Arşiv ve Dokümantasyon Merkezi
Dijital Arşivi

Deep packet inspection methods for network intrusion detection and application classification

Basit öğe kaydını göster

dc.contributor Graduate Program in Electrical and Electronic Engineering.
dc.contributor.advisor Anarım, Emin.
dc.contributor.advisor Koca, Mutlu.
dc.contributor.author Ateş, Çağatay.
dc.date.accessioned 2023-10-15T07:18:18Z
dc.date.available 2023-10-15T07:18:18Z
dc.date.issued 2022
dc.identifier.other EE 2022 A74
dc.identifier.uri http://digitalarchive.boun.edu.tr/handle/123456789/19748
dc.description.abstract Deep packet inspection methods have become more sophisticated with the rapidly developing technology. To understand the condition of the network, many different packet inspection techniques have been evolved. Newly developing machine learning methods have been used recently on these systems. The aim is to know which type of traffic is running through the network. In this thesis, different deep packet inspection methods are proposed to detect malicious traffic and find the applications running on the network. Time–series and flow–based methods are proposed to accomplish these tasks. Novel feature sets are constructed to execute these methods. Greedy algorithm which finds an upper bound for the distance between the probability distributions with different sizes is utilized in feature extraction process. The extracted features can be divided into two categories which are statistical features and payload–based features. Packet header values such as IP addresses are used to derive statistical features. Also, payload portion of packets are used to extract novel payload–based features. The fea ture sets are used with decision tree models in supervised learning to execute detection procedures. Proposed approaches are used in network intrusion detection and network application classification tasks. For network intrusion detection, performance evalua tion is given by using different publicly available well–known intrusion detection data sets consisting of different types of attacks. For network application classification, a data set consisting of real–world network traces from popular applications is used. Sim ulation results show that the proposed flow–based approaches have good performance in fulfilling these tasks.
dc.publisher Thesis (M.S.) - Bogazici University. Institute for Graduate Studies in Science and Engineering, 2022.
dc.subject.lcsh Deep learning (Machine learning)
dc.title Deep packet inspection methods for network intrusion detection and application classification
dc.format.pages xv, 129 leaves


Bu öğenin dosyaları

Bu öğe aşağıdaki koleksiyon(lar)da görünmektedir.

Basit öğe kaydını göster

Dijital Arşivde Ara


Göz at

Hesabım