论文信息 - REGENT: A Framework for Realistic Generation of Network Traffic

REGENT: A Framework for Realistic Generation of Network Traffic

Network security research is highly dependent on traffic datasets. Fair and comprehensive analysis as well as performance evaluations of different solutions for problems such as detections of intrusions, anomalies and attacks, requires traffic traces that closely resemble data from operational network. Currently available datasets are either getting obsolete with time, or lacking important information such as ground truth of data and payloads in the traffic. While making little compromises, an alternate solution to this problem is to generate traffic data. However, care has to be taken that such a solution is capable to cope up with the changing characteristics of traffic; more generally, it should be flexible enough to generate traffic with specific characteristics as required by a user. In this work, we develop a framework for realistic generation of network traffic, called REGENT, which takes traffic models as input. In REGENT, different protocols generate real traffic independently, and based on the specific models (such as distribution for inter-arrival time between connections, distribution for connection size, etc.) provided by a user. We conduct experiments wherein REGENT takes protocol models as input, and generates real traffic as output. Using analysis, we show that the characteristics of the generated traffic (protocols) are close to the models specified as input.

Li Ling Ko | Dinil Mon Divakaran | Yung Siang Liau | Vrizlynn L. L. Thing | Kar Wai Fok

[1] Phuoc Tran-Gia,et al. An HTTP web traffic model based on the top one million visited web pages , 2012, Proceedings of the 8th Euro-NF Conference on Next Generation Internet NGI 2012.

[2] Ali A. Ghorbani,et al. Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[3] Doreid Ammar,et al. A new tool for generating realistic internet traffic in NS-3 , 2011, SimuTools.

[4] Amir R. Khakpour,et al. An Information-Theoretical Approach to High-Speed Flow Nature Identification , 2013, IEEE/ACM Transactions on Networking.

[5] James P. G. Sterbenz,et al. Transactional traffic generator implementation in ns-3 , 2013, SimuTools.

[6] Pere Barlet-Ros,et al. Extended Independent Comparison of Popular Deep Packet Inspection (DPI) Tools for Traffic Classification , 2014 .

[7] Galit Shmueli,et al. Research Commentary - Too Big to Fail: Large Samples and the p-Value Problem , 2013, Inf. Syst. Res..

[8] Vivek S. Pai,et al. Towards understanding modern web traffic , 2011, SIGMETRICS '11.

[9] George F. Riley,et al. The ns-3 Network Simulator , 2010, Modeling and Tools for Network Simulation.