Skip to main content

Deep Bypass: Clear & Dark Real-time Traffic Profiling with Deep Learning (Part 2)

Project Member(s): Xu, Y.

Funding or Partner Organisation: Commonwealth Scientific and Industrial Research Organisation
Commonwealth Scientific and Industrial Research Organisation

Start year: 2019

Summary: Providers of large, enterprise-class networks find it hard to track hosts, servers and other vulnerable assets in their networks. Network profiling systems provide valuable insight of the assets on a network and their purpose. A network profile enables providers to better consider how configuration changes will impact networks, and security administrators to identify suspicious activity. However, effective network profiling under real world conditions is increasingly challenging. Network speeds are continually increasing, and use of encryption is growing. Project Deep Bypass will develop tools for profiling enterprise-class networks. This set of tools ranges from capturing network traffic at high-speed (>40Gbps) without altering information contained in the traffic, to the development of new traffic profiling techniques capable of understand both encrypted and clear traffic using deep learning algorithms on top of untrusted data. Overall this eclectic set of tools will be implemented using newly developed distributed architecture capable of leveraging the high level of concurrency in modern CPUs. The primary focus of this research is to develop means to address issues in traffic profiling imposed by realtime constraints such as high-speed networking and ubiquitous encryption. The project aims to develop a network profiling method based on deep learning operating at high real-time speed using kernel bypass framework.

FOR Codes: Pattern Recognition and Data Mining, Application Software Packages (excl. Computer Games)