skip to main content
10.1145/2934732.2934746acmotherconferencesArticle/Chapter ViewAbstractPublication PagesceriConference Proceedingsconference-collections
research-article

Using Collaborative Filtering in a new domain: traffic analysis

Published: 14 June 2016 Publication History

Abstract

The importance of information systems is increasing every day. In order to ensure their right operation, it is necessary to analyze a huge amount of traffic generated by different devices. However, classical techniques for operation and management are reactive and not proactive, what can evolve in a failure in the system.
In this work we propose a new approach where we analyze network traffic using Collaborative Filtering. In other domains, these systems have proved to filter thousands of items according to user needs and tastes. They can predict user preferences and recommend relevant items for the user. In this sense, in this new domain, relevant items are data flows, so our goal is to recommend flows which are related to the traffic already captured.

References

[1]
Testing intrusion detection systems: A critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Trans. Inf. Syst. Secur., 3(4):262--294, Nov. 2000.
[2]
Global risks 2015. Technical report, 2015.
[3]
R. D. A. Lazar, W. Weiguo. Models and algorithms for network fault detection and identification: a review. In Algoritms, Singapore. IEEE, 1992. Singapore ICCS/ISITA.
[4]
G. Adomavicius and A. Tuzhilin. Toward the next generation of recommender systems: A survey of the state-of-the-art and possible extensions. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 17(6):734--749, 2005.
[5]
J. Bennett and S. Lanning. The netflix prize. In Proceedings of KDD Cup and Workshop, KDDCup '07, pages 3--6, San Jose, California, USA, 2007. ACM.
[6]
P. Borgnat, G. Dewaele, K. Fukuda, P. Abry, and K. Cho. Seven years and one day: Sketching the evolution of internet traffic. In Proceedings INFOCOM 2009, IEEE.
[7]
J. S. Breese, D. Heckerman, and C. Kadie. Empirical analysis of predictive algorithms for collaborative filtering. In Proceedings of the Fourteenth conference on Uncertainty in artificial intelligence, UAI'98, pages 43--52, San Francisco, CA, USA, 1998. Morgan Kaufmann Publishers Inc.
[8]
F. Cacheda, V. Carneiro, D. Fernández, and V. Formoso. Comparison of collaborative filtering algorithms: Limitations of current techniques and proposals for scalable, high-performance recommender systems. ACM Trans. Web, 5:2:1--2:33, Feb. 2011.
[9]
B. Claise. Cisco Systems NetFlow Services Export Version 9. RFC 3954 (Informational), Oct. 2004.
[10]
M. Deshpande and G. Karypis. Item-based top-N recommendation algorithms. ACM Trans. Inf. Syst., 22(1):143--177, 2004.
[11]
R. M. Elbasiony, E. A. Sallam, T. E. Eltobely, and M. M. Fahmy. A hybrid network intrusion detection framework based on random forests and weighted k-means. Ain Shams Engineering Journal, 4(4):753--762, 2013.
[12]
C. Estan, K. Keys, D. Moore, and G. Varghese. Building a Better NetFlow. In SIGCOMM 2004, pages 245--256, Portland, OR, Sep 2004.
[13]
J. M. Estévez-Tapiador, P. Garcia-Teodoro, and J. E. Díaz-Verdejo. Measuring normality in HTTP traffic for anomaly-based intrusion detection. Computer Networks, 45(2):175--193, 2004.
[14]
C. I. Ezeife, J. Dong, and A. K. Aggarwal. Sensorwebids: a web mining intrusion detection system. IJWIS, 4(1):97--120, 2008.
[15]
A. Feldmann, R. Caceres, F. Douglis, and G. Glass. Performance of web proxy caching in heterogeneous bandwidth environments. In INFOCOM '99. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings, pages 107--116, 1999.
[16]
V. Formoso, D. Fernández, F. Cacheda, and V. Carneiro. Using profile expansion techniques to alleviate the new user problem. Inf. Process. Manage., 49(3):659--672, May 2013.
[17]
Z. Gantner, S. Rendle, C. Freudenthaler, and L. Schmidt-Thieme. MyMediaLite: A free recommender system library. In 5th ACM International Conference on Recommender Systems (RecSys 2011), 2011.
[18]
D. Goldberg, D. Nichols, B. M. Oki, and D. Terry. Using collaborative filtering to weave an information tapestry. Communications of the ACM, 35(12):61--70, 1992.
[19]
A. Göker and D. He. Analysing web search logs to determine session boundaries for user-oriented learning. In P. Brusilovsky, O. Stock, and C. Strapparava, editors, AH, volume 1892 of Lecture Notes in Computer Science, pages 319--322. Springer, 2000.
[20]
A. Hanemann, J. W. Boote, E. L. Boyd, J. Durand, L. Kudarimoti, R. Lapacz, D. M. Swany, S. Trocha, and J. Zurawski. Perfsonar: A service oriented architecture for multi-domain network monitoring. In Proceedings of the Third International Conference on Service-Oriented Computing, ICSOC'05, pages 241--254, Berlin, Heidelberg, 2005. Springer-Verlag.
[21]
J. L. Herlocker, J. A. Konstan, L. G. Terveen, and J. T. Riedl. Evaluating collaborative filtering recommender systems. ACM Trans. Inf. Syst., 22(1):5--53, 2004.
[22]
R. Hofstede, V. Bartos, A. Sperotto, and A. Pras. Towards real-time intrusion detection for netflow and ipfix. In CNSM, pages 227--234. IEEE Computer Society, 2013.
[23]
T. Joachims, L. Granka, B. Pan, H. Hembrooke, F. Radlinski, and G. Gay. Evaluating the accuracy of implicit feedback from clicks and query reformulations in web search. ACM Trans. Inf. Syst., 25(2):7, 2007.
