Traffic Generation using Containerization for Machine Learning

11/12/2020
by   Henry Clausen, et al.
0

The design and evaluation of data-driven network intrusion detection methods are currently held back by a lack of adequate data, both in terms of benign and attack traffic. Existing datasets are mostly gathered in isolated lab environments containing virtual machines, to both offer more control over the computer interactions and prevent any malicious code from escaping. This procedure however leads to datasets that lack four core properties: heterogeneity, ground truth traffic labels, large data size, and contemporary content. Here, we present a novel data generation framework based on Docker containers that addresses these problems systematically. For this, we arrange suitable containers into relevant traffic communication scenarios and subscenarios, which are subject to appropriate input randomization as well as WAN emulation. By relying on process isolation through containerization, we can match traffic events with individual processes, and achieve scalability and modularity of individual traffic scenarios. We perform two experiments to assess the reproducability and traffic properties of our framework, and demonstrate the usefulness of our framework on a traffic classification example.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/15/2020

Data-Driven Network Intrusion Detection: A Taxonomy of Challenges and Methods

Data-driven methods have been widely used in network intrusion detection...
research
03/16/2022

Maintainable Log Datasets for Evaluation of Intrusion Detection Systems

Intrusion detection systems (IDS) monitor system logs and network traffi...
research
05/01/2019

On generating network traffic datasets with synthetic attacks for intrusion detection

Most research in the area of intrusion detection requires datasets to de...
research
10/23/2019

ASNM Datasets: A Collection of Network Traffic Features for Testing of Adversarial Classifiers and Network Intrusion Detectors

In this paper, we present three datasets that have been built from netwo...
research
08/28/2023

Are Existing Out-Of-Distribution Techniques Suitable for Network Intrusion Detection?

Machine learning (ML) has become increasingly popular in network intrusi...

Please sign up or login with your details

Forgot password? Click here to reset