CONTROL AND DECISION-MAKING
CONTROL SYSTEMS
SOFTWARE ENGINEERING
DATA PROCESSING AND ANALYSIS
R. N. Ermakov, V. V. Alekseev Primary Data Processing for Constructing Network Package Classifiers in Deep Packet Inspection Analysis and in the Intrusion Detection Systems
PATTERN RECOGNITION
SECURITY ISSUES
R. N. Ermakov, V. V. Alekseev Primary Data Processing for Constructing Network Package Classifiers in Deep Packet Inspection Analysis and in the Intrusion Detection Systems

Abstract.

We consider the procedure for preprocessing the source packet information in a new method for classifying network packets of the application layer in order to determine their belonging to one of the known network protocols. Packets are classified based on the use of machine learning methods and fuzzy logic algorithms in Network Traffic Analysis (NTA) systems, in “deep” packet analysis (Deep Packet Inspection - DPI), in intrusion detection systems (IDS) and in other systems. To define the protocol, the principle of high-speed one-packet classification is used, which consists in analyzing the information transmitted in each particular packet. Elements of behavioral analysis are used, namely, the transition states of information exchange protocols are classified, which allows to achieve a higher level of accuracy of classification and a higher degree of generalization in new test samples.

Keywords:

classification of network packets, neural networks, DPI methods, machine learning, definition of network protocols.

PP. 34-42.

DOI 10.14357/20718632190404

References

1. Khazov V. 2016. Introduction to DPI: Analytics, market conditions and trends. - URL: https://vasexperts.ru/blog/privet-mir/
2. Bychkov I.N., Glukhov V.I., Trushkin K.A. Trusted Elbrus hardware and software platform. Domestic solution for ACS TP KVO // ISUP - No. 1 (49).
3. Rehak M., Pechoucek M., Grill M., Stiborek J., Bartos K., and Celeda P Vol. 24 (3), 2009. Adaptive multiagent system for network traffic monitoring. IEEE Intelligent Systems. Pp 16 – 25.
4. Anu Gowsalya R.S., Miruna Joe Amali S. - “SVM Based Network Traffic Classification Using Correlation Information”, International Journal of Research in Electronics and Communication Technology (IJRECT 2014), ISSN : 2348 - 9065 (Online) ISSN : 2349 – 3143.
5. Elagin V.S., Zarubin А.А., Onufrienco А.V. Efficiency of DPI-system for traffic identification and maintenance off OTT-services quality // Scientific and Technical Journal. 2018. Vol. 10. № 3. p.40-53. doi: 10.24411/2409-5419-2018-10074.
6. Singh J., Nene M.J. A Survey on Machine Learning Techniques for Intrusion Detection Systems. International Journal of Advanced Research in Computer and Communication Engineering. Vol.2, Issue 11, November 2013. Department of Computer Engineering, DIAT, Pune, India. Pp 4349 – 4355.
7. Abraham S. and Nair S. Cyber Security Analytics: A stochastic model for Security Quantification using Absorbing Markov Chains. Journal of Communications. December 2014. Vol. 9(12):pp. 899-907.
8. ITMO University. – URL: https://neerc.ifmo.ru/wiki/index.php?title=SSL/TLS.
9. Ryzhkov D.O. Determination Of The Application Level Protocol For Analysis Of Network Traffic Using Machine Learning Algorithms // Materials of the IX International Student Scientific Conference “Student Scientific Forum”. – URL: https://scienceforum.ru/2017/article/2017032799.
10. Multi-level Machine Learning Traffic Classification System. Szabo G., Szule J., Turanyi Z., Pongracz G. // ICN 2012: The Eleventh International Conference on Networks. Pp 69 – 77.
11. Traffic Classification Using Probabilistic Neural Networks. Sun R., Yang B., Peng L., Chen Z., Zhang L., and Jing S. // Sixth International Conference on Natural Computation (ICNC 2010). Pp. 1914-1919.
12. Ermakov R.N. Detection Of Network Protocols With Application Of Machine Learning Methods And Fuzzy Logic Algorithms In Traffic Analysis Systems // Automation of management processes. 2019. Vol 3 (57). Pp. 53-64.
13. Ageev S.A., Saenko I.B., Kotenko I.V. Method and algorithms for detecting anomalies in the traffic of multiservice communication networks based on fuzzy inference // Information-control systems. 2018. №3. С. 61-68. Doi: 10.15217/issn1684-8853.2018.3.61.
14. Lim Y., Kim H., Jeong J., Kim C., Kwon T., Choi Y. Internet Traffic Classification Demystified: On the Sources of the Discriminative Power. 2010. – URL: http://conferences.sigcomm.org/conext/ 2010/CoNEXT_papers/09-Lim.pdf
15. Izenman A.J. Linear Discriminant Analysis. In: Modern Multivariate Statistical Techniques. Springer Texts in Statistics. Springer, New York, NY. 2013. 733 p.
16. Gulli A., Pal S. Deep Learning with Keras. Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. 2017. 318 p.
17. Mamdani E.H., Assilian S. 1975. An experiment in linguistic synthesis thesis with a fuzzy logic controller.- International Journal of Man-Machine Studies, vol. 7, no. 1, pp. 1-13.
18. Mamdani E.H. 1976. Advances in the linguistic synthesis of fuzzy controllers. - International Journal of Man-Machine Studies, vol. 8, pp. 669-678.
19. Mamdani E.H., "Applications of fuzzy logic to approximate reasoning using linguistic synthesis," IEEE Transactions on Computers, Vol. 26, No. 12, pp. 1182-1191, 1977.
20. A. Piegat. Fuzzy Modeling and Control / Springer, 2014. 744 p.
 

 

2024 / 03
2024 / 02
2024 / 01
2023 / 04

© ФИЦ ИУ РАН 2008-2018. Создание сайта "РосИнтернет технологии".