Project Team

Karl Hornlund

Jason Trann

Supervisors

Assoc Prof Cheng Chew Lim

Dr Hong Gunn Chew

Dr Adriel Cheng (DSTG)

Introduction

Project Description:

The project aim is to accurately identify internet applications and detect malicious traffic from NetFlow data. For this project, the outcomes infers several motivations:

1. Determine network resource demands within a network.

2. Determine the traffic load of the inspected network.

3. Identify applications of interest within the inspected network.

In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification and a calibration classification stage will be developed in order to inspect NetFlow data, which will identify internet classes and create Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs. The project will be produced through the software environment: R.

The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.

The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.