Document Type

Presentation

Date

Summer 2019

Academic Department

Computer Science

Abstract

The landscape of network analysis is ever-evolving as the fields of technology and business progress. While the landscape of the analysis may change, at the core of network analysis is the detection of malicious activity. In real-time traffic flow, it is non-trivial to determine whether a particular flow is malicious in nature. Most malicious software (malware) analysis is done after the flow has already reached its end target, and is analyzed in the form of network traffic captures. For any network analysis system, it is important that the privacy of the data being transmitted it not compromised in the process. Using network contextual flow data, it is possible to analyze and classify network traffic without compromising the encrypted data being transported.

In this project, we analyzed the impact of using the Intel Data Analytics Acceleration Library (DAAL) to expedite the analysis and inference of encrypted network traffic for the presence of malware. The DAAL package enables the acceleration of analytics through its design to target Intel hardware, being developed in a combination of C and assembly language for their architecture. With its streamlined design, using the library allows for analysis to take place many times faster than using the typical python framework and data analysis libraries, such as scikit-learn. Using these tools developed by Intel, our team designed an inference system that is capable of performing real-time analysis of network flows to detect malicious activity.

Notes

Faculty adviser: Dr. Peilong Li

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.