• Korean Journal of Artificial Intelligence
• /
• v.11 no.2
• /
• pp.19-27
• /
• 2023

In recent times, an exponential increase in Internet traffic has been observed as a result of advancing development of the Internet of Things, mobile networks with sensors, and communication functions within various devices. Further, the COVID-19 pandemic has inevitably led to an explosion of social network traffic. Within this context, considerable attention has been drawn to research on network traffic analysis based on machine learning. In this paper, we design and develop a new machine learning framework for network traffic analysis whereby normal and abnormal traffic is distinguished from one another. To achieve this, we combine together well-known machine learning algorithms and network traffic analysis techniques. Using one of the most widely used datasets KDD CUP'99 in the Weka and Apache Spark environments, we compare and investigate results obtained from time series type analysis of various aspects including malicious codes, feature extraction, data formalization, network traffic measurement tool implementation. Experimental analysis showed that while both the logistic regression and the support vector machine algorithm were excellent for performance evaluation, among these, the logistic regression algorithm performs better. The quantitative analysis results of our proposed machine learning framework show that this approach is reliable and practical, and the performance of the proposed system and another paper is compared and analyzed. In addition, we determined that the framework developed in the Apache Spark environment exhibits a much faster processing speed in the Spark environment than in Weka as there are more datasets used to create and classify machine learning models.

• Asia pacific journal of information systems
• /
• v.26 no.3
• /
• pp.427-448
• /
• 2016

The stochastic phenomena of traffic network condition, such as traffic speed and density, are affected not only by exogenous traffic control but also by endogenous changes in service time during congestion. In this paper, we propose a mixed M/G/1 queuing model by introducing a condition-varying parameter of traffic congestion to reflect structural changes in the traffic network. We also develop congestion indices to evaluate network efficiency in terms of traffic flow and economic cost in traffic operating system using structure-changing queuing model, and perform scenario analysis according to various traffic network improvement policies. Empirical analysis using Korean highway traffic operating system shows that our suggested model better captures structural changes in the traffic queue. The scenario analysis also shows that occasional reversible lane operation during peak times can be more efficient and feasible than regular lane extension in Korea.

• Electronics and Telecommunications Trends
• /
• v.38 no.5
• /
• pp.71-80
• /
• 2023

With the rapid advancement of the Internet, the use of encrypted traffic has surged in order to protect data during transmission. Simultaneously, network attacks have also begun to leverage encrypted traffic, leading to active research in the field of encrypted traffic analysis to overcome the limitations of traditional detection methods. In this paper, we provide an overview of the encrypted traffic analysis field, covering the analysis process, domains, models, evaluation methods, and research trends. Specifically, it focuses on the research trends in the field of anomaly detection in encrypted network traffic analysis. Furthermore, considerations for model development in encrypted traffic analysis are discussed, including traffic dataset composition, selection of traffic representation methods, creation of analysis models, and mitigation of AI model attacks. In the future, the volume of encrypted network traffic will continue to increase, particularly with a higher proportion of attack traffic utilizing encryption. Research on attack detection in such an environment must be consistently conducted to address these challenges.

• International Journal of Highway Engineering
• /
• v.15 no.3
• /
• pp.93-101
• /
• 2013

PURPOSES : This study is to investigate the relationship of socioeconomic characteristics and road network structure with traffic growth patterns. The findings is to be used to tweak traffic forecast provided by traditional four step process using relevant socioeconomic and road network data. METHODS: Comprehensive statistical analysis is used to identify key explanatory variables using historical observations on traffic forecast, actual traffic counts and surrounding environments. Based on statistical results, a multiple regression model is developed to predict the effects of socioeconomic and road network attributes on traffic growth patterns. The validation of the proposed model is also performed using a different set of historical data. RESULTS : The statistical analysis results indicate that several socioeconomic characteristics and road network structure cleary affect the tendency of over- and under-estimation of road traffics. Among them, land use is a key factor which is revealed by a factor that traffic forecast for urban road tends to be under-estimated while rural road traffic prediction is generally over-estimated. The model application suggests that tweaking the traffic forecast using the proposed model can reduce the discrepancies between the predicted and actual traffic counts from 30.4% to 21.9%. CONCLUSIONS : Prediction of road traffic growth patterns based on surrounding socioeconomic and road network attributes can help develop the optimal strategy of road construction plan by enhancing reliability of traffic forecast as well as tendency of traffic growth.

