A Frontier: Dependable, Reliable and Secure Machine Learning for Network/System Management

Modern networks and systems pose many challenges to traditional management approaches. Not only the number of devices and the volume of network traffic are increasing exponentially, but also new network protocols and technologies require new techniques and strategies for monitoring controlling and managing up and coming networks and systems. Moreover, machine learning has recently found its successful applications in many fields due to its capability to learn from data to automatically infer patterns for network analytics. Thus, the deployment of machine learning in network and system management has become imminent. This work provides a review of the applications of machine learning in network and system management. Based on this review, we aim to present the current opportunities and challenges in and highlight the need for dependable, reliable and secure machine learning for network and system management.

[1]  Kevin S. Chan,et al.  Network Traffic Obfuscation: An Adversarial Machine Learning Approach , 2018, MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM).

[2]  Malcolm I. Heywood,et al.  Data analytics on network traffic flows for botnet behaviour detection , 2016, 2016 IEEE Symposium Series on Computational Intelligence (SSCI).

[3]  Sebastian Zander,et al.  A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification , 2006, CCRV.

[4]  Guofei Gu,et al.  Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems , 2006, Sixth International Conference on Data Mining (ICDM'06).

[5]  Malcolm I. Heywood,et al.  On botnet detection with genetic programming under streaming data, label budgets and class imbalance , 2017, Swarm Evol. Comput..

[6]  Jeffrey G. Andrews,et al.  Reinforcement Learning for Self Organization and Power Control of Two-Tier Heterogeneous Networks , 2018, IEEE Transactions on Wireless Communications.

[7]  Renata Teixeira,et al.  Early Recognition of Encrypted Applications , 2007, PAM.

[8]  Hassan Hajji,et al.  Statistical analysis of network traffic for adaptive faults detection , 2005, IEEE Transactions on Neural Networks.

[9]  Sateesh K. Peddoju,et al.  HIDS: A host based intrusion detection system for cloud computing environment , 2014, International Journal of System Assurance Engineering and Management.

[10]  Riyad Alshammari,et al.  Machine learning based encrypted traffic classification: Identifying SSH and Skype , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[11]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[12]  Riyad Alshammari,et al.  Can encrypted traffic be identified without port numbers, IP addresses and payload inspection? , 2011, Comput. Networks.

[13]  Yang Yang,et al.  A Supervised Learning Based QoS Assurance Architecture for 5G Networks , 2019, IEEE Access.

[14]  Nei Kato,et al.  State-of-the-Art Deep Learning: Evolving Machine Intelligence Toward Tomorrow’s Intelligent Network Traffic Control Systems , 2017, IEEE Communications Surveys & Tutorials.

[15]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[16]  Been Kim,et al.  Interactive and interpretable machine learning models for human machine collaboration , 2015 .

[17]  Karl Aberer,et al.  Robust Online Time Series Prediction with Recurrent Neural Networks , 2016, 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA).

[18]  Balakrishna J. Prabhu,et al.  Joint Minimization of Monitoring Cost and Delay in Overlay Networks: Optimal Policies with a Markovian Approach , 2018, Journal of Network and Systems Management.

[19]  Duc C. Le,et al.  Machine learning based Insider Threat Modelling and Detection , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[20]  Antonio Pescapè,et al.  A cascade architecture for DoS attacks detection based on the wavelet transform , 2009, J. Comput. Secur..

[21]  A. Nur Zincir-Heywood,et al.  An Artificial Arms Race: Could it Improve Mobile Malware Detectors? , 2018, 2018 Network Traffic Measurement and Analysis Conference (TMA).

[22]  Xin Wang,et al.  Machine Learning for Networking: Workflow, Advances and Opportunities , 2017, IEEE Network.

[23]  Shenglin Zhang,et al.  PreFix: Switch Failure Prediction in Datacenter Networks , 2018, Proc. ACM Meas. Anal. Comput. Syst..

[24]  F. Richard Yu,et al.  A Survey of Machine Learning Techniques Applied to Software Defined Networking (SDN): Research Issues and Challenges , 2019, IEEE Communications Surveys & Tutorials.

[25]  Malcolm I. Heywood,et al.  Genetic optimization and hierarchical clustering applied to encrypted traffic identification , 2011, 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[26]  Moazzam Islam Tiwana,et al.  A Novel Framework of Automated RRM for LTE SON Using Data Mining: Application to LTE Mobility , 2013, Journal of Network and Systems Management.

[27]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[28]  Sumeet Dua,et al.  Data Mining and Machine Learning in Cybersecurity , 2011 .

[29]  Walmir M. Caminhas,et al.  A review of machine learning approaches to Spam filtering , 2009, Expert Syst. Appl..

