• 한국인공지능학회지
• /
• 제11권2호
• /
• pp.19-27
• /
• 2023

In recent times, an exponential increase in Internet traffic has been observed as a result of advancing development of the Internet of Things, mobile networks with sensors, and communication functions within various devices. Further, the COVID-19 pandemic has inevitably led to an explosion of social network traffic. Within this context, considerable attention has been drawn to research on network traffic analysis based on machine learning. In this paper, we design and develop a new machine learning framework for network traffic analysis whereby normal and abnormal traffic is distinguished from one another. To achieve this, we combine together well-known machine learning algorithms and network traffic analysis techniques. Using one of the most widely used datasets KDD CUP'99 in the Weka and Apache Spark environments, we compare and investigate results obtained from time series type analysis of various aspects including malicious codes, feature extraction, data formalization, network traffic measurement tool implementation. Experimental analysis showed that while both the logistic regression and the support vector machine algorithm were excellent for performance evaluation, among these, the logistic regression algorithm performs better. The quantitative analysis results of our proposed machine learning framework show that this approach is reliable and practical, and the performance of the proposed system and another paper is compared and analyzed. In addition, we determined that the framework developed in the Apache Spark environment exhibits a much faster processing speed in the Spark environment than in Weka as there are more datasets used to create and classify machine learning models.

• Asia pacific journal of information systems
• /
• 제26권3호
• /
• pp.427-448
• /
• 2016

The stochastic phenomena of traffic network condition, such as traffic speed and density, are affected not only by exogenous traffic control but also by endogenous changes in service time during congestion. In this paper, we propose a mixed M/G/1 queuing model by introducing a condition-varying parameter of traffic congestion to reflect structural changes in the traffic network. We also develop congestion indices to evaluate network efficiency in terms of traffic flow and economic cost in traffic operating system using structure-changing queuing model, and perform scenario analysis according to various traffic network improvement policies. Empirical analysis using Korean highway traffic operating system shows that our suggested model better captures structural changes in the traffic queue. The scenario analysis also shows that occasional reversible lane operation during peak times can be more efficient and feasible than regular lane extension in Korea.

• 전자통신동향분석
• /
• 제38권5호
• /
• pp.71-80
• /
• 2023

With the rapid advancement of the Internet, the use of encrypted traffic has surged in order to protect data during transmission. Simultaneously, network attacks have also begun to leverage encrypted traffic, leading to active research in the field of encrypted traffic analysis to overcome the limitations of traditional detection methods. In this paper, we provide an overview of the encrypted traffic analysis field, covering the analysis process, domains, models, evaluation methods, and research trends. Specifically, it focuses on the research trends in the field of anomaly detection in encrypted network traffic analysis. Furthermore, considerations for model development in encrypted traffic analysis are discussed, including traffic dataset composition, selection of traffic representation methods, creation of analysis models, and mitigation of AI model attacks. In the future, the volume of encrypted network traffic will continue to increase, particularly with a higher proportion of attack traffic utilizing encryption. Research on attack detection in such an environment must be consistently conducted to address these challenges.

• 한국도로학회논문집
• /
• 제15권3호
• /
• pp.93-101
• /
• 2013

PURPOSES : This study is to investigate the relationship of socioeconomic characteristics and road network structure with traffic growth patterns. The findings is to be used to tweak traffic forecast provided by traditional four step process using relevant socioeconomic and road network data. METHODS: Comprehensive statistical analysis is used to identify key explanatory variables using historical observations on traffic forecast, actual traffic counts and surrounding environments. Based on statistical results, a multiple regression model is developed to predict the effects of socioeconomic and road network attributes on traffic growth patterns. The validation of the proposed model is also performed using a different set of historical data. RESULTS : The statistical analysis results indicate that several socioeconomic characteristics and road network structure cleary affect the tendency of over- and under-estimation of road traffics. Among them, land use is a key factor which is revealed by a factor that traffic forecast for urban road tends to be under-estimated while rural road traffic prediction is generally over-estimated. The model application suggests that tweaking the traffic forecast using the proposed model can reduce the discrepancies between the predicted and actual traffic counts from 30.4% to 21.9%. CONCLUSIONS : Prediction of road traffic growth patterns based on surrounding socioeconomic and road network attributes can help develop the optimal strategy of road construction plan by enhancing reliability of traffic forecast as well as tendency of traffic growth.

• Journal of information and communication convergence engineering
• /
• 제7권2호
• /
• pp.157-163
• /
• 2009

With the wide usage of internet in many fields, networks are being exposed to many security threats, such as DDoS attack and worm/virus. For enterprise network, prevention failure of network security causes the revealing of commercial information or interruption of network services. In this paper, we propose a method of prevention of DDoS attacks for enterprise network based on traceback and network traffic analysis. The model of traceback implements the detection of IP spoofing attacks by the cooperation of trusted adjacent host, and the method of network traffic analysis implements the detection of DDoS attacks by analyzing the traffic characteristic. Moreover, we present the result of the experiments, and compare the method with other methods. The result demonstrates that the method can effectively detect and block DDoS attacks and IP spoofing attacks.

