Cargando…
Network Traffic Classification by Program Synthesis
Writing classification rules to identify interesting network traffic is a time-consuming and error-prone task. Learning-based classification systems automatically extract such rules from positive and negative traffic examples. However, due to limitations in the representation of network traffic and...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
2021
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7979161/ http://dx.doi.org/10.1007/978-3-030-72016-2_23 |
| _version_ | 1783667237879545856 |
|---|---|
| author | Shi, Lei Li, Yahui Loo, Boon Thau Alur, Rajeev |
| author_facet | Shi, Lei Li, Yahui Loo, Boon Thau Alur, Rajeev |
| author_sort | Shi, Lei |
| collection | PubMed |
| description | Writing classification rules to identify interesting network traffic is a time-consuming and error-prone task. Learning-based classification systems automatically extract such rules from positive and negative traffic examples. However, due to limitations in the representation of network traffic and the learning strategy, these systems lack both expressiveness to cover a range of applications and interpretability in fully describing the traffic’s structure at the session layer. This paper presents Sharingan system, which uses program synthesis techniques to generate network classification programs at the session layer. Sharingan accepts raw network traces as inputs and reports potential patterns of the target traffic in NetQRE, a domain specific language designed for specifying session-layer quantitative properties. We develop a range of novel optimizations that reduce the synthesis time for large and complex tasks to a matter of minutes. Our experiments show that Sharingan is able to correctly identify patterns from a diverse set of network traces and generates explainable outputs, while achieving accuracy comparable to state-of-the-art learning-based systems. |
| format | Online Article Text |
| id | pubmed-7979161 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2021 |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-79791612021-03-23 Network Traffic Classification by Program Synthesis Shi, Lei Li, Yahui Loo, Boon Thau Alur, Rajeev Tools and Algorithms for the Construction and Analysis of Systems Article Writing classification rules to identify interesting network traffic is a time-consuming and error-prone task. Learning-based classification systems automatically extract such rules from positive and negative traffic examples. However, due to limitations in the representation of network traffic and the learning strategy, these systems lack both expressiveness to cover a range of applications and interpretability in fully describing the traffic’s structure at the session layer. This paper presents Sharingan system, which uses program synthesis techniques to generate network classification programs at the session layer. Sharingan accepts raw network traces as inputs and reports potential patterns of the target traffic in NetQRE, a domain specific language designed for specifying session-layer quantitative properties. We develop a range of novel optimizations that reduce the synthesis time for large and complex tasks to a matter of minutes. Our experiments show that Sharingan is able to correctly identify patterns from a diverse set of network traces and generates explainable outputs, while achieving accuracy comparable to state-of-the-art learning-based systems. 2021-03-01 /pmc/articles/PMC7979161/ http://dx.doi.org/10.1007/978-3-030-72016-2_23 Text en © The Author(s) 2021 Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. |
| spellingShingle | Article Shi, Lei Li, Yahui Loo, Boon Thau Alur, Rajeev Network Traffic Classification by Program Synthesis |
| title | Network Traffic Classification by Program Synthesis |
| title_full | Network Traffic Classification by Program Synthesis |
| title_fullStr | Network Traffic Classification by Program Synthesis |
| title_full_unstemmed | Network Traffic Classification by Program Synthesis |
| title_short | Network Traffic Classification by Program Synthesis |
| title_sort | network traffic classification by program synthesis |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7979161/ http://dx.doi.org/10.1007/978-3-030-72016-2_23 |
| work_keys_str_mv | AT shilei networktrafficclassificationbyprogramsynthesis AT liyahui networktrafficclassificationbyprogramsynthesis AT looboonthau networktrafficclassificationbyprogramsynthesis AT alurrajeev networktrafficclassificationbyprogramsynthesis |