[30]  Lorenza Giupponi,et al.  From 4G to 5G: Self-organized Network Management meets Machine Learning , 2017, Comput. Commun..

[31]  Arsalan Darbandi,et al.  Enabling proactive self-healing by data mining network failure logs , 2017, 2017 International Conference on Computing, Networking and Communications (ICNC).

[32]  Judith Kelner,et al.  A Survey on Internet Traffic Identification , 2009, IEEE Communications Surveys & Tutorials.

[33]  A. Nur Zincir-Heywood,et al.  Benchmarking the Effect of Flow Exporters and Protocol Filters on Botnet Traffic Classification , 2016, IEEE Systems Journal.

[34]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[35]  Rudolf Mathar,et al.  Deep Reinforcement Learning based Resource Allocation in Low Latency Edge Computing Networks , 2018, 2018 15th International Symposium on Wireless Communication Systems (ISWCS).

[36]  Manuel López Martín,et al.  Application of deep reinforcement learning to intrusion detection for supervised problems , 2020, Expert Syst. Appl..

[37]  A. Nur Zincir-Heywood,et al.  Exploring NAT Detection and Host Identification Using Machine Learning , 2019, 2019 15th International Conference on Network and Service Management (CNSM).

[38]  Min Luo,et al.  A Framework for QoS-aware Traffic Classification Using Semi-supervised Machine Learning in SDNs , 2016, 2016 IEEE International Conference on Services Computing (SCC).

[39]  Duc C. Le,et al.  Evaluating Insider Threat Detection Workflow Using Supervised and Unsupervised Learning , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[40]  Hee-Gon Kim,et al.  Machine Learning-Based Method for Prediction of Virtual Network Function Resource Demands , 2019, 2019 IEEE Conference on Network Softwarization (NetSoft).

[41]  Marília Curado,et al.  Performance Analysis of Network Traffic Predictors in the Cloud , 2016, Journal of Network and Systems Management.

[42]  Aiko Pras,et al.  Flow-Based Web Application Brute-Force Attack and Compromise Detection , 2017, Journal of Network and Systems Management.

[43]  Dechang Pi,et al.  HML-IDS: A Hybrid-Multilevel Anomaly Prediction Approach for Intrusion Detection in SCADA Systems , 2019, IEEE Access.

[44]  Srikanth Kandula,et al.  Resource Management with Deep Reinforcement Learning , 2016, HotNets.

[45]  Mohammed J. Zaki,et al.  ADMIT: anomaly-based data mining for intrusions , 2002, KDD.

[46]  Duc C. Le,et al.  Learning From Evolving Network Data for Dependable Botnet Detection , 2019, 2019 15th International Conference on Network and Service Management (CNSM).

[47]  Blake Anderson,et al.  Machine Learning for Encrypted Malware Traffic Classification: Accounting for Noisy Labels and Non-Stationarity , 2017, KDD.

[48]  A. Nur Zincir-Heywood,et al.  On evolutionary computation for moving target defense in software defined networks , 2017, GECCO.

[49]  M. Kubát An Introduction to Machine Learning , 2017, Springer International Publishing.

[50]  Pavel Celeda,et al.  A survey of methods for encrypted traffic classification and analysis , 2015, Int. J. Netw. Manag..

[51]  Andrew W. Moore,et al.  Reinforcement Learning: A Survey , 1996, J. Artif. Intell. Res..

[52]  Charu C. Aggarwal,et al.  Outlier Analysis , 2013, Springer New York.

[53]  Roksana Boreli,et al.  A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[54]  Malcolm I. Heywood Evolutionary model building under streaming data for classification tasks: opportunities and challenges , 2014, Genetic Programming and Evolvable Machines.

[55]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[56]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[57]  Evangelos E. Milios,et al.  Investigating event log analysis with minimum apriori information , 2013, 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013).

[58]  Paul Barford,et al.  A Machine Learning Approach to TCP Throughput Prediction , 2007, IEEE/ACM Transactions on Networking.

[59]  Christoph Hardegen,et al.  Flow-based Throughput Prediction using Deep Learning and Real-World Network Traffic , 2019, 2019 15th International Conference on Network and Service Management (CNSM).

[60]  Christopher Krügel,et al.  BotFinder: finding bots in network traffic without deep packet inspection , 2012, CoNEXT '12.

[61]  Said M. Easa,et al.  Supervised Weighting-Online Learning Algorithm for Short-Term Traffic Flow Prediction , 2013, IEEE Transactions on Intelligent Transportation Systems.

[62]  Peter Richtárik,et al.  Federated Learning: Strategies for Improving Communication Efficiency , 2016, ArXiv.

