Abstract
A technique of network packet classification on the application layer is proposed. It is based on fuzzy data processing and artificial neural networks to define the network packet belongingness to one of the known network protocols. In the suggested technique, two main data processing stages are distinguished. At the first stage data is preprocessed by fuzzy logic methods. At the second stage the packets are classified by means of an artificial neural network. An artificial neural network having the proposed architecture allows one to determine the following aspects: the type of secure network protocol, the internal state of the network protocol based on the application of logical decision rules, and the type of network application using the identified protocol. The architecture of the bench environment for field tests is considered. During the experiments, the traffic of real network applications that are used around the world was used. Experimental assessment of the offered technique showed rather high quality and work speed of the developed classifier.
Highlights
The current stage of development of almost all sectors of the economy, including energy, manufacturing, finance, etc., is characterized by their wide informatization, which is based on the intensive development of communication infrastructure and the massive use of information technology
The paper suggests a technique of network packet classification on the application layer which can be used both on the level of Medium Packet Inspection and Deep Packet Inspection (DPI)
When implementing "deep" packet analysis, the present paper considers a combined method of traffic classification based on the application of neural networks and fuzzy sets [19,20,21,22,23,24]
Summary
The current stage of development of almost all sectors of the economy, including energy, manufacturing, finance, etc., is characterized by their wide informatization, which is based on the intensive development of communication infrastructure and the massive use of information technology. The classification of network protocols is implemented by the following methods: - signature, behavioral and hybrid analysis of network packets. The analyzers of "medium" level allow one to carry out traffic filtering by using the information on the transmitted data format and on more complete localization of the sender These tools usually act as the intermediary (proxy) between an access provider to the Internet and an internal network. The systems of "deep" packet analysis are intended to identify the applications participating in network interactions and define the states of information exchange protocols. The paper suggests a technique of network packet classification on the application layer which can be used both on the level of Medium Packet Inspection and Deep Packet Inspection (DPI). The seventh section summarizes the main results and reveals the direction of further research
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
