Assessment of Deep Packet Inspection System of Network traffic and Anomaly Detection

Authors

  • Jyoti Pandey  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Shruti Rai  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India
  • Srivaramangai R  Department of Information Technology, University of Mumbai, Mumbai, Maharashtra, India

DOI:

https://doi.org/10.32628/IJSRSET23103108

Keywords:

Deep packet SSL inspection, decrypting, inspecting, SSL encrypted, network traffic.

Abstract

Deep packet SSL inspection is a process that involves decrypting and inspecting SSL encrypted network traffic in order to detect and prevent security threats. With the increasing use of SSL encryption, it has become difficult for traditional network security solutions to inspect encrypted traffic for threats. Deep packet SSL inspection addresses this problem by decrypting the SSL traffic, inspecting it for threats, and then re-encrypting it before forwarding it to its destination. This process involves the use of SSL certificates that mimic the real ones used by the servers, as well as SSL inspection rules that specify which traffic should be decrypted and inspected. Deep packet SSL inspection can be a complex and resource- intensive process, and must be performed carefully to avoid legal or ethical issues related to the interception and inspection of encrypted traffic. However, it is a powerful tool for protecting networks from security threats, and can help organizations detect and prevent attacks that would otherwise go unnoticed.

References

  1. Kabir, Md Ahsanul, and Xiao Luo. "Unsupervised learning for network flow based anomaly detection in the era of deep learning." In 2020 IEEE Sixth International Conference on Big Data Computing Service and Applications (BigDataService), pp. 165-168. IEEE, 2020.
  2. Tang, Tuan A., Lotfi Mhamdi, Des McLernon, Syed Ali Raza Zaidi, and Mounir Ghogho. "Deep learning approach for network intrusion detection in software defined networking." In 2016 international conference on wireless networks and mobile communications (WINCOM), pp. 258-263. IEEE, 2016.
  3. Potluri, Sasanka, and Christian Diedrich. "Accelerated deep neural networks for enhanced intrusion detection system." In 2016 IEEE 21st international conference on emerging technologies and factory automation (ETFA), pp. 1-8. IEEE, 2016.
  4. D. Kwon, K. Natarajan, S. C. Suh, H. Kim, and J. Kim, “An empirical study on network anomaly detection using convolutional neural networks,” in 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). IEEE, 2018, pp. 1595–1598
  5. Kim, Jihyun, Jaehyun Kim, Huong Le Thi Thu, and Howon Kim. "Long short term memory recurrent neural network classifier for intrusion detection." In 2016 international conference on platform technology and service (PlatCon), pp. 1-5. IEEE, 2016.
  6. Stewart, Barnaby, Luis Rosa, Leandros A. Maglaras, Tiago J. Cruz, Mohamed Amine Ferrag, Paulo Simoes, and Helge Janicke. "A novel intrusion detection mechanism for scada systems which automatically adapts to network topology changes." EAI Endorsed Transactions on Industrial Networks and Intelligent Systems 4, no. 10 (2017).
  7. C. Yin, Y. Zhu, J. Fei, and X. He, “A deep learning approach for intrusion detection using recurrent neural networks,” Ieee Access, vol. 5, pp. 21 954–21 961, 2017.
  8. Iglesias, F., Zseby, T. Analysis of network traffic features for anomaly detection. Mach Learn 101, 59–84 (2015). https://doi.org/10.1007/s10994-014-5473-9 .
  9. Benjamin J. Radford, Leonardo M. Apolonio, Antonio J. Trias, and Jim A. Simpson, “Network Traffic Anomaly detection using Recurrent Neural Network”, 2018 arXiv:1803.10769.
  10. Raghavendra Chalapathy and Sanjay Chawla, “Deep Learning for Anomaly Detection: A Survey” 2019. arXv:1901.03407v2.
  11. S. Das, M. Ashrafuzzaman, F. T. Sheldon and S. Shiva, "Network Intrusion Detection using Natural Language Processing and Ensemble Machine Learning," 2020 IEEE Symposium Series on Computational Intelligence (SSCI), Canberra, ACT, Australia, 2020, pp. 829-835, doi: 10.1109/SSCI47803.2020.9308268
  12. Ma, Qian & Sun, Cong & Cui, Baojiang & Jin, Xiaohui. (2021). A Novel Model for Anomaly Detection in Network Traffic Based on Kernel Support Vector Machine. Computers & Security. 104. 102215. 10.1016/j.cose.2021.102215.
  13. Rabbani, M.; Wang, Y.; Khoshkangini, R.; Jelodar, H.; Zhao, R.; Bagheri Baba Ahmadi, S.; Ayobi, S. A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies. Entropy 2021, 23, 529. https://doi.org/10.3390/e23050529
