Framework for identifying network attacks through packet inspection using machine learning

IF 2.4 Q2 ENGINEERING, MECHANICAL
Ravi Shanker, Prateek Aggrawal, Aman Singh, Mohammed Wasim Bhatt
{"title":"Framework for identifying network attacks through packet inspection using machine learning","authors":"Ravi Shanker, Prateek Aggrawal, Aman Singh, Mohammed Wasim Bhatt","doi":"10.1515/nleng-2022-0297","DOIUrl":null,"url":null,"abstract":"Abstract In every network, traffic anomaly detection system is an essential field of study. In the communication system, there are various protocols and intrusions. It is still a testing area to find high precision to boost the correct distribution ratio. Many authors have worked on various algorithms such as simple classification, K-Means, Genetic Algorithm, and Support Vector Machine approaches, and they presented the efficiency and accuracy of these algorithms. In this article, we have proposed a feature extraction technique known as “k-means clustering,” which has its roots in signal processing and is employed to divide a set of n observations into k clusters, each of which has its origin from the observation with the closest mean. K-Means method is applied in this study to investigate the stream and its implementation and applications using Python and the dataset on the KDDcup99. The effectiveness of the outcome indicates the planned work’s efficiency in relation to other widely available alternatives. Apart from the applied method, a web-based framework is designed, which can inspect an actual network traffic packet for identifying network attacks. Instead of using a static file for testing the network attack, a web page-based solution uses database to collect and test the information. Real-time packet inspection is provided in the proposed work for identifying new attacks.","PeriodicalId":37863,"journal":{"name":"Nonlinear Engineering - Modeling and Application","volume":"52 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Nonlinear Engineering - Modeling and Application","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/nleng-2022-0297","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, MECHANICAL","Score":null,"Total":0}
引用次数: 0

Abstract

Abstract In every network, traffic anomaly detection system is an essential field of study. In the communication system, there are various protocols and intrusions. It is still a testing area to find high precision to boost the correct distribution ratio. Many authors have worked on various algorithms such as simple classification, K-Means, Genetic Algorithm, and Support Vector Machine approaches, and they presented the efficiency and accuracy of these algorithms. In this article, we have proposed a feature extraction technique known as “k-means clustering,” which has its roots in signal processing and is employed to divide a set of n observations into k clusters, each of which has its origin from the observation with the closest mean. K-Means method is applied in this study to investigate the stream and its implementation and applications using Python and the dataset on the KDDcup99. The effectiveness of the outcome indicates the planned work’s efficiency in relation to other widely available alternatives. Apart from the applied method, a web-based framework is designed, which can inspect an actual network traffic packet for identifying network attacks. Instead of using a static file for testing the network attack, a web page-based solution uses database to collect and test the information. Real-time packet inspection is provided in the proposed work for identifying new attacks.
使用机器学习通过数据包检测识别网络攻击的框架
在任何网络中,流量异常检测系统都是一个重要的研究领域。在通信系统中,有各种各样的协议和入侵。如何找到提高正确分布比的高精度方法仍是一个有待检验的领域。许多作者已经研究了各种算法,如简单分类、K-Means、遗传算法和支持向量机方法,并展示了这些算法的效率和准确性。在本文中,我们提出了一种称为“k-均值聚类”的特征提取技术,该技术源于信号处理,用于将一组n个观测值划分为k个聚类,每个聚类的起源都来自最接近均值的观测值。本研究采用K-Means方法,在KDDcup99上使用Python和数据集来研究流及其实现和应用。结果的有效性表明计划的工作相对于其他广泛可得的替代办法的效率。在应用方法的基础上,设计了一个基于web的框架,通过对实际网络流量报文的检测来识别网络攻击。基于网页的解决方案使用数据库收集和测试信息,而不是使用静态文件来测试网络攻击。提出的工作提供了实时数据包检测来识别新的攻击。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
6.20
自引率
3.60%
发文量
49
审稿时长
44 weeks
期刊介绍: The Journal of Nonlinear Engineering aims to be a platform for sharing original research results in theoretical, experimental, practical, and applied nonlinear phenomena within engineering. It serves as a forum to exchange ideas and applications of nonlinear problems across various engineering disciplines. Articles are considered for publication if they explore nonlinearities in engineering systems, offering realistic mathematical modeling, utilizing nonlinearity for new designs, stabilizing systems, understanding system behavior through nonlinearity, optimizing systems based on nonlinear interactions, and developing algorithms to harness and leverage nonlinear elements.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信