Formal Model and Algorithm for Zero Knowledge Complex Network Traffic Analysis
The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described...
Gespeichert in:
| Veröffentlicht in: | 2022 Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) S. 298 - 301 |
|---|---|
| Hauptverfasser: | , |
| Format: | Tagungsbericht |
| Sprache: | Englisch |
| Veröffentlicht: |
IEEE
19.09.2022
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described. The method consists of two parts: splitting network packets into groups, each of which has only one protocol at each network layer, and the search for field boundaries in each of these groups. It is proposed to divide traffic packets into clusters using a well-known method that calculates the distances between the data format in each packet. Method's refinement, which allows to reduce the resource intensity, is proposed in this work. The field boundary search method uses algorithms previously published by the authors, but differs in the use of additional statistical characteristics and the use of a machine learning model to search for characteristic figures of graphs of these characteristics. The article also describes the traffic on which the developed algorithms were tested. |
|---|---|
| AbstractList | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in network traffic containing more than one protocol at the network level, without a priori information about such traffic structure, is described. The method consists of two parts: splitting network packets into groups, each of which has only one protocol at each network layer, and the search for field boundaries in each of these groups. It is proposed to divide traffic packets into clusters using a well-known method that calculates the distances between the data format in each packet. Method's refinement, which allows to reduce the resource intensity, is proposed in this work. The field boundary search method uses algorithms previously published by the authors, but differs in the use of additional statistical characteristics and the use of a machine learning model to search for characteristic figures of graphs of these characteristics. The article also describes the traffic on which the developed algorithms were tested. |
| Author | Sinadskiy, Alexey Domukhovskii, Nikolai |
| Author_xml | – sequence: 1 givenname: Alexey surname: Sinadskiy fullname: Sinadskiy, Alexey email: asinadskiy@cyberlympha.com organization: CyberLympha,Yekaterinburg,Russia – sequence: 2 givenname: Nikolai surname: Domukhovskii fullname: Domukhovskii, Nikolai email: n.a.domukhovsky@urfu.ru organization: CyberLympha,Yekaterinburg,Russia |
| BookMark | eNotz01LwzAcgPEIenDTT-AleG_Ny5qXYy2dDucE7UC8jKT5ZxbTZqSFuW_vwZ2e2w-eGboc4gAI3VOSU0r0w_bjsX6vV00hmFQ5I4zlWjPOC3mBZlSIYiGIZp_XaLOMqTcBv0YHAZvB4TLsY-qm7x77mPAXpIhfhngM4PaAq9gfAvziDUzHmH5wk4z3XYvLwYTT2I036MqbMMLtuXO0XdZN9Zyt355WVbnOOkrVlEmrraELLpyWhbKgJONKOu2cp9RL6a3R2nNomVCWMKNsa6iwBTfCCSAtn6O7f7cDgN0hdb1Jp915kf8BSVZN0Q |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/USBEREIT56278.2022.9923357 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Statistics |
| EISBN | 166546092X 9781665460927 |
| EndPage | 301 |
| ExternalDocumentID | 9923357 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i118t-7b9ba1436d9758be872387d9ddf11f77fba99f3ec268b02a8bca16b53a6d6e0c3 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jan 18 11:14:34 EST 2024 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i118t-7b9ba1436d9758be872387d9ddf11f77fba99f3ec268b02a8bca16b53a6d6e0c3 |
| PageCount | 4 |
| ParticipantIDs | ieee_primary_9923357 |
| PublicationCentury | 2000 |
| PublicationDate | 2022-Sept.-19 |
| PublicationDateYYYYMMDD | 2022-09-19 |
| PublicationDate_xml | – month: 09 year: 2022 text: 2022-Sept.-19 day: 19 |
| PublicationDecade | 2020 |
| PublicationTitle | 2022 Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) |
| PublicationTitleAbbrev | USBEREIT |
| PublicationYear | 2022 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.8220872 |
| Snippet | The article discusses methods for determining the network traffic structure with zero prior knowledge. The developed method of detecting field boundaries in... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 298 |
| SubjectTerms | Clustering algorithms Knowledge engineering Machine learning Machine learning algorithms network traffic analysis Protocols reverse engineering Search methods statistics Telecommunication traffic |
| Title | Formal Model and Algorithm for Zero Knowledge Complex Network Traffic Analysis |
| URI | https://ieeexplore.ieee.org/document/9923357 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEB7a4qEnH634JgePbrvvJEeVFkVYirZQvJRkkqiw7kppxZ9vsrutCF68hUASmDDMN8nM9wFcGoVC2SzH-jcmXixj6nEfQw8TLdEwP0KlKrEJmmVsPueTFlxte2G01lXxmR64YfWXr0pcu6eyIbdoJEpoG9qUpnWvVsMjGvh8OHu6GT2O7qc2olNXtBWGg2bBL-WUKnCMd_935B70fzrwyGQbW_ahpYsD6DpkWBMr9yAbO7SZEydmlhNRKHKdv5Q21X99JxaIkme9LMnD5sWMOL_P9RfJ6rJvYmOUI48gG1KSPszGo-ntndeII3hvNidYeVRyKSzYSRW3kF9q5tTDqOJKmSAwlBopODeRxjBl0g8FkyiCVCaRSFWqfYwOoVOUhT4CwpPQBBQRY-nHhrrWVWbQR7tzxJjGY-g5wyw-av6LRWOTk7-nT6HrbO9qKgJ-Bp3Vcq3PYQc_rYGWF9WlfQNgF5t_ |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA61CvbkoxXf5uDRbbPPJEeVlpbWpWgLxUvZTBIV1l0prfjzTXa3FcGLtxBIAhOG-SaZ-T6ErrWERJosx_g3hE4gAupwAp4DoRKgGfFBykJsgsYxm834uIZuNr0wSqmi-Ey17bD4y5c5rOxTWYcbNOKHdAtth0HgkbJbq2ISdQnvTJ_uuo_dwcTEdGrLtjyvXS35pZ1ShI7e3v8O3Uetnx48PN5ElwNUU9khalhsWFIrN1Hcs3gzxVbOLMVJJvFt-pKbZP_1HRsoip_VIsfD9ZsZtp6fqi8cl4Xf2EQpSx-B17QkLTTtdSf3faeSR3DeTFawdKjgIjFwJ5LcgH6hmNUPo5JLqV1XU6pFwrn2FXgRE8RLmIDEjUToJ5GMFAH_CNWzPFPHCPPQ0y4FgECQQFPbvMo0EDA7-4wpOEFNa5j5R8mAMa9scvr39BXa7U8eRvPRIB6eoYa9B1th4fJzVF8uVuoC7cCnMdbisrjAb6RgnsY |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2022+Ural-Siberian+Conference+on+Biomedical+Engineering%2C+Radioelectronics+and+Information+Technology+%28USBEREIT%29&rft.atitle=Formal+Model+and+Algorithm+for+Zero+Knowledge+Complex+Network+Traffic+Analysis&rft.au=Sinadskiy%2C+Alexey&rft.au=Domukhovskii%2C+Nikolai&rft.date=2022-09-19&rft.pub=IEEE&rft.spage=298&rft.epage=301&rft_id=info:doi/10.1109%2FUSBEREIT56278.2022.9923357&rft.externalDocID=9923357 |