Abstract
Network traffic analysis, and specifically anomaly and attack detection, call for sophisticated tools relying on a large number of features. Mathematical modeling is extremely difficult, given the ample variety of traffic patterns and the subtle and varied ways that malicious activity can be carried out in a network. We address this problem by exploiting data-driven modeling and computational intelligence techniques. Sequences of packets captured on the communication medium are considered, along with multi-label metadata. Graph-based modeling of the data are introduced, thus resorting to the powerful GRALG approach based on feature information granulation, identification of a representative alphabet, embedding and genetic optimization. The obtained classifier is evaluated both under accuracy and complexity for two different supervised problems and compared with state-of-the-art algorithms. We show that the proposed preprocessing strategy is able to describe higher level relations between data instances in the input domain, thus allowing the algorithms to suitably reconstruct the structure of the input domain itself. Furthermore, the considered Granular Computing approach is able to extract knowledge on multiple semantic levels, thus effectively describing anomalies as subgraphs-based symbols of the whole network graph, in a specific time interval. Interesting performances can thus be achieved in identifying network traffic patterns, in spite of the complexity of the considered traffic classes.
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference49 articles.
1. Frame-by-frame Wi-Fi attack detection algorithm with scalable and modular machine-learning design;Rizzi;Appl. Soft Comput.,2020
2. Granato, G., Martino, A., Baldini, L., and Rizzi, A. Intrusion Detection in Wi-Fi Networks by Modular and Optimized Ensemble of Classifiers. Proceedings of the 12th International Joint Conference on Computational Intelligence-NCTA, INSTICC, SciTePress.
3. Granato, G., Martino, A., and Rizzi, A. A Granular Computing Approach for Multi-Labelled Sequences Classification in IEEE 802.11 Networks. Proceedings of the 2022 International Joint Conference on Neural Networks (IJCNN).
4. Network Tomography for Efficient Monitoring in SDN-Enabled 5G Networks and Beyond: Challenges and Opportunities;Kakkavas;IEEE Commun. Mag.,2021
5. Software-Defined Networking Meets Software-Defined Radio in Mobile ad hoc Networks: State of the Art and Future Directions;Kafetzis;IEEE Access,2022
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献