scholarly journals Research on QoS Classification of Network Encrypted Traffic Behavior Based on Machine Learning

Electronics ◽  
2021 ◽  
Vol 10 (12) ◽  
pp. 1376
Author(s):  
Yung-Fa Huang ◽  
Chuan-Bi Lin ◽  
Chien-Min Chung ◽  
Ching-Mu Chen
Keyword(s):  
Machine Learning ◽  
Majority Voting ◽  
Deep Packet Inspection ◽  
Traffic Classification ◽  
K 13 ◽  
Packet Inspection ◽  
Majority Voting Method ◽  
Encrypted Traffic ◽  
Traffic Behavior

In recent years, privacy awareness is concerned due to many Internet services have chosen to use encrypted agreements. In order to improve the quality of service (QoS), the network encrypted traffic behaviors are classified based on machine learning discussed in this paper. However, the traditional traffic classification methods, such as IP/ASN (Autonomous System Number) analysis, Port-based and deep packet inspection, etc., can classify traffic behavior, but cannot effectively handle encrypted traffic. Thus, this paper proposed a hybrid traffic classification (HTC) method based on machine learning and combined with IP/ASN analysis with deep packet inspection. Moreover, the majority voting method was also used to quickly classify different QoS traffic accurately. Experimental results show that the proposed HTC method can effectively classify different encrypted traffic. The classification accuracy can be further improved by 10% with majority voting as K = 13. Especially when the networking data are using the same protocol, the proposed HTC can effectively classify the traffic data with different behaviors with the differentiated services code point (DSCP) mark.

scholarly journals QoS-aware Traffic Classification Architecture Using Machine Learning and Deep Packet Inspection in SDNs

2018 ◽  
Vol 131 ◽  
pp. 1209-1216 ◽  
Author(s):  
Changhe Yu ◽  
Julong Lan ◽  
JiChao Xie ◽  
Yuxiang Hu
Keyword(s):  
Machine Learning ◽  
Deep Packet Inspection ◽  
Traffic Classification ◽  
Packet Inspection

scholarly journals Internet Traffic Classification with Federated Learning

Electronics ◽  
2020 ◽  
Vol 10 (1) ◽  
pp. 27
Author(s):  
Hyunsu Mun ◽  
Youngseok Lee
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Internet Traffic ◽  
Packet Classification ◽  
Deep Packet Inspection ◽  
Traffic Classification ◽  
User Privacy ◽  
Internet Traffic Classification ◽  
Packet Inspection ◽  
And Performance

As Internet traffic classification is a typical problem for ISPs or mobile carriers, there have been a lot of studies based on statistical packet header information, deep packet inspection, or machine learning. Due to recent advances in end-to-end encryption and dynamic port policies, machine or deep learning has been an essential key to improve the accuracy of packet classification. In addition, ISPs or mobile carriers should carefully deal with the privacy issue while collecting user packets for accounting or security. The recent development of distributed machine learning, called federated learning, collaboratively carries out machine learning jobs on the clients without uploading data to a central server. Although federated learning provides an on-device learning framework towards user privacy protection, its feasibility and performance of Internet traffic classification have not been fully examined. In this paper, we propose a federated-learning traffic classification protocol (FLIC), which can achieve an accuracy comparable to centralized deep learning for Internet application identification without privacy leakage. FLIC can classify new applications on-the-fly when a participant joins in learning with a new application, which has not been done in previous works. By implementing the prototype of FLIC clients and a server with TensorFlow, the clients gather packets, perform the on-device training job and exchange the training results with the FLIC server. In addition, we demonstrate that federated learning-based packet classification achieves an accuracy of 88% under non-independent and identically distributed (non-IID) traffic across clients. When a new application that can be classified dynamically as a client participates in learning was added, an accuracy of 92% was achieved.

scholarly journals A Survey on Machine Learning and Deep Learning based Quality of Service aware Protocols for Software Defined Networks

2021 ◽  
Author(s):  
Hiren Kumar Deva Sarma
Keyword(s):  
Machine Learning ◽  
Quality Of Service ◽  
Deep Learning ◽  
Service Level Agreement ◽  
Service Level ◽  
Future Research ◽  
Traffic Classification ◽  
Software Defined Networks ◽  
Research Issues

<p>Quality of Service (QoS) is one of the most important parameters to be considered in computer networking and communication. The traditional network incorporates various quality QoS frameworks to enhance the quality of services. Due to the distributed nature of the traditional networks, providing quality of service, based on service level agreement (SLA) is a complex task for the network designers and administrators. With the advent of software defined networks (SDN), the task of ensuring QoS is expected to become feasible. Since SDN has logically centralized architecture, it may be able to provide QoS, which was otherwise extremely difficult in traditional network architectures. Emergence and popularity of machine learning (ML) and deep learning (DL) have opened up even more possibilities in the line of QoS assurance. In this article, the focus has been mainly on machine learning and deep learning based QoS aware protocols that have been developed so far for SDN. The functional areas of SDN namely traffic classification, QoS aware routing, queuing, and scheduling are considered in this survey. The article presents a systematic and comprehensive study on different ML and DL based approaches designed to improve overall QoS in SDN. Different research issues & challenges, and future research directions in the area of QoS in SDN are outlined. <b></b></p>

scholarly journals Performance Analysis of Machine Learning and Pattern Matching Techniques for Deep Packet Inspection in Firewalls

2021 ◽  
Author(s):  
J.V. BibalBenifa ◽  
Saravanan Krishnann ◽  
Hoang Long ◽  
Raghvendra Kumar ◽  
David Taniar
Keyword(s):  
Machine Learning ◽  
Pattern Matching ◽  
Hybrid Method ◽  
Naive Bayes ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Support Vector ◽  
The Internet ◽  
Deep Packet Inspection ◽  
Packet Inspection

Abstract Malware is essentially one of the major security issues that have the potential to break the computer operations instantly. Majority of the internet attacks are caused by malwares that are being distributed through HTTP over the Internet. A Firewall is essential to prevent such internet attacks for enhancing the security measures. The most efficient method to prevent Intrusion in the network is Deep Packet Inspection (DPI), which is presently implemented in advanced firewalls. This research work intends to detect and prevent the intrusion in the network using a hybrid method with DPI, Pattern Matching (PM), and Machine Learning (ML) techniques. In this present work, a hybrid method which involves the functionalities of both DPI and ML is used for classification and identification of attacks. Here, DPI is done by Boyer-Moore-Horspool (BMHP) pattern matching algorithm and ten ML algorithms such as Support Vector Machines (SVM), Linear-SVM (L-SVM), K-Nearest Neighbors (KNN), Multi-Layer Perceptron (MLP), Decision Tree (DT), Random Forest (RF), AdaBoost (Ada), Gaussian Naive Bayes (GaNB) and Bernouli Naive Bayes (BeNB) are employed for classification. Subsequently, the proposed work is evaluated in a sequential and parallel manner and it is customized for identifying the fuzzy, impersonation and Denial of Service (DoS)-based attacks. The proposed system is analyzed in different dimensions such as performance of ML methods and role of DPI in attack identification including the pattern matching efficiency. From the investigation, it is identified that BMHP algorithm has the least time and memory consumed values about 0.0028 sec and 125.4 Mib respectively. Similarly, SVM has the accuracy of 99.91% with the least time and memory consumed values about 18.185 sec and 303.5 MiB respectively.

Sign in / Sign up

Export Citation Format

Share Document