Publications

Workshops

Publications

2024

2023

2013

2012

2011

2010

2009

2008

2024

Ayushi Mishra and Tej Kiran Boppana and Priyanka Bagad. “MediHunt: A Network Forensics Framework for Medical IoT Devices,” in COMSNETS 2024: 16th International Conference on COMmunication Systems & NETworkS. Bengaluru, India, Jan. 2024.

2023

Simpson, Lachlan & Millar, Kyle & Cheng, Adriel & Chew, Hong-Gunn & Lim, Cheng chew. “A Testbed for Automating and Analysing Mobile Devices and Their Applications,” in ICMLC 2023: International Conference on Machine Learning and Cybernetics. Adelaide, Australia, Jul. 2023. DOI: 10.1109/ICMLC58545.2023.10327947
A. Amara Korba, A. Boualouache, B. Brik, R. Rahal, Y. Ghamri-Doudane and S. Mohammed Senouci. “Federated Learning for Zero-Day Attack Detection in 5G and Beyond V2X Networks,” in ICC 2023: IEEE International Conference on Communications, pp. 1137-1142. Rome, Italy, May 2023. DOI: 10.1109/ICC45041.2023.10279368
Samuel J. Moore, Federico Cruciani, Chris D. Nugent, Shuai Zhang, Ian Cleland, Sadiq Sani. “Deep learning for network intrusion: A hierarchical approach to reduce false alarms,” in Intelligent Systems with Applications, Volume 18, pp. 200-215. May 2023. DOI: 10.1016/j.iswa.2023.200215

2022

S. Sobhan et al. “A Review of Dark Web: Trends and Future Directions,” in COMPSAC 2022: 46th IEEE Annual Computers, Software, and Applications Conference, pp. 1780-1785. Los Alamitos, CA, USA, Jun.-Jul. 2022. DOI: 10.1109/COMPSAC54236.2022.00283
Keshkeh, K., Jantan, A., & Alieyan, K. “A machine learning classification approach to detect TLS-based malware using entropy-based flow set features,” in Journal of Information and Communication Technology, 21(3), 279-3123. Jul. 2022. DOI: 10.32890/jict2022.21.3.1
Khodjaeva, Yulduz and Zincir-Heywood, Nur and Zincir, Ibrahim. “Can We Detect Malicious Behaviours in Encrypted DNS Tunnels Using Network Flow Entropy?,” in Journal of Cyber Security and Mobility, 11(3), 461-496. Aug. 2022. DOI: 10.13052/jcsm2245-1439.1135
Ahmad Azab, Mahmoud Khasawneh, Saed Alrabaee, Kim-Kwang Raymond Choo, Maysa Sarsour. “Network traffic classification: Techniques, datasets, and challenges,” in Digital Communications and Networks. Sep. 2022. DOI: 10.1016/j.dcan.2022.09.009
Reem Khalil Nassar. “Seeing through NAT to detect shadow it: a machine learning approach,” in Masters Thesis, Department of Electrical and Computer Engineering, Maroun Semaan Faculty of Engineering and Architecture, American University of Beirut, Nov. 2022.

2021

Yulduz Khodjaeva, N. Zinkir-Heywood, “Network Flow Entropy for Identifying Malicious Behaviours in DNS Tunnels,” in ARES 2021: The 16th International Conference on Availability, Reliability and Security, 72. March 2021.
A. S. Khatouni, N. Seddigh, B. Nandy and N. Zincir-Heywood, “Machine Learning Based Classification Accuracy of Encrypted Service Channels: Analysis of Various Factors,” in Journal of Network and Systems Management, 29(1). 2021. DOI: s10922-020-09566-5
J.Meira, “Structured Behavior Analysis on Encrypted Traffic,” in Masters Thesis, Information Systems and Computer Engineering, T´cnico Lisboa, Jan. 2021.

2020

M. Holkovič, L. Polčák, O. Rysavy, “Application Error Detection in Networks by Protocol Behavior Model,” in E-Business and Telecommunications, (pp.3-28), Jul 2020. DOI: 978-3-030-52686-3_1
R. Marx, “Debugging Modern Web Protocols,” in PhD thesis Hasselt University, Dec 2020.
P.O. Brisoud, “Analyse de trafic HTTPS pour la supervision d'activités utilisateurs,” in PhD thesis Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services, Dec 2020.
L. F. Sikos, “Packet analysis for network forensics: A comprehensive survey,” in Forensic Science International: Digital Investigation, 32. March 2020.
L. Lapczyk “Behavioral Modelling from Encrypted Remote Desktop Protocol Network Traffic,” Masters Thesis, School of Computing, Queens University, Kingston, Ontario, Jan 2020.
A. I. Getman, Mi. Ki. Ikonnikova, “A Survey of Network Traffic Classification,” in Proceedings of the Institute for System Programming of RAS, 32(6):137-154, Jan 2020. DOI: ISPRAS-2020-32(6)-11

