scholarly journals Software implementation of a DLP-system module for monitoring and controlling corporate network traffic using machine learning

2020 ◽  
Vol 27 (1) ◽  
pp. 28-39
Author(s):  
Anton A. Nedogarok ◽  
Nikolai V. Fedorov ◽  
Vitaly S. Shvychkov ◽  
Maxim I. Kalayda
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Software Implementation ◽  
Corporate Network ◽  
System Module

scholarly journals Utilising Flow Aggregation to Classify Benign Imitating Attacks

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1761
Author(s):  
Hanan Hindy ◽  
Robert Atkinson ◽  
Christos Tachtatzis ◽  
Ethan Bayne ◽  
Miroslav Bures ◽  
...  
Keyword(s):  
Machine Learning ◽  
Feature Extraction ◽  
Network Traffic ◽  
Cyber Attacks ◽  
Detection Accuracy ◽  
Computational Power ◽  
Human Understanding ◽  
Flow Aggregation ◽  
Additional Level ◽  
Attack Surfaces

Cyber-attacks continue to grow, both in terms of volume and sophistication. This is aided by an increase in available computational power, expanding attack surfaces, and advancements in the human understanding of how to make attacks undetectable. Unsurprisingly, machine learning is utilised to defend against these attacks. In many applications, the choice of features is more important than the choice of model. A range of studies have, with varying degrees of success, attempted to discriminate between benign traffic and well-known cyber-attacks. The features used in these studies are broadly similar and have demonstrated their effectiveness in situations where cyber-attacks do not imitate benign behaviour. To overcome this barrier, in this manuscript, we introduce new features based on a higher level of abstraction of network traffic. Specifically, we perform flow aggregation by grouping flows with similarities. This additional level of feature abstraction benefits from cumulative information, thus qualifying the models to classify cyber-attacks that mimic benign traffic. The performance of the new features is evaluated using the benchmark CICIDS2017 dataset, and the results demonstrate their validity and effectiveness. This novel proposal will improve the detection accuracy of cyber-attacks and also build towards a new direction of feature extraction for complex ones.

scholarly journals Machine Learning Classification and Regression Approaches for Optical Network Traffic Prediction

Electronics ◽  
2021 ◽  
Vol 10 (13) ◽  
pp. 1578
Author(s):  
Daniel Szostak ◽  
Adam Włodarczyk ◽  
Krzysztof Walkowiak
Keyword(s):  
Machine Learning ◽  
Optical Networks ◽  
Network Traffic ◽  
Optical Network ◽  
Optimization Methods ◽  
Supervised Machine Learning ◽  
Traffic Prediction ◽  
Machine Learning Classification ◽  
Classification And Regression ◽  
Network Technologies

Rapid growth of network traffic causes the need for the development of new network technologies. Artificial intelligence provides suitable tools to improve currently used network optimization methods. In this paper, we propose a procedure for network traffic prediction. Based on optical networks’ (and other network technologies) characteristics, we focus on the prediction of fixed bitrate levels called traffic levels. We develop and evaluate two approaches based on different supervised machine learning (ML) methods—classification and regression. We examine four different ML models with various selected features. The tested datasets are based on real traffic patterns provided by the Seattle Internet Exchange Point (SIX). Obtained results are analyzed using a new quality metric, which allows researchers to find the best forecasting algorithm in terms of network resources usage and operational costs. Our research shows that regression provides better results than classification in case of all analyzed datasets. Additionally, the final choice of the most appropriate ML algorithm and model should depend on the network operator expectations.

scholarly journals Classification of FPGA Based Network Traffic Using Machine Learning

2021 ◽  
Vol 1964 (6) ◽  
pp. 062008
Author(s):  
K Gunasekaran ◽  
Radhika Baskar ◽  
R Dhanagopal ◽  
K Elangovan
Keyword(s):  
Machine Learning ◽  
Network Traffic

Modernization of the software for measuring the quality of network traffic in the corporate network of the enterprise

2021 ◽  
pp. 104-113
Author(s):  
Е.Е. Истратова ◽  
Е.Н. Антонянц ◽  
А.О. Амельченко
Keyword(s):  
Network Traffic ◽  
Statistical Data ◽  
Client Server ◽  
Network Connection ◽  
Software Product ◽  
Corporate Network ◽  
Server Application

