A fully automated deep packet inspection verification system with machine learning

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) Pub Date : 2016-11-01 DOI:10.1109/ANTS.2016.7947802

Uday Trivedi, Munal Patel

{"title":"A fully automated deep packet inspection verification system with machine learning","authors":"Uday Trivedi, Munal Patel","doi":"10.1109/ANTS.2016.7947802","DOIUrl":null,"url":null,"abstract":"Deep Packet Inspection (DPI) technique has become very important for traffic detection and resource management in core networks. DPI systems use unique byte patterns as signatures to detect application traffic. Applications frequently update their version to add new features and/or to bypass firewall/DPI systems. Thus, an accurate DPI system needs to periodically verify existing signatures and update them if required. The manual task of application traffic generation and verification on multiple platforms is very tedious and error-prone. We propose a fully automated DPI verification system with machine learning techniques for periodic DPI signature verification and update. Automated mobile application traffic generation is achieved by open source tools GUITAR and Appium. Signature verification and new signature pattern suggestion from undetected flows are achieved by well-known and custom made machine learning algorithms, thus completing full signature verification and update cycle. Initial test results show that our solution saves lot of man hours and detects signature update in shortest possible time.","PeriodicalId":248902,"journal":{"name":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","volume":"171 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ANTS.2016.7947802","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Deep Packet Inspection (DPI) technique has become very important for traffic detection and resource management in core networks. DPI systems use unique byte patterns as signatures to detect application traffic. Applications frequently update their version to add new features and/or to bypass firewall/DPI systems. Thus, an accurate DPI system needs to periodically verify existing signatures and update them if required. The manual task of application traffic generation and verification on multiple platforms is very tedious and error-prone. We propose a fully automated DPI verification system with machine learning techniques for periodic DPI signature verification and update. Automated mobile application traffic generation is achieved by open source tools GUITAR and Appium. Signature verification and new signature pattern suggestion from undetected flows are achieved by well-known and custom made machine learning algorithms, thus completing full signature verification and update cycle. Initial test results show that our solution saves lot of man hours and detects signature update in shortest possible time.

查看原文本刊更多论文

具有机器学习功能的全自动深度包检测验证系统

深度包检测(DPI)技术在核心网络的流量检测和资源管理中发挥着重要的作用。DPI系统使用唯一的字节模式作为签名来检测应用程序流量。应用程序经常更新其版本以添加新功能和/或绕过防火墙/DPI系统。因此，准确的DPI系统需要定期验证现有签名，并在需要时进行更新。在多个平台上手动生成和验证应用程序流量是非常繁琐且容易出错的。我们提出了一个完全自动化的DPI验证系统，该系统采用机器学习技术进行周期性DPI签名验证和更新。自动化的移动应用程序流量生成是通过开源工具GUITAR和Appium实现的。签名验证和未检测流的新签名模式建议由知名和定制的机器学习算法完成，从而完成完整的签名验证和更新周期。初步测试结果表明，我们的解决方案节省了大量的人力，并在最短的时间内检测到签名更新。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)

自引率

0.00%

发文量