This dissertation was written as a part of the MSc in Cybersecurity at
the International Hellenic University.
The field of network traffic analysis has attracted a lot of interest both
for the improvement in Quality of Service(QoS) and to the detection of
anomalies in network activity, possibly created by threat actors. There
is extensive research of network flow using either statistical models or
machine learning techniques.
This thesis focuses on modeling network traffic using various stochastic
processes with the goal of extracting quantities such as the rate parameter
λ. The two main methods are the maximum likelihood estimation(MLE)
and the EM algorithm.After applying these two methods, there is a discussion about which one was more effective in predicting the real λ values.
The EM algorithm did not predict a single λ value but a matrix containing multiple λ. This was done with the assistance of a weight matrix
A.The values showed a convergence as expected but were not as accurate
as MLE. The results demonstrated that for the chosen data-set, the increase in the A dimensions gave a closer value to the real λ.
Collections
Show Collections