[24]
J. Keeney, S. van der Meer, and G. Hogan. A recommender-system for telecommunications network management actions. In 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), Ghent, Belgium, May 27-31, 2013, pages 760--763, 2013.
[25]
R. Khondoker, B. Reuther, D. Schwerdel, A. A. Siddiqui, and P. Müller. Describing and selecting communication services in a service oriented network architecture. In 2010 ITU-Kaleidoscope: Beyond the Internet? - Innovations for Future Networks and Services, Pune, India, December 13-15, 2010, pages 1--8, 2010.
[26]
C. Kolias, G. Kambourakis, A. Stavrou, and G. Stefanos. Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset. Communications Surveys and Tutorials, 2015.
[27]
G. Koutrika, B. Bercovitz, and H. Garcia-Molina. Flexrecs: expressing and combining flexible recommendations. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, pages 745--758. ACM, 2009.
[28]
G. Linden, B. Smith, and J. York. Amazon.com recommendations: Item-to-item collaborative filtering. IEEE Internet Computing, 7(1):76--80, Jan. 2003.
[29]
R. Lippmann, J. W. Haines, D. J. Fried, J. Korba, and K. Das. The 1999 darpa off-line intrusion detection evaluation. Comput. Netw., 34(4):579--595, Oct. 2000.
[30]
M. K. M. Hoche, H. Kirsch. Recommender system for security risk reduction. In Situational Awareness for Critical Information Infrastructures. Development of a Monitoring System for Security Risk Reduction; ASMONIA Project, 2012.
[31]
T. Mahmood and F. Ricci. Improving recommender systems with adaptive conversational strategies. In Proceedings of the 20th ACM Conference on Hypertext and Hypermedia, HT '09, pages 73--82, New York, NY, USA, 2009. ACM.
[32]
M. V. Mahoney and P. K. Chan. Phad: Packet header anomaly detection for identifying hostile network traffic. Technical report, PHAD, 2001.
[33]
R. Pan, Y. Zhou, B. Cao, N. Liu, R. Lukose, M. Scholz, and Q. Yang. One-class collaborative filtering. In Data Mining, 2008. ICDM '08. Eighth IEEE International Conference on, pages 502--511, 2008.
[34]
J. Parker. Itil: Three ingredients to effective it management. In ITIL service lifecycle publication suite., Stationery Office, 2010. Openwater Solutions, Office if Government Commerce.
[35]
V. Paxson. Internet traffic archive, 2002.
[36]
P. Resnick, N. Iacovou, M. Suchak, P. Bergstrom, and J. Riedl. Grouplens: an open architecture for collaborative filtering of netnews. In Proceedings of the 1994 ACM conference on Computer supported cooperative work, CSCW '94, pages 175--186, New York, NY, USA, 1994. ACM.
[37]
U. Shardanand. Social information filtering for music recommendation. Master's thesis, Massachussets Institute of Technology, Sept. 1994.
[38]
M. K. Shin, K. H. Nam, and H. J. Kim. Software-defined networking (sdn): A reference architecture and open apis. In ICT Convergence (ICTC), 2012 International Conference on, pages 360--361, Oct 2012.
[39]
A. Shiravi, H. Shiravi, M. Tavallaee, and A. Ghorbani. Toward developing a systematic approach to generate benchmark datasets for intrusion detection. In Computers and Security, Volume 31, Issue 3, pages 357--374, Berlin, Heidelberg, 2012. Springer-Verlag.
[40]
C. Silverstein, H. Marais, M. Henzinger, and M. Moricz. Analysis of a very large web search engine query log. SIGIR Forum, 33(1):6--12, 1999.
[41]
A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, and B. Stiller. An overview of ip flow-based intrusion detection. IEEE Communications Surveys Tutorials, 12(3):343--356, Third 2010.
[42]
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. A detailed analysis of the kdd cup 99 data set. In Proceedings of the Second IEEE International Conference on Computational Intelligence for Security and Defense Applications, CISDA'09, pages 53--58, Piscataway, NJ, USA, 2009. IEEE Press.
[43]
P. Winter, E. Hermann, and M. Zeilinger. Inductive intrusion detection in flow-based network data using one-class support vector machines. In 4th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2011, Paris, France, February 7-10, 2011, pages 1--5, 2011.
  1. Using Collaborative Filtering in a new domain: traffic analysis

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    CERI '16: Proceedings of the 4th Spanish Conference on Information Retrieval
    June 2016
    146 pages
    ISBN:9781450341417
    DOI:10.1145/2934732
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    In-Cooperation

    • University of Granada: University of Granada

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 14 June 2016

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Collaborative Filtering
    2. Computer Networks
    3. IDS
    4. OCCF
    5. Recommender Systems
    6. network flows
    7. unary ratings

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Funding Sources

    Conference

    CERI '16

    Acceptance Rates

    CERI '16 Paper Acceptance Rate 18 of 27 submissions, 67%;
    Overall Acceptance Rate 36 of 51 submissions, 71%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 111
      Total Downloads
    • Downloads (Last 12 months)3
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Jan 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media