2019

S. Passarelli, C. Gundogan, L. Stiemert, M. Schopp, and P. Hillmann “NERD: Neural Network for Edict of Risky Data Streams,” in 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), Oct 2019.
A. S. Khatouni, L. Zhang, K. Aziz, I. Zincir and N. Zincir-Heywood, “Exploring NAT Detection and Host Identification Using Machine Learning,” in 15th International Conference on Network and Service Management, Dalhousie University, Canada and Yasar University, Turkey, Oct. 2019.
A. Montieri, D. Ciuonzo, G. Bovenzi, V. Persico and A. Pescapé, “A Dive into the Dark Web: Hierarchical Traffic Classification of Anonymity Tools,” in IEEE Transactions on Network Science and Engineering, Mar. 2019. DOI: TNSE.2019.2901994
M. Holkovič, O. Rysavy, L. Polčák, “Using Network Traces to Generate Models for Automatic Network Application Protocols Diagnostics,” in 10th International Conference on Data Communication , . Jul. 2019. DOI: 0007929900370047
A. S. Khatouni, N. Zincir-Heywood, “Integrating Machine Learning with Off-the-Shelf Traffic Flow Features for HTTP/HTTPS Traffic Classification,” in IEEE Symposium on Computers and Communications (ISCC) 2019, . Jul. 2019. DOI: ISCC47284.2019.8969578
D. C. Le, A. N. Zincir-Heywood and M. I. Heywood, “Unsupervised Monitoring of Network and Service Behaviour Using Self Organizing Maps,” Journal of Cyber Security and Mobility, 8(1). Jan. 2019. DOI: jcsm2245-1439.812
Ali Safari Khatoun, N. Zincir-Heywood, “How much training data is enough to move a ML-based classifier to a different network?,” Procedia Computer Science, 155:378-385. Jan. 2019. DOI: jcsm2245-1439.812
A. Mashkanova, “Exploratory Data Analysis toward Cloud Intrusion Detection,” University of Victoria, Victoria, British Columbia, Canada, 2019.

2018

J. M. Hernández Jiménez and K. Goseva-Popstojanova, “The Effect on Network Flows-Based Features and Training Set Size on Malware Detection,” in 17th IEEE International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA, Nov. 2018. DOI: NCA.2018.8548325
C. Vega Moreno, E. Miravalls-Sierra, G. Julián Moreno, J. López de Vergara Méndez and E. Magaña and J. Aracil Rico, “On the design and performance evaluation of automatic traffic report generation systems with huge data volumes,” International Journal of Network Management, 9(5), Springer. Aug. 2018. DOI: nem.2044
L. Mai and D. Noh, “Cluster Ensemble with Link-Based Approach for Botnet Detection,” in Journal of Network and Systems Management, 26(3), Jul. 2018. DOI: s10922-017-9436-x
K. Shahbar, and A. N. Zincir-Heywood, “How far can we push flow analysis to identify encrypted anonymity network traffic?,” in NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, Taipei, Taiwan, Apr. 2018. DOI: NOMS.2018.8406156
A. Montieri, D. Ciuonzo, G. Aceto and A. Pescapè, “Anonymity Services Tor, I2P, JonDonym: Classifying in the Dark (Web),” in IEEE Transactions on Dependable and Secure Computing, Feb. 2018. DOI: TDSC.2018.2804394
X. G. Li and J. F. Wang, “Traffic Detection of Transmission of Botnet Threat using BP Neural Network,” in Internation Journal on Non-Standard Computing and Artificial Intelligence, 28(6), 2018. DOI: NNW.2018.28.028

