Abstract
In this paper we present an approach for combining Case-based Reasoning (CBR) and Complex Event Processing (CEP) in order to classify network traffic. We show that this combination has a high potential to improve existing classification methods by enriching the stream processing techniques in CEP with the capability of historic case reuse in CBR by continuously analysing the application layer data of network communication.
This work was supported by the German Federal Ministry of Education and Research within the funding program Forschung an Fachhochschulen (contract number 13FH019IA6).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Anicic, D., et al.: Stream reasoning and complex event processing in ETALIS. In: Semantic Web 3.4, pp. 397–407, 1st January 2012. ISSN 15700844. https://doi.org/10.3233/SW-2011-0053. https://content.iospress.com/articles/semantic-web/sw053. Accessed 05 Apr 2018
Bernaille, L., Teixeira, R., Salamatian, K.: Early application identification. In: Proceedings of the 2006 ACM CoNEXT Conference, CoNEXT 2006, New York, NY, USA, pp. 6:1–6:12. ACM (2006). ISBN 978-1-59593-456-7. https://doi.org/10.1145/1368436.1368445. Accessed 05 Apr 2018
Chung, J.Y., Park, B., Won, Y.J., Strassner, J., Hong, J.W.: Traffic classification based on flow similarity. In: Nunzi, G., Scoglio, C., Li, X. (eds.) IPOM 2009. LNCS, vol. 5843, pp. 65–77. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04968-2_6
EsperTech, Inc., Esper Reference Documentation. http://esper.espertech.com/release-7.1.0/esper-reference/html/index.html. Accessed 24 Apr 2018
Gad, R., et al.: Hierarchical events for efficient distributed network analysis and surveillance. In: Proceedings of the 2nd International Workshop on Adaptive Services for the Future Internet and 6th International Workshop on Web APIs and Service Mashups, pp. 5–11. ACM (2012). ISBN 1-4503-1566-6
Gad, R., et al.: Leveraging EDA and CEP for integrating low-level network analysis methods into modern, distributed IT architectures. In: VII Jornadas de Ciencia e Ingeniería de Servicios (JCIS-SISTEDES 2012), Almería (2012)
Gad, R., et al.: Employing the CEP paradigm for network analysis and surveillance. In: Proceedings of the Ninth Advanced International Conference on Telecommunications, pp. 204–210. Citeseer (2013)
Gay, P., López, B., Meléndez, J.: Sequential learning for case-based pattern recognition in complex event domains. In: Proceedings of the 16th UK Workshop on Case-Based Reasoning, pp. 46–55 (2011)
IANA: Service Name and Transport Protocol Port Number Registry, 27th March 2018. https://www.iana.org/assignments/portnumbers. Accessed 04 May 2018
ITU Telecommunication Standardization Sector. Information Technology - Open Systems Interconnection - Basic Reference Model: The Basic Model (1994). http://handle.itu.int/11.1002/1000/2820. Accessed 27 Apr 2018
Lin, P.C., et al.: Using string matching for deep packet inspection. Computer 41(4), 23–28 (2008). https://doi.org/10.1109/MC.2008.138. ISSN 0018–9162
Luckham, D.: The power of events: an introduction to complex event processing in distributed enterprise systems. In: Bassiliades, N., Governatori, G., Paschke, A. (eds.) RuleML 2008. LNCS, vol. 5321, pp. 3–3. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88808-6_2
Nguyen, T.T.T., Armitage, G.: A survey of techniques for internet traffic classification using machine learning. IEEE Commun. Surv. Tutor. 10(4), 56–76 (2008). https://doi.org/10.1109/SURV.2008.080406. ISSN 1553–877X
Richter, M.M.: Case-Based Reasoning: A Textbook, 1st edn. Springer, New York (2013). https://doi.org/10.1007/978-3-642-40167-1. ISBN 978-3-642-40166-4
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Grob, M., Kappes, M., Medina-Bulo, I. (2018). Combining Case-Based Reasoning with Complex Event Processing for Network Traffic Classification. In: Cox, M., Funk, P., Begum, S. (eds) Case-Based Reasoning Research and Development. ICCBR 2018. Lecture Notes in Computer Science(), vol 11156. Springer, Cham. https://doi.org/10.1007/978-3-030-01081-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-01081-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01080-5
Online ISBN: 978-3-030-01081-2
eBook Packages: Computer ScienceComputer Science (R0)