№1, 2019

ON THE METHOD OF EXTRACTING CLASSIFICATION FEATURES OF NETWORK TRAFFIC BASED ON SIGNAL ANALYSIS

Ramiz H. Shikhaliyev

Modern network traffic has many features and dynamic properties that reflect network behavior and user activity. Extraction of the network traffic features plays an important role in their classification. However, the traditional features do not represent the complex non-linear nature of network traffic and do not represent high classification accuracy. Since the network traffic is non-stationary and has non-linear dynamic characteristics, such as self-similarity, multifractality, long-range dependence and periodicity. Therefore, it is very relevant to extract new robust classification features that will improve the accuracy of the classification of network traffic. To solve this problem, the most promising method is the spectral analysis of network traffic signals. For the spectral analysis of network traffic signals, this study proposes the use of wavelet transform that determines the energy characteristics of network traffic signals, which can be used as classification features (pp.78-86).

Keywords: network traffic, network traffic classification, classification features extraction, spectral analysis of signals, wavelet transform, energy characteristics of signals.
References
  • Callado A., Kamienski C., Szabo G., et al. A Survey on Internet Traffic Identification // IEEE Communications Surveys & Tutorials, 2009, vol.11, no.3, pp.37−52.
  • Moore A.W., Panpagiannaki D. Toward the accurate identification of network application / Proceedings of the VI Passive and Active Measurement Workshop, 2005, pp.41–54.
  • Nguyen T., Armitage G. A Survey of Techniques for Internet Traffic Classification using Machine Learning // IEEE Communications Survey & Tutorials, 2008, vol.10, no.4, pp.56–76,
  • Singhal P., Mathur R., Vyas H. State of the Art Review of Network Traffic Classification based on Machine Learning Approach / International Conference on Recent Trends in Engineering & Technology, 2013, pp.12−15.
  • Williams N., Zander S., Armitage G. Evaluating Machine Learning Algorithms for Automated Network Application Identification. CAIA Technical Report 060410B, p.14.
  • Shi H., Li H., Zhang D., Cheng C., Wu W. Efficient and robust feature extraction and selection for traffic classification, Computer Networks, 2017, vol.119, no.4, pp.1−16.
  • Shi H., Liang G., Wang H. A novel traffic identification approach based on multifractal analysis and combined neural network // Annals of Telecommunications, 2014, vol.69, no.3−4, pp.155−169.
  • Du M., Chen X., and Tan J. An efficient method of P2P traffic identification based on wavelet packet decomposition and kernel principal component analysis // International Journal of Communication Systems, 2014, vol.27, no.10, pp.1476−1490.
  • Barford P., Kline J., Plonka D., and Ron A. A Signal Analysis of Network Traffic Anomalies / Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, 2002, pp.71−82.
  • Samant A., Adeli H. Feature Extraction for Traffic Incident Detection Using Wavelet Transform and Linear Discriminant Analysis // Computer-Aided Civil and Infrastructure Engineering, 2000, vol.15, no.4, pp.241−250.
  • Abry P. and Veitch D. Wavelet Analysis of Long-Range-Dependent Traffic // IEEE Transactions on Information Theory, 1998, vol.44, no.1, pp.2−15.
  • Cheng C.M., Kung H.T., Tan K.S. Use of Spectral Analysis in Defense Against DoS Attacks / Global Telecommunications Conference, 2002, pp.2143–2148.
  • Eto M., Sonoda K., Inoue D. Yoshioka K. and Nakao K. Fine-Grain Feature Extraction from Malware’s Scan Behavior Based on Spectrum Analysis // IEICE Transactions on Information and Systems, 2010, vol.93, no.5, pp.1106−1116.
  • Шыхалиев Р.Г. Анализ и классификация сетевого трафика компьютерных сетей // İnformasiya texnologiyaları problemləri, 2010, №2, s.15−23.
  • Şıxəliyev R.H. Şəbəkə trafikinin modelləri haqqında // İnformasiya texnologiyaları problemləri, 2017, №2, s.98–104.
  • Dainotti A., Pescape A., and Ventre G. A Packet-level Characterization of Network Traffic / 11th International Workshop on Computer-Aided Modeling, Analysis and Design of Communication Links and Networks, 2006, pp.38−45.
  • Velan P., Medková J., Jirsík T., Celeda P. Network Traffic Characterisation Using Flow-Based Statistics / IEEE/IFIP Network Operations and Management Symposium, 2016, pp.907−912.
  • Scherrer A., Larrieu N., Owezarski P., Borgnat P., Abry P. Non Gaussian and Long Memory Statistical Characterisations for Internet Traffic with Anomalies // IEEE Transactions on Dependable and Secure Computing archive, 2007, vol.4, no.1, pp.56−70.
  • Kim H.J., Na J.C., Jang J.S. Network traffic anomaly detection based on ratio and volume analysis // International Journal of Computer Science and Network Security, 2006, vol.6, no.5, pp.190−194.
  • Wu, Q., Shao Z. Network anomaly detection using time series analysis / Proceedings of the Joint Int. Conference on Autonomic and Autonomous Systems and International Conference on Network and Services, 2005, pp. 42−47.
  • Smith R.D. The Dynamics of Internet Traffic: Self-Similarity, Self-Organization, and Complex Phenomena // Advances in Complex Systems, 2011, vol.14, no.6, pp.905−949.
  • Feldmann A., Gilbert A.C., and Willinger W. Data networks as cascades: Investigating the multifractal nature of internet wan traffic / ACM/SIGCOMM conference on Applications, technologies, architectures, and protocols for computer communication, 1998, vol.28, no.4,42−55.
  • Erramilli A., Narayan O., and Willinger W. Experimental queueing analysis with long-range dependent packet traffic // ACM/IEEE transactions on Networking, 1996, vol. 4, no.2, pp. 209−223.
  • Stoica P. and Moses R. Spectral Analysis of Signals, 2005, 427 p.
  • Liu C.L. A Tutorial of the Wavelet Transform, 2010, 71 p.