Applying an Improved Dung Beetle Optimizer Algorithm to Network Traffic Identification

Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexity,leading to practical problems in traffic identification data analytics.Since the original Dung Beetle Optimizer(DBO)algorithm,Grey Wolf Optimization(GWO)algorithm,Whale Optimization Algorithm(WOA),and Particle Swarm Optimization(PSO)algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution,an Improved Dung Beetle Optimizer(IDBO)algorithm is proposed for network traffic identification.Firstly,the Sobol sequence is utilized to initialize the dung beetle population,laying the foundation for finding the global optimal solution.Next,an integration of levy flight and golden sine strategy is suggested to give dung beetles a greater probability of exploring unvisited areas,escaping from the local optimal solution,and converging more effectively towards a global optimal solution.Finally,an adaptive weight factor is utilized to enhance the search capabilities of the original DBO algorithm and accelerate convergence.With the improvements above,the proposed IDBO algorithm is then applied to traffic identification data analytics and feature selection,as so to find the optimal subset for K-Nearest Neighbor(KNN)classification.The simulation experiments use the CICIDS2017 dataset to verify the effectiveness of the proposed IDBO algorithm and compare it with the original DBO,GWO,WOA,and PSO algorithms.The experimental results show that,compared with other algorithms,the accuracy and recall are improved by 1.53%and 0.88%in binary classification,and the Distributed Denial of Service(DDoS)class identification is the most effective in multi-classification,with an improvement of 5.80%and 0.33%for accuracy and recall,respectively.Therefore,the proposed IDBO algorithm is effective in increasing the efficiency of traffic identification and solving the problem of the original DBO algorithm that converges slowly and falls into the local optimal solution when dealing with high-dimensional data analytics and feature selection for network traffic identification.

An Improved Jump Spider Optimization for Network Traffic Identification Feature Selection

The massive influx of traffic on the Internet has made the composition of web traffic increasingly complex.Traditional port-based or protocol-based network traffic identification methods are no longer suitable for today’s complex and changing networks.Recently,machine learning has beenwidely applied to network traffic recognition.Still,high-dimensional features and redundant data in network traffic can lead to slow convergence problems and low identification accuracy of network traffic recognition algorithms.Taking advantage of the faster optimizationseeking capability of the jumping spider optimization algorithm(JSOA),this paper proposes a jumping spider optimization algorithmthat incorporates the harris hawk optimization(HHO)and small hole imaging(HHJSOA).We use it in network traffic identification feature selection.First,the method incorporates the HHO escape energy factor and the hard siege strategy to forma newsearch strategy for HHJSOA.This location update strategy enhances the search range of the optimal solution of HHJSOA.We use small hole imaging to update the inferior individual.Next,the feature selection problem is coded to propose a jumping spiders individual coding scheme.Multiple iterations of the HHJSOA algorithmfind the optimal individual used as the selected feature for KNN classification.Finally,we validate the classification accuracy and performance of the HHJSOA algorithm using the UNSW-NB15 dataset and KDD99 dataset.Experimental results show that compared with other algorithms for the UNSW-NB15 dataset,the improvement is at least 0.0705,0.00147,and 1 on the accuracy,fitness value,and the number of features.In addition,compared with other feature selectionmethods for the same datasets,the proposed algorithmhas faster convergence,better merit-seeking,and robustness.Therefore,HHJSOAcan improve the classification accuracy and solve the problem that the network traffic recognition algorithm needs to be faster to converge and easily fall into local optimum due to high-dimensional features.

A Novel P2P Traffic Identification Algorithm Based on BPSO and Weighted KNN

Peer-to-Peer technology is one of the most popular techniques nowadays,and it brings some security issues,so the recognition and management of P2P applications on the internet is becoming much more important. The selection of protocol features is significant to the problem of P2P traffic identification. To overcome the shortcomings of current methods,a new P2P traffic identification algorithm is proposed in this paper. First of all,a detailed statistics of traffic flows on internet is calculated. Secondly,the best feature subset is chosen by binary particle swarm optimization. Finally,every feature in the subset is given a proper weight. In this paper,TCP flows and UDP flows each have a respective feature space,for this is advantageous to traffic identification. The experimental results show that this algorithm could choose the best feature subset effectively,and the identification accuracy is improved by the method of feature weighting.

