Digital Investigation of Network Traffic Using Machine Learning

Authors

  • Saswati Chatterjee Sri Sri University image/svg+xml
  • Suneeta Satpathy Siksha O Anusandhan University image/svg+xml
  • Arpita Nibedita Trident Academy of Technology

DOI:

https://doi.org/10.4108/eetsis.4055

Keywords:

KDD, Hybrid Machine Learning, Network forensics, DDoS

Abstract

In this study, an intelligent system that can gather and process network packets is built. Machine learning techniques are used to create a traffic classifier that divides packets into hazardous and non-malicious categories. The system utilizing resources was previously classified using a number of conventional techniques; however, this strategy adds machine learning., a study area that is currently active and has so far yielded promising results. The major aims of this paper are to monitor traffic, analyze incursions, and control them. The flow of data collection is used to develop a traffic classification system based on features of observed internet packets. This classification will aid IT managers in recognizing the vague assault that is becoming more common in the IT industry The suggested methods described in this research help gather network data and detect which threat was launched in a specific network to distinguish between malicious and benign packets. This paper’s major goal is to create a proactive system for detecting network attacks using classifiers based on machine learning that can recognize new packets and distinguish between hostile and benign network packets using rules from the KDD dataset. The algorithm is trained to employ the characteristics of the NSL-KDD dataset.

References

Aburomman AA, Reaz MBI. A survey of intrusion detection systems based onensemble and hybrid classifiers. Comput. Secur. 2017;65:135–52. doi:10.1016/j.cose.2016.11.004.

Fernandes G, Rodrigues JJPC, Carvalho LF, Al-Muhtadi JF, Proença ML. A comprehensive survey on network anomaly detection. Telecommun. Syst. 2019;70:447–89. doi:10.1007/s11235-018-0475-8.

Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y. Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 2013;36(1):16–24. doi: 10.1016/j.jnca.2012.09.004.

Patcha A, Park J-M. An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 2007;51(12):3448–70. doi: 10.1016/j.comnet.2007.02.001

Wu SX, Banzhaf W. The use of computational intelligence in intrusion detection systems: a review. Appl. Soft Comput. 2010;10(1):1–35. doi: 10.1016/j.asoc.2009.06.019.

Mishra P, Varadharajan V, Tupakula U, Pilli ES. A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun.Surv. Tutor. 2019;21(1):686–728. doi:10.1109/COMST.2018.2847722.

Moustafa N, Creech G, Slay J. Big data analytics for intrusion detection system: Statistical decision-making using finite Dirichlet mixture models. In: Data analytics and Decision Support for Cybersecurity. Springer; 2017. p. 127–56. doi:10.1007/978-3-319-59439-2_5.

Fang W, Tan X, Wilbur D. Application of intrusion detection technology in network safety based on machine learning. Saf. Sci. 2020; 124:104604. doi: 10.1016/j.ssci.2020.104604

Lopez-Martin M, Carro B, Sanchez-Esguevillas A. Application of deep reinforcement learning to intrusion detection for 18 computers & security 103 (2021) 102158 supervised problems. Expert Syst. Appl. 2020;141:112963. doi:10.1016/j.eswa.2019.112963.

Li Y, Xia J, Zhang S, Yan J, Ai X, Dai K. An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst. Appl. 2012;39(1):424–30. doi:10.1016/j.eswa.2011.07.032.

Goseva-Popstojanova K, Anastasovski G, Dimitrijevikj A, Pantev R, Miller B. Characterization and classification of malicious web traffic. Comput. Secur.2014;42:92–115. doi:10.1016/j.cose.2014.01.006.

Almashhdani AO, Kaiiali M, Carlin D, Sezer S. MaldomDetector: a system for detecting algorithmically generated domain names with machine learning. Comput. Secur. 2020;93:101787. doi:10.1016/j.cose.2020.101787.

Ahmed M, Mahmood AN, Hu J. A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 2016;60:19–31.

Kumar G, Thakur K, Ayyagari MR. Mlesidss: machine learning-based ensembles for intrusion detection systems–areview. J. Supercomput. 2020. doi:10.1007/s11227-020-03196-z.

Velliangiri S. A hybrid BGWO with KPCA for intrusion detection. J. Exp. Theor. Artif.Intell. 2020;32(1):165–80. doi:10.1080/0952813X.2019.1647558.

G. Kim, S. Lee and S. Kim, A novel hybrid intrusion detection method integrating anomaly detection with misuse detection, Expert Systems with Applications. 41 (2014) 1690-1700.

M. Panda and M. R. Patra, Network intrusion detection using nave Bayes, International Journal of Computer Science and Network Security. 7(12) (2007) 258- 263.

KDD Cup’99 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

V.Bolon-Canedo, N.Sanchez-Marono, A.Alonso-Betanzos, "An ensemble of filters and classifiers for microarray data classification”, journal of Pattern Recognition 45,2012, pp: 531– 539.

P. Singh and V. Ranga, “Attack and intrusion detection in cloud computing using an ensemble learning approach,” International Journal of Information Technology, vol. 13, no. 2, pp. 565–571, 2021.

J. Shroff, R. Walambe, S. K. Singh, and K. Kotecha, “Enhanced security against volumetric DDoS attacks using adversarial machine learning,” Wireless Communications and Mobile Computing, vol. 2022, Article ID 5757164, 10 pages, 2022.

Sheeraz Ahmed, Zahoor Ali Khan, Syed Muhammad Mohsin, Shahid Latif, Sheraz Aslam, Hana Mujlid, Muhammad Adil, Zeeshan Najam, "Effective and Efficient DDoS Attack Detection Using Deep Learning Algorithm, Multi-Layer Perceptron", Future Internet, vol.15, no.2, pp.76, 2023

Samantaray, M., Satapathy, S., Lenka, A. (2022). A Systematic Study on Network Attacks and Intrusion Detection System. In: Skala, V., Singh, T.P., Choudhury, T., Tomar, R., Abul Bashar, M. (eds) Machine Intelligence and Data Science Applications. Lecture Notes on Data Engineering and Communications Technologies, vol 132. Springer, Singapore. https://doi.org/10.1007/978-981-19-2347-0_16

S. Potluri, M. Mangla, S. Satpathy and S. N. Mohanty, "Detection and Prevention Mechanisms for DDoS Attack in Cloud Computing Environment," 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kharagpur, India, 2020, pp. 1-6, doi: 10.1109/ICCCNT49239.2020.9225396.

Ashraf Uddin M, Stranieri A, Gondal I, Balasubramanian V (2020) Dynamically recommending repositories for health data: a machine learning model. In: Proceedings of the Australasian Computer Science Week Multiconference. ACM. Pp 1–10. https://dl.acm.org/doi/abs/10.1145/3373017.3373041.

Downloads

Published

03-10-2023

How to Cite

1.
Chatterjee S, Satpathy S, Nibedita A. Digital Investigation of Network Traffic Using Machine Learning. EAI Endorsed Scal Inf Syst [Internet]. 2023 Oct. 3 [cited 2024 May 20];11(1). Available from: https://publications.eai.eu/index.php/sis/article/view/4055

Issue

Vol. 11 No. 1 (2024): EAI Endorsed Transactions on Scalable Information Systems

Section

Research articles

License

Copyright (c) 2023 Saswati Chatterjee, Suneeta Satpathy, Arpita Nibedita

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.

Crossref
Scopus
Google Scholar
Europe PMC