Network Traffic Classification Using Machine Learning: A Step Towards Over-the-Top Bypass Fraud Detection
| dc.contributor.advisor | Ephrem, Teshale (PhD) | |
| dc.contributor.author | Tewodros, Hailu | |
| dc.date.accessioned | 2018-12-21T10:04:04Z | |
| dc.date.accessioned | 2023-11-04T15:13:07Z | |
| dc.date.available | 2018-12-21T10:04:04Z | |
| dc.date.available | 2023-11-04T15:13:07Z | |
| dc.date.issued | 2018-11-14 | |
| dc.description.abstract | Over-the-Top (OTT) bypass is a type of Interconnect Bypass fraud where regular voice calls are rerouted through OTT network and terminated as an OTT call. These calls are terminated using OTT applications which need user’s Mobile Station International Subscriber Directory Number (MSISDN) for authentication. Detecting OTT voice call packets through different network traffic classification techniques is one subtask in the detection of this fraud. In this thesis, performance of three machine learning algorithms; Adaptive Booster (AdaBoost) + J48, Repeated Incremental Pruning to Produce Error Reduction (RIPPER), and Support Vector Machine (SVM) is evaluated in detecting MSISDN-based OTT packets taking Viber, Tango, and Telegram as a sample. Detection of OTT traffic and voice call packets from the OTT traffic have been treated separately as classification tasks. Ten cross-fold and separate test data validation techniques together with 1.7 million labeled packets generated and captured in controlled laboratory environment are used in the evaluation process. AdaBoost + J48 achieved the best accuracy on both classification tasks compared to the others while using ten cross-fold validation. However, an accuracy of 48.4% obtained in detecting voice call packets while using separate test data validation makes it less preferable in the classification task. Even if it takes longer time to train SVM, it was the best performer (95.35% accurate) in detecting voice call packets in separate test data validation. Considering accuracy attained by the algorithms in separate test data validation technique together with the detection rate of OTT voice call packets, SVM is preferable than the other two algorithms. | en_US |
| dc.identifier.uri | http://etd.aau.edu.et/handle/123456789/15250 | |
| dc.language.iso | en_US | en_US |
| dc.subject | OTT bypass | en_US |
| dc.subject | MSISDN-based OTT | en_US |
| dc.subject | Network traffic classification | en_US |
| dc.subject | Machine learning | en_US |
| dc.title | Network Traffic Classification Using Machine Learning: A Step Towards Over-the-Top Bypass Fraud Detection | en_US |
| dc.type | Thesis | en_US |