  14. Chandola, Varun & Banerjee, Arindam & Kumar, Vipin. (2009). Anomaly Detection: A Survey. ACM Comput. Surv 41.10.1145/1541880.1541882.
  15. A. B. Nassif, M. A. Talib, Q. Nasir and F. M. Dakalbab, "Machine Learning for Anomaly Detection: A Systematic Review," in IEEE Access, vol. 9, pp. 78658-78700, 2021, doi: 10.1109/ACCESS.2021.3083060.
  16. F. Salo, M. Injadat, A. B. Nassif, A. Shami and A. Essex, "Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review," in IEEE Access, vol. 6, pp. 56046-56058, 2018, doi:10.1109/ACCESS.2018.2872784
  17. Yu, Yang & Long, Jun & Cai, Zhiping. (2017). Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders. Security and Communication Networks. 2017. 1-10. 10.1155/2017/4184196
  18. G. Kaur, V. Saxena and J. P. Gupta, "Anomaly Detection in network traffic and role of wavelets," 2010 2nd International Conference on Computer Engineering and Technology, Chengdu, China, 2010, pp. V7-46-V7-51, doi: 10.1109/ICCET.2010.5485392.
  19. N. H. Duong and H. Dang Hai, "A model for network traffic anomaly detection," 2016 18th International Conference on Advanced Communication Technology (ICACT), PyeongChang, Korea (South), 2016, pp. 644-650, doi: 10.1109/ICACT.2016.7423587.
  20. Agarwal, Basant & Mittal, Namita. (2012). Hybrid Approach for Detection of Anomaly Network Traffic using Data Mining Techniques. Procedia Technology. 6.10.1016/j.protcy.2012.10.121.
  21. Paul Barford, Jeffery Kline, David Plonka, and Amos Ron. 2002. A signal analysis of network traffic anomalies. In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment (IMW '02). Association for Computing Machinery, NewYork,NY,USA, 71–82. https://doi.org/10.1145/637201.637210
  22. Gu, Yu & Mccallum, Andrew & Towsley, Donald. (2005). Detecting Anomalies in Network Traffic Using Maximum Entropy Estimation 345-350. 10.1145/1330107.1330148.
  23. M. H. Bhuyan, D. K. Bhattacharyya and J.K. Kalita, "Network Anomaly Detection: Methods, Systems and Tools," in IEEE Communications Surveys & Tutorials, vol. 16, no. 1, pp. 303-336, First Quarter 2014, doi: 10.1109/SURV.2013.052213.00046.
  24. Do, ChoXuan & Dam, Nguyen & Lam, Nguyen. (2021). Optimization of network traffic anomaly detection using machine learning. International Journal of Electrical and Computer Engineering(IJECE). 11.2360.10.11591/ijece.v11i3.pp2360-2370.
  25. Jungsuk Song, Hiroki Takakura, Yasuo Okabe, Koji Nakao, ”Toward a more practical unsupervised anomaly detection system”,Information Sciences, Volume 231,2013, Pages 4-14, ISSN 0020-0255, https://doi.org/10.1016/j.ins.2011.08.011 .
  26. Edin Citaku, “Use case study on machine earning for network anomaly detection” in Seminar Innovative Internet Technologies and Mobile Communications Chair of Network Architectures and Services Departments of Informatics, Technical University of Munich,2018.
  27. Wang, Haiyan. (2015). Anomaly Detection of Network Traffic Based on Prediction and Self- Adaptive Threshold. International Journal of Future Generation Communication and Networking. 8. 205-214. 10.14257/ijfgcn.2015.8.6.20.
  28. Hemant Sengar, H., Wang, X., Wang, H., Wijesekera, D., & Jajodia, S. (2009). Online detection of network traffic anomalies using behavioral distance. 2009 17th International Workshop on Quality of Service, 1-9.
  29. Nana K. Ampah, Cajetan M. Akujuobi, Mathew N.O. Sadiku and Shumon Alam, “An intrusion detection technique based on continuous binary communication channels”, November 16, 2011 pp 174-180, tps://doi.org/10.1504/IJSN.2011.043674.
  30. K. Steverson, C. Carlin, J. Mullin and M. Ahiskali, "Cyber Intrusion Detection using Natural Language Processing on Windows Event Logs," 2021 International Conference on Military Communication and Information Systems (ICMCIS), The Hague, Netherlands, 2021, pp. 1-7, doi: 10.1109/ICMCIS52405.2021.9486307.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2023-06-30

Issue

Volume 10, Issue 3, May-June-2023

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Jyoti Pandey, Shruti Rai, Srivaramangai R "Assessment of Deep Packet Inspection System of Network traffic and Anomaly Detection" International Journal of Scientific Research in Science, Engineering and Technology (IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 10, Issue 3, pp.680-688, May-June-2023. Available at doi : https://doi.org/10.32628/IJSRSET23103108