scholarly journals Online P2P Internet Traffic Classification and Mitigation Based on Snort and ML

2019 ◽  
Vol 4 (10) ◽  
pp. 131-137 ◽  
Author(s):  
Haitham Ahmed Jamil ◽  
Bushra M. Ali ◽  
Mosab Hamdan ◽  
Ahmed E. Osman
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Computation Time ◽  
Internet Traffic ◽  
Classification Performance ◽  
Transport Layer ◽  
Traffic Classification ◽  
Shared Resources ◽  
Internet Applications ◽  
Learning Classifier

Peer to peer applications have modified the nature of internet traffic.   It will consume high internet bandwidth and affect the performance of traditional traffic internet applications.   Therefore, the management and monitoring activity of internet traffic is the important activities involved in the optimization.   In order to detect and mitigate the P2P traffic, port, payload, and transport layer based methods were developed in the past.  Nevertheless, the performances of these methods were not up to the expectation.  Machine Learning (ML) is one of the promising methods to identify and mitigate the traffic of the Internet.   However, the classification accuracy is inconsistent.   The reason for the inconsistency is the relevant training datasets generation and feature selection.   In this research, a technique based on signature-based and ML is proposed to develop a model for online P2P traffic detection and mitigation.   The proposed work can be employed to evaluate the robustness of the online P2P machine learning classifier based on real network traffic traces containing flows labelled by SNORT tool and from special shared resources.  Analysis and validation were carried out on traffic traces of University Technology Malaysia.   The period of traffic was 2011 and 2013.   The output of research is revealing that the proposed work has spent less computation time for classification.  This method gives 99.7% accuracy which equals the classification performance attained for P2P using deep packet inspector. The findings show that classifying network traffic at the flow level can differentiate P2P over non-P2P (nP2P) with high confidence for online P2P mitigation.

scholarly journals Effective Packet Number for 5G IM WeChat Application at Early Stage Traffic Classification

2017 ◽  
Vol 2017 ◽  
pp. 1-22 ◽  
Author(s):  
Muhammad Shafiq ◽  
Xiangzhan Yu
Keyword(s):  
Machine Learning ◽  
Mutual Information ◽  
Network Traffic ◽  
Early Stage ◽  
Statistical Tests ◽  
Internet Traffic ◽  
Machine Learning Algorithms ◽  
Experimental Results ◽  
Traffic Classification ◽  
Network Traffic Classification

Accurate network traffic classification at early stage is very important for 5G network applications. During the last few years, researchers endeavored hard to propose effective machine learning model for classification of Internet traffic applications at early stage with few packets. Nevertheless, this essential problem still needs to be studied profoundly to find out effective packet number as well as effective machine learning (ML) model. In this paper, we tried to solve the above-mentioned problem. For this purpose, five Internet traffic datasets are utilized. Initially, we extract packet size of 20 packets and then mutual information analysis is carried out to find out the mutual information of each packet onnflow type. Thereafter, we execute 10 well-known machine learning algorithms using crossover classification method. Two statistical analysis tests, Friedman and Wilcoxon pairwise tests, are applied for the experimental results. Moreover, we also apply the statistical tests for classifiers to find out effective ML classifier. Our experimental results show that 13–19 packets are the effective packet numbers for 5G IM WeChat application at early stage network traffic classification. We also find out effective ML classifier, where Random Forest ML classifier is effective classifier at early stage Internet traffic classification.

scholarly journals MODC: A Pareto-Optimal Optimization Approach for Network Traffic Classification Based on the Divide and Conquer Strategy

Information ◽  
2018 ◽  
Vol 9 (9) ◽  
pp. 233 ◽  
Author(s):  
Zuleika Nascimento ◽  
Djamel Sadok
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Machine Learning Algorithms ◽  
Divide And Conquer ◽  
Pareto Optimal ◽  
Optimization Approach ◽  
Traffic Classification ◽  
Multi Objective ◽  
Network Traffic Classification ◽  
Changes Over Time

