Formal Model and Algorithm for Zero Knowledge Complex Network Traffic Analysis
The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described...
Uloženo v:
| Vydáno v: | 2022 Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) s. 298 - 301 |
|---|---|
| Hlavní autoři: | , |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
IEEE
19.09.2022
|
| Témata: | |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described. The method consists of two parts: splitting network packets into groups, each of which has only one protocol at each network layer, and the search for field boundaries in each of these groups. It is proposed to divide traffic packets into clusters using a well-known method that calculates the distances between the data format in each packet. Method's refinement, which allows to reduce the resource intensity, is proposed in this work. The field boundary search method uses algorithms previously published by the authors, but differs in the use of additional statistical characteristics and the use of a machine learning model to search for characteristic figures of graphs of these characteristics. The article also describes the traffic on which the developed algorithms were tested. |
|---|---|
| AbstractList | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described. The method consists of two parts: splitting network packets into groups, each of which has only one protocol at each network layer, and the search for field boundaries in each of these groups. It is proposed to divide traffic packets into clusters using a well-known method that calculates the distances between the data format in each packet. Method's refinement, which allows to reduce the resource intensity, is proposed in this work. The field boundary search method uses algorithms previously published by the authors, but differs in the use of additional statistical characteristics and the use of a machine learning model to search for characteristic figures of graphs of these characteristics. The article also describes the traffic on which the developed algorithms were tested. |
| Author | Sinadskiy, Alexey Domukhovskii, Nikolai |
| Author_xml | – sequence: 1 givenname: Alexey surname: Sinadskiy fullname: Sinadskiy, Alexey email: asinadskiy@cyberlympha.com organization: CyberLympha,Yekaterinburg,Russia – sequence: 2 givenname: Nikolai surname: Domukhovskii fullname: Domukhovskii, Nikolai email: n.a.domukhovsky@urfu.ru organization: CyberLympha,Yekaterinburg,Russia |
| BookMark | eNotz01LwzAcgPEIenDTT-AleG_Ny5qXYy2dDucE7UC8jKT5ZxbTZqSFuW_vwZ2e2w-eGboc4gAI3VOSU0r0w_bjsX6vV00hmFQ5I4zlWjPOC3mBZlSIYiGIZp_XaLOMqTcBv0YHAZvB4TLsY-qm7x77mPAXpIhfhngM4PaAq9gfAvziDUzHmH5wk4z3XYvLwYTT2I036MqbMMLtuXO0XdZN9Zyt355WVbnOOkrVlEmrraELLpyWhbKgJONKOu2cp9RL6a3R2nNomVCWMKNsa6iwBTfCCSAtn6O7f7cDgN0hdb1Jp915kf8BSVZN0Q |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/USBEREIT56278.2022.9923357 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library (IEL) (UW System Shared) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Statistics |
| EISBN | 166546092X 9781665460927 |
| EndPage | 301 |
| ExternalDocumentID | 9923357 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i118t-7b9ba1436d9758be872387d9ddf11f77fba99f3ec268b02a8bca16b53a6d6e0c3 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jan 18 11:14:34 EST 2024 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i118t-7b9ba1436d9758be872387d9ddf11f77fba99f3ec268b02a8bca16b53a6d6e0c3 |
| PageCount | 4 |
| ParticipantIDs | ieee_primary_9923357 |
| PublicationCentury | 2000 |
| PublicationDate | 2022-Sept.-19 |
| PublicationDateYYYYMMDD | 2022-09-19 |
| PublicationDate_xml | – month: 09 year: 2022 text: 2022-Sept.-19 day: 19 |
| PublicationDecade | 2020 |
| PublicationTitle | 2022 Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) |
| PublicationTitleAbbrev | USBEREIT |
| PublicationYear | 2022 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.8219844 |
| Snippet | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 298 |
| SubjectTerms | Clustering algorithms Knowledge engineering Machine learning Machine learning algorithms network traffic analysis Protocols reverse engineering Search methods statistics Telecommunication traffic |
| Title | Formal Model and Algorithm for Zero Knowledge Complex Network Traffic Analysis |
| URI | https://ieeexplore.ieee.org/document/9923357 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3PS8MwFH5sw8NO_tjE3-Tg0W5t2ibNUWVDEcrQDYaXkTQvKtRWxib--SZtNxG8eAuBEPhCeN9L3vs-gEuKjCONjBdIlF7EQuPJJEo838dE-UFm-ZyszCZ4mibzuZi04GrbC4OIVfEZDtyw-svXZbZ2T2VDYdlIGPM2tDlnda9WoyMa-GI4e7oZPY7upzaic1e0RemgWfDLOaUKHOPd_225B_2fDjwy2caWfWhhcQBdxwxrYeUepGPHNnPizMxyIgtNrvOX0qb6r-_EElHyjMuSPGxezIi79zl-kbQu-yY2RjnxCLIRJenDbDya3t55jTmC92ZzgpXHlVDSkh2mhaX8ChPnHsa10NoEgeHcKCmECTGjzIJOZaIyGTAVh5Jphn4WHkKnKAs8AkJZrA2ioYqbSIpY-trXNg1J7KFpzrNj6DlgFh-1_sWiweTk7-lT6DrsXU1FIM6gs1qu8Rx2sk8L0PKiOrRvB32a-Q |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA61CvbkoxXf5uDRbbPZRzZHlZaW1qVoC8VLSTYTFdZdKa348012txXBi7cQCIEZwnwzmfk-hK4phAyorx1XgHD80NOOiPzIIQQiSdzE4DlRiE2wOI5mMz6uoZvNLAwAFM1n0LbL4i9f5cnKlso63KARL2BbaDvwfUrKaa2KSdQlvDN9uus-dgcTE9OZbduitF0d-aWdUoSO3t7_Lt1HrZ8ZPDzeRJcDVIPsEDUsNiyplZso7lm8mWIrZ5ZikSl8m77kJtl_fccGiuJnWOR4uK6ZYfvyU_jCcdn4jU2UsvQReE1L0kLTXndy33cqeQTnzWQFS4dJLoWBO6HiBvRLiKx-GFNcKe26mjEtBefag4SGxuxURDIRbigDT4QqBJJ4R6ie5RkcI0zDQGkATSXTvuCBIIook4hExm2KseQENa1h5h8lA8a8ssnp39tXaLc_eRjNR4N4eIYa1g-2w8Ll56i-XKzgAu0kn8ZYi8vCgd9EEp5A |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2022+Ural-Siberian+Conference+on+Biomedical+Engineering%2C+Radioelectronics+and+Information+Technology+%28USBEREIT%29&rft.atitle=Formal+Model+and+Algorithm+for+Zero+Knowledge+Complex+Network+Traffic+Analysis&rft.au=Sinadskiy%2C+Alexey&rft.au=Domukhovskii%2C+Nikolai&rft.date=2022-09-19&rft.pub=IEEE&rft.spage=298&rft.epage=301&rft_id=info:doi/10.1109%2FUSBEREIT56278.2022.9923357&rft.externalDocID=9923357 |