polito.it
Politecnico di Torino (logo)

Community Detection Algorithms for Darknet Traffic Analysis

Mauro Allegretta

Community Detection Algorithms for Darknet Traffic Analysis.

Rel. Marco Mellia, Idilio Drago. Politecnico di Torino, Corso di laurea magistrale in Communications And Computer Networks Engineering (Ingegneria Telematica E Delle Comunicazioni), 2019

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Document access: Anyone
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (6MB) | Preview
Abstract:

Community Detection Algorithms for Darknet Traffic Analysis Today the diffusion of internet is widespread and so the defence from cyber-attacks is very relevant. Among the possible attacks there are large-scale network probing activities and DDoS (Distributed Denial of Service). One way to defend ourselves is to detect and predict via passive monitoring, keeping track of the traces of attacks that are collected by the Darknets: backscattering packets and port scans. Darknets are range of advertised, but unused, IP addresses, studying the darknet traffic at our disposal we try to propose a simple way to cluster, visualize and analyse the spurious data. In this thesis we focus on a complex network approach to the problem: instead of representing the packet records in a highly dimensional euclidean space of points we create a relationship traffic graph on the model of a social network, formed by nodes, e.g. IP, AS (Autonomous System), ports and we isolate communities (strongly connected and related sub-groups) that could hide implicit information about malicious traffc. The algorithm proposed are Label Propagation and Greedy Modularity combined on a weighted method of each edge based on the Jaccard Similarity between nodes inside the graphs. Once this cyber-intelligence information are inferred from the Darknet communities the future work could be to compare it with a real public-addressing scenario and use the features to isolate the malicious traffic from the huge amount of good packets exchanged.

Relators: Marco Mellia, Idilio Drago
Academic year: 2019/20
Publication type: Electronic
Number of Pages: 123
Subjects:
Corso di laurea: Corso di laurea magistrale in Communications And Computer Networks Engineering (Ingegneria Telematica E Delle Comunicazioni)
Classe di laurea: New organization > Master science > LM-27 - TELECOMMUNICATIONS ENGINEERING
Aziende collaboratrici: UNSPECIFIED
URI: http://webthesis.biblio.polito.it/id/eprint/12560
Modify record (reserved for operators) Modify record (reserved for operators)