Projects:2016s1-102 Classifying Internet Applications and Detecting Malicious Traffic from Network Communications

From Projects
Revision as of 19:17, 6 April 2016 by A1629981 (talk | contribs) (Introduction)
Jump to: navigation, search

Project Team

Karl Hornlund

Jason Trann

Supervisors

Assoc Prof Cheng Chew Lim

Dr Hong Gunn Chew

Dr Adriel Cheng (DSTG)

Introduction

Project Description:

The project aim is to accurately identify internet applications and detect malicious traffic from NetFlow data. For this project, the outcomes infers several motivations:

- Determine network resource demands within a network.

- Determine the traffic load of the inspected network.

- Identify applications of interest within the inspected network.

In collaboration with the Defence Science and Technology Group (DSTG) and the University of Adelaide (UofA), a two step model consisting of a bootstrap classification stage and a calibration classification stage will be developed in order to inspect NetFlow data, which identifies internet classes and creates Traffic Activity Graphs (TAG). The two step model will make use of deep packet inspection and Machine Learning techniques to generate the required outputs.

The bootstrap classification of the two stage model will use a Machine Learning technique to feed in a NetFlow training dataset, and generate predicted flow labels for the Netflow Data.

The calibration classification of the two stage model will use TAGs, the neighbouring predicted flow edges of hosts and Machine Learning Techniques to calibrate edge classifications.

The project will be produced through the software environment: R.