[63]  SommersJoel,et al.  A machine learning approach to TCP throughput prediction , 2007 .

[64]  Michael Langberg,et al.  Realtime Classification for Encrypted Traffic , 2010, SEA.

[65]  Ananthram Swami,et al.  The Limitations of Deep Learning in Adversarial Settings , 2015, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[66]  Riyad Alshammari,et al.  A flow based approach for SSH traffic detection , 2007, 2007 IEEE International Conference on Systems, Man and Cybernetics.

[67]  Zibin Zheng,et al.  Adaptive and Dynamic Service Composition via Multi-agent Reinforcement Learning , 2014, 2014 IEEE International Conference on Web Services.

[68]  Malcolm I. Heywood,et al.  Evolutionary computation as an artificial attacker: generating evasion attacks for detector vulnerability testing , 2011, Evol. Intell..

[69]  Hui Wang,et al.  A clustering-based method for unsupervised intrusion detections , 2006, Pattern Recognit. Lett..

[70]  Brian L. Evans,et al.  Deep Q-Learning for Self-Organizing Networks Fault Management and Radio Performance Improvement , 2017, 2018 52nd Asilomar Conference on Signals, Systems, and Computers.

[71]  Kalyan Veeramachaneni,et al.  AI^2: Training a Big Data Machine to Defend , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).

[72]  Dongsheng Wang,et al.  An Novel Hybrid Method for Effectively Classifying Encrypted Traffic , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[73]  Karwan Qader The computer network faults classification using a novel hybrid classifier , 2019 .

[74]  Abdallah Shami,et al.  Machine Learning Aided Scheme for Load Balancing in Dense IoT Networks , 2018, Sensors.

[75]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[76]  David Evans,et al.  Evaluating Differentially Private Machine Learning in Practice , 2019, USENIX Security Symposium.

[77]  Yuval Elovici,et al.  ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis , 2017, SAC.

[78]  Rolf Stadler,et al.  Performance Prediction in Dynamic Clouds using Transfer Learning , 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[79]  Kenji Yamanishi,et al.  Dynamic syslog mining for network failure monitoring , 2005, KDD '05.

[80]  Antonio Pescapè,et al.  Anonymity Services Tor, I2P, JonDonym: Classifying in the Dark , 2017, 2017 29th International Teletraffic Congress (ITC 29).

[81]  Yonghua Zhou,et al.  Distributed coordination control of traffic network flow using adaptive genetic algorithm based on cloud computing , 2018, J. Netw. Comput. Appl..

[82]  Duc C. Le,et al.  Big Data in Network Anomaly Detection , 2019, Encyclopedia of Big Data Technologies.

[83]  Michael L. Littman,et al.  Packet Routing in Dynamically Changing Networks: A Reinforcement Learning Approach , 1993, NIPS.

[84]  Julong Lan,et al.  QoS-aware Traffic Classification Architecture Using Machine Learning and Deep Packet Inspection in SDNs , 2018 .

[85]  Igor Cialenco,et al.  Asymptotic Properties of the Maximum Likelihood Estimator for Stochastic Parabolic Equations with Additive Fractional Brownian Motion , 2008, 0804.0407.

[86]  Qiang Yang,et al.  A Survey on Transfer Learning , 2010, IEEE Transactions on Knowledge and Data Engineering.

[87]  Jong-Min Kim,et al.  A load balancing scheme based on deep-learning in IoT , 2017, Cluster Computing.

[88]  Raouf Boutaba,et al.  A comprehensive survey on machine learning for networking: evolution, applications and research opportunities , 2018, Journal of Internet Services and Applications.

[89]  Jason R. C. Nurse,et al.  A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models , 2016, MIST@CCS.

[90]  Bernardi Pranggono,et al.  Machine learning based intrusion detection system for software defined networks , 2017, 2017 Seventh International Conference on Emerging Security Technologies (EST).

[91]  Dafna Shahaf,et al.  Learning to Route , 2017, HotNets.

[92]  Panos J. Antsaklis,et al.  A Data-driven Adaptive Controller Reconfiguration for Fault Mitigation: A Passivity Approach , 2019, 2019 27th Mediterranean Conference on Control and Automation (MED).

[93]  Grenville J. Armitage,et al.  A survey of techniques for internet traffic classification using machine learning , 2008, IEEE Communications Surveys & Tutorials.

[94]  Aleksander Madry,et al.  Towards Deep Learning Models Resistant to Adversarial Attacks , 2017, ICLR.

[95]  Mamun Bin Ibne Reaz,et al.  A novel SVM-kNN-PSO ensemble method for intrusion detection system , 2016, Appl. Soft Comput..

