DocumentCode :
154251
Title :
Can We Identify NAT Behavior by Analyzing Traffic Flows?
Author :
Gokcen, Yasemin ; Foroushani, Vahid Aghaei ; Heywood, A. Nur Zincir
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
fYear :
2014
fDate :
17-18 May 2014
Firstpage :
132
Lastpage :
139
Abstract :
It is shown in the literature that network address translation devices have become a convenient way to hide the source of malicious behaviors. In this research, we explore how far we can push a machine learning (ML) approach to identify such behaviors using only network flows. We evaluate our proposed approach on different traffic data sets against passive fingerprinting approaches and show that the performance of a machine learning approach is very promising even without using any payload (application layer) information.
Keywords :
Internet; learning (artificial intelligence); telecommunication traffic; NAT behavior; machine learning; malicious behaviors; network address translation devices; passive fingerprinting approach; payload information; traffic flows; Browsers; Classification algorithms; Computers; Fingerprint recognition; IP networks; Internet; Payloads; Network address translation classification; machine learning; traffic analysis; traffic flows;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Security and Privacy Workshops (SPW), 2014 IEEE
Conference_Location :
San Jose, CA
Type :
conf
DOI :
10.1109/SPW.2014.28
Filename :
6957296
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=154251
بازگشت