2017

C. Yao, X. Luo and A. N. Zincir-Heywood, “Data analytics for modeling and visualizing attack behaviors: A case study on SSH brute force attacks,” in IEEE Symposium Series on Computational Intelligence (SSCI), Honolulu, HI, USA, Dec. 2017. DOI: SSCI.2017.8280913
Clinton Page, Daniel Smit and Kyle Millar, “Classifying Network Traffic Flows with Deep-Learning.” The University of Adelaide, Adelaide, South Australia, Nov. 2017.
A. Montieri, D. Ciuonzo, G. Aceto and A. Pescapè, “Anonymity Services Tor, I2P, JonDonym: Classifying in the Dark,” in 29th International Teletraffic Congress (ITC 29), Sep. 2017. DOI: ITC.2017.8064342
B. Heydari, H. Yajam, M. A. Akhaee and S. Salehkalaibar, “Utilizing Features of Aggregated Flows to Identify Botnet Network Traffic,” in 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), Shiraz, Iran, Sep. 2017. DOI: ISCISC.2017.8488370
K. Shahbar, and A. N. Zincir-Heywood, “Effects of Shared Bandwidth on Anonymity of the I2P Network Users,” in IEEE Security and Privacy Workshops (SPW), San Jose, CA, USA, May 2017. DOI: SPW.2017.19
F. Haddadi, and A. N. Zincir-Heywood, “Botnet behaviour analysis: How would a data analytics‐based system with minimum a priori information perform?,” in International Journal of Network Management, 27(10), Wiley, May 2017. DOI: nem.1977
Duc Cong Le, “An unsupervised learning approach for network and system analysis,” Dalhousie University, Halifax, Nova Scotia, Canada, Mar. 2017.
R. Seidel et al, “Dagstuhl Report,” Volume 7, Issue 3. 2017.
A. Pektaş and T. Acarman, “Effective Feature Selection for Botnet Detection Based on Network Flow Analysis,” in International Conference on Automatics and Informatics, 2017.

2016

S. Burschka, and B. Dupasquier, “Tranalyzer: Versatile High Performance Network Traffic Analyser,” in Proceedings of the 2016 IEEE Symposium Series on Computational Intelligence (SSCI), Athens, Greece, Dec. 2016. DOI: SSCI.2016.7849909
D. C. Le, A. N. Zincir-Heywood and M. I. Heywood, “Data analytics on network traffic flows for botnet behaviour detection,” in Proceedings of the 2016 IEEE Symposium Series on Computational Intelligence (SSCI), Athens, Greece, Dec. 2016. DOI: SSCI.2016.7850078
L. Mai and Y. Kim and D. Choi and N. K. Bao and T. V. Phan and M. Park, “Flow-based consensus partitions for botnet detection,” in Proceedings of the 2016 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, South Korea, Oct. 2016. DOI: ICTC.2016.7763569
F. Haddadi, “Investigating a Behaviour Analysis-Based Early Warning System to Identify Botnets using Machine Learning Algorithms,” Dalhousie University, Halifax, Nova Scotia, Canada, Sep. 2016.
J. Jianguo, B. Qi, S. Zhixin, Y. Wang and B. Lv, “Botnet Detection Method Analysis on the Effect of Feature Extraction,” in IEEE Trustcom/BigDataSE/ISPA, Tianjin, China, Aug. 2016. DOI: TrustCom.2016.0288
L. Mai and M. Park, “A Comparison of Clustering Algorithms for Botnet Detection Based on Network Flow,” in Proceedings of the 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN), Vienna, Austria, Jul. 2016. DOI: ICUFN.2016.7537117
F. Haddadi, Phan, D.-T. and A. N. Zincir-Heywood, “How to Choose from Different Botnet Detection Systems?,” in IEEE/IFIP Network Operations and Management Symposium (NOMS), Istanbul, Turkey, Apr. 2016. DOI: NOMS.2016.7502964
F. Haddadi, and A. N. Zincir-Heywood, “A Closer Look at the HTTP and P2P Based Botnets from a Detector's Perspective,” in Foundations and Practice of Security. FPS 2015. Lecture Notes in Computer Science, vol 9482. Springer, Cham, Feb. 2016. DOI: 978-3-319-30303-1_13

2015

H. Alizadeh, A. Khoshrou and A. Zúquete, “Traffic classification and verification using unsupervised learning of Gaussian Mixture Models,” in IEEE International Workshop on Measurements & Networking (M&N), Coimbra, Portugal, Oct. 2015. DOI: IWMN.2015.7322980
F. Haddadi, and A. N. Zincir-Heywood, “Botnet Detection System Analysis on the Effect of Botnet Evolution and Feature Representation,” in GECCO Comp, 2015. DOI: 2739482.2768435
F. Haddadi, D. L. Cong, L. Porter, and A. N. Zincir-Heywood, “On the Effectiveness of Different Botnet Detection Approaches,” in ISPEC, 2015. DOI: 978-3-319-17533-1_9
K. Shahbar and A. Nur Zincir-Heywood, “Traffic Flow Analysis of Tor Pluggable Transports,” in CNSM, 2015. DOI: CNSM.2015.7367356

