Difference between revisions of "Projects:2016s1-102 Classifying Internet Applications and Detecting Malicious Traffic from Network Communications"
(→Introduction) |
(→Introduction) |
||
Line 25: | Line 25: | ||
- Identify applications of interest within the inspected network. | - Identify applications of interest within the inspected network. | ||
− | In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification and a calibration classification stage will be developed in order to inspect NetFlow data, which | + | In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs. |
The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data. | The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data. | ||
The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications. | The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications. | ||
+ | |||
+ | The project will be produced through the software environment: R. |
Revision as of 19:17, 6 April 2016
Project Team
Karl Hornlund
Jason Trann
Supervisors
Assoc Prof Cheng Chew Lim
Dr Hong Gunn Chew
Dr Adriel Cheng (DSTG)
Introduction
Project Description:
The project aim is to accurately identify internet applications and detect malicious traffic from NetFlow data. For this project, the outcomes infers several motivations:
- Determine network resource demands within a network.
- Determine the traffic load of the inspected network.
- Identify applications of interest within the inspected network.
In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs.
The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.
The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.
The project will be produced through the software environment: R.