УПРАВЛЕНИЕ И ПРИНЯТИЕ РЕШЕНИЙ
СИСТЕМЫ УПРАВЛЕНИЯ
ПРОГРАММНАЯ ИНЖЕНЕРИЯ
ОБРАБОТКА ИНФОРМАЦИИ И АНАЛИЗ ДАННЫХ
R. N. Ermakov, V. V. Alekseev "Primary Data Processing for Constructing Network Package Classifiers in Deep Packet Inspection Analysis and in the Intrusion Detection Systems"
РАСПОЗНАВАНИЕ ОБРАЗОВ
ПРОБЛЕМЫ БЕЗОПАСНОСТИ
R. N. Ermakov, V. V. Alekseev "Primary Data Processing for Constructing Network Package Classifiers in Deep Packet Inspection Analysis and in the Intrusion Detection Systems"

Abstract.

We consider the procedure for preprocessing the source packet information in a new method for classifying network packets of the application layer in order to determine their belonging to one of the known network protocols. Packets are classified based on the use of machine learning methods and fuzzy logic algorithms in Network Traffic Analysis (NTA) systems, in “deep” packet analysis (Deep Packet Inspection - DPI), in intrusion detection systems (IDS) and in other systems. To define the protocol, the principle of high-speed one-packet classification is used, which consists in analyzing the information transmitted in each particular packet. Elements of behavioral analysis are used, namely, the transition states of information exchange protocols are classified, which allows to achieve a higher level of accuracy of classification and a higher degree of generalization in new test samples.

Keywords:

classification of network packets, neural networks, DPI methods, machine learning, definition of network protocols.

Стр. 34-42.

DOI 10.14357/20718632190404

Полная версия статьи в формате pdf. 

2024 / 03
2024 / 02
2024 / 01
2023 / 04

© ФИЦ ИУ РАН 2008-2018. Создание сайта "РосИнтернет технологии".