The Internet has been evolving from a traditional mechanism to a modern service-oriented architecture, such as quality-of-service (QoS) policies, to meet users' various requirements for high service quality. An instant and effective network traffic classification method is indispensable to identify network services to enforce QoS policies on the corresponding service. Network managers can easily flexibly deploy traffic classification modules and configure the network policies with the help of the emerging softwaredefined networking. However, most existing traffic classification solutions, such as port-based methods or deep packet inspection, cannot handle real-time and encrypted traffic classification. In this research, a Convolutional Autoencoder Packet Classifier (CAPC) has been proposed to immediately classify incoming packets in fine-grained and coarse-grained manners, that is, classifying a service to a single application and a rough genre, respectively. The CAPC is a packet-based deep learning model consisting of a 1D convolutional neural network and an autoencoder, which can handle dynamic-port and encrypted traffic and even cluster similar applications. This classifier is verified on not only the private self-captured traffic but also a public VPN dataset to demonstrate its performance. Moreover, the CAPC classifies different types of service traffic with an accuracy of over 99.9% on the private dataset of 16 services and over 97% on the public dataset of 24 services, thereby outperforming other deep learning classifiers. Experimental results also show other performance metrics, including stability, average precision, and recall and the highest F1-score values of 15 and 18 services on the private and public datasets, respectively.
The increasing quality and various requirements of network services are guaranteed because of the advancement of the emerging network paradigm, software-defined networking (SDN), and benefits from the centralized and software-defined architecture. The SDN not only facilitates the configuration of the network policies for traffic engineering but also brings convenience for network state obtainment. The traffic of numerous services is transmitted within a network, whereas each service may demand different network metrics, such as low latency or low packet loss rate. Corresponding quality of service policies must be enforced to meet the requirements of different services, and the balance of link utilization is also indispensable. In this research, Reinforcement Discrete Learning-Based Service-Oriented Multipath Routing (RED-STAR) has been proposed to understand the policy of distributing an optimal path for each service. The RED-STAR takes the network state and service type as input values to dynamically select the path a service must be forwarded. Custom protocols are designed for network state obtainment, and a deep learning-based traffic classification model is also integrated to identify network services. With the differentiated reward scheme for every service type, the reinforcement learning model in RED-STAR gradually achieves high reward values in various scenarios. The experimental results show that RED-STAR can adopt the dynamic network environment, obtaining the highest average reward value of 1.8579 and the lowest average maximum bandwidth utilization of 0.3601 among all path distribution schemes in a real-case scenario.
Software-defined networking controllers use the OpenFlow discovery protocol (OFDP) to collect network topology status. The OFDP detects the link between switches by generating link layer discovery protocol (LLDP) packets. However, OFDP is not a security protocol. Attackers can use it to perform topology discovery via injection, man-in-the-middle, and flooding attacks to confuse the network topology. This study proposes a correlation-based topology anomaly detection mechanism. Spearman's rank correlation is used to analyze the network traffic between links and measure the round-trip time of each LLDP frame to determine whether a topology discovery via man-in-the-middle attack exists. This study also adds a dynamic authentication key and counting mechanism in the LLDP frame to prevent attackers from using topology discovery via injection attack to generate fake links and topology discovery via flooding attack to cause network routing or switching abnormalities.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.