Research Article
BibTex RIS Cite

Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi

Year 2022, Volume: 10 Issue: 2, 837 - 846, 30.04.2022
https://doi.org/10.29130/dubited.980594

Abstract

Çevrimiçi ağ trafiği sınıflandırması, uzun vadeli ilginin odak noktası olmaya devam ediyor. Ağ trafiğini izleme ve ağ trafiği analizi birçok farklı yoldan yapılabilir. Ağ trafiğini izleme, hizmet kalitesi (QoS) için ham veri girişi sağlar ve bu da ağ analistine ağ kaynaklarını nasıl kullandığını anlama ve ağ performansını belirleme olanağı sağlar. Bu bilgi ile ağ analisti, ağ kaynaklarını kontrol etmek ve yönetmek için QoS politikalarını belirleyebilir. Ağ trafiğinin izlenmesi akademik araştırma için modeller oluşturmak için de kullanılabilir. Bu makalede derin öğrenme algoritması kullanılarak ağ trafiğini doğru şekilde sınıflandıran bir makine öğrenme yaklaşımı sunulmuştur. Aynı zamanda bu çalışmada diğer makine öğrenme algoritmaları ile karşılaştırmalar yapılmıştır. Çok Katmanlı Algılayıcı (MLP), ağın sınıflandırıcısını oluşturmak için kullanılmıştır. Deney sonuçları derin öğrenme algoritmasının diğer algoritmalardan daha iyi sonuç verdiğini ve sınıflandırmada %99,0233 Detection Rate (DR) değerine, %78,3941 doğruluğa (ACC) sahip olduğunu göstermiştir.

References

  • [1] V. Cerf and R. Kahn, “A Protocol for Packet Network Intercommunication,” in IEEE Transactions on Communications, vol. 22, no. 5, pp. 637-648, 1974, doi: 10.1109/TCOM.1974.1092259.
  • [2] T. Karagiannis, A. Broido, M. Faloutsos, and K. Claffy, “Transport layer identification of P2P traffic,” in Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, 2004, pp. 121-134.
  • [3] Y. Wu, G. Min, K. Li, and B. Javadi, “Performance analysis of communication networks in multi-cluster systems under bursty traffic with communication locality,” in GLOBECOM 2009-2009 IEEE Global Telecommunications Conference, 2009, pp. 1-6.
  • [4] H. Kim, K. C. Claffy, M. Fomenkov, D. Barman, M. Faloutsos, and K. Lee, “Internet traffic classification demystified: myths, caveats, and the best practices,” in Proceedings of the 2008 ACM CoNEXT conference, 2008, pp. 1-12.
  • [5] Y.-s. Lim, H.-c. Kim, J. Jeong, C.-k. Kim, T. T. Kwon, and Y. Choi, “Internet traffic classification demystified: on the sources of the discriminative power,” in Proceedings of the 6th International COnference, 2010, pp. 1-12.
  • [6] T. T. Nguyen, G. Armitage, and tutorials, “A survey of techniques for internet traffic classification using machine learning,” vol. 10, no. 4, pp. 56-76, 2008.
  • [7] Y. Xiang, W. Zhou, and M. Guo, “Flexible deterministic packet marking: An IP traceback system to find the real source of attacks,” vol. 20, no. 4, pp. 567-580, 2009.
  • [8] J. Johnson, “Worldwide digital population as of January 2021,” 2021.
  • [9] J. Korteling, G. van de Boer-Visschedijk, R. A. M. Blankendaal, R. C. Boonekamp, and A. R.. Eikelboom, “Human-versus artificial intelligence,” Front. Artif. Intell., vol. 4, 2021.
  • [10] S. Ioffe and C. Szegedy, “Batch normalization: Accelerating deep network training by reducing internal covariate shift,” in International conference on machine learning, 2015, pp. 448-456: PMLR.
  • [11] T. Auld, A. W. Moore, and S. F. Gull, “Bayesian neural networks for internet traffic classification,” IEEE Transactions on Neural Networks, vol. 18, no. 1, pp. 223-239, 2007.
  • [12] M. Crotti, F. Gringoli, P. Pelosato, and L. Salgarelli, “A statistical approach to IP-level classification of network traffic,” in 2006 IEEE International Conference on Communications, 2006, vol. 1, pp. 170-176.
  • [13] N. Namdev, S. Agrawal, and S. Silkari, “Recent advancement in machine learning based internet traffic classification,” Procedia Computer Science, vol. 60, pp. 784-791, 2015.
  • [14] P. Haffner, S. Sen, O. Spatscheck, and D. Wang, “ACAS: automated construction of application signatures,” in Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data, 2005, pp. 197-202.
  • [15] S. Sen, O. Spatscheck, and D. Wang, “Accurate, scalable in-network identification of p2p traffic using application signatures,” in Proceedings of the 13th international conference on World Wide Web, 2004, pp. 512-521.
  • [16] A. Moore, J. Hall, C. Kreibich, E. Harris, and I. Pratt, “Architecture of a network monitor,” in Passive & Active Measurement Workshop, 2003, vol. 2003.
  • [17] W. Li and A. W. Moore, “A machine learning approach for efficient traffic classification,” in 2007 15th International symposium on modeling, analysis, and simulation of computer and telecommunication systems, 2007, pp. 310-317.
  • [18] P. Schneider, “Tcp/ip traffic classification based on port numbers,” 1997.
  • [19] M. Degermark, B. Nordgren, and S. Pink, RFC2507: IP header compression, RFC Editor, 1999.
  • [20] T. Porter, “The perils of deep packet inspection,” 2005.
  • [21] M. Finsterbusch, C. Richter, E. Rocha, J.-A. Muller, K. J. I. C. S. Hanssgen, and Tutorials, “A survey of payload-based traffic classification approaches,” vol. 16, no. 2, pp. 1135-1156, 2013.
  • [22] G. Hinton and T. J. Sejnowski, Unsupervised learning: foundations of neural computation, MIT Press, 1999.
  • [23] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” in 2009 IEEE symposium on computational intelligence for security and defense applications, 2009, pp. 1-6: IEEE.
  • [24] W. Stallings, Network security essentials: Applications and standards, 4/e, Pearson Education India, 2003.

