Sistema híbrido e on-line de detecção e classificação de tráfego malicioso

Abstract: Several Machine Learning methodologies have been proposed to improve security in computer networks and reduce the damage caused by the action of malicious agents. However, detecting and classifying attacks with high accuracy and precision is still a major challenge in today’s networks. This paper proposes an online attack detection and network traffic classification system, which hybridly combines Stream Machine Learning, Deep Learning, and Ensemble technique. Using multiple stages of data analysis, the system can detect the presence of malicious traffic flows and classify them according to the type of attack they represent. The system was evaluated in three network security datasets, in which it obtained accuracy and precision above 90% with a reduced false alarm rate.