Abstract
In this paper, we propose a system that can recognize traffic types without prior knowledge of static features such as protocol header information by combining protocol analysis based on an ecological sequence alignment algorithm in a bioinformatics and fuzzy inference system. The algorithm proposed in this paper obtained up to a 91% level of performance at a similar level to several existing algorithms in experiments using datasets containing various types of traffic. In addition, it showed an excellent accuracy of 82.5% or more even under severe conditions that lowered the amount of data to a level of at least 40% or only included data in the middle of the traffic. This shows that the problem of dependence on initial data that frequently occurs in existing machine learning and deep learning-based traffic classification algorithms does not appear in the proposed algorithm. Furthermore, based on the ability to directly extract traffic characteristics without being dependent on static field values, it has secured the ability to respond with a small number of data by taking advantage of the flexibility of the membership function of the fuzzy inference engine. Through this, the applicability to low-power and low-performance environments such as IoT networks was confirmed. In this paper, we describe in detail the theoretical background for constructing such an algorithm and relevant experiments and considerations for actual verification.
Highlights
Protocol reverse engineering analysis basically has the goal of securing visibility by grasping the syntax and semantics of unknown protocols from the perspective of security monitoring, and this has been resolved through mation like the program execution records at the upper network layer such as an application level
We propose awe new approach to approach to solving the inefficient use of resources and dependence on the initial data of solving the inefficient use of resources and dependence on the initial data of state-of-the-art state-of-the-art algorithms based on deep learning
Since each fuzzy set is defined as many as the number of criterion for determining whether the traffic type is correct, several conclusions arise, and this is the process of analyzing the degree of conformance we want by synthesizing them
Summary
We devised a traffic classification approach for network management in a new form based on the protocol reverse engineering analysis method and the existing traffic classification studies by referring to related studies and technologies to be described later. Going beyond the knowledge-based approach to the existing static features, it seeks to secure the ability to cope with unknown or partially published protocols and to solve the problem that is largely dependent on the quantity and quality of data used for learning To this end, we propose an approach to extract traffic characteristics through a combination of protocol reverse engineering analysis and existing traffic classification techniques to eliminate dependence on static characteristics.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