Network Traffic Classification Analysis with Multi-Layer Sensor

Year 2022, Volume: 10 Issue: 2, 837 - 846, 30.04.2022
https://doi.org/10.29130/dubited.980594

Abstract

Online network traffic classification remains the focus of long-term interest. Network traffic monitoring and network traffic analysis can be done in many different ways. Monitoring network traffic provides raw data input for quality of service (QoS), which gives the network analyst the ability to understand how it uses network resources and determine network performance. With this information, the network analyst can set QoS policies to control and manage network resources. Network traffic monitoring can also be used to build models for academic research. In this article, a machine learning approach that correctly classifies network traffic using a deep learning algorithm is presented. At the same time, comparisons were made with other machine learning algorithms in this study. Multi-Layer Perceptron (MLP) was used to construct the classifier of the network. Experiment results showed that the deep learning algorithm gave better results than other algorithms and had a Detection Rate (DR) value of 99.0233% and an accuracy of 78.3941% (ACC) in classification.

References

  • [1] V. Cerf and R. Kahn, “A Protocol for Packet Network Intercommunication,” in IEEE Transactions on Communications, vol. 22, no. 5, pp. 637-648, 1974, doi: 10.1109/TCOM.1974.1092259.
  • [2] T. Karagiannis, A. Broido, M. Faloutsos, and K. Claffy, “Transport layer identification of P2P traffic,” in Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, 2004, pp. 121-134.
  • [3] Y. Wu, G. Min, K. Li, and B. Javadi, “Performance analysis of communication networks in multi-cluster systems under bursty traffic with communication locality,” in GLOBECOM 2009-2009 IEEE Global Telecommunications Conference, 2009, pp. 1-6.
  • [4] H. Kim, K. C. Claffy, M. Fomenkov, D. Barman, M. Faloutsos, and K. Lee, “Internet traffic classification demystified: myths, caveats, and the best practices,” in Proceedings of the 2008 ACM CoNEXT conference, 2008, pp. 1-12.
  • [5] Y.-s. Lim, H.-c. Kim, J. Jeong, C.-k. Kim, T. T. Kwon, and Y. Choi, “Internet traffic classification demystified: on the sources of the discriminative power,” in Proceedings of the 6th International COnference, 2010, pp. 1-12.
  • [6] T. T. Nguyen, G. Armitage, and tutorials, “A survey of techniques for internet traffic classification using machine learning,” vol. 10, no. 4, pp. 56-76, 2008.
  • [7] Y. Xiang, W. Zhou, and M. Guo, “Flexible deterministic packet marking: An IP traceback system to find the real source of attacks,” vol. 20, no. 4, pp. 567-580, 2009.
  • [8] J. Johnson, “Worldwide digital population as of January 2021,” 2021.
  • [9] J. Korteling, G. van de Boer-Visschedijk, R. A. M. Blankendaal, R. C. Boonekamp, and A. R.. Eikelboom, “Human-versus artificial intelligence,” Front. Artif. Intell., vol. 4, 2021.
  • [10] S. Ioffe and C. Szegedy, “Batch normalization: Accelerating deep network training by reducing internal covariate shift,” in International conference on machine learning, 2015, pp. 448-456: PMLR.
  • [11] T. Auld, A. W. Moore, and S. F. Gull, “Bayesian neural networks for internet traffic classification,” IEEE Transactions on Neural Networks, vol. 18, no. 1, pp. 223-239, 2007.
  • [12] M. Crotti, F. Gringoli, P. Pelosato, and L. Salgarelli, “A statistical approach to IP-level classification of network traffic,” in 2006 IEEE International Conference on Communications, 2006, vol. 1, pp. 170-176.
  • [13] N. Namdev, S. Agrawal, and S. Silkari, “Recent advancement in machine learning based internet traffic classification,” Procedia Computer Science, vol. 60, pp. 784-791, 2015.
