JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Salman, Ola Mohamad |
| dc.date.accessioned | 2021-09-23T09:00:36Z |
| dc.date.available | 2023-02 |
| dc.date.available | 2021-09-23T09:00:36Z |
| dc.date.issued | 2020 |
| dc.date.submitted | 2020 |
| dc.identifier.other | b25894870 |
| dc.identifier.uri | http://hdl.handle.net/10938/23198 |
| dc.description | Dissertation. Ph.D. American University of Beirut. Department of Electrical and Computer Engineering, 2020. ED:134. |
| dc.description | Chairman : Dr. Ayman Kayssi, Professor, Electrical and Computer Engineering ; Advisor : Dr. Imad Elhajj, Professor, Electrical and Computer Engineering ; Members of Committee : Dr. Ali Chehab, Professor, Electrical and Computer Engineering ; Dr. Georges Sakr, Professor, Electrical and Computer Engineering, Saint Joseph University ; Dr. Ghassan AlRegib, Professor, Electrical and Computer Engineering, Georgia Tech, USA. |
| dc.description | Includes bibliographical references (leaves 113-146) |
| dc.description.abstract | Traffic classification acquired the interest of the Internet community early on. Different approaches have been proposed to classify Internet traffic to manage both security and Quality of Service (QoS). However, traditional classification approaches consisting of modifying the Transmission Control Protocol-Internet Protocol (TCP-IP) scheme have not been adopted due to their complex management. In addition, port-based methods and deep packet inspection have limitations in dealing with new traffic characteristics (e.g., dynamic port allocation, tunneling, encryption). Conversely, Machine Learning (ML) solutions effectively classify traffic down to the device type and specific user action. Different ML based methods have been applied for this aim. However, traditional ML methods rely on hand crafted features, limiting the model ability to learn. Deep learning (DL), a branch of ML, is characterized by its representation learning ability. on the other hand, intrusion detection systems (IDSes) have been proposed to detect and-or prevent security attacks by inspecting and detecting attacks patterns. However, traditional IDSes are rule based and present high management complexity. Alternatively, ML-based IDSes have emerged to overcome the management complexity issue. However, many of the proposed solutions are based on hand crafted features and considered datasets are outdated. In this thesis, we propose a new data representation method to apply DL for traffic classification and intrusion detection. For traffic classification, a hierarchical classification framework is proposed to classify the traffic based on different granularity levels. The defined classes reflect the different QoS and security needs. We analyse two methods of data representation for DL-based classification: a raw packet representation and a flow-based representation. Different tests are performed to evaluate the robustness of the considered data representation methods. These tests include features importance, model robustness, and anonymization te |
| dc.format.extent | 1 online resource (xiv, 146 leaves) : illustrations |
| dc.language.iso | en |
| dc.subject.classification | ED:000134 |
| dc.subject.lcsh | Machine learning. |
| dc.subject.lcsh | Internet of things. |
| dc.subject.lcsh | Intrusion detection systems (Computer security) |
| dc.subject.lcsh | Computer networks -- Security measures. |
| dc.subject.lcsh | Quality of service (Computer networks) |
| dc.title | Machine learning for internet traffic classification |
| dc.type | Dissertation |
| dc.contributor.department | Department of Electrical and Computer Engineering |
| dc.contributor.faculty | Maroun Semaan Faculty of Engineering and Architecture |
| dc.contributor.institution | American University of Beirut |
