Investigating Two Different Approaches for Encrypted Traffic Classification

被引：29

作者：

Alshammari, Riyad ^{[1
]}

Zincir-Heywood, A. Nur ^{[1
]}

机构：

[1] Dalhousie Univ, Fac Comp Sci, Halifax, NS, Canada

来源：

SIXTH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST, PROCEEDINGS | 2008年

关键词：

D O I：

10.1109/PST.2008.15

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The basic objective of this work is to compare the utility of an expert driven system and a data driven system for classifying encrypted network traffic, specifically SSH traffic from traffic log files. Pre-processing is applied to the traffic data to represent as traffic flows. Results show that the data driven system approach outperforms the expert driven system approach in terms of high detection and low false positive rates.

引用

页码：156 / 166

页数：11

共 16 条

[1]

Alpaydin E., 2010, Introduction to Machine Learning

[2]

Alshammari R, 2007, IEEE SYS MAN CYBERN, P2563

[3]

[Anonymous], P PASS ACT MEAS WORK

[4]

BERNAILLE L, 2006, P ACM SIGCOMM COMP C

[5]

Bernaille Laurent, 2007, PASS ACT MEAS C PAM

[6]

Dreger H, 2006, USENIX Association Proceedings of the 15th USENIX Security Symposium, P257

[7]

Erman Jeffrey, 2006, P 2006 SIGCOMM WORKS, P281

[8]

HAFFNER P., 2005, MINENET 05, P197, DOI DOI 10.1145/1080173.1080183

[9]

KARAGIANNIS T, 2005, P 2005 C APPL TECHN, P229

[10]

MONTIGNYLEBOEUF A, 2005, J CRC

← 1 2 →