В статье представлены результаты модернизации ранее разработанного клиент-серверного приложения для исследования характеристик корпоративной сети. Результаты проведенных исследований позволили сделать вывод о том, что усовершенствованный программный продукт можно применять для сбора статистических данных о характеристиках сетевого подключения при передаче информации в корпоративной сети компании. The article presents the results of the modernization of a previously developed client-server application for the study of the characteristics of the corporate network. The results of the conducted research allowed us to conclude that the improved software product can be used to collect statistical data on the characteristics of the network connection when transmitting information in the corporate network of the company.

scholarly journals MODC: A Pareto-Optimal Optimization Approach for Network Traffic Classification Based on the Divide and Conquer Strategy

Information ◽  
2018 ◽  
Vol 9 (9) ◽  
pp. 233 ◽  
Author(s):  
Zuleika Nascimento ◽  
Djamel Sadok
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Machine Learning Algorithms ◽  
Divide And Conquer ◽  
Pareto Optimal ◽  
Optimization Approach ◽  
Traffic Classification ◽  
Multi Objective ◽  
Network Traffic Classification ◽  
Changes Over Time

Network traffic classification aims to identify categories of traffic or applications of network packets or flows. It is an area that continues to gain attention by researchers due to the necessity of understanding the composition of network traffics, which changes over time, to ensure the network Quality of Service (QoS). Among the different methods of network traffic classification, the payload-based one (DPI) is the most accurate, but presents some drawbacks, such as the inability of classifying encrypted data, the concerns regarding the users’ privacy, the high computational costs, and ambiguity when multiple signatures might match. For that reason, machine learning methods have been proposed to overcome these issues. This work proposes a Multi-Objective Divide and Conquer (MODC) model for network traffic classification, by combining, into a hybrid model, supervised and unsupervised machine learning algorithms, based on the divide and conquer strategy. Additionally, it is a flexible model since it allows network administrators to choose between a set of parameters (pareto-optimal solutions), led by a multi-objective optimization process, by prioritizing flow or byte accuracies. Our method achieved 94.14% of average flow accuracy for the analyzed dataset, outperforming the six DPI-based tools investigated, including two commercial ones, and other machine learning-based methods.

scholarly journals Lightweight Convolutional Neural Network Based Intrusion Detection System

2020 ◽  
pp. 808-817
Author(s):  
Vinh Pham ◽  
◽  
Eunil Seo ◽  
Tai-Myoung Chung
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Network Traffic ◽  
Detection System ◽  
Image Data ◽  
Training Data ◽  
Deep Packet Inspection ◽  
Detection Model

Identifying threats contained within encrypted network traffic poses a great challenge to Intrusion Detection Systems (IDS). Because traditional approaches like deep packet inspection could not operate on encrypted network traffic, machine learning-based IDS is a promising solution. However, machine learning-based IDS requires enormous amounts of statistical data based on network traffic flow as input data and also demands high computing power for processing, but is slow in detecting intrusions. We propose a lightweight IDS that transforms raw network traffic into representation images. We begin by inspecting the characteristics of malicious network traffic of the CSE-CIC-IDS2018 dataset. We then adapt methods for effectively representing those characteristics into image data. A Convolutional Neural Network (CNN) based detection model is used to identify malicious traffic underlying within image data. To demonstrate the feasibility of the proposed lightweight IDS, we conduct three simulations on two datasets that contain encrypted traffic with current network attack scenarios. The experiment results show that our proposed IDS is capable of achieving 95% accuracy with a reasonable detection time while requiring relatively small size training data.

Network traffic analysis using Machine Learning Techniques in IoT Network

2021 ◽  
Vol 9 (4) ◽  
pp. 0-0
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Network Traffic ◽  
Traffic Analysis ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Static And Dynamic Analysis ◽  
Network Traffic Analysis ◽  
Cyber Threats ◽  
Network Topologies

Internet of things devices are not very intelligent and resource-constrained; thus, they are vulnerable to cyber threats. Cyber threats would become potentially harmful and lead to infecting the machines, disrupting the network topologies, and denying services to their legitimate users. Artificial intelligence-driven methods and advanced machine learning-based network investigation prevent the network from malicious traffics. In this research, a support vector machine learning technique was used to classify normal and abnormal traffic. Network traffic analysis has been done to detect and prevent the network from malicious traffic. Static and dynamic analysis of malware has been done. Mininet emulator was selected for network design, VMware fusion for creating a virtual environment, hosting OS was Ubuntu Linux, network topology was a tree topology. Wireshark was used to open an existing pcap file that contains network traffic. The support vector machine classifier demonstrated the best performance with 99% accuracy.

Sign in / Sign up

Export Citation Format

Share Document