Difference between revisions of "Projects:2016s1-102 Classifying Internet Applications and Detecting Malicious Traffic from Network Communications"

From Projects
Jump to: navigation, search
(Introduction)
(Introduction)
Line 25: Line 25:
 
- Identify applications of interest within the inspected network.
 
- Identify applications of interest within the inspected network.
  
In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification and a calibration classification stage will be developed in order to inspect NetFlow data, which will identify internet classes and create Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs. The project will be produced through the software environment: R.
+
In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs.  
  
 
The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.
 
The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.
  
 
The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.
 
The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.
 +
 +
The project will be produced through the software environment: R.

Revision as of 19:17, 6 April 2016

Project Team

Karl Hornlund

Jason Trann

Supervisors

Assoc Prof Cheng Chew Lim

Dr Hong Gunn Chew

Dr Adriel Cheng (DSTG)

Introduction

Project Description:

The project aim is to accurately identify internet applications and detect malicious traffic from NetFlow data. For this project, the outcomes infers several motivations:

- Determine network resource demands within a network.

- Determine the traffic load of the inspected network.

- Identify applications of interest within the inspected network.

In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs.

The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.

The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.

The project will be produced through the software environment: R.