Difference between revisions of "Projects:2016s1-102 Classifying Internet Applications and Detecting Malicious Traffic from Network Communications"

From Projects
Jump to: navigation, search
(Introduction)
(Introduction)
Line 15: Line 15:
 
= Introduction =
 
= Introduction =
  
'''Project Description:'''
+
The project aims to use machine learning to predict the application class of computer network traffic. In particular, we will explore the usefulness of graph based techniques to extract additional features and provide a simplified model for classification; and, evaluate the classification performance with respect to identifying malicious network traffic.
  
The project aim is to accurately identify internet applications and detect malicious traffic from NetFlow data. For this project, from the outcomes, several motivations are realised:
+
'''Objectives'''
  
- Determining network resource demands within a network.
+
- Implement a supervised machine learning system which utilises NetFlow data and spatial traffic statistics to classify network traffic, as described by Jin et al. [12] [18] [19].
  
- Determining the traffic load of the inspected network.
+
- Achieve an appropriate level of accuracy when benchmarked against previous years’ iterations of the project and verify the results of Jin et al. [18].
  
- Identifying applications of interest within the inspected network.
+
- Evaluate the effectiveness of using spatial traffic statistics, in particular with respect to identifying malicious traffic.
  
In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of Machine Learning techniques to generate the required outputs.  
+
- Explore improvements and extensions on the current method prescribed by Jin et al. [12] [18] [19].
 
 
The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.
 
 
 
The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.
 
 
 
The project will be produced through the software environment: R.
 

Revision as of 01:12, 26 October 2016

Project Team

Karl Hornlund

Jason Trann

Supervisors

Assoc Prof Cheng Chew Lim

Dr Hong Gunn Chew

Dr Adriel Cheng (DSTG)

Introduction

The project aims to use machine learning to predict the application class of computer network traffic. In particular, we will explore the usefulness of graph based techniques to extract additional features and provide a simplified model for classification; and, evaluate the classification performance with respect to identifying malicious network traffic.

Objectives

- Implement a supervised machine learning system which utilises NetFlow data and spatial traffic statistics to classify network traffic, as described by Jin et al. [12] [18] [19].

- Achieve an appropriate level of accuracy when benchmarked against previous years’ iterations of the project and verify the results of Jin et al. [18].

- Evaluate the effectiveness of using spatial traffic statistics, in particular with respect to identifying malicious traffic.

- Explore improvements and extensions on the current method prescribed by Jin et al. [12] [18] [19].

Retrieved from "https://projectswiki.eleceng.adelaide.edu.au/projects/index.php?title=Projects:2016s1-102_Classifying_Internet_Applications_and_Detecting_Malicious_Traffic_from_Network_Communications&oldid=6598"