  • [14] P. Haffner, S. Sen, O. Spatscheck, and D. Wang, “ACAS: automated construction of application signatures,” in Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data, 2005, pp. 197-202.
  • [15] S. Sen, O. Spatscheck, and D. Wang, “Accurate, scalable in-network identification of p2p traffic using application signatures,” in Proceedings of the 13th international conference on World Wide Web, 2004, pp. 512-521.
  • [16] A. Moore, J. Hall, C. Kreibich, E. Harris, and I. Pratt, “Architecture of a network monitor,” in Passive & Active Measurement Workshop, 2003, vol. 2003.
  • [17] W. Li and A. W. Moore, “A machine learning approach for efficient traffic classification,” in 2007 15th International symposium on modeling, analysis, and simulation of computer and telecommunication systems, 2007, pp. 310-317.
  • [18] P. Schneider, “Tcp/ip traffic classification based on port numbers,” 1997.
  • [19] M. Degermark, B. Nordgren, and S. Pink, RFC2507: IP header compression, RFC Editor, 1999.
  • [20] T. Porter, “The perils of deep packet inspection,” 2005.
  • [21] M. Finsterbusch, C. Richter, E. Rocha, J.-A. Muller, K. J. I. C. S. Hanssgen, and Tutorials, “A survey of payload-based traffic classification approaches,” vol. 16, no. 2, pp. 1135-1156, 2013.
  • [22] G. Hinton and T. J. Sejnowski, Unsupervised learning: foundations of neural computation, MIT Press, 1999.
  • [23] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” in 2009 IEEE symposium on computational intelligence for security and defense applications, 2009, pp. 1-6: IEEE.
  • [24] W. Stallings, Network security essentials: Applications and standards, 4/e, Pearson Education India, 2003.
There are 24 citations in total.

Details

Primary Language Turkish
Subjects Engineering
Journal Section Articles
Authors

Serdar Kırışoğlu 0000-0002-4416-6657

Bayram Kotan 0000-0002-6660-0565

Kurban Kotan 0000-0002-3166-979X

Publication Date April 30, 2022
Published in Issue Year 2022 Volume: 10 Issue: 2

Cite

APA Kırışoğlu, S., Kotan, B., & Kotan, K. (2022). Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi. Duzce University Journal of Science and Technology, 10(2), 837-846. https://doi.org/10.29130/dubited.980594
AMA Kırışoğlu S, Kotan B, Kotan K. Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi. DUBİTED. April 2022;10(2):837-846. doi:10.29130/dubited.980594
Chicago Kırışoğlu, Serdar, Bayram Kotan, and Kurban Kotan. “Çok Katmanlı Algılayıcı Ile Ağ Trafiği Sınıflandırma Analizi”. Duzce University Journal of Science and Technology 10, no. 2 (April 2022): 837-46. https://doi.org/10.29130/dubited.980594.
EndNote Kırışoğlu S, Kotan B, Kotan K (April 1, 2022) Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi. Duzce University Journal of Science and Technology 10 2 837–846.
IEEE S. Kırışoğlu, B. Kotan, and K. Kotan, “Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi”, DUBİTED, vol. 10, no. 2, pp. 837–846, 2022, doi: 10.29130/dubited.980594.
ISNAD Kırışoğlu, Serdar et al. “Çok Katmanlı Algılayıcı Ile Ağ Trafiği Sınıflandırma Analizi”. Duzce University Journal of Science and Technology 10/2 (April 2022), 837-846. https://doi.org/10.29130/dubited.980594.
JAMA Kırışoğlu S, Kotan B, Kotan K. Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi. DUBİTED. 2022;10:837–846.
MLA Kırışoğlu, Serdar et al. “Çok Katmanlı Algılayıcı Ile Ağ Trafiği Sınıflandırma Analizi”. Duzce University Journal of Science and Technology, vol. 10, no. 2, 2022, pp. 837-46, doi:10.29130/dubited.980594.
Vancouver Kırışoğlu S, Kotan B, Kotan K. Çok Katmanlı Algılayıcı ile Ağ Trafiği Sınıflandırma Analizi. DUBİTED. 2022;10(2):837-46.