• Journal of information and communication convergence engineering
• /
• v.7 no.2
• /
• pp.157-163
• /
• 2009

With the wide usage of internet in many fields, networks are being exposed to many security threats, such as DDoS attack and worm/virus. For enterprise network, prevention failure of network security causes the revealing of commercial information or interruption of network services. In this paper, we propose a method of prevention of DDoS attacks for enterprise network based on traceback and network traffic analysis. The model of traceback implements the detection of IP spoofing attacks by the cooperation of trusted adjacent host, and the method of network traffic analysis implements the detection of DDoS attacks by analyzing the traffic characteristic. Moreover, we present the result of the experiments, and compare the method with other methods. The result demonstrates that the method can effectively detect and block DDoS attacks and IP spoofing attacks.

• Journal of Korea Multimedia Society
• /
• v.9 no.5
• /
• pp.635-648
• /
• 2006

As the advances of Internet infra structure and the support of console and mobile for network games, the industry of online game has been growing rapidly, and the online game traffic in the Internet has been increasing steadily. For design and simulation of game network, the analysis of online game traffic have to be preceded. Therefore a number of papers have been proposed for the purpose of analyzing the traffic data of network games and providing the models. We make and use GameNet Analyzer as a dedicated tool for game traffic measurement and analysis in this paper. We measure the traffic of FPS Quake 3, RTS Starcraft and MMORPG World of Warcraft (WoW), and analyze the packet size, packet IAT(inter-arrival time), data rate and packet rate according to the number of players and in-game behaviors. We also present the traffic models using measured traffic data. These analysis and models of game traffic can be used for effective network simulation, performance evaluation of game network and the design of online games.

• ETRI Journal
• /
• v.42 no.3
• /
• pp.366-375
• /
• 2020

The network traffic prediction of a smart substation is key in strengthening its system security protection. To improve the performance of its traffic prediction, in this paper, we propose an improved gravitational search algorithm (IGSA), then introduce the IGSA into a wavelet neural network (WNN), iteratively optimize the initial connection weighting, scalability factor, and shift factor, and establish a smart substation network traffic prediction model based on the IGSA-WNN. A comparative analysis of the experimental results shows that the performance of the IGSA-WNN-based prediction model further improves the convergence velocity and prediction accuracy, and that the proposed model solves the deficiency issues of the original WNN, such as slow convergence velocity and ease of falling into a locally optimal solution; thus, it is a better smart substation network traffic prediction model.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.26 no.7
• /
• pp.759-766
• /
• 2020

In recent years, the maritime traffic environment has been changing in various ways, and the traffic volume has been increasing constantly. Accordingly, the requirements for maritime traffic analysis have become diversified. To this end, traffic characteristics must first be analyzed using vessel trajectory data. However, as the conventional method is mostly manual, it requires a considerable amount of time and effort, and errors may occur during data processing. In addition, ensuring the reliability of the analysis results is difficult, because this method considers the subjective opinion of analysts. Therefore, in this paper, we propose an automated method of traffic network generation for maritime traffic analysis. In the experiment, spatiotemporal features are analyzed using data collected at Mokpo Harbor over six months. The proposed method can automatically generate a traffic network reflecting the traffic characteristics of the experimental area. In addition, it can be applied to a large amount of trajectory data. Finally, as the spatiotemporal characteristics can be analyzed using the traffic network, the proposed method is expected to be used in various maritime traffic analyses.

• Proceedings of the IEEK Conference
• /
• summer
• /
• pp.171-175
• /
• 2004

Network management for detail analysis can cause speed decline of application in case of lack band width by traffic increase of the explosive Internet. Because a manager requests MIB value for the desired objects to an agent by management policy, and then the agent responds to the manager. Such processes are repeated, so it can cause increase of network traffic. Specially, repetitious occurrence of sending-receiving information is very inefficient for a same object when a trend analysis of traffic is performed. In this paper, an efficient SNMP is proposed to add new PDUs into the existing SNMP in order to accept time function. Utilizing this PDU, it minimizes unnecessary sending-receiving message and collects information for trend management of network efficiently. This proposed SNMP is tested for compatibility with the existing SNMP and decreases amount of network traffic largely

• Korean Management Science Review
• /
• v.26 no.1
• /
• pp.161-169
• /
• 2009

A traffic analysis on the Internet has an advantage for obtaining the characteristics of transferred packets. There were many studies to understand the characteristics of the Internet traffic with mathematical statistical approach. The approach of this study is different from previous studies. We first introduced a virtual network concept to present the Internet as a simplified mathematical model. It also represents each traffic flowing on the Internet as a parallel Gaussian channel on the virtual network. We suggest the optimal capacity of each parallel Gaussian channel using some related studies on the Gaussian channel model.