[96]  Michalis Faloutsos,et al.  Internet traffic classification demystified: myths, caveats, and the best practices , 2008, CoNEXT '08.

[97]  Marco Mellia,et al.  A Survey on Big Data for Network Traffic Monitoring and Analysis , 2019, IEEE Transactions on Network and Service Management.

[98]  Michael I. Jordan,et al.  Failure diagnosis using decision trees , 2004 .

[99]  Waleed Meleis,et al.  QTCP: Adaptive Congestion Control with Reinforcement Learning , 2019, IEEE Transactions on Network Science and Engineering.

[100]  Sailik Sengupta,et al.  MTDeep: Boosting the Security of Deep Neural Nets Against Adversarial Attacks with Moving Target Defense , 2017, AAAI Workshops.

[101]  Jamil Salem Barbar,et al.  Computer network traffic prediction: a comparison between traditional and deep learning neural networks , 2015, Int. J. Big Data Intell..

[102]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[103]  Maria Rigaki,et al.  Bringing a GAN to a Knife-Fight: Adapting Malware Communication to Avoid Detection , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[104]  A. Nur Zincir-Heywood,et al.  On the Effectiveness of Different Botnet Detection Approaches , 2015, ISPEC.

[105]  Prasad Calyam,et al.  Topology-Aware Correlated Network Anomaly Event Detection and Diagnosis , 2013, Journal of Network and Systems Management.

[106]  Hamed Haddadi,et al.  Deep Learning in Mobile and Wireless Networking: A Survey , 2018, IEEE Communications Surveys & Tutorials.

[107]  Navrati Saxena,et al.  BiSON: A Bioinspired Self-Organizing Network for Dynamic Auto-Configuration in 5G Wireless , 2018, Wirel. Commun. Mob. Comput..

[108]  Jong Hyuk Park,et al.  Traffic management in the mobile edge cloud to improve the quality of experience of mobile video , 2017, Comput. Commun..

[109]  Filip De Turck,et al.  Design and evaluation of learning algorithms for dynamic resource management in virtual networks , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[110]  Philippe Owezarski,et al.  Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge , 2012, Comput. Commun..

[111]  Piotr Nawrocki,et al.  Adaptive Service Management in Mobile Cloud Computing by Means of Supervised and Reinforcement Learning , 2017, Journal of Network and Systems Management.

[112]  Dario Rossi,et al.  KISS: Stochastic Packet Inspection Classifier for UDP Traffic , 2010, IEEE/ACM Transactions on Networking.

[113]  Panagiotis Demestichas,et al.  Network Load Predictions Based on Big Data and the Utilization of Self-Organizing Maps , 2013, Journal of Network and Systems Management.

[114]  Malcolm I. Heywood,et al.  Benchmarking evolutionary computation approaches to insider threat detection , 2018, GECCO.

[115]  Joachim Fabini,et al.  Rax: Deep Reinforcement Learning for Congestion Control , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[116]  A. Nur Zincir-Heywood,et al.  How far can we push flow analysis to identify encrypted anonymity network traffic? , 2018, NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium.

[117]  Paulo Carvalho,et al.  A Modular Traffic Sampling Architecture: Bringing Versatility and Efficiency to Massive Traffic Analysis , 2017, Journal of Network and Systems Management.

[118]  Zhitang Chen,et al.  Predicting future traffic using Hidden Markov Models , 2016, 2016 IEEE 24th International Conference on Network Protocols (ICNP).

[119]  Sebastian Zander,et al.  Automated traffic classification and application identification using machine learning , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[120]  Ali A. Ghorbani,et al.  Botnet detection based on traffic behavior analysis and flow intervals , 2013, Comput. Secur..

[121]  Malcolm I. Heywood,et al.  A Hierarchical SOM based Intrusion Detection System , 2008 .

[122]  Miguel Rio,et al.  Internet Traffic Forecasting using Neural Networks , 2006, The 2006 IEEE International Joint Conference on Neural Network Proceedings.

[123]  Carla Purdy,et al.  Toward an Online Anomaly Intrusion Detection System Based on Deep Learning , 2016, 2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA).

[124]  Wolfgang Kellerer,et al.  Empowering Self-Driving Networks , 2018, SelfDN@SIGCOMM.

[125]  Srinivasan Parthasarathy,et al.  Fast Distributed Outlier Detection in Mixed-Attribute Data Sets , 2006, Data Mining and Knowledge Discovery.

[126]  Yin Zhang,et al.  Secure distributed data-mining and its application to large-scale network measurements , 2006, CCRV.

[127]  Mahdi Jafari Siavoshani,et al.  Deep packet: a novel approach for encrypted traffic classification using deep learning , 2017, Soft Computing.