Nowfel Mashnoor, Jay Thom, A. Rouf, S. Sengupta, Batyr Charyyev
{"title":"网络流量指纹的局部性敏感哈希","authors":"Nowfel Mashnoor, Jay Thom, A. Rouf, S. Sengupta, Batyr Charyyev","doi":"10.1109/LANMAN58293.2023.10189810","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) introduced new complexities and challenges to computer networks. Due to their simple nature, these devices are more vulnerable to cyber-attacks. Thus it becomes important to identify these devices in a network for network management and detect malicious activities. Network traffic fingerprinting is an essential tool for device identification and anomaly detection, and existing approaches mainly rely on machine learning (ML). However, ML-based approaches require feature selection, hyperparameter tuning, and model retraining to achieve optimum results and be robust to concept drifts observed in a network. To overcome these challenges, in this paper we propose locality-sensitive hashing (LSH) based network traffic fingerprinting. Specifically, we explore design alternatives for the LSH function Nilsimsa and use it to fingerprint network traffic for device identification. We also compared it with ML-based traffic fingerprinting and observed that our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.","PeriodicalId":416011,"journal":{"name":"2023 IEEE 29th International Symposium on Local and Metropolitan Area Networks (LANMAN)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Locality Sensitive Hashing for Network Traffic Fingerprinting\",\"authors\":\"Nowfel Mashnoor, Jay Thom, A. Rouf, S. Sengupta, Batyr Charyyev\",\"doi\":\"10.1109/LANMAN58293.2023.10189810\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet of Things (IoT) introduced new complexities and challenges to computer networks. Due to their simple nature, these devices are more vulnerable to cyber-attacks. Thus it becomes important to identify these devices in a network for network management and detect malicious activities. Network traffic fingerprinting is an essential tool for device identification and anomaly detection, and existing approaches mainly rely on machine learning (ML). However, ML-based approaches require feature selection, hyperparameter tuning, and model retraining to achieve optimum results and be robust to concept drifts observed in a network. To overcome these challenges, in this paper we propose locality-sensitive hashing (LSH) based network traffic fingerprinting. Specifically, we explore design alternatives for the LSH function Nilsimsa and use it to fingerprint network traffic for device identification. We also compared it with ML-based traffic fingerprinting and observed that our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.\",\"PeriodicalId\":416011,\"journal\":{\"name\":\"2023 IEEE 29th International Symposium on Local and Metropolitan Area Networks (LANMAN)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 29th International Symposium on Local and Metropolitan Area Networks (LANMAN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/LANMAN58293.2023.10189810\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 29th International Symposium on Local and Metropolitan Area Networks (LANMAN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LANMAN58293.2023.10189810","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Locality Sensitive Hashing for Network Traffic Fingerprinting
The Internet of Things (IoT) introduced new complexities and challenges to computer networks. Due to their simple nature, these devices are more vulnerable to cyber-attacks. Thus it becomes important to identify these devices in a network for network management and detect malicious activities. Network traffic fingerprinting is an essential tool for device identification and anomaly detection, and existing approaches mainly rely on machine learning (ML). However, ML-based approaches require feature selection, hyperparameter tuning, and model retraining to achieve optimum results and be robust to concept drifts observed in a network. To overcome these challenges, in this paper we propose locality-sensitive hashing (LSH) based network traffic fingerprinting. Specifically, we explore design alternatives for the LSH function Nilsimsa and use it to fingerprint network traffic for device identification. We also compared it with ML-based traffic fingerprinting and observed that our method increases the accuracy of state-of-the-art by 12% achieving around 94% accuracy in identifying devices in a network.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
