350 rub
Journal Neurocomputers №1 for 2019 г.
Article in number:
Network traffic database creation for automation of Android mobile applications classification
Type of article: scientific article
DOI: 10.18127/j19998554-201901-06
UDC: 004.732.056
Keywords: Classification machine learning algorithms network traffic packet flow protocol network mobile applications effectiveness program interface infological and datalogical design.
Authors:

O. I. Shelukhin – Dr.Sc. (Eng.), Professor, Head of Department of Information Security, Moscow Technical University of Communication and Informatics

E-mail: sheluhin@mail.ru

S. D. Erokhin – Ph.D. (Eng.), Associate Professor, Rector of Moscow Technical University of Communication and Informatics

E-mail: s.d.erokhin@gmail.com

V. V. Barkov – Assistant Lecturer, Department of Information Security, Moscow Technical University of Communication and Informatics

E-mail: viacheslav.barkov@gmail.com

Abstract:

To automate the process of mobile application traffic classification algorithms investigation, a software package has been designed and developed. It allows to automatically collect network traffic packets from mobile devices and save them to a database; group network traffic packets into flows; at the request of the user, form data sets with specified characteristics (number of specific application flows; background traffic; create a data set based on the already created set with the addition of new flows, excluding repetitions). The article describes the design and implementation of a mobile application traffic database, which is an integral part of the expert analysis system “Traffic Analysis System”. The stages of database design, including conceptual, logical and physical, have been considered. The description of the tables and their relationships have been considered.

In this article we design, implement and fill database. During conceptual, logical stages, 21 entities have been distinguished, six of which (apps, flows, flowsinset, flowsets, packets, backgroundflows) are used to directly store traffic data. During the physical stage, MySQL 5.7 database server has been selected and 21 tables have been created. To access the database, we have developed an enterprise application using Java Enterprise Edition technology. It provides access using the REST API. To collect traffic from mobile devices running the Android operating system, we have developed an application that collects network traffic packets, identifies the source application and sends them via HTTP to the server.

Using the client and server software, created database has been filled with traffic of 18 main applications. During the data collection, 71667 flows and 6989991 packets have been received.

Pages: 40-51
References
  1. Shelukhin O.I., Erokhin S.D., Vanyushina A.V. Klassifikatsiya IP-trafika metodami mashinnogo obucheniya / Pod red. O.I. Shelukhina. M.: Goryachaya liniya – Telekom. 2018.
  2. Shelukhin O.I., Barkov V.V. Razrabotka infrastruktury dlya klassifikatsii setevogo trafika mobil'nykh prilozhenij s primeneniem algoritmov mashinnogo obucheniya // Trudy mezhdunar. NTK «Telekommunikatsionnye i vychis-litel'nye sistemy – 2017». M.: Goryachaya liniya – Telekom. 2017. S. 180.
  3. Shelukhin O.I., Barkov V.V. Metody sbora setevogo trafika s mobil'nykh ustrojstv pod upravleniem operatsionnoj sistemy android s tsel'yu klassifikatsii po tipam prilozhenij // Sb. trudov XII Mezhdunar. nauch.-tekhnich. konf. «Tekhnologii informatsionnogo obshchestva». Moskva, MTUSI, 14–15 marta 2018 g. V 2-kh tomakh. T. 2. M.: ID «Media Pablisher». 2018.
  4. Erokhin S.D., Vanyushina A.V. Vliyanie fonovogo trafika na effektivnost' klassifikatsii prilozhenij metodami mashinnogo obucheniya // T-Comm: Telekommunikatsii i transport. 2017. T. 11. № 12. S. 31–36.
  5. Shcherbakova N.G. Analiz IP-trafika metodami Data Mining // Problemy informatiki. 2012. № 4. S. 30–46.
  6. Jamuna A., Vinodh Ewards S.E. Efficient flow based network traffic classification using machine learning // International Journal of Engineering Research and Applications (IJERA). 2013. V. 3. № 2. P. 1324–1328.
  7. Park B.C., Win Y.J., Kim M.S., Hong J.W. Towards automated application signature generation for traffic identification // NOMS: Network operations and management symposium. Salvador, Bahia, Brazil, 7–11 April 2008. P. 160–167.
  8. Soysal M., Schmidt E. Machine learning algorithms for accurate flow-based network traffic classification: Evaluation and comparison // Performance Evaluation. 2010. V. 67. № 6. P. 451–467.
  9. Nguyen T., Armitage G. A survey of techniques for Internet traffic classification using machine learning // IEEE Communications Surveys and Tutorials. 2008. V. 11. № 3. P. 37–52.
  10. Komatineni S., Maklin D., Kheshimi S. Google Android: programmirovanie dlya mobil'nykh ustrojstv Pro Android 2. Izd. 1-e. SPb.: Piter. 2011.
  11. Sovetov B.Ya., Tsekhanovskij V.V., Chertovskij V.D. Bazy dannykh: teoriya i praktika. M.: Vysshaya shkola. 2005.
  12. Karpova I.P. Bazy dannykh. Kurs lektsij i materialy dlya prakticheskikh zanyatij. Ucheb. posobie. SPb.: Piter. 2013.
Date of receipt: 15 января 2019 г.