Connection Pattern Based Android Network Traffic Clustering
作者: Chunlei Chen , Huixiang Zhang , Ming Qi , Yonghui Zhang , Peng Zhang
DOI: 10.1109/ITOEC.2018.8740644
关键词:
摘要: Network traffic clustering plays a fundamental role in network flow analysis. Existing Android methods have three shortages. First, these always focus on partial features, such as port numbers, with the absence of holistic features. Second, existing sometimes fail to work if payload one package is encrypted. Third, some are valid only for several specific application-layer protocols. To handle inefficiencies, we adopted network-connection-pattern based features facilitate clustering. record platform was constructed. This executed 575 applications and recorded traffic. obtained input datasets through extracted connection pattern. Then, clustered datasets. Finally, employed Information Gain algorithm Fast Correlation-Based Filter separately rank contributions according results. Experiments show that network-connection-pattern-based lead more efficient result than port-number-based
sci-hub.se 参考文章(11)
Part Pramokchon, Punpiti Piamsa-nga, An Unsupervised, Fast Correlation-Based Filter for Feature Selection for Data Clustering DaEng. pp. 87- 94 ,(2014) , 10.1007/978-981-4585-18-7_10
Joe H. Ward, Hierarchical Grouping to Optimize an Objective Function Journal of the American Statistical Association. ,vol. 58, pp. 236- 244 ,(1963) , 10.1080/01621459.1963.10500845
George Forman, An extensive empirical study of feature selection metrics for text classification Journal of Machine Learning Research. ,vol. 3, pp. 1289- 1305 ,(2003)
Thomas Karagiannis, Konstantina Papagiannaki, Michalis Faloutsos, BLINC: multilevel traffic classification in the dark acm special interest group on data communication. ,vol. 35, pp. 229- 240 ,(2005) , 10.1145/1080091.1080119
Mauro Conti, Luigi V. Mancini, Riccardo Spolaor, Nino Vincenzo Verde, Can't You Hear Me Knocking: Identification of User Actions on Android Apps via Traffic Analysis conference on data and application security and privacy. ,vol. 1, pp. 297- 304 ,(2015) , 10.1145/2699026.2699119
Gaetan Hurel, Remi Badonnel, Abdelkader Lahmadi, Olivier Festor, Behavioral and dynamic security functions chaining for Android devices conference on network and service management. pp. 57- 63 ,(2015) , 10.1109/CNSM.2015.7367339
Marco Aresu, Davide Ariu, Mansour Ahmadi, Davide Maiorca, Giorgio Giacinto, Clustering android malware families by http traffic international conference on malicious and unwanted software. pp. 128- 135 ,(2015) , 10.1109/MALWARE.2015.7413693
Yu-ning Dong, Li-tao Yao, Hai-xian Shi, Fine grained classification of Internet video traffics asia-pacific conference on communications. pp. 580- 584 ,(2015) , 10.1109/APCC.2015.7412578
Md Salik Parwez, Danda B. Rawat, Moses Garuba, Big Data Analytics for User-Activity Analysis and User-Anomaly Detection in Mobile Wireless Network IEEE Transactions on Industrial Informatics. ,vol. 13, pp. 2058- 2065 ,(2017) , 10.1109/TII.2017.2650206
Nikunj Malik, Jayanarayan Chandramouli, Prahlad Suresh, Kevin Fairbanks, Lanier Watkins, William H. Robinson, Using network traffic to verify mobile device forensic artifacts consumer communications and networking conference. pp. 114- 119 ,(2017) , 10.1109/CCNC.2017.7983091