A novel internet traffic identification approach using wavelet packet decomposition and neural network

Internet traffic classification plays an important role in network management, and many approaches have been proposed to classify different kinds of internet traffics. A novel approach was proposed to classify network applications by optimized back-propagation (BP) neural network. Particle swarm optimization (PSO) algorithm was used to optimize the BP neural network. And in order to increase the identification performance, wavelet packet decomposition (WPD) was used to extract several hidden features from the time-frequency information of network traffic. The experimental results show that the average classification accuracy of various network applications can reach 97%. Moreover, this approach optimized by BP neural network takes 50% of the training time compared with the traditional neural network.

Online Internet Traffic Identification Algorithm Based on Multistage Classifier

Internet traffic classification plays an important role in network management. Many approaches have been proposed to clas-sify different categories of Internet traffic. However, these approaches have specific us-age contexts that restrict their ability when they are applied in the current network envi-ronment. For example, the port based ap-proach cannot identify network applications with dynamic ports; the deep packet inspec-tion approach is invalid for encrypted network applications; and the statistical based approach is time-onsuming. In this paper, a novel tech-nique is proposed to classify different catego-ries of network applications. The port based, deep packet inspection based and statistical based approaches are integrated as a multi-stage classifier. The experimental results demonstrate that this approach has high rec-ognition rate which is up to 98% and good performance of real-time for traffic identifica-tion.

Research on Traffic Identification Technologies for Peer-to-Peer Networks

The Peer-to-Peer(P2P)network traffic identification technology includes Transport Layer Identification(TLI)and Deep Packet Inspection(DPI)methods.By analyzing packets of the transport layer and the traffic characteristic in the P2P system,TLI can identify whether or not the network data flow belongs to the P2P system.The DPI method adopts protocol analysis technology and reverting technology.It picks up data from the P2P application layer and analyzes the characteristics of the payload to judge if the network traffic belongs to P2P applications.Due to its accuracy,robustness and classifying ability,DPI is the main method used to identify P2P traffic.Adopting the advantages of TLI and DPI,a precise and efficient technology for P2P network traffic identification can be designed.

Timely traffic identification on P2P streaming media

Since the year of 2006, peer-to-peer （P2P） streaming media service has been developing rapidly, the user scale and income scale achieve synchronous growth. However, while people enjoying the benefits of the distributed resources, a great deal of network bandwidth is consumed at the same time. Research on P2P streaming traffic characteristics and identification is essential to Internet service providers （ISPs） in terms of network planning and resource allocation. In this paper, we introduce the current common P2P traffic detection technology, and analyze the payload length distribution and payload length pattern in one flow of four popular P2P streaming media applications. Combining with the deep flow inspection and machine learning algorithm, a nearly real-time The experiments proved that this approach can achieve a high identification approach for P2P streaming media is proposed. accuracy with low false positives.

An early recognition algorithm for BitTorrent traffic based on improved K-means

In response to the deficiencies of BitTorrent, the concept of density radius was proposed, and the distance from the maximum point of radius density to cluster center as a cluster radius was taken to solve the too large cluster radius resulted from the discrete points and to reduce the false positive rate of early recognition algorithms. Simulation results show that in the actual network environment, the improved algorithm, compared with K-means, will reduce the false positive rate of early identification algorithm from 6.3% to 0.9% and has a higher operational efficiency.

Payload Encoding Representation from Transformer for Encrypted Traffic Classification

Traffic identification becomes more important,yet more challenging as related encryption techniques are rapidly developing nowadays.Unlike recent deep learning methods that apply image processing to solve such encrypted traffic problems,in this pa⁃per,we propose a method named Payload Encoding Representation from Transformer(PERT)to perform automatic traffic feature extraction using a state-of-the-art dynamic word embedding technique.By implementing traffic classification experiments on a pub⁃lic encrypted traffic data set and our captured Android HTTPS traffic,we prove the pro⁃posed method can achieve an obvious better effectiveness than other compared baselines.To the best of our knowledge,this is the first time the encrypted traffic classification with the dynamic word embedding has been addressed.

