Feature Vectors for Network Traffic Analysis

Description

We study the discriminant power of network features for traffic analysis, classification and attack detection network level. We compare existing feature sets previouly proposed in the literature and study new proposals. We aim to obtain lightweight vectors able to deal with modern network traffic challenges, such as: encryption, big data, stream data, fast extraction and preprocessing, prompt responses, host/flow/network behaviour modeling, network monitoring, etc.

Experiments

Scripts, datasets and experiments to download for reproducibility and further testing:

• Comparions of lightweigh vectors for attack detection (October 2018)

Publications

If your are using any of the material below please cite the corresponding publication.

Comparison of lightweigh feature vectors:

• Fares Meghdouri, Tanja Zseby and Félix Iglesias, Analysis of Lightweight Feature Vectors for Attack Detection in Network Traffic. (Pending publication)

Feature set obtained by meta-analysis on past research:

• Daniel C. Ferreira, Félix Iglesias Vázquez, Gernot Vormayr, Maximilian Bachl, and Tanja Zseby. 2017. A Meta-Analysis Approach for Feature Selection in Network Traffic Research. In Proceedings of the Reproducibility Workshop (Reproducibility '17). ACM, New York, NY, USA, 17-20.

AGM vector:

• F. Iglesias and T. Zseby. 2017. Pattern Discovery in Internet Background Radiation, in IEEE Transactions on Big Data, vol. PP, no. 99, pp. 1-1..

Time Activity vector:

• F. Iglesias and T. Zseby. 2016. Time-activity footprints in IP traffic, in Computer Networks, 107 (2016), 1; 64 - 75..

Study of features for attack detection:

• F. Iglesias and T. Zseby. 2015. Analysis of network traffic features for anomaly detection, in Machine Learning, 101 (2015), 1; 59 - 84..