CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Machine Learning based Traffic Classification using Low Level Features and Statistical Analysis

by Rajesh Kumar, Tajinder Kaur
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 108 - Number 12
Year of Publication: 2014
Authors: Rajesh Kumar, Tajinder Kaur
10.5120/18961-0290

Rajesh Kumar, Tajinder Kaur . Machine Learning based Traffic Classification using Low Level Features and Statistical Analysis. International Journal of Computer Applications. 108, 12 ( December 2014), 6-13. DOI=10.5120/18961-0290

@article{ 10.5120/18961-0290,
author = { Rajesh Kumar, Tajinder Kaur },
title = { Machine Learning based Traffic Classification using Low Level Features and Statistical Analysis },
journal = { International Journal of Computer Applications },
issue_date = { December 2014 },
volume = { 108 },
number = { 12 },
month = { December },
year = { 2014 },
issn = { 0975-8887 },
pages = { 6-13 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume108/number12/18961-0290/ },
doi = { 10.5120/18961-0290 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:42:46.682826+05:30
%A Rajesh Kumar
%A Tajinder Kaur
%T Machine Learning based Traffic Classification using Low Level Features and Statistical Analysis
%J International Journal of Computer Applications
%@ 0975-8887
%V 108
%N 12
%P 6-13
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In this paper, Data mining technique is used to present the concept of attack data analysis and traffic classification. Here the system is completely a automated system that contains packet capturing, processing of multiple attack logs, labeling of network traffic based on low level features and applying the classification algorithm to build a traffic classifier which will classify the normal and malicious traffic. In this paper mixing of machine learning approach and behavior based analysis is done to valid the analysis results in a better way. Previously lot's of work has been done in this field to classify the network logs but all of the existing techniques such as payload based, port based classifications have their own advantages and disadvantages but classification using Machine Learning techniques is still an open field to explore and has provided an excellent results up till now. The main aim of the proposed work is to perform the passive traffic monitoring based on honeypot technology and then analyze the network attack logs to determine the intruders. We collect attack data throw honeypot system and normal user browser than we combined that attack data and develop an automated traffic classification system based on the low level features of the network traffic. This type of classification will help the IT administrators to determine the unknown attacks spreading in the IT industry.

References
  1. P. Haffner, S. Sen. , O. Spatscheck, and D. Wang, "ACAS: Automated Construction of Application Signatures," in ACM SIGCOMM MineNet Workshop, (Philadelphia, PA, USA: ACM), Aug. 2005.
  2. J. Ma, K. Levchenko, C. Kreibich, S. Savage, G. M. Voelker, "Unexpected Means of Protocol Inference," in 6th ACM SIGCOMM Conference on Internet Measurement (IMC), pp. 313–326, 2006.
  3. A. Finamore, M. Mellia, M. Meo, and D. Rossi, "KISS: Stochastic Packet Inspection Classifier for UDP Traffic," IEEE/ACM Transactions on Networking, vol. 18, pp. 1505–1515, Oct. 2010.
  4. T. T. T. Nguyen and G. Armitage, "A Survey of Techniques for Internet Traffic Classification using Machine Learning," IEEE Communications Surveys & Tutorials, vol. 10, no. 4, pp. 56–76, 2008.
  5. T. T. T. Nguyen, G. Armitage, P. Branch, and S. Zander, "Timely and Continuous Machine-Learning-Based Classification for Interactive IP Traffic," IEEE/ACM Transactions on Networking, vol. 20, no. 6, pp. 1880–1894, 2012.
  6. http://www. iana. org/assignments/service-names-port-numbers/service-names-portnumbers. Xml accessed on 4/04/13.
  7. Nguyen, T. T. T. ; Armitage, G. , "A survey of techniques for internet traffic classification using machine learning," Communications Surveys & Tutorials, IEEE , vol. 10, no. 4, pp. 56,76, Fourth Quarter 2008doi: 10. 1109/SURV. 2008. 080406
  8. http://www. ncftp. com/ncftpd/doc/misc/ephemeral_ports. html accessed on 04/04/13.
  9. M. Roughan, S. Sen. , O. Spats check and N. Duffield"lass-of-service mapping for QoS: A statistical signature-based approach to IP traffic classification"Proc. ACM/SIGCOMM Internet Measurement Conference (IMC) 2004, 2004.
  10. CoralReef. http://www. caida. org/tools/measurement/coralreef accessed on 04/04/13.
  11. A. Moore and K. Papagiannaki. "Toward the accurate identification of network applications"Proc. Passive and Active Measurement Workshop (PAM2005), 2005.
  12. A. Madhukar and C. Williamson"A longitudinal study of P2P traffic classification"14th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer andTelecommunication Systems, 2006.
  13. S. Sen. , O. Spatscheck and D. Wang"Accurate, scalable in network identification of P2P traffic using application signatures"WWW2004, 2004.
  14. Callado, A. ; Kamienski, C. ; Szabo, G. ; Gero, B. ; Kelner, J. ; Fernandes, S. ; Sadok, D. , "A Survey on Internet Traffic Identification," Communications Surveys & Tutorials, IEEE , vol. 11, no. 3, pp. 37,52, 3rd Quarter 2009.
  15. OrialMula-Valls "A practical retraining mechanism for network traffic classification in operational environments" June 2011.
  16. Z. Shi Principles of Machine Learning 1992, International Academic Publishers.
Index Terms

Computer Science
Information Sciences

Keywords

Network Security Attacks Data Mining Honeypots IDS

Powered by PhDFocusTM