2014

K. Shahbar, and A. N. Zincir-Heywood, “Benchmarking two techniques for Tor classification: Flow level and circuit level classification,” in IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Orlando, FL, USA, Dec. 2014. DOI: CICYBS.2014.7013368
F. Haddadi and A. N. Zincir-Heywood, “Benchmarking the effect of flow exporters and protocol filters on botnet traffic classification,” in Systems Journal, IEEE, vol. PP, no. 99, pp. 1–12, Nov. 2014. DOI: JSYST.2014.2364743
A. Gokcen, “A Preliminary Study for Identifying NAT Traffic using Machine Learning,” Dalhousie University, Halifax, Nova Scotia, Canada, Apr. 2014.
V. Aghaei and A. N. Zincir-Heywood, “Traffic De-Anonymizer,” Dalhousie University, Halifax, Nova Scotia, Canada, Mar. 2014.

2010

B. Dupasquier, S. Burschka, K. McLaughlin, and S. Sezer, “On the privacy of encrypted Skype communications,” in Proceedings of the 2010 IEEE Global Telecommunications Conference (GLOBECOM), Miami, FL, USA, Dec. 2010. IEEE Computer Society. DOI: GLOCOM.2010.5684214
B. Dupasquier, S. Burschka, K. McLaughlin, and S. Sezer, “Analysis of information leakage from encrypted Skype conversations,” International Journal of Information Security (IJIS), 9(5), Oct. 2010. Springer. DOI: s10207-010-0111-4

2009

A. Trifilo, S. Burschka, and E. Biersack, “Traffic to protocol reverse engineering,” in IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA), July 2009. DOI: CISDA.2009.5356565

2008

D. Piccitto, S. Burschka, and G. Urvoy-Keller, “Traffic Mining in IP Tunnels,” Eurecom, Sophia Antipolis, France, Sep. 2008.

Workshops

2024

2023

2022

2021

2020

2018

2015

2012

2009

2008

2019

S. Burschka, “Traffic Mining, To AI or not to AI,” in 15th International Conference on Network and Service Management (CNSM), Dalhousie University, Halifax, Nova Scotia, Canada. Oct. 2019.
S. Burschka, “Traffic Mining: Feel the packets, be the packets,” Boost Academy, Arwidssoninkatu 3B (TurkuSec lab location), Turku, Finland. Mar. 2019.

2017

Dagstuhl Workshop “Annual Report-2017,” Schloss Dagstuhl, Leibniz-Zentrum fuer Informatik, Germany, 2017.
S. Burschka, “Traffic Mining, feel the packets, be the packets,” in 5th Prague Embedded Systems Workshop (PESW), Prague, Czech Republic, June 2017.

2016

S. Burschka and B. Dupasquier, “Fun with the beast: Traffic Mining (TM) using brain and Tranalyzer,” in 10th International Conference on Autonomous Infrastructure, Management and Security (AIMS), Universität der Bundeswehr, München, Germany, June 2016.
S. Burschka, “Fun with the beast: Traffic Mining (TM) using brain and Tranalyzer,” in 3rd Annual Digital Forensic Research Workshop (DFRWS EU), Lausanne, Switzerland, Mar. 2016.

2014

S. Burschka, “Fun with the beast: Traffic Mining (TM) using brain and Tranalyzer,” in International Conference for the Software Community (Jazoon), Zürich, Switzerland, Oct. 2014.
S. Burschka, “Troubleshooting & traffic mining, feel the packets, be the packets,” in International Conference for the Software Community (Jazoon), Zürich, Switzerland, Oct. 2014.

2013

S. Burschka, “Tranalyzer - feel the packets, be the packets,” in Swiss Network Operators Group (SwiNOG #26), Bern, Switzerland, May 2013.

2011

B. Dupasquier and S. Burschka, “Datamining for Hackers - Encrypted Traffic Mining (TM),” in 28th Chaos Communication Congress (28C3), Berlin, Germany, Dec. 2011. [video]

2010

S. Burschka, T. Ruehl, and F. Buehlmann, “Tranalyzer - NetFlow extension,” in Proceedings of the 78th Internet Engineering Task Force, Maastricht, Netherlands, July 2010.
S. Burschka, “Traffic Mining: Feel the packets, be the packets,” in International Summer School on Network and Service Management (ISSNSM), University of Zürich, Zürich, Switzerland, June 2010.