Network traffic classification aims to identify categories of traffic or applications of network packets or flows. It is an area that continues to gain attention by researchers due to the necessity of understanding the composition of network traffics, which changes over time, to ensure the network Quality of Service (QoS). Among the different methods of network traffic classification, the payload-based one (DPI) is the most accurate, but presents some drawbacks, such as the inability of classifying encrypted data, the concerns regarding the users’ privacy, the high computational costs, and ambiguity when multiple signatures might match. For that reason, machine learning methods have been proposed to overcome these issues. This work proposes a Multi-Objective Divide and Conquer (MODC) model for network traffic classification, by combining, into a hybrid model, supervised and unsupervised machine learning algorithms, based on the divide and conquer strategy. Additionally, it is a flexible model since it allows network administrators to choose between a set of parameters (pareto-optimal solutions), led by a multi-objective optimization process, by prioritizing flow or byte accuracies. Our method achieved 94.14% of average flow accuracy for the analyzed dataset, outperforming the six DPI-based tools investigated, including two commercial ones, and other machine learning-based methods.

A survey of techniques for internet traffic classification using machine learning

2008 ◽  
Vol 10 (4) ◽  
pp. 56-76 ◽  
Author(s):  
Thuy T.T. Nguyen ◽  
Grenville Armitage
Keyword(s):  
Machine Learning ◽  
Internet Traffic ◽  
Traffic Classification ◽  
Internet Traffic Classification

scholarly journals An Adaptive Multi-Layer Botnet Detection Technique Using Machine Learning Classifiers

2019 ◽  
Vol 9 (11) ◽  
pp. 2375 ◽  
Author(s):  
Riaz Ullah Khan ◽  
Xiaosong Zhang ◽  
Rajesh Kumar ◽  
Abubakar Sharif ◽  
Noorbakhsh Amiri Golilarz ◽  
...  
Keyword(s):  
Machine Learning ◽  
Decision Tree ◽  
Network Traffic ◽  
Traffic Classification ◽  
Decision Tree Classifier ◽  
Machine Learning Classifiers ◽  
Learning Classifiers ◽  
Average Accuracy ◽  
Final Layer ◽  
Tree Classifier

In recent years, the botnets have been the most common threats to network security since it exploits multiple malicious codes like a worm, Trojans, Rootkit, etc. The botnets have been used to carry phishing links, to perform attacks and provide malicious services on the internet. It is challenging to identify Peer-to-peer (P2P) botnets as compared to Internet Relay Chat (IRC), Hypertext Transfer Protocol (HTTP) and other types of botnets because P2P traffic has typical features of the centralization and distribution. To resolve the issues of P2P botnet identification, we propose an effective multi-layer traffic classification method by applying machine learning classifiers on features of network traffic. Our work presents a framework based on decision trees which effectively detects P2P botnets. A decision tree algorithm is applied for feature selection to extract the most relevant features and ignore the irrelevant features. At the first layer, we filter non-P2P packets to reduce the amount of network traffic through well-known ports, Domain Name System (DNS). query, and flow counting. The second layer further characterized the captured network traffic into non-P2P and P2P. At the third layer of our model, we reduced the features which may marginally affect the classification. At the final layer, we successfully detected P2P botnets using decision tree Classifier by extracting network communication features. Furthermore, our experimental evaluations show the significance of the proposed method in P2P botnets detection and demonstrate an average accuracy of 98.7%.

scholarly journals Towards the Deployment of Machine Learning Solutions in Network Traffic Classification: A Systematic Survey

2019 ◽  
Vol 21 (2) ◽  
pp. 1988-2014 ◽  
Author(s):  
Fannia Pacheco ◽  
Ernesto Exposito ◽  
Mathieu Gineste ◽  
Cedric Baudoin ◽  
Jose Aguilar
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Traffic Classification ◽  
Systematic Survey ◽  
Network Traffic Classification

A review on machine learning–based approaches for Internet traffic classification

2020 ◽  
Vol 75 (11-12) ◽  
pp. 673-710 ◽  
Author(s):  
Ola Salman ◽  
Imad H. Elhajj ◽  
Ayman Kayssi ◽  
Ali Chehab
Keyword(s):  
Machine Learning ◽  
Internet Traffic ◽  
Traffic Classification ◽  
Internet Traffic Classification

Study on Process of Network Traffic Classification Using Machine Learning

2010 ◽  
Author(s):  
Jian-Min Wang ◽  
Cheng-Lu Qian ◽  
Chun-Hui Che ◽  
Hai-Tao He
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Traffic Classification ◽  
Network Traffic Classification
Sign in / Sign up

Export Citation Format

Share Document