Coder Social home page Coder Social logo

statistical-estimator-of-network-traffic's Introduction

Statistical estimator of network traffic

The library is dedicated to estimating statistical properties of packets grouped within a network flows or even a device, given a .pcap file and target object identifier.

The identifier must be specified at .pcap processing stage, where packet-related features (packet size, inter-arrival time and direction) are extracted. For example, to extract device-level stats you can try the following:

export PYTHONPATH=.

python pcap_parsing/main.py \
--pcapfile=traffic_dumps/iot_amazon_echo.pcap \
--identifier='44:65:0d:56:cc:d3'

To process a separate flow, do something like:

python pcap_parsing/main.py \
--pcapfile=traffic_dumps/skypeLANhome.pcap \
--identifier="UDP 192.168.0.102:18826 192.168.0.105:26454" \
--flow_level

Given the target stats, there are two approaches to model them:

  1. Train two hidden Markov models (one for each traffic direction), which are already sufficient to recreate network packets of the given flow/device.

    python hmm_generator/train_evaluate_hmm.py \
--dataset="traffic_dumps/iot_amazon_echo_44:65:0d:56:cc:d3.csv"

  2. Train two gaussian mixtures that map packet features to mixture centroids, effectively transforming initial features to discrete sequences, which are to be processed with a dedicated sequence model. This can be viewed as a decomposition of the HMM framework.

    Fit Gaussian mixtures:

    python features/train_quantizer.py \
--dataset="traffic_dumps/iot_amazon_echo_44:65:0d:56:cc:d3.csv"

    This allows us to easily use various sequence models, like Markov chains:

    python markov_baseline/train_evaluate_markov.py \
--dataset="traffic_dumps/iot_amazon_echo_44:65:0d:56:cc:d3.csv" \
--quantizer_path="obj/iot_amazon_echo_44:65:0d:56:cc:d3"

    or autoregressive neural networks, either recurrent (RNN) or temporal convolutional networks (TCN):

    python nn_generators/train_generator.py \
--dataset="traffic_dumps/iot_amazon_echo_44:65:0d:56:cc:d3.csv" \
--quantizer_path="obj/iot_amazon_echo_44:65:0d:56:cc:d3" \
--generator_name=RNN

ITL paper

The code for the paper below is available at this tag:

  • Bikmukhamedov R., Nadeev A., Maione G., and Striccoli D., "Comparison of HMM and RNN models for network traffic modeling", Internet Technology Letters, 2020. DOI: 10.1002/itl2.147

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.