TELKOMNIKA Telecommunication, Computing, Electronics and Control
Online traffic classification for malicious flows using efficient machine learning techniques
Dublin Core
Title
TELKOMNIKA Telecommunication, Computing, Electronics and Control
Online traffic classification for malicious flows using efficient machine learning techniques
Online traffic classification for malicious flows using efficient machine learning techniques
Subject
Machine learning
Malicious traffic flows
Online classification
Snort alerts
Statistical features
Malicious traffic flows
Online classification
Snort alerts
Statistical features
Description
The rapid network technology growth causing various network problems,
attacks are becoming more sophisticated than defenses. In this paper, we
proposed traffic classification by using machine learning technique, and
statistical flow features such as five tuples for the training dataset. A rule-
based system, Snort is used to identify the severe harmfulness data packets
and reduce the training set dimensionality to a manageable size. Comparison
of performance between training dataset that consists of all priorities
malicious flows with only has priority 1 malicious flows are done. Different
machine learning (ML) algorithms performance in terms of accuracy and
efficiency are analyzed. Results show that Naïve Bayes achieved accuracy up
to 99.82% for all priorities while 99.92% for extracted priority 1 of malicious
flows training dataset in 0.06 seconds and be chosen to classify traffic in
real-time process. It is demonstrated that by taking just five tuples
information as features and using Snort alert information to extract only
important flows and reduce size of dataset is actually comprehensive enough
to supply a classifier
attacks are becoming more sophisticated than defenses. In this paper, we
proposed traffic classification by using machine learning technique, and
statistical flow features such as five tuples for the training dataset. A rule-
based system, Snort is used to identify the severe harmfulness data packets
and reduce the training set dimensionality to a manageable size. Comparison
of performance between training dataset that consists of all priorities
malicious flows with only has priority 1 malicious flows are done. Different
machine learning (ML) algorithms performance in terms of accuracy and
efficiency are analyzed. Results show that Naïve Bayes achieved accuracy up
to 99.82% for all priorities while 99.92% for extracted priority 1 of malicious
flows training dataset in 0.06 seconds and be chosen to classify traffic in
real-time process. It is demonstrated that by taking just five tuples
information as features and using Snort alert information to extract only
important flows and reduce size of dataset is actually comprehensive enough
to supply a classifier
Creator
Ying Yenn Chan, Ismahani Bt Ismail, Ban Mohammed Khammas
Source
http://journal.uad.ac.id/index.php/TELKOMNIKA
Date
Mar 20, 2021
Contributor
peri irawan
Format
pdf
Language
english
Type
text
Files
Collection
Citation
Ying Yenn Chan, Ismahani Bt Ismail, Ban Mohammed Khammas, “TELKOMNIKA Telecommunication, Computing, Electronics and Control
Online traffic classification for malicious flows using efficient machine learning techniques,” Repository Horizon University Indonesia, accessed March 15, 2025, https://repository.horizon.ac.id/items/show/4126.
Online traffic classification for malicious flows using efficient machine learning techniques,” Repository Horizon University Indonesia, accessed March 15, 2025, https://repository.horizon.ac.id/items/show/4126.