| dc.date.accessioned | 2020-04-15T10:18:22Z | |
| dc.date.available | 2020-04-15T10:18:22Z | |
| dc.date.issued | 2020 | |
| dc.identifier.uri | http://hdl.handle.net/10852/74519 | |
| dc.description.abstract | Understanding the dynamic complexity of the internal states of TCP is a fundamental challenge, and particularly demanding due to the dynamics and complexity of modern networks. TCP is one of the key transport protocols of today’s IP suite that supports most of the popular applications on the Internet. The main objective of this dissertation is to discover the dynamic complexity of TCP and obtain detailed knowledge about the end hosts from passive measurements using modern machine learning and deep learning techniques. Passive measurement has a clear advantage over active measurements since it doesn’t generate traffic overhead to the underlying network. In the networking research community, there is an increasing interest in applying machine learning and deep learning techniques in different contexts. Machine learning approaches have effectively revolutionized and advanced the state-of-the-art for many research domain problems. In this dissertation, we study the applicability of state-of-the-art machine learning and deep learning approaches in computer networks by focusing on three main use cases: (i ) TCP state monitoring from passive traffic measurements (ii) Network intrusion detection (iii) Passive operating system fingerprinting.
The main research questions around which this dissertation is centered are: (i) How can an intermediate node (e.g., a network operator) infer functionalities that determine a network condition from passive measurements? (ii ) How can we enhance computer network security attack analysis using regularized machine learning techniques? (iii ) Are we able to accurately classify the remote computer’s operating system from passive measurements? Finally, this dissertation shows how an intermediate node can passively identify the transmission states of the TCP client associated with a TCP flow. We empirically demonstrate how the intermediate node can infer the cwnd size, predict at real-time the RTT between the sender and receiver, predict the underlying TCP variants of both loss-based and delay-based congestion control algorithms of the TCP client. Consequently, combining these contributions together, we built a deep learning-based universal tool for passive monitoring that can be applied to first estimate the cwnd, second predict the underlying TCP flavor and finally uses the predicted TCP variant as an input feature to passively fingerprint the remote computer’s operating system. Our experimental results indicate the effectiveness of the proposed prediction models with reasonably high accuracy across different validation scenarios and multiple TCP variants. We believe that our work will be useful for the industry since passive measurements are becoming increasingly useful for network operators and Internet service providers to evaluate the communication performance of applications and services running on their networks. | en_US |
| dc.language.iso | en | en_US |
| dc.relation.haspart | Paper I: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi, Øivind Kure. “A Machine Learning Approach to TCP State Monitoring from Passive Measurements”. Published in the 2018 Wireless Days (WD), pp. 164–171. IEEE, 2018. DOI: 10.1109/WD.2018.8361713. The article is included in the thesis. Also available at: https://doi.org/10.1109/WD.2018.8361713 | |
| dc.relation.haspart | Paper II: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi, Øivind Kure. “Towards a Robust and Scalable TCP Flavors Prediction Model from Passive Traffic”. Published in the 27th International Conference on Computer Communication and Networks (ICCCN 2018), pp. 1–11. IEEE, 2018. DOI: 10.1109/ICCCN.2018.8487396. The article is included in the thesis. Also available at: https://doi.org/10.1109/ICCCN.2018.8487396 | |
| dc.relation.haspart | Paper III: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi, Øivind Kure. “General TCP State Inference Model From Passive Measurements Using Machine Learning Techniques”. Published in IEEE Access 6 (2018): 28372–28387. IEEE, 2018. DOI: 10.1109/ACCESS.2018.2833107. The article is included in the thesis. Also available at: https://doi.org/10.1109/ACCESS.2018.2833107 | |
| dc.relation.haspart | Paper IV: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi, Øivind Kure. “Recurrent Neural Network-Based Prediction of TCP Transmission States from Passive Measurements”. Published in the 17th IEEE International Symposium on Network Computing and Applications (NCA 2018), pp. 1–10. IEEE, 2018. DOI: 10.1109/NCA.2018.8548064. The article is included in the thesis. Also available at: https://doi.org/10.1109/NCA.2018.8548064 | |
| dc.relation.haspart | Paper V: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi, Carsten Griwodz. “A Deep Learning Approach to Dynamic Passive RTT Prediction Model for TCP”. Published in the 38th IEEE International Performance Computing and Communications Conference (IPCCC 2019). IEEE, 2019. DOI: 10.1109/IPCCC47392.2019.8958727. The article is included in the thesis. Also available at: https://doi.org/10.1109/IPCCC47392.2019.8958727 | |
| dc.relation.haspart | Paper VI: Desta Haileselassie Hagos, Paal E. Engelstad, Anis Yazidi. “Classification of Delay-based TCP Algorithms From Passive Traffic Measurements”. Published in the 18th IEEE International Symposium on Network Computing and Applications (NCA 2019). IEEE, 2019. DOI: 10.1109/NCA.2019.8935063. The article is included in the thesis. Also available at: https://doi.org/10.1109/NCA.2019.8935063 | |
| dc.relation.haspart | Paper VII: Desta Haileselassie Hagos, Anis Yazidi, Øivind Kure, Paal E. Engelstad. “Enhancing Security Attacks Analysis Using Regularized Machine Learning Techniques”. Published in the 31st IEEE International Conference on Advanced Information Networking and Applications (AINA 2017), pp. 909–918. IEEE, 2017. DOI: 10.1109/AINA.2017.19. The article is included in the thesis. Also available at: https://doi.org/10.1109/AINA.2017.19 | |
| dc.relation.haspart | Paper VIII: Desta Haileselassie Hagos, Martin Løland, Anis Yazidi, Øivind Kure, Paal E. Engelstad. “Advanced Passive Operating System Fingerprinting Using Machine Learning and Deep Learning”. IEEE, 2020. The paper is included in the thesis. Also available at: https://doi.org/10.1109/ICCCN49398.2020.9209694 | |
| dc.relation.haspart | Paper IX: Desta Haileselassie Hagos, Anis Yazidi, Øivind Kure, Paal E. Engelstad. “A Deep Learning-based Universal Tool for Operating Systems Fingerprinting from Passive Measurements”. IEEE, 2020. The paper is included in the thesis. | |
| dc.relation.uri | https://doi.org/10.1109/WD.2018.8361713 | |
| dc.relation.uri | https://doi.org/10.1109/ICCCN.2018.8487396 | |
| dc.relation.uri | https://doi.org/10.1109/ACCESS.2018.2833107 | |
| dc.relation.uri | https://doi.org/10.1109/NCA.2018.8548064 | |
| dc.relation.uri | https://doi.org/10.1109/IPCCC47392.2019.8958727 | |
| dc.relation.uri | https://doi.org/10.1109/NCA.2019.8935063 | |
| dc.relation.uri | https://doi.org/10.1109/AINA.2017.19 | |
| dc.relation.uri | https://doi.org/10.1109/ICCCN49398.2020.9209694 | |
| dc.title | Discovering the Dynamic Complexity of TCP Using Machine Learning and Deep Learning Techniques | en_US |
| dc.type | Doctoral thesis | en_US |
| dc.creator.author | Hagos, Desta Haileselassie | |
| dc.identifier.urn | URN:NBN:no-77625 | |
| dc.type.document | Doktoravhandling | en_US |
| dc.identifier.fulltext | Fulltext https://www.duo.uio.no/bitstream/handle/10852/74519/3/PhD-Hagos-2020.pdf | |