Network Traffic Anomaly Detection On A Navy Network

Abstract

Navy watchstanders are ill-equipped to monitor network status in real time, to include an inability to identify network anomalies and potential risks on-the-fly. This leads to a lack of situational awareness and ultimately an inability to determine the current network risk level. An existing unsupervised machine learning technique is identified and leveraged to enable the detection of anomalous DNS network traffic on ashore-based unclassified Navy network. The research conducted by the team outlines an architecture that could be extended to produce a capability to provide the watchstander a near real-time metric of a subset of the risk that the network is experiencing by classifying DNS traffic anomalies

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2020
Accession Number
AD1114636

Entities

People

  • Greg T Bunder
  • Michael J Laws

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Autonomy
  • Biomedical
  • C4I
  • Cyber
  • Energy and Power Technologies
  • Engineered Resilient Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Artificial Intelligence
  • Artificial Intelligence Software
  • Automata Theory
  • Computer Languages
  • Computer Programming
  • Computer Science
  • Computers
  • Data Analysis
  • Data Mining
  • Data Visualization
  • Dimensionality Reduction
  • Information Science
  • Information Systems
  • Machine Learning
  • Network Protocols
  • Network Science
  • Neural Networks
  • Operating Systems
  • Processing Equipment
  • Situational Awareness
  • Supervised Machine Learning
  • Unsupervised Machine Learning

Fields of Study

  • Computer science

Readers

  • Maritime Security/Maritime Homeland Security
  • Neural Network Machine Learning.
  • Sensor Fusion and Tracking Systems.

Technology Areas

  • AI & ML
  • AI & ML - DoD AI Strategy