Skip to content
/ network-threats-taxonomy Public

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

License

GPL-3.0 license
104 stars 25 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AbertayMachineLearningGroup/network-threats-taxonomy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
Datasets
Datasets
 
 
Taxonomy
Taxonomy
 
 
Tools
Tools
 
 
images
images
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Network Threats And Tools Taxonomy

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies "A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets” and “A Taxonomy of Malicious Traffic for Intrusion Detection Systems”, classifying threats as well as evaluating current datasets. The result shows that a large portion of current research published train IDS algorithms against outdated datasets and outdated threats. To this end, we provide the source of our threat taxonomy, allowing other researchers to contribute and modify it.

The taxonomy is a collaboration between Abertay University, The University of Strathclyde, The Naval Academy Research Institute and Middlesex University (Mauritius Campus)

Taxonomy Structure

The taxonomy classifies each network threat according to:

  • Its Source (i.e. Networking, Host, Software, Hardware, Human)
  • OSI Layer
  • Active / Passive

Prerequisites for a push request

Ensure that the latex source compiles correctly

Manuscript & Citations

The final version of our manuscript is published in IEEE Access Jounral. The paper "A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems" can be found here.

We have released a pre-print of our article on Arxiv, it includes the original taxonomies in a paper called "A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets". The paper can be found here.

If you want to cite the paper please use the following format;

@ARTICLE{9108270,  
	author={H. {Hindy} and D. {Brosset} and E. {Bayne} and A. {Seeam} and C. {Tachtatzis} and R. {Atkinson} and X. {Bellekens}},  
	journal={IEEE Access},   
	title={A Taxonomy of Network Threats and the Effect of Current Datasets on Intrusion Detection Systems},   
	year={2020},  
	volume={},  
	number={},  
	pages={1-1},}

Contributors

  • Hanan Hindy
  • Dr Xavier Bellekens

Samples from taxonomy

  • Threats

The threats are organised using the 7 layers of the OSI Models as shown below.

Taxonomy_1 Taxonomy_2 Taxonomy_3

  • Tools

The Threats are then associated with the tools used to carry the attacks.

Tools

About

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

Topics

security research networking tool taxonomy hacking security-vulnerability network-analysis academia security-automation security-tools hacking-tools

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

104 stars

Watchers

13 watching

Forks

25 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages