Highlights on analyzing one-way traffic using different tools

Author

Balkanli, Eray ; Zincir-Heywood, A. Nur

Author_Institution

Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada

fYear

2015

Firstpage

1

Lastpage

8

Abstract

In this paper, we present our analysis using four different systems on two different one-way network traffic data sets. Specifically, we have explored the usage of two network traffic analyzers, namely Corsaro and Cisco ASA 5515-X, and two machine learning based systems, namely the C4.5 Decision Tree classifier and the AdaBoost.M1 classifier. We have employed these four systems on two publicly available one-way network data sets provided by CAIDA from 2008 and 2012. Our analysis on these systems are based on the detection rate, false alarm rate, computational cost and ease of use of these systems. To the best of our knowledge, this work is the first one performing such an analysis and evaluating machine learning based systems against well known commercial as well as open source ones on one-way network traffic data sets.

Keywords

computer network security; decision trees; learning (artificial intelligence); telecommunication traffic; AdaBoost.M1 classifier; C4.5 decision tree classifier; CAIDA; Cisco ASA 5515-X; different tools; false alarm rate; machine learning; network traffic data sets; one-way network traffic data sets; one-way traffic analysis; Backscatter; Decision trees; IP networks; Monitoring; Protocols; Security; Training; One-way traffic; machine learning; network traffic monitoring;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence for Security and Defense Applications (CISDA), 2015 IEEE Symposium on

Conference_Location

Verona, NY

Print_ISBN

978-1-4673-7556-6

Type

conf

DOI

10.1109/CISDA.2015.7208635

Filename

7208635