Loading...

Security Policy Enforcement on Heavy Network Traffic

Sadeghzadeh Mesgar, Amir Mahdi | 2016

490 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 48947 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jalili, Rasool
  7. Abstract:
  8. Today’s large networks, such as global enterprise networks, carry heavy network traffic from a wide range of diverse protocols. Scalable and accurate classifcation of network traffic is of the most importance to security policy enforcement of large networks. The complexity of current network traffic along with the high speed links makes traffic classification more difficult. The dynamicity of heavy network traffic have necessitated the need for traffic classification algorithms which are adaptable to new concepts. The changes in traffic characteristic over time lead to concept drift, which is an important challenge in this domain. Data stream classification methods have been introduced to overcome the shortcomings of traditional classification algorithms, such as concept drift. A sophisticated approach for network traffic classification is based on deep-packet inspection. It achieves high accuracy since it analyses each packet and matches application-specific regular expressions. It requires high computational power since all packets have to be read and analyzed. In this thesis, we propose an accurate and scalable machine learning based flow-level traffic classification framework. It is trained on a dataset of flow-level data that has been labeled by deep-packet inspection classifiers. Our framework employs an ensemble learning architecture, which combines a series of simple classifiers, each of which can be efficiently trained and classify accurately. The framework is also able to maintain high accuracy in presence of concept drifts. It achieves up to 94% accuracy compared to 79% accuracy of previous studies
  9. Keywords:
  10. Concept Drift ; Network Security ; Network Traffic ; Classification ; Data Stream ; Data Stream Classification ; Policy Enforcement ; Heavy Traffic

 Digital Object List

 Bookmark

No TOC