Supporting features for flow-level packet analysis towards cyber threat detection: a pilot study Online publication date: Mon, 06-Sep-2021
by Emmanuel C. Ogu; Olusegun A. Ojesanmi; Oludele Awodele; Shade O. Kuyoro
International Journal of Information and Computer Security (IJICS), Vol. 16, No. 1/2, 2021
Abstract: Thousands of new threats and threat categories emerge every second in cyberspace, even as known threats keep adapting robustly to existing solutions, thus challenging modern approaches to threat detection. While many contemporary detection solutions continue to rely largely on flow-level packet analysis by monitoring trends and patterns of activity in supporting flow features of interest, little attention has been paid to whether such supporting flow features still present an effective means of reaching accurate conclusions regarding imminent or occurrent cyber threat incidents, especially in light of the rapidly evolving threat landscape. Hence, this pilot study reinvestigates four commonly-used supporting flow features in modern threat detection solutions, viz.: flow packet count, flow packet throughput (bytes/s), flow packet throughput (packets/s) and average flow packet size (bytes), to ascertain/verify their continued relevance for cyber threat detection. The study adopts the methodology of data simulation with descriptive infographic analysis using the UNSW-NB15 dataset.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook