基于半监督学习的网络流量分析研究

doi:10.11896/jsjkx.210600131

Abstract

Abstract: Semi supervised learning is a new machine learning method.It combines supervised learning with unsupervised lear-ning,and uses a small number of tags to analyze a large number of unlabeled data sets.In recent years,semi supervised learning has become one of the research hotspots of scholars at home and abroad,and has been widely used in various fields.With the rise of 5G and other technologies,the complexity and diversification of network traffic data flow have brought new difficulties to the field of network security.Therefore,applying semi supervised technology to the analysis of network traffic data has become one of the main methods.This paper introduces the characteristics and processing methods of current network traffic data,expounds the advantages of semi supervised learning in processing network traffic,summarizes the research progress of semi supervised learning in processing traffic analysis,and expounds the practical application of semi supervised learning in network traffic analysis from the aspects of semi supervised classification,semi supervised clustering and semi supervised dimensionality reduction.Finally,the challenges and new research directions of the current semi supervised network traffic analysis methods in the future are pointed out.

Key words: Network data flow, Semi supervised classification, Semi supervised learning, Traffic analysis

CLC Number:

TP393

PANG Xing-long, ZHU Guo-sheng. Survey of Network Traffic Analysis Based on Semi Supervised Learning[J].Computer Science, 2022, 49(6A): 544-554.

References

[1] CHEN L,GONG J,XU X.Overview of application layer protocol recognition algorithms[J].Diss,2007,34(7):73-75.
[2] MOORE A W,ZUEV D.Internet traffic classification usingbayesian analysis techniques[C]//Proceedings of the 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems.2005:50-60.
[3] YCAIDA.CAIDA data-overview of datasets,monitors and re-ports[EB/OL].[2019-04-14].http://www.Caida.org/data/overview/.
[4] ESTE A,GRINGOLI F,SALGARELLI L.On-line SVM traffic classification[C]//2011 7th International Wireless Communications and Mobile Computing Conference.IEEE,2011:1778-1783.
[5] DRAPER-GIL G,LASHKARI A H,MAMUN M S I,et al.Characterization of encrypted and vpn traffic using time-related[C]//Proceedings of the 2nd International Conference on Information Systems Security and Privacy(ICISSP).2016:407-414.
[6] TAVALLAEE M,BAGHERI E,LU W,et al.A detailed analysis of the KDD CUP 99 data set[C]//2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.IEEE,2009:1-6.
[7] SATO M,YAMAKI H,TAKAKURA H.Unknown attacks detection using feature extraction from anomaly-based ids alerts[C]//2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet.2012:273-277.
[8] The MAWI Working Group.MAWl working group traffic ar-chive[EB/OL].[2019-04-14].http://mawi.wide.ad.jp/mawi/.
[9] FEGER F,KOPRINSKA I.Co-training using RBF Nets and Different Feature Splits[C]//International Joint Conference on Neural Networks(IJCNN'06).IEEE,2006:1878-1885.
[10] EL-DIN A S,GAYAR N E.New Feature Splitting Criteria for Co-training Using Genetic Algorit-hm Optimization[C]//Multiple Classifier Systems.International Workshop,Mcs,Cairo,Egypt,2010:22-32.
[11] BASU S,BANERJEE A,MOONEY R.Semi-supervised clustering by seeding[C]//Proceedings of 19th International Confe-rence on Machine Learning(ICML 2002).2002:27-34.
[12] WAGSTAFF K.Constrained K-means Clustering with Back-ground Knowledge[C]//Proceedings of ICML-2001.2001.
[13] COHN D,CARUANA R,MCCALLUM A.Semi-supervisedclustering with user feedback[J].Constrained Clustering:Advances in Algorithms,Theory,and Applications,2003,4(1):17-32.
[14] VIEGAS E K,SANTIN A O,COGO V V,et al.A reliable semi-supervised intrusion detection model:One year of network traffic anomalies[C]//2020 IEEE International Conference on Communications(ICC 2020).IEEE,2020.
[15] WAGH S K,KOLHE S R.Effective semi-supervised approach towards intrusion detection system using machine learning techniques[J].International Journal of Electronic Security and DigitalForensics,2015,7(3):290-304.
[16] WANG Y,CHEN C,XIANG Y.Unknown pattern extractionfor statistical network protocol identification[C]//2015 IEEE 40th Conference on Local Computer Networks(LCN).IEEE,2015:506-509.
[17] ERMAN J,MAHANTI A,ARLITT M,et al.Offline/realtime traffic classification using semi-supervised learning[J].Perfor-mance Evaluation,2007,64(9/10/11/12):1194-1213.
[18] ERMAN J,MAHANTI A,ARLITT M,et al.Semi-supervisednetwork traffic classification[C]//Proceedings of the 2007 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems.2007:369-370.
[19] ZHANG J,CHEN C,XIANG Y,et al.Semi-supervised and compound classification of network traffic[J].International Journal of Security and Networks,2012,7(4):252-261.
[20] LI L L,ZHANG X Y,ZHANG X,et al.Semi supervised traffic classification algorithm based on K-means and k-nearest neighbor[J].Journal of University of Information Engineering,2015(2):234-239.
[21] LI P H,WANG Y,TAO X L.Semi supervised network traffic classification method of SVM[J].Computer Application,2013,33(6):1515-1518.
[22] LI X,QI F,XU D,et al.An InternetTraff-ic Classification Method Based on Semi-Super-vised Support Vector Machine[C]//2011 IEEE International Conference on Communications(ICC).IEEE,2011:1-5.
[23] NOORBEHBAHANI F,MANSOORI S.A new semi-supervised method for network traffic classification based on X-means clustering and label propagation[C]//2018 8th International Conference on Computer and Knowledge Engineering(ICCKE).IEEE,2018:120-125.
[24] ILIYASU A S,DENG H.Semi-Supervised Encrypted TrafficClassification With Deep Convolutional Generative Adversarial Networks[J].IEEE Access,2020,8:118-126.
[25] GLENNAN T,LECKIE C,ERFANI S M.Improved Classification of Known and Unknown Network Traffic Flows Using Semi-supervised Machine Learning[C]//Australasian Confe-rence on Information Security & Privacy.Springer International Publishing,2016:493-501.
[26] FAHAD A,ALMALAWI A,TARI Z,et al.SemTra:A Semi-Supervised Approach to Traffic Flow Labeling with Minimal Human Effort[J].Pattern Recognition,2019,91:1-12.
[27] LI T,CHEN S,YAO Z,et al.Semi-supervised network traffic classification using deep generative models[C]//2018 14th International Conference on Natural Computation,Fuzzy Systems and Knowledge Discovery(ICNC-FSKD).2018:1282-1288.
[28] SHI K.Research on Intrusion Detection Based on mutual information and semi supervised learning[J].Modern computer,2019(23):18-23.
[29] XIAN G.Cyber Intrusion Prevention for Large-Scale Semi-Supervised Deep Learning Based on Local and Non-Local Regularization[J].IEEE Access,2020,8:55526-55539.
[30] GAO Y,LIU Y,JIN Y,et al.A Novel Semi-Supervised Learning Approach for Network Intrusion Detection on Cloud-Based Robotic System[J].IEEE Access,2018,6:50927-50938.
[31] FAHADA A.A Semi-Stack Approach for Accurate NetworkTraffic Classification Using MultiView Stacking[J].IOP Conference Series:Materials Science and Engineering,2020,811(1):012026.
[32] GRIRA N,CRUCIANU M,BOUJEMAA N.Semi-SupervisedFuzzy Clustering with Pairwise-Constrained Competitive Agglomeration[C]//The 14th IEEE International Conference on Fuzzy Systems(FUZZ '05).IEEE,2005:867-872.
[33] DING Y.Research on Intrusion Prevention Technology Basedon PCA and semi supervised clustering [D].Zhenjiang:Jiangsu University of Science and Technology,2014.
[34] WANG Y,XIANG Y,ZHANG J,et al.Internet traffic clustering with side information[J].Journal of Computer and System Sciences,2014,80(5):1021-1036.
[35] LIN R Q,LI O,LI Q,et al.Identification method of unknown network protocol based on semi supervised clustering integration[J].Small Microcomputer System,2016(6):1234-1239.
[36] AL-JARRAH O Y,AL-HAMMDI Y,YOOP D,et al.Semi-supervised multi-layered clustering model for intrusion detection[J].Digital Communications and Networks,2018,4(4):277-286.
[37] GU Y,WANG Y,YANG Z,et al.Multiple-features-based semi-supervised clustering DDoS detection method[J].Mathematical Problemsin Engineering,2017,2017:1-10.
[38] GU Y,LI K,GUO Z,et al.Semi-supervised K-means DDoS Detection Method Using Hybrid Feature Selection Algorithm[J].IEEE Access,2019,7:64351-64365.
[39] YAO H,FU D,ZHANG P,et al.MSML:A Novel Multi-level Semi-supervised Machine Learning Framework for Intrusion Detection System[J].IEEE Internet of Things Journal,2018,6(2):1945-1959.
[40] RATHROE S,PARK J H.Semi-supervised learning baseddistributed attack detectionframewo-rk for IoT[J].Applied Soft Computing,2018,72:79-89.
[41] JIA W F,LI J,TONG B.Network intrusion detection method based on semi supervised dimension reduction technology[J].Computer Applications and Software,2013(10):133-135.
[42] XIANG Z,XIAO Z,HUANG Y,et al.Unsupervised and Semi-supervised Dimensionality Reduction with Self-Organizing Incremental Neural Network and Graph Similarity Constraints[C]//Pacific-Asia Conference on Knowledge Discovery and Data Mining.Cham:Springer,2016: 191-202.

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

Comments

Recommended 0

No Suggested Reading articles found!

Survey of Network Traffic Analysis Based on Semi Supervised Learning

PDF (PC)

Abstract

Cite this article

share this article

References

Related Articles 6

Metrics

Comments

Recommended 0

[1]	GUO Qi, CUI Jing-song. Covert Communication Method Based on Closed Source Streaming Media [J]. Computer Science, 2019, 46(9): 150-155.
[2]	YAN Ruo-yu. DDoS Attacks Detection Method Based on Traffic Matrix and Kalman Filter [J]. Computer Science, 2014, 41(3): 176-180.
[3]	CHEN Yi-ou,HU Jian-hao and LING Xiang. Self-similarity Analysis and Modeling for On-chip Traffic [J]. Computer Science, 2014, 41(12): 13-18.
[4]	. SVM Active Learning via Dynamic Version Space Division [J]. Computer Science, 2012, 39(7): 175-177.
[5]	. Classi行ing Communication Dispatch System Logs of Smart Grid Based on Active Semi-supervised Learning [J]. Computer Science, 2012, 39(12): 171-176.
[6]	LIU Ye-qing,LIU San-yang,GU Ming-tao. Polynomial Smooth Classification Algorithm of Semi-supervised Support Vector Machines [J]. Computer Science, 2009, 36(7): 179-181.