Network Supervision via Protocol Identification in the Network

conference paper

English

This paper is focused on a comparison of ML (Machine Learning) and DNN (Deep Neural Network) techniques in protocol recognition to support network supervision for further proper handling, e.g., detection of a security incident. The DNN approach uses 11 layers and the ML approach is consisting of 28 mutually different predictive models. Both techniques were performed/compared on a freely accessible dataset containing browsing pcap files for further comparison, e.g., with other approaches. The predictive multiclass models were trained (fitted) to be capable of detecting five network protocols. Both approaches were compared by the achieved accuracy (based on testing and validating data), learning time, and predicting the time point of view. Using the ML approach, we were able to recognize the protocol with an accuracy of 1 and using DNN with an accuracy of 0.97.

IT protocols, neural networks, machine learning, protocol recognition

HOLASOVÁ, E.; KUCHAŘ, K.; FUJDIAK, R.

26. 4. 2022

Brno University of Technology, Faculty of Electrical Engineering and Communication

Brno

978-80-214-6029-4

Proceedings I of the 28th Conference STUDENT EEICT 2022 General papers

1

470

474

5

https://www.eeict.cz/eeict_download/archiv/sborniky/EEICT_2022_sbornik_1_v2.pdf