在网络流量上使用机器学习技术跟踪用户应用程序活动

2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC) Pub Date : 2019-02-01 DOI:10.1109/ICAIIC.2019.8669040

Sina Fathi Kazerooni, Yagiz Kaymak, R. Rojas-Cessa

{"title":"在网络流量上使用机器学习技术跟踪用户应用程序活动","authors":"Sina Fathi Kazerooni, Yagiz Kaymak, R. Rojas-Cessa","doi":"10.1109/ICAIIC.2019.8669040","DOIUrl":null,"url":null,"abstract":"A network eavesdropper may invade the privacy of an online user by collecting the passing traffic and classifying the applications that generated the network traffic. This collection may be used to build fingerprints of the user’s Internet usage. In this paper, we investigate the feasibility of performing such breach on encrypted network traffic generated by actual users. We adopt the random forest algorithm to classify the applications in use by users of a campus network. Our classification system identifies and quantifies different statistical features of user’s network traffic to classify applications rather than looking into packet contents. In addition, application classification is performed without employing a port mapping at the transport layer. Our results show that applications can be identified with an average precision and recall of up to 99%.","PeriodicalId":273383,"journal":{"name":"2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)","volume":"84 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Tracking User Application Activity by using Machine Learning Techniques on Network Traffic\",\"authors\":\"Sina Fathi Kazerooni, Yagiz Kaymak, R. Rojas-Cessa\",\"doi\":\"10.1109/ICAIIC.2019.8669040\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A network eavesdropper may invade the privacy of an online user by collecting the passing traffic and classifying the applications that generated the network traffic. This collection may be used to build fingerprints of the user’s Internet usage. In this paper, we investigate the feasibility of performing such breach on encrypted network traffic generated by actual users. We adopt the random forest algorithm to classify the applications in use by users of a campus network. Our classification system identifies and quantifies different statistical features of user’s network traffic to classify applications rather than looking into packet contents. In addition, application classification is performed without employing a port mapping at the transport layer. Our results show that applications can be identified with an average precision and recall of up to 99%.\",\"PeriodicalId\":273383,\"journal\":{\"name\":\"2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)\",\"volume\":\"84 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICAIIC.2019.8669040\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAIIC.2019.8669040","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

网络窃听者可以通过收集通过的流量并对产生网络流量的应用程序进行分类，从而侵犯在线用户的隐私。这个集合可以用来建立用户互联网使用的指纹。在本文中，我们研究了对实际用户生成的加密网络流量执行这种破坏的可行性。采用随机森林算法对校园网用户使用的应用程序进行分类。我们的分类系统识别和量化用户网络流量的不同统计特征，以对应用程序进行分类，而不是查看数据包内容。此外，在执行应用程序分类时，不需要在传输层使用端口映射。我们的结果表明，该方法可以识别应用程序，平均精度和召回率高达99%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Tracking User Application Activity by using Machine Learning Techniques on Network Traffic

A network eavesdropper may invade the privacy of an online user by collecting the passing traffic and classifying the applications that generated the network traffic. This collection may be used to build fingerprints of the user’s Internet usage. In this paper, we investigate the feasibility of performing such breach on encrypted network traffic generated by actual users. We adopt the random forest algorithm to classify the applications in use by users of a campus network. Our classification system identifies and quantifies different statistical features of user’s network traffic to classify applications rather than looking into packet contents. In addition, application classification is performed without employing a port mapping at the transport layer. Our results show that applications can be identified with an average precision and recall of up to 99%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC)

自引率

0.00%

发文量