Iman Akbari scite author profile

Proc. ACM Meas. Anal. Comput. Syst.

Salahuddin

Ven

et al. 2021

Traffic classification is essential in network management for operations ranging from capacity planning, performance monitoring, volumetry, and resource provisioning, to anomaly detection and security. Recently, it has become increasingly challenging with the widespread adoption of encryption in the Internet, e.g., as a de-facto in HTTP/2 and QUIC protocols. In the current state of encrypted traffic classification using Deep Learning (DL), we identify fundamental issues in the way it is typically approached. For instance, although complex DL models with millions of parameters are being used, these models implement a relatively simple logic based on certain header fields of the TLS handshake, limiting model robustness to future versions of encrypted protocols. Furthermore, encrypted traffic is often treated as any other raw input for DL, while crucial domain-specific considerations exist that are commonly ignored. In this paper, we design a novel feature engineering approach that generalizes well for encrypted web protocols, and develop a neural network architecture based on Stacked Long Short-Term Memory (LSTM) layers and Convolutional Neural Networks (CNN) that works very well with our feature design. We evaluate our approach on a real-world traffic dataset from a major ISP and Mobile Network Operator. We achieve an accuracy of 95% in service classification with less raw traffic and smaller number of parameters, out-performing a state-of-the-art method by nearly 50% fewer false classifications. We show that our DL model generalizes for different classification objectives and encrypted web protocols. We also evaluate our approach on a public QUIC dataset with finer and application-level granularity in labeling, achieving an overall accuracy of 99%.

ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning

Tahoun

Salahuddin

et al. 2020

How Reliable is MDT-Based Autonomous Coverage Estimation in the Presence of User and BS Positioning Error?

IEEE Wireless Commun. Lett.

Onireti

Imran

et al. 2016

Abstract-Minimization of drive test (MDT) has recently been standardized by 3GPP as a key self organizing network (SON) feature. MDT allows coverage to be estimated at the base station (BS) using user equipment (UE) measurement reports with the objective to eliminate the need for drive tests. However, most MDT based coverage estimation methods recently proposed in literature assume that UE position is known at the BS with 100% accuracy, an assumption that does not hold in reality. In this paper we develop an analytical model that allows the quantification of error in MDT based autonomous coverage estimation (ACE) as a function of error in UE as well as BS positioning. Our model also allows characterization of error in ACE as function of standard deviation of shadowing.

Impact of inaccurate user and base station positioning on autonomous coverage estimation

Onireti

Imran

et al. 2015

Abstract-Autonomous monitoring of key performance indicators, which are obtained from measurement reports, is well established as a necessity for enabling self-organising networks. However, this reports are usually tagged with geographical location information which are obtained from positioning techniques and are therefore prone to errors. In this paper, we investigate the impact position estimation errors on the cell coverage probability that can be estimated from autonomous coverage estimation (ACE). We derive novel and accurate expressions of the actual cell coverage probability of such scheme while considering: errors in user equipment (UE) location and; errors in both UE and base station location. We present generic expressions for channel modelled with path-loss and shadowing, and much simplified expressions for the path-loss dominant channel model. Our results reveal that the ACE scheme will be suboptimal as long as there are errors in the reported geographical location information. Hence, appropriate coverage margins must be considered when utilising ACE.

Traffic classification in an increasingly encrypted web

et al. 2022

Traffic classification is essential in network management for a wide range of operations. Recently, it has become increasingly challenging with the widespread adoption of encryption in the Internet, for example, as a de facto in HTTP/2 and QUIC protocols. In the current state of encrypted traffic classification using deep learning (DL), we identify fundamental issues in the way it is typically approached. For instance, although complex DL models with millions of parameters are being used, these models implement a relatively simple logic based on certain header fields of the TLS handshake, limiting model robustness to future versions of encrypted protocols. Furthermore, encrypted traffic is often treated as any other raw input for DL, while crucial domain-specific considerations are commonly ignored. In this paper, we design a novel feature engineering approach used for encrypted Web protocols, and develop a neural network architecture based on stacked long short-term memory layers and convolutional neural networks. We evaluate our approach on a real-world Web traffic dataset from a major Internet service provider and mobile network operator. We achieve an accuracy of 95% in service classification with less raw traffic and a smaller number of parameters, outperforming a state-of-the-art method by nearly 50% fewer false classifications. We show that our DL model generalizes for different classification objectives and encrypted Web protocols. We also evaluate our approach on a public QUIC dataset with finer application-level granularity in labeling, achieving an overall accuracy of 99%.