• 한국멀티미디어학회논문지
• /
• 제9권5호
• /
• pp.635-648
• /
• 2006

초고속 인터넷의 보급이 대중화되고 콘솔 게임기와 모바일이 네트워크 게임을 지원하면서 온라인 게임 산업이 빠르게 성장하고 있으며, 온라인 게임으로 인한 인터넷 트래픽이 꾸준히 증가하고 있다. 게임 네트워크의 설계나 시뮬레이션을 위해서는 온라인 게임 트래픽의 분석이 선행되어야 하기 때문에, 온라인 게임의 트래픽에 관련된 연구가 국내 외에서 꾸준히 진행되고 있다. 본 논문은 온라인 게임의 트래픽 측정과 분석을 위하여 게임 전용 트래픽 측정 및 분석 툴인 GameNet Analyzer를 제작하여 사용하였다. 서로 다른 장르의 게임인 Quake 3, Starcraft, WoW(World of Warcraft)의 트래픽을 측정하여 플레이어의 수와 게임 플레이 방식에 따른 패킷 크기, 패킷 IAT(inter-arrival time), 데이터 전송률과 패킷 전송률을 분석하고, 측정된 데이터를 이용하여 트래픽을 모델링한다. 이러한 게임 트래픽의 분석이나 트래픽 모델은 효율적인 네트워크 시뮬레이션, 게임 네트워크의 성능 평가, 온라인 게임의 설계 등에 활용될 수 있다.

• ETRI Journal
• /
• 제42권3호
• /
• pp.366-375
• /
• 2020

The network traffic prediction of a smart substation is key in strengthening its system security protection. To improve the performance of its traffic prediction, in this paper, we propose an improved gravitational search algorithm (IGSA), then introduce the IGSA into a wavelet neural network (WNN), iteratively optimize the initial connection weighting, scalability factor, and shift factor, and establish a smart substation network traffic prediction model based on the IGSA-WNN. A comparative analysis of the experimental results shows that the performance of the IGSA-WNN-based prediction model further improves the convergence velocity and prediction accuracy, and that the proposed model solves the deficiency issues of the original WNN, such as slow convergence velocity and ease of falling into a locally optimal solution; thus, it is a better smart substation network traffic prediction model.

• 해양환경안전학회지
• /
• 제26권7호
• /
• pp.759-766
• /
• 2020

최근 해상교통 환경의 변화가 다양해지고, 해상 교통량이 지속적으로 증가함에 따라 해상교통 분석에 대한 요구가 다양해지고 있다. 이러한 해상교통 분석 작업은 교통 특성에 대한 모델링이 선행되어야 하지만, 기존의 방법은 자동화되어 있지 않아 전처리 작업에 시간이 많이 소요되고, 분석 결과에 작업자의 주관적인 견해가 포함될 수 있는 문제점이 있었다. 이러한 문제점을 해결하고자 본 논문에서는 해상교통 분석을 위한 자동화된 교통 네트워크 생성 방법을 제안하였으며, 활용 가능성을 검토하기 위해 실제 목포항에서 수집된 6개월간의 항적 데이터를 이용한 실험을 수행하였다. 실험 결과, 대상 해역의 교통 특성을 반영한 교통 네트워크를 자동으로 생성할 수 있었으며, 대용량의 항적 데이터에도 적용할 수 있음을 확인하였다. 또한, 생성된 교통 네트워크는 시공간적 특징 분석이 가능하여 다양한 해상교통 분석에 활용될 수 있을 것으로 기대한다.

• 대한전자공학회:학술대회논문집
• /
• 대한전자공학회 2004년도 ICEIC The International Conference on Electronics Informations and Communications
• /
• pp.171-175
• /
• 2004

Network management for detail analysis can cause speed decline of application in case of lack band width by traffic increase of the explosive Internet. Because a manager requests MIB value for the desired objects to an agent by management policy, and then the agent responds to the manager. Such processes are repeated, so it can cause increase of network traffic. Specially, repetitious occurrence of sending-receiving information is very inefficient for a same object when a trend analysis of traffic is performed. In this paper, an efficient SNMP is proposed to add new PDUs into the existing SNMP in order to accept time function. Utilizing this PDU, it minimizes unnecessary sending-receiving message and collects information for trend management of network efficiently. This proposed SNMP is tested for compatibility with the existing SNMP and decreases amount of network traffic largely

• 경영과학
• /
• 제26권1호
• /
• pp.161-169
• /
• 2009

A traffic analysis on the Internet has an advantage for obtaining the characteristics of transferred packets. There were many studies to understand the characteristics of the Internet traffic with mathematical statistical approach. The approach of this study is different from previous studies. We first introduced a virtual network concept to present the Internet as a simplified mathematical model. It also represents each traffic flowing on the Internet as a parallel Gaussian channel on the virtual network. We suggest the optimal capacity of each parallel Gaussian channel using some related studies on the Gaussian channel model.