About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6–9, 2021, Proceedings, Part I

Research Article

Controlling Network Traffic Microstructures for Machine-Learning Model Probing

Download(Requires a free EAI acccount)
265 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-90019-9_23,
        author={Henry Clausen and Robert Flood and David Aspinall},
        title={Controlling Network Traffic Microstructures for Machine-Learning Model Probing},
        proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part I},
        proceedings_a={SECURECOMM},
        year={2021},
        month={11},
        keywords={Data generation Network intrusion detection Machine learning Model development Containerisation},
        doi={10.1007/978-3-030-90019-9_23}
    }
    
  • Henry Clausen
    Robert Flood
    David Aspinall
    Year: 2021
    Controlling Network Traffic Microstructures for Machine-Learning Model Probing
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-030-90019-9_23
Henry Clausen1, Robert Flood1, David Aspinall1
  • 1: Edinburgh University

Abstract

Network intrusion detection (NID) models increasingly rely on learning traffic microstructures that consist of pattern sequences in features such as interarrival time, size, or packet flags. We argue that precise and reproducible control over traffic microstructures is crucial to understand and improve NID-model behaviour. We demonstrate that probing a traffic classifier with appropriately generated microstructures reveals links between misclassifications and traffic characteristics, and correspondingly lets us improve the false positive rate by more than . We examine how specific factors such as network congestion, load, conducted activity, or protocol implementation impact traffic microstructures, and how well their influence can be isolated in a controlled and near-deterministic traffic generation process. We then introduce DetGen, a traffic generation tool that provides precise microstructure control, and demonstrate how to generate traffic suitable to probe pre-trained NID-models.

Keywords
Data generation Network intrusion detection Machine learning Model development Containerisation
Published
2021-11-09
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-90019-9_23
Copyright © 2021–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL