Design of a Novel Network Framework for Traffic Identification by Using Deep Packet Inspection and Machine Learning

Authors

  • Nikita Manne  Assistant Professor, CSIT Department, CVR college of Engineering, Hyderabad, India
  • G Vinoda Reddy  Professor, CSE (AI & ML) Department, CMR Technical Campus, Hyderabad, India
  • M. Sreenu Naik  Assistant Professor, CSE (AI & ML) Department, CMR Technical Campus, Hyderabad, India
  • Kondabathula Durga Charan  Assistant Professor, CSE (AI&DS) Department, Madanapalle Institute of Technology & Science, Andhra Pradesh, India

DOI:

https://doi.org//10.32628/IJSRST229561

Keywords:

Intrusion detection, traffic identification, MDIP, network security, open source, quality of service, security.

Abstract

This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. Precise organization traffic recognizable proof is a significant reason for network traffic checking and information investigation, and is the way to work on the nature of client administration. In this paper, through the examination of two organization traffic ID strategies in light of machine learning and profound parcel review, an organization traffic distinguishing proof strategy in view of machine learning and profound bundle examination is proposed. This strategy utilizes profound parcel assessment innovation to distinguish most organization traffic, diminishes the responsibility that should be recognized by machine learning. This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our exploration has proposed and assessed an answer involving an original QoS setup in a multi-facet change to sort out parcels/traffic and equal procedures to build the bundle handling speed. The new engineering was tried under various traffic velocities, types, and errands. The trial results show that the design works on the organization and security execution which is can conceal to 8 Gb/s with 0 bundles dropped. This paper likewise shows that this number (8Gb/s) can be improved, yet it relies upon the framework limit which is constantly restricted.

References

  1. M. D. Samani, M. Karamta, J. Bhatia, and M. B. Potdar, ``Intrusion detection system for DoS attack in cloud,'' International Journal of Applied Information Systems (Foundation of Computer Science), vol. 10, no. 5. New York, NY, USA: FCS, 2016.
  2. W. Bul'ajoul, A. James, and M. Pannu, ``Improving network intrusion detection system performance through quality-of-service configuration and parallel technology,'' J. Comput. Syst. Sci., vol. 81, no. 6, pp. 981999, 2015.
  3. Anne James, "A New Architecture for Network Intrusion Detection and Prevention", VOLUME 7, 2019,IEEE Access.
  4. Ravindra Changala, “Intrusion Detection System Using Genetic Algorithm” published in International Journal of Emerging Trends in Engineering and Development [IJETED], Impact Factor 2.87, ISSN NO:2249-6149, Issue 2,Vol. 4 May 2012.
  5. W. Bul'ajoul, A. James, S. Shaikh, and M. Pannu, ``Using Cisco network components to improve NIDPS performance,'' Comput. Sci. Inf. Technol.,pp. 137-157, Aug. 2016.
  6. Y. Naouri, and R. Perlman, (2015). ``Network congestion management by packet circulation,'' U.S. Patent 8 989 017 B2, Mar. 24, 2015.
  7. M. K. Testicioglu and S. K. Keith, ``Method for prioritizing network packets at high bandwidth speeds,'' U.S. Patent 15 804 940, Nov. 6, 2017.
  8. Ravindra Changala, “Diminution of Deployment Issues in Secure Multicast System with Group Key Management” published in International Journal of Computer Application (IJCA), Impact Factor 2.52, ISSN No. : 2250-1797, Volume 2, Issue 3, June 2012.
  9. H. Jiang, G. Zhang, G. Xie, K. Salamatian, and L. Mathy, ``Scalable high-performance parallel design for network intrusion detection systems on many-core processors,'' in Proc. 9th ACM/IEEE Symp. Archit. Netw. Commun. Syst. Piscataway, NJ, USA: IEEE Press, 2013, pp. 137-146.
  10. M.-J. Chen, Y.-M. Hsiao, H.-K. Su, and Y.-S. Chu, ``High-throughput ASIC design for e-mail and web intrusion detection,'' IEICE Electron.Express, vol. 12, no. 3, pp. 1-6, Jan. 2015.
  11. J.-M. Kim, A.-Y. Kim, J.-S. Yuk, and H.-K. Jung, ``A study on wireless intrusion prevention system based on snort,'' Int. J. Softw. Eng. Appl.,vol. 9, no. 2, pp. 112, 2015.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2022-10-30

Issue

Volume 9, Issue 5, September-October-2022

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Nikita Manne, G Vinoda Reddy, M. Sreenu Naik, Kondabathula Durga Charan, " Design of a Novel Network Framework for Traffic Identification by Using Deep Packet Inspection and Machine Learning, International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011, Volume 9, Issue 5, pp.279-290, September-October-2022. Available at doi : https://doi.org/10.32628/IJSRST229561