The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this research work, we proposed a new, efficient and compact software based IPv6 packet generator, V6GEN and a new packet classification framework for IPv6 traffics, V6PCF. V6GEN is compact as packet construction support for IPv6 packets in neighbor discovery, automatic tunneling and network mobility are proposed while V6PCF is to provide a platform in designing, implementing and evaluating software...
The early identification of applications through the observation and fast analysis of the associated packet flows is a critical building block of intrusion detection and policy enforcement systems. The simple techniques currently used in practice, such as looking at the transport port numbers or at the application payload, are increasingly less effective for new applications using random port numbers...
Accurate and efficient network traffic classification is an important network management task. Two way messages in a session follow the underlying application protocol to exchange information. In this paper, we propose a novel application classification method based on message statistics, concisely representing the protocols' unique characteristics. We present algorithms using SVD-based and information...
The basic objective of this work is to compare the utility of an expert driven system and a data driven system for classifying encrypted network traffic, specifically SSH traffic from traffic log files. Pre-processing is applied to the traffic data to represent as traffic flows. Results show that the data driven system approach outperforms the expert driven system approach in terms of high detection...
Networked hosts' vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated...
The classification of IP flows according to the application that generated them has become a popular research subject in the last few years. Several recent papers based their studies on the analysis of features of flows such as the packet size and inter-arrival time, which are then used as input to classification techniques derived from various scientific areas such as pattern recognition. In this...
This paper presents a novel method to combine k-means clustering and ID3 decision trees learning algorithms for unsupervised classification of anomalous and normal activities in computer network ARP traffic. The k-means clustering method is first applied to the normal training instances to partition it into k clusters using Euclidean distance similarity. Some anomaly criteria has been defined and...
The 3 most important issues for anomaly detection based intrusion detection systems by using data mining methods are: feature selection, data value normalization, and the choice of data mining algorithms. In this paper, we study primarily the feature selection of network traffic and its impact on the detection rates. We use KDD CUP 1999 dataset as the sample for the study. We group the features of...
When more than two tags respond to a reader request at same time slot, the tag collision occurs. This is one of disadvantages in radio frequency identification (RFID) system. The performance of anti-collision algorithms is important to overcome this problem. In this paper, the performance of dynamic framed slotted ALOHA (DFSA) is studied. The DFSA with mute tags is considered and compared with framed...
Network traffic policy verification is the analysis of network traffic to determine if the observed traffic is in compliance or violation of the applied policy. An intuitive approach is the use of machine learning techniques based on specific network traffic characteristics. These traffic characteristics are also known as features, which have to be extracted and selected carefully to build robust...
With the advent of dynamic and elusive distributed applications such as peer-to-peer file sharing systems, network administrators find it increasingly difficult to understand the types of applications running in their networks and the amount of traffic each application produces. In this paper, we present measurement results from the deployment of an accurate traffic characterization application in...
Models of network traffic for use in simulation should be representative of the traffic observed on the type of day they are trying to replicate. Building a model from a single day or small number of days makes it prone to overfitting or being unduly influenced by unusual events. With very long duration traces such as the multiple-year spanning Waikato datasets captured by the WAND Network Research...
Traffic classification is of fundamental importance to track the evolution of network applications and model their behaviours. Further, classified traffic is required to understand how the Internet is being used, and to effectively control the services that traffic receives. In this paper we present a machine-learning approach that accurately classifies live traffic using C4.5 decision tree. By collecting...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.