT), Bongpyeong, pp. 285–290 (2017)Google Scholar
  11. 11.
    Sharafaldin, I., et al.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP), Portugal, January 2018Google Scholar
  12. 12.
    Yann, L., et al.: Deep learning. Nature 521(7553), 436 (2015)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.Nokia Bell LabsEspooFinland
  2. 2.Department of ComnetAalto UniversityEspooFinland

Personalised recommendations