Using Deep Packet Inspection in Cyber Traffic Analysis

被引:4
|
作者
Deri, Luca [1 ]
Fusco, Francesco [2 ]
机构
[1] Ntop, Pisa, Italy
[2] IBM Res, Zurich, Switzerland
关键词
Deep packet inspection; Encrypted traffic analysis; Open-source;
D O I
10.1109/CSR51186.2021.9527976
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In recent years we have observed an escalation of cybersecurity attacks, which are becoming more sophisticated and harder to detect as they use more advanced evasion techniques and encrypted communications. The research community has often proposed the use of machine learning techniques to overcome the limitations of traditional cybersecurity approaches based on rules and signatures, which are hard to maintain, require constant updates, and do not solve the problems of zero-day attacks. Unfortunately, machine learning is not the holy grail of cybersecurity: machine learning-based techniques are hard to develop due to the lack of annotated data, are often computationally intensive, they can be target of hard to detect adversarial attacks, and more importantly are often not able to provide explanations for the predicted outcomes. In this paper, we describe a novel approach to cybersecurity detection leveraging on the concept of security score. Our approach demonstrates that extracting signals via deep packet inspections paves the way for efficient detection using traffic analysis. This work has been validated against various traffic datasets containing network attacks, showing that it can effectively detect network threats without the complexity of machine learning-based solutions.
引用
收藏
页码:89 / 94
页数:6
相关论文
共 50 条
  • [1] Cyber attack evaluation dataset for deep packet inspection and analysis
    Shandilya, Shishir Kumar
    Ganguli, Chirag
    Izonin, Ivan
    Nagar, Atulya Kumar
    [J]. DATA IN BRIEF, 2023, 46
  • [2] Detecting and Blocking Onion Router Traffic Using Deep Packet Inspection
    Saputra, Ferry Astika
    Nadhori, Isbat Uzzin
    Barry, Balighani Fathul
    [J]. 2016 INTERNATIONAL ELECTRONICS SYMPOSIUM (IES), 2016, : 283 - 288
  • [3] Monitoring IoT Encrypted Traffic with Deep Packet Inspection and Statistical Analysis
    Deri, Luca
    Sartiano, Daniele
    [J]. INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST-2020), 2020, : 85 - 90
  • [4] Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
    Cascarano, Niccolo
    Ciminiera, Luigi
    Risso, Fulvio
    [J]. JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT, 2011, 19 (01) : 7 - 31
  • [5] Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
    Niccolò Cascarano
    Luigi Ciminiera
    Fulvio Risso
    [J]. Journal of Network and Systems Management, 2011, 19 : 7 - 31
  • [6] BlindBox: Deep Packet Inspection over Encrypted Traffic
    Sherry, Justine
    Lan, Chang
    Popa, Raluca Ada
    Ratnasamy, Sylvia
    [J]. ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2015, 45 (04) : 213 - 226
  • [7] BlindBox: Deep Packet Inspection over Encrypted Traffic
    Sherry, Justine
    Lan, Chang
    Popa, Raluca Ada
    Ratnasamy, Sylvia
    [J]. SIGCOMM'15: PROCEEDINGS OF THE 2015 ACM CONFERENCE ON SPECIAL INTEREST GROUP ON DATA COMMUNICATION, 2015, : 213 - 226
  • [8] A Software Deep Packet Inspection System for Network Traffic Analysis and Anomaly Detection
    Song, Wenguang
    Beshley, Mykola
    Przystupa, Krzysztof
    Beshley, Halyna
    Kochan, Orest
    Pryslupskyi, Andrii
    Pieniak, Daniel
    Su, Jun
    [J]. SENSORS, 2020, 20 (06)
  • [9] Development of Deep Packet Inspection System for Network Traffic Analysis and Intrusion Detection
    Cheng, Zhihui
    Beshley, Mykola
    Beshley, Halyna
    Kochan, Orest
    Urikova, Oksana
    [J]. 15TH INTERNATIONAL CONFERENCE ON ADVANCED TRENDS IN RADIOELECTRONICS, TELECOMMUNICATIONS AND COMPUTER ENGINEERING (TCSET - 2020), 2020, : 877 - 881
  • [10] Space efficient deep packet inspection of compressed web traffic
    Afek, Yehuda
    Bremler-Barr, Anat
    Koral, Yaron
    [J]. COMPUTER COMMUNICATIONS, 2012, 35 (07) : 810 - 819