{"title":"Performance Analysis of Traffic Classification with Machine Learning","authors":"Htay Htay Yi, Zin May Aye","volume":169,"journal":"International Journal of Computer and Information Engineering","pagesStart":42,"pagesEnd":48,"ISSN":"1307-6892","URL":"https:\/\/publications.waset.org\/pdf\/10011782","abstract":"Network security is role of the ICT environment<br \/>\r\nbecause malicious users are continually growing that realm of<br \/>\r\neducation, business, and then related with ICT. The network security<br \/>\r\ncontravention is typically described and examined centrally based<br \/>\r\non a security event management system. The firewalls, Intrusion<br \/>\r\nDetection System (IDS), and Intrusion Prevention System are<br \/>\r\nbecoming essential to monitor or prevent of potential violations,<br \/>\r\nincidents attack, and imminent threats. In this system, the firewall<br \/>\r\nrules are set only for where the system policies are needed. Dataset<br \/>\r\ndeployed in this system are derived from the testbed environment. The<br \/>\r\ntraffic as in DoS and PortScan traffics are applied in the testbed with<br \/>\r\nfirewall and IDS implementation. The network traffics are classified<br \/>\r\nas normal or attacks in the existing testbed environment based on<br \/>\r\nsix machine learning classification methods applied in the system.<br \/>\r\nIt is required to be tested to get datasets and applied for DoS and<br \/>\r\nPortScan. The dataset is based on CICIDS2017 and some features<br \/>\r\nhave been added. This system tested 26 features from the applied<br \/>\r\ndataset. The system is to reduce false positive rates and to improve<br \/>\r\naccuracy in the implemented testbed design. The system also proves<br \/>\r\ngood performance by selecting important features and comparing<br \/>\r\nexisting a dataset by machine learning classifiers.","references":"[1] A. Alhomoud, R. Munir, J. P. Disso, I. Awan, \u201cPerformance Evaluation\r\nStudy of Intrusion Detection Systems\u201d, Procedia Computer Science 5,\r\npublished by Elsevier Ltd, pp. 173-180, 2011.\r\n[2] H. H. Yi, Z. M. Aye, \u201cAwareness of Policy Anomalies with Ruled-Based\r\nFirewall\u201d, ProMAC 2019, pp. 678-686.\r\n[3] S. Jungsuk, T, Hiroki, and O. Yasuo, \u201cStatistical nalysis of Honeypot\r\nData and Building of Kyoto 2006+ Dataset for NIDS Evaluation\u201d, 1st\r\nWorkshop on Building Analysis Datasets and Gathering Experience\r\nReturns for Security (BADGERS 2011), April, 2011.\r\n[4] le Cessie, S. and van Houwelingen, J.C. (1992). \u201cJournal of the Royal\r\nStatistical Society. Series C (Applied Statistics)\u201d, Ridge Estimators in\r\nLogistic Regression. Applied Statistics, Vol. 41, pp. 191-201, 1992.\r\n[5] S. Mukkamala, G. Janoski, A. Sung \u201cNetwork Intrusion Detection with\r\nFeature Selection Techniques using Machine-Learning Algorithms\u201d,\r\nInternational Journal of Computer Applications, Vol.150, no.12, 2016.\r\n[6] H. H. Yi, Z. M. Aye, \u201cSecurity Awareness of Network Infrastructure:\r\nReal-time Intrusion Detection and Prevention System with Storage Log\r\nServer\u201d, The 16th International Conference on Computer Application,\r\n2018, pp. 678-686.\r\n[7] P. Tao, Z. Sun, and et. al, \u201cAn improved intrusion detection algorithm\r\nbased on GA and SVM\u201d, IEEE, 2018.\r\n[8] H. Liao, C.R. Lin, and Y. Lin, K. Tung, \u201cIntrusion detection system: A\r\ncomprehensive review\u201d, Journal of Network and Computer Applications\r\n36, pp 16-24, 2013.\r\n[9] M. Bijone,\u201cA Survey on Secure Network Intrusion Detection &\r\nPrevention Approaches\u201d, American Journal of Information System, vol.\r\n4, No.3, pp. 69-88, 2016.\r\n[10] M. Urvashi, and A. Jain, \u201cA survey of IDS classification using KDD\r\nCUP 99 dataset in WEKA\u201d, International Journal of Scientific &\r\nEngineering Research, Vol.6, Issue 11, Nov, 2015.\r\n[11] http:\/\/kdd.ics.uci.edu\/databases\/kddcup99\/kddcup99.html, 1999.\r\n[12] Kurniabudi, D. Stiawan, and et al. \u201cCICIDS-2017 Dataset Feature\r\nAnalysis with Information Gain for Anomaly Detection\u201d, IEEE, July,\r\n2019. [13] P. S. Pervez and D. M. Farid, \u201cFeature selection and intrusion\r\nclassification in NSL-KDD cup 99 dataset employing SVMs\u201d, The\r\n8th International Conference on Software, Knowledge, Information\r\nManagement and Applications (SKIMA 2014), Dec, 2014.\r\n[14] A. Thakkar and R. Lohiya. \u201cA Review of the Advancement in Intrusion\r\ndetection Datasets\u201d, Procedia Computer Science, Vol-167, pp. 636-645,\r\n2020.\r\n[15] Y. Li a, J. Xia, et. al \u201cAn efficient intrusion detection system based on\r\nsupport vector machines and gradually feature removal method\u201d, Expert\r\nSystem with Applications, pp. 424-430, 2012.\r\n[16] https:\/\/www.dbs.ifi.lmu.de\/ zimek\/diplomathesis\/implementations\/\r\nEHNDs\/doc\/weka\/classifiers\/functions\/Logistic.html, Extract from\r\nDec-6, 2020.\r\n[17] D. Protic, \u201cReview of KDD Cup \u201999, NSL-KDD and Kyoto 2006+\r\ndatasets\u201d, Vojnotehnicki Glasnik\/ Military technical Courier, Vol. 66,\r\npp. 560-596, 2018.\r\n[18] N. Akhyari, and S. Fahmy, \u201cDesign of a Network Security Tool Using\r\nOpen-Source Applications\u201d, Australian Journal of Basic and Applied\r\nSciences, pp. 40-46, 2014.\r\n[19] M. Sumner, E. Frank, and M. Hall, \u201cSpeeding Up Logistic Model\r\nTree Induction\u201d, European Conference on Principles of Data Mining\r\nKnowledge Discovery (KDPP), pp. 675-683, 2005.\r\n[20] S. Hwang, K. Cho, and et.al \u201cTraffic Classification Approach Based on\r\nSupport Vector Machine and Statistic Signature\u201d, Springer, pp. 332-339,\r\n2013.\r\n[21] S. Aljawarneh, M. B. Yassein, and M. Aljundi, \u201cAn enhanced J48\r\nclassification algorithm for the anomaly intrusion detection systems\u201d,\r\nCluster Comput., pp. 117, 2017.\r\n[22] R. Chitrakar and H. Chuanhe, \u201cAnomaly detection using Support Vector\r\nMachine classification with k-Medoids clustering\u201d, 2012 Third Asian\r\nHimalayas International Conference, pp. 1-5, 2012.\r\n[23] S. Mulay, and P. R. Davale, \u201cIntrusion Detection System Using Support\r\nVector Machine and Decision Tree\u201d, International Journal of Computer\r\nApplications, vol 3, no.3, 2010.","publisher":"World Academy of Science, Engineering and Technology","index":"Open Science Index 169, 2021"}