Publication Type : Conference Paper
Publisher : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI)
Source : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (2017)
Keywords : Computer architecture, computer network security, Cryptography, deep network, encrypted traffic, Feature extraction, flow based features, Internet, learning (artificial intelligence), National Laboratory for Applied Network Research, Network parameters, Network structures, network topologies, optimal deep networks, Payloads, Ports (Computers), Protocols, Recurrent neural networks, secure shell (SSH), secure shell traffic analysis, Shallow and Deep networks, shallow networks, SSH traffic statistical feature sets, Statistical analysis, telecommunication network management, Telecommunication traffic, Traffic Classification
Campus : Coimbatore
School : School of Engineering
Center : Computational Engineering and Networking
Department : Computer Science, Electronics and Communication
Year : 2017
Abstract : The primary objective of this work is to evaluate the effectiveness of various shallow and deep networks for characterizing and classifying the encrypted traffic such as secure shell (SSH). The SSH traffic statistical feature sets are estimated from various private and public traces. Private trace is NIMS (Network Information Management and Security Group) and public traces are MAWI (Measurement and Analysis on the WIDE Internet), NLANR's (National Laboratory for Applied Network Research) Active Measurement Project (AMP). To select optimal deep networks, experiments are done for various network parameters, network structures and network topologies. All the experiments are run up to 1000 epochs with learning rate in the range [0.01-0.5]. The various shallow and deep networks are trained using public traces and evaluated on the private trace and vice-versa. Results indicate that there is a possibility to detect SSH traffic with acceptable detection rate. The deep network has performed well in comparison to the shallow networks. Moreover, the performance of various shallow networks is comparable.
Cite this Research Publication : R. Vinayakumar, Dr. Soman K. P., and Poornachandran, P., “Secure Shell (ssh) Traffic Analysis with Flow based Features using Shallow and Deep Networks”, in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017.