PROBE:NOISE-AND-ROTATION RESISTANCE OF HOPFIELD NEURAL NETWORK IN IMAGED TRAFFIC SIGN RECALL

This paper examines the noise and rotation resistance capacity of Hopfield Neural Network （HNN） given four corrupted traffic sign images. In the study, Signal-to-Noise Ratio （SNR）, recall rate and pattern complexity are defined and employed to evaluate the recall performance. The experimental results indicate that the HNN possesses significant recall capacity against the strong noise corruption, and certain restoring competence to the rotation. It is also found that combining noise with rotation does not further challenge the HNN corruption resistance capability as the noise or rotation alone does.

Exposure measurement, risk assessment and source identification for exposure of traffic assistants to particle-bound PAHs in Tianjin, China

To investigate the levels of exposure to particulate-bound polycyclic aromatic hydrocarbon （PAH） and to estimate the risk these levels pose to traffic assistants （TAs） in Tianjin （a rnegacity in North China）, a measurement campaign （33 all-day exposure samples, 25 occupational-exposure samples and 10 indoor samples） was conducted to characterize the TAs＇ exposure to PAHs, assess the cancer risk and identify the potential sources of exposure. The average total exposure concentration of 14 PAHs was approximately 2871 ＋ 928 ng/rn3 （on-duty）, and 1622 ＋ 457 ng/m3 （all-day）. The indoor PAHs level was 1257 ＋ 107 ng/m3. After 8000 Monte Carlo simulations, the cancer risk resulting from exposure to PAHs was found to be approximately 1.05 x 10-4. A multivariate analysis was applied to identify the potential sources, and the results showed that, in addition to vehicle exhaust, coal combustion and cooking fumes were also another two important contributors to personal PAH exposure. The diagnostic ratios of PAH compounds agree with the source apportionment results derived from principal component analysis.

AI-based modeling and data-driven identification of moving load on continuous beams

Traffic load identification for bridges is of great significance for overloaded vehicle control as well as the structural management and maintenance in bridge engineering.Unlike the conventional load identification methods that always encounter problems of ill-condition and difficulties in identifying multi parameters simultaneously when solving the motion equations inversely,a novel strategy is proposed based on smart sensing combing intelligent algorithm for real-time traffic load monitoring.An array of lead zirconium titanate sensors is applied to capture the dynamic responses of a beam bridge,while the Long Short-Term Memory(LSTM)neural network is employed to establish the mapping relations between the dynamic responses of the bridge and the traffic load through data mining.The results reveal that,with the real-time strain responses fed into the LSTM network,the speed and magnitude of the moving load may be identified simultaneously with high accuracy when compared to the practically applied load.The current method may facilitate highly efficient identification of the time-varying characteristics of moving loads and may provide a useful tool for long-term traffic load monitoring and traffic control for in-service bridges.

Identifying file-sharing P2P traffic based on traffic characteristics

This article focuses on identifying file-sharing peer-to-peer （P2P） （such as BitTorrent （BT）） traffic at the borders of a stub network. By analyzing protocols and traffic of applications, it is found that file-sharing P2P traffic of a single user differs greatly from traditional and other P2P （such as QQ） applications＇ traffic in the distribution of involved remote hosts and remote ports. Therefore, a method based on discreteness of remote hosts （RHD） and discreteness of remote ports （RPD） is proposed to identify BT-like traffic. This method only relies on flow information of each user host in a stub network, and no packet payload needs to be monitored. At intervals, instant RHD for concurrent transmission control protocol and user datagram protocol flows for each host are calculated respectively through grouping flows by the stub network that the remote host of each flow belongs to. On given conditions, instant RPD are calculated through grouping flows by the remote port to amend instant RHD. Whether a host has been using a BT-like application or not can be deduced from instant RHD or average RHD for a period of time. The proposed method based on traffic characteristics is more suitable for identifying protean file-sharing P2P traffic than content-based methods Experimental results show that this method is effective with high accuracy.