Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis
Network traffic analysis, and specifically anomaly and attack detection, call for sophisticated tools relying on a large number of features. Mathematical modeling is extremely difficult, given the ample variety of traffic patterns and the subtle and varied ways that malicious activity can be carried...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2022-11-01
|
Series: | Applied Sciences |
Subjects: | |
Online Access: | https://www.mdpi.com/2076-3417/12/21/11303 |
_version_ | 1797469147774320640 |
---|---|
author | Giuseppe Granato Alessio Martino Andrea Baiocchi Antonello Rizzi |
author_facet | Giuseppe Granato Alessio Martino Andrea Baiocchi Antonello Rizzi |
author_sort | Giuseppe Granato |
collection | DOAJ |
description | Network traffic analysis, and specifically anomaly and attack detection, call for sophisticated tools relying on a large number of features. Mathematical modeling is extremely difficult, given the ample variety of traffic patterns and the subtle and varied ways that malicious activity can be carried out in a network. We address this problem by exploiting data-driven modeling and computational intelligence techniques. Sequences of packets captured on the communication medium are considered, along with multi-label metadata. Graph-based modeling of the data are introduced, thus resorting to the powerful GRALG approach based on feature information granulation, identification of a representative alphabet, embedding and genetic optimization. The obtained classifier is evaluated both under accuracy and complexity for two different supervised problems and compared with state-of-the-art algorithms. We show that the proposed preprocessing strategy is able to describe higher level relations between data instances in the input domain, thus allowing the algorithms to suitably reconstruct the structure of the input domain itself. Furthermore, the considered Granular Computing approach is able to extract knowledge on multiple semantic levels, thus effectively describing anomalies as subgraphs-based symbols of the whole network graph, in a specific time interval. Interesting performances can thus be achieved in identifying network traffic patterns, in spite of the complexity of the considered traffic classes. |
first_indexed | 2024-03-09T19:17:21Z |
format | Article |
id | doaj.art-a1fe844014c743c5bfb5ca044b0cc987 |
institution | Directory Open Access Journal |
issn | 2076-3417 |
language | English |
last_indexed | 2024-03-09T19:17:21Z |
publishDate | 2022-11-01 |
publisher | MDPI AG |
record_format | Article |
series | Applied Sciences |
spelling | doaj.art-a1fe844014c743c5bfb5ca044b0cc9872023-11-24T03:41:25ZengMDPI AGApplied Sciences2076-34172022-11-0112211130310.3390/app122111303Graph-Based Multi-Label Classification for WiFi Network Traffic AnalysisGiuseppe Granato0Alessio Martino1Andrea Baiocchi2Antonello Rizzi3Department of Information Engineering, Electronics and Telecommunications, University of Rome “La Sapienza”, Via Eudossiana 32, 00184 Rome, ItalyDepartment of Business and Management, LUISS University, Viale Romania 32, 00197 Rome, ItalyDepartment of Information Engineering, Electronics and Telecommunications, University of Rome “La Sapienza”, Via Eudossiana 32, 00184 Rome, ItalyDepartment of Information Engineering, Electronics and Telecommunications, University of Rome “La Sapienza”, Via Eudossiana 32, 00184 Rome, ItalyNetwork traffic analysis, and specifically anomaly and attack detection, call for sophisticated tools relying on a large number of features. Mathematical modeling is extremely difficult, given the ample variety of traffic patterns and the subtle and varied ways that malicious activity can be carried out in a network. We address this problem by exploiting data-driven modeling and computational intelligence techniques. Sequences of packets captured on the communication medium are considered, along with multi-label metadata. Graph-based modeling of the data are introduced, thus resorting to the powerful GRALG approach based on feature information granulation, identification of a representative alphabet, embedding and genetic optimization. The obtained classifier is evaluated both under accuracy and complexity for two different supervised problems and compared with state-of-the-art algorithms. We show that the proposed preprocessing strategy is able to describe higher level relations between data instances in the input domain, thus allowing the algorithms to suitably reconstruct the structure of the input domain itself. Furthermore, the considered Granular Computing approach is able to extract knowledge on multiple semantic levels, thus effectively describing anomalies as subgraphs-based symbols of the whole network graph, in a specific time interval. Interesting performances can thus be achieved in identifying network traffic patterns, in spite of the complexity of the considered traffic classes.https://www.mdpi.com/2076-3417/12/21/11303machine learningcommunication networksgranular computingIEEE 802.11graphssequences |
spellingShingle | Giuseppe Granato Alessio Martino Andrea Baiocchi Antonello Rizzi Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis Applied Sciences machine learning communication networks granular computing IEEE 802.11 graphs sequences |
title | Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis |
title_full | Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis |
title_fullStr | Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis |
title_full_unstemmed | Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis |
title_short | Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis |
title_sort | graph based multi label classification for wifi network traffic analysis |
topic | machine learning communication networks granular computing IEEE 802.11 graphs sequences |
url | https://www.mdpi.com/2076-3417/12/21/11303 |
work_keys_str_mv | AT giuseppegranato graphbasedmultilabelclassificationforwifinetworktrafficanalysis AT alessiomartino graphbasedmultilabelclassificationforwifinetworktrafficanalysis AT andreabaiocchi graphbasedmultilabelclassificationforwifinetworktrafficanalysis AT antonellorizzi graphbasedmultilabelclassificationforwifinetworktrafficanalysis |