2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) 2018
DOI: 10.1109/nca.2018.8548064
|View full text |Cite
|
Sign up to set email alerts
|

Recurrent Neural Network-Based Prediction of TCP Transmission States from Passive Measurements

Abstract: Long Short-Term Memory (LSTM) neural networks are a state-of-the-art techniques when it comes to sequence learning and time series prediction models. In this paper, we have used LSTM-based Recurrent Neural Networks (RNN) for building a generic prediction model for Transmission Control Protocol (TCP) connection characteristics from passive measurements. To the best of our knowledge, this is the first work that attempts to apply LSTM for demonstrating how a network operator can identify the most important system… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

1
13
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
4
2

Relationship

3
3

Authors

Journals

citations
Cited by 8 publications
(15 citation statements)
references
References 25 publications
(41 reference statements)
1
13
0
Order By: Relevance
“…Detecting the implementation of a TCP variant passively is a challenging task and this, we believe, is the reason why no previous works use it to passively fingerprint remote and local OSes. However, in our case, we already have a general solution for this difficulty presented in our previous works [17,18,19]. The reason why we focus on the implementations of the underlying TCP variant as a feature in our OS classifier model is due to the fact that different OSes are doing slightly different implementations of TCP.…”
Section: Contributionsmentioning
confidence: 99%
See 3 more Smart Citations
“…Detecting the implementation of a TCP variant passively is a challenging task and this, we believe, is the reason why no previous works use it to passively fingerprint remote and local OSes. However, in our case, we already have a general solution for this difficulty presented in our previous works [17,18,19]. The reason why we focus on the implementations of the underlying TCP variant as a feature in our OS classifier model is due to the fact that different OSes are doing slightly different implementations of TCP.…”
Section: Contributionsmentioning
confidence: 99%
“…Furthermore, we were only allowed to collect TCP headers of the traffic flows, while we could not collect complete traffic captures, due to privacy protection and legal reasons. In the next step, the cwnd behavior is used to predict the underlying TCP variant as explained in further detail in our previous works [17,18,19]. As we can see in the bottom right part of Figure 2, The predicted TCP variant is finally used as an input feature to the OS fingerprinting process.…”
Section: B Realistic Trafficmentioning
confidence: 99%
See 2 more Smart Citations
“…Various works deal with identifying CC variants. There are two main categories for these approaches: Identification approaches using passive [2,6,13,18,20] or active [19,24] measurements.…”
Section: Related Workmentioning
confidence: 99%