Visible to the public Biblio

Found 169 results

Filters: Keyword is Support vector machines  [Clear All Filters]
2020-08-10
Kwon, Hyun, Yoon, Hyunsoo, Park, Ki-Woong.  2019.  Selective Poisoning Attack on Deep Neural Network to Induce Fine-Grained Recognition Error. 2019 IEEE Second International Conference on Artificial Intelligence and Knowledge Engineering (AIKE). :136–139.
Deep neural networks (DNNs) provide good performance for image recognition, speech recognition, and pattern recognition. However, a poisoning attack is a serious threat to DNN's security. The poisoning attack is a method to reduce the accuracy of DNN by adding malicious training data during DNN training process. In some situations such as a military, it may be necessary to drop only a chosen class of accuracy in the model. For example, if an attacker does not allow only nuclear facilities to be selectively recognized, it may be necessary to intentionally prevent UAV from correctly recognizing nuclear-related facilities. In this paper, we propose a selective poisoning attack that reduces the accuracy of only chosen class in the model. The proposed method reduces the accuracy of a chosen class in the model by training malicious training data corresponding to a chosen class, while maintaining the accuracy of the remaining classes. For experiment, we used tensorflow as a machine learning library and MNIST and CIFAR10 as datasets. Experimental results show that the proposed method can reduce the accuracy of the chosen class to 43.2% and 55.3% in MNIST and CIFAR10, while maintaining the accuracy of the remaining classes.
Akdeniz, Fulya, Becerikli, Yaşar.  2019.  Performance Comparison of Support Vector Machine, K-Nearest-Neighbor, Artificial Neural Networks, and Recurrent Neural networks in Gender Recognition from Voice Signals. 2019 3rd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT). :1–4.
Nowadays, biometric data is the most common used data in the field of security. Audio signals are one of these biometric data. Voice signals have used frequently in cases such as identification, banking systems, and forensic cases solution. The aim of this study is to determine the gender of voice signals. In the study, many different methods were used to determine the gender of voice signals. Firstly, Mel Frequency kepstrum coefficients were used to extract the feature from the audio signal. Subsequently, these attributes were classified with support vector machines, k-nearest neighborhood method and artificial neural networks. At the other stage of the study, it is aimed to determine gender from audio signals without using feature extraction method. For this, recurrent neural networks (RNN) was used. The performance analyzes of the methods used were made and the results were given. The best accuracy, precision, recall, f-score in the study has found to be 87.04%, 86.32%, 88.58%, 87.43% using K-Nearest-Neighbor algorithm.
Zhang, Xinman, He, Tingting, Xu, Xuebin.  2019.  Android-Based Smartphone Authentication System Using Biometric Techniques: A Review. 2019 4th International Conference on Control, Robotics and Cybernetics (CRC). :104–108.
As the technological progress of mobile Internet, smartphone based on Android OS accounts for the vast majority of market share. The traditional encryption technology cannot resolve the dilemma in smartphone information leakage, and the Android-based authentication system in view of biometric recognition emerge to offer more reliable information assurance. In this paper, we summarize several biometrics providing their attributes. Furthermore, we also review the algorithmic framework and performance index acting on authentication techniques. Thus, typical identity authentication systems including their experimental results are concluded and analyzed in the survey. The article is written with an intention to provide an in-depth overview of Android-based biometric verification systems to the readers.
2020-07-20
Xu, Tangwei, Lu, Xiaozhen, Xiao, Liang, Tang, Yuliang, Dai, Huaiyu.  2019.  Voltage Based Authentication for Controller Area Networks with Reinforcement Learning. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–5.
Controller area networks (CANs) are vulnerable to spoofing attacks such as frame falsifying attacks, as electronic control units (ECUs) send and receive messages without any authentication and encryption. In this paper, we propose a physical authentication scheme that exploits the voltage features of the ECU signals on the CAN bus and applies reinforcement learning to choose the authentication mode such as the protection level and test threshold. This scheme enables a monitor node to optimize the authentication mode via trial-and-error without knowing the CAN bus signal model and spoofing model. Experimental results show that the proposed authentication scheme can significantly improve the authentication accuracy and response compared with a benchmark scheme.
Tanksale, Vinayak.  2019.  Intrusion Detection For Controller Area Network Using Support Vector Machines. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems Workshops (MASSW). :121–126.
Controller Area Network is the most widely adopted communication standard in automobiles. The CAN protocol is robust and is designed to minimize overhead. The light-weight nature of this protocol implies that it can't efficiently process secure communication. With the exponential increase in automobile communications, there is an urgent need for efficient and effective security countermeasures. We propose a support vector machine based intrusion detection system that is able to detect anomalous behavior with high accuracy. We outline a process for parameter selection and feature vector selection. We identify strengths and weaknesses of our system and propose to extend our work for time-series based data.
2020-07-16
Ayub, Md. Ahsan, Smith, Steven, Siraj, Ambareen.  2019.  A Protocol Independent Approach in Network Covert Channel Detection. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :165—170.

Network covert channels are used in various cyberattacks, including disclosure of sensitive information and enabling stealth tunnels for botnet commands. With time and technology, covert channels are becoming more prevalent, complex, and difficult to detect. The current methods for detection are protocol and pattern specific. This requires the investment of significant time and resources into application of various techniques to catch the different types of covert channels. This paper reviews several patterns of network storage covert channels, describes generation of network traffic dataset with covert channels, and proposes a generic, protocol-independent approach for the detection of network storage covert channels using a supervised machine learning technique. The implementation of the proposed generic detection model can lead to a reduction of necessary techniques to prevent covert channel communication in network traffic. The datasets we have generated for experimentation represent storage covert channels in the IP, TCP, and DNS protocols and are available upon request for future research in this area.

2020-07-09
Nisha, D, Sivaraman, E, Honnavalli, Prasad B.  2019.  Predicting and Preventing Malware in Machine Learning Model. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.

Machine learning is a major area in artificial intelligence, which enables computer to learn itself explicitly without programming. As machine learning is widely used in making decision automatically, attackers have strong intention to manipulate the prediction generated my machine learning model. In this paper we study about the different types of attacks and its countermeasures on machine learning model. By research we found that there are many security threats in various algorithms such as K-nearest-neighbors (KNN) classifier, random forest, AdaBoost, support vector machine (SVM), decision tree, we revisit existing security threads and check what are the possible countermeasures during the training and prediction phase of machine learning model. In machine learning model there are 2 types of attacks that is causative attack which occurs during the training phase and exploratory attack which occurs during the prediction phase, we will also discuss about the countermeasures on machine learning model, the countermeasures are data sanitization, algorithm robustness enhancement, and privacy preserving techniques.

2020-07-03
Usama, Muhammad, Asim, Muhammad, Qadir, Junaid, Al-Fuqaha, Ala, Imran, Muhammad Ali.  2019.  Adversarial Machine Learning Attack on Modulation Classification. 2019 UK/ China Emerging Technologies (UCET). :1—4.

Modulation classification is an important component of cognitive self-driving networks. Recently many ML-based modulation classification methods have been proposed. We have evaluated the robustness of 9 ML-based modulation classifiers against the powerful Carlini & Wagner (C-W) attack and showed that the current ML-based modulation classifiers do not provide any deterrence against adversarial ML examples. To the best of our knowledge, we are the first to report the results of the application of the C-W attack for creating adversarial examples against various ML models for modulation classification.

Li, Feiyan, Li, Wei, Huo, Hongtao, Ran, Qiong.  2019.  Decision Fusion Based on Joint Low Rank and Sparse Component for Hyperspectral Image Classification. IGARSS 2019 - 2019 IEEE International Geoscience and Remote Sensing Symposium. :401—404.

Sparse and low rank matrix decomposition is a method that has recently been developed for estimating different components of hyperspectral data. The rank component is capable of preserving global data structures of data, while a sparse component can select the discriminative information by preserving details. In order to take advantage of both, we present a novel decision fusion based on joint low rank and sparse component (DFJLRS) method for hyperspectral imagery in this paper. First, we analyzed the effects of different components on classification results. Then a novel method adopts a decision fusion strategy which combines a SVM classifier with the information provided by joint sparse and low rank components. With combination of the advantages, the proposed method is both representative and discriminative. The proposed algorithm is evaluated using several hyperspectral images when compared with traditional counterparts.

2020-06-29
Das, Saikat, Mahfouz, Ahmed M., Venugopal, Deepak, Shiva, Sajjan.  2019.  DDoS Intrusion Detection Through Machine Learning Ensemble. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :471–477.
Distributed Denial of Service (DDoS) attacks have been the prominent attacks over the last decade. A Network Intrusion Detection System (NIDS) should seamlessly configure to fight against these attackers' new approaches and patterns of DDoS attack. In this paper, we propose a NIDS which can detect existing as well as new types of DDoS attacks