Back close

Evaluating Shallow and Deep Networks for Secure Shell (ssh)Taffic Analysis

Publication Type : Conference Paper

Publisher : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI)

Source : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (2017)

Keywords : Computer architecture, Cryptography, deep learning mechanisms, dynamic temporal dependencies, flow based mechanism, Internet, learning (artificial intelligence), long short-term memory (LSTM), lticlass classification settings, modified RNN, neural net architecture, Pattern classification, Payloads, Ports (Computers), Protocols, recurrent neural nets, Recurrent neural network (RNN), Recurrent neural networks, secure shell traffic analysis, short-term memory mechanism, SSH, telecommunication computing, Traffic Classification

Campus : Coimbatore

School : School of Engineering

Center : Computational Engineering and Networking, Electronics Communication and Instrumentation Forum (ECIF)

Department : Computer Science, Electronics and Communication

Verified : Yes

Year : 2017

Abstract : The family of recurrent neural network (RNN) mechanisms are largely used for the various tasks in natural language processing, speech recognition, image processing and many others due to they established as a powerful mechanism to capture dynamic temporal behaviors in arbitrary length of large-scale sequence data. This paper attempts to know the effectiveness of various RNN mechanisms on the traffic classification specifically for Secure Shell (SSH) protocol by modeling the feature sets of statistical flows as time-series obtained from various public and private traces. These traces are from NIMS (Network Information Management and Security Group), DARPA (Defense Advanced Research Projects Agency) 1999 Week1, DARPA 1999 Week3, MAWI (Measurement and Analysis on the WIDE Internet), and NLANR (National Laboratory for Applied Network Research) Active Measurement Project (AMP). A various configurations of network topologies, network parameters and network structures are used for family of RNN architectures to identify an optimal architecture. The experiments are run up to 1000 epochs with learning rate in the range [0.01-05] on both the binary and multiclass classification settings. RNN mechanisms have performed well in comparison to the other classical machine learning algorithms. Moreover, long short-term memory (LSTM) mechanism is a modified RNN, as achieved highest accuracy in cross-validation and testing of binary and multi-class classification cases. The background reason to that is, RNN mechanisms have capability to capture the dynamic temporal dependencies by storing information and updating them, when it is necessary across time-steps.

Cite this Research Publication : R. Vinayakumar, Dr. Soman K. P., and Poornachandran, P., “Evaluating Shallow and Deep Networks for Secure Shell (ssh)Taffic Analysis”, in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017.

Admissions Apply Now