Deep Packet Inspection

Deep Packet Inspection (DPI) analyzes network traffic, examining both packet headers and payload content to identify malicious activity and improve network security. Current research emphasizes using advanced machine learning techniques, particularly large language models (LLMs) and transformers, along with few-shot learning approaches to enhance the detection of novel malware and network anomalies, even with limited labeled data. This focus on efficient and adaptable models addresses the challenges posed by increasingly sophisticated cyberattacks and the ever-growing volume of network data, impacting both network security and the broader field of machine learning for network analysis. Furthermore, research is exploring alternative methods like computer vision techniques applied to PCAP data and novel feature engineering for improved accuracy and efficiency.

Papers

September 26, 2024

Revolutionizing Payload Inspection: A Self-Supervised Journey to Precision with Few Shots
Kyle Stein, Arash Mahyari, Guillermo Francia III, Eman El-Sheikh
Malware Detection Multidimensional Local Precision Rate Deep Packet Inspection

September 17, 2024

Towards Novel Malicious Packet Recognition: A Few-Shot Learning Approach
Kyle Stein, Andrew A. Mahyari, Guillermo Francia III, Eman El-Sheikh
Malware Detection Learning Approach Malware Representation Deep Packet Inspection Packet Classification Malware Feature

July 22, 2024

Decoding BACnet Packets: A Large Language Model Approach for Packet Interpretation
Rashi Sharma, Hiroyuki Okada, Tatsumi Oba, Karthikk Subramanian, Naoto Yanai, Sugiri Pranata
Large Language Model Industrial Control Communication Protocol Packet Level Deep Packet Inspection

July 3, 2024

LLMcap: Large Language Model for Unsupervised PCAP Failure Detection
Lukasz Tulczyjew, Kinan Jarrah, Charles Abondo, Dina Bennett, Nathanael Weill
Large Language Model Self Supervised Learning Error Detection Deep Packet Inspection LLM RBMT

July 1, 2024

PCAPVision: PCAP-Based High-Velocity and Large-Volume Network Failure Detection
Lukasz Tulczyjew, Ihor Biruk, Murat Bilgic, Charles Abondo, Nathanael Weill
High Speed Failure Detection Network Anomaly Detection Deep Packet Inspection

May 4, 2024

Generic Multi-modal Representation Learning for Network Traffic Analysis
Luca Gioacchini, Idilio Drago, Marco Mellia, Zied Ben Houidi, Dario Rossi
Traffic Data Network Traffic Traffic Classification Deep Packet Inspection

March 27, 2024

A Transformer-Based Framework for Payload Malware Detection and Classification
Kyle Stein, Arash Mahyari, Guillermo Francia, Eman El-Sheikh
Classification Code Internet of Thing Intrusion Detection Malware Detection Transformer Based Framework Malicious Traffic Malicious Attack Deep Packet Inspection

November 24, 2022

Network Security Modelling with Distributional Data
Subhabrata Majumdar, Ganesh Subramaniam
Distributional Assumption Malware Family Botnet Related Malware Deep Packet Inspection

September 5, 2022

Visualization Of Class Activation Maps To Explain AI Classification Of Network Packet Captures
Igor Cherepanov, Alex Ulmer, Jonathan Geraldi Joewono, Jörn Kohlhammer
Deep Learning High Explainability Black Box Model Interactive Visualization Class Activation Network Analysis Network Data Deep Packet Inspection

July 8, 2022

ENCODE: Encoding NetFlows for Network Anomaly Detection
Clinton Cao, Annibale Panichella, Sicco Verwer, Agathe Blaise, Filippo Rebecchi
Network Anomaly Detection Deep Packet Inspection Network Attack

March 17, 2022

Machine Learning for Encrypted Malicious Traffic Detection: Approaches, Datasets and Comparative Study
Zihao Wang, Kar-Wai Fok, Vrizlynn L. L. Thing
Machine Learning Data Set Constructive Approach Malicious Traffic Encrypted Traffic Deep Packet Inspection