Advancing Network Flow Information Using Collaborative Filtering

Collaborative Filtering algorithms are frequently employed in e-commerce. However, this kind of algorithms can also be useful in other domains. In an information system thousands of bytes are sent through the network every second. Analyzing this data can require too much time and many resources, but it is necessary for ensuring the right operation of the network. Results are used for profiling, security analysis, traffic engineering and many other purposes. Nowadays, as a complement to a deep inspection of the data, it is more and more common to monitor packet flows, since it consumes less resources and it allows to react faster to any network situation. In a typical ow monitoring system, flows are exported to a collector, which stores the information before being analyzed. However, many collectors work based on time slots, so they do not analyze the flows when they are just received, generating a delay. In this work we demonstrate how Collaborative Filtering algorithms can be applied to this new domain. ...

[1]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[2]  Poo Kuan Hoong,et al.  Bittorrent Network Traffic Forecasting With ARMA , 2012, ArXiv.

[3]  Aiko Pras,et al.  Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX , 2014, IEEE Communications Surveys & Tutorials.

[4]  Masayuki Murata,et al.  Traffic prediction for dynamic traffic engineering , 2015, Comput. Networks.

[5]  Jonathan L. Herlocker,et al.  Evaluating collaborative filtering recommender systems , 2004, TOIS.

[6]  Victor Lopez,et al.  Virtual network topology adaptability based on data analytics for traffic prediction , 2017, IEEE/OSA Journal of Optical Communications and Networking.

[7]  Aiko Pras,et al.  An Overview of IP Flow-Based Intrusion Detection , 2010, IEEE Communications Surveys & Tutorials.

[8]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[9]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[10]  Elsayed A. Sallam,et al.  A hybrid network intrusion detection framework based on random forests and weighted k-means , 2013 .

[11]  Mohamed Faten Zhani,et al.  Analysis and Prediction of Real Network Traffic , 2009, J. Networks.

[12]  Douglas B. Terry,et al.  Using collaborative filtering to weave an information tapestry , 1992, CACM.

[13]  Christie I. Ezeife,et al.  SensorWebIDS: a web mining intrusion detection system , 2008, Int. J. Web Inf. Syst..

[14]  Diego Fernández,et al.  Comparison of collaborative filtering algorithms , 2011, ACM Trans. Web.

[15]  Jilali Antari,et al.  Identification and Prediction of Internet Traffic Using Artificial Neural Networks , 2010, J. Intell. Learn. Syst. Appl..

[16]  Juan E. Tapiador,et al.  Measuring normality in HTTP traffic for anomaly-based intrusion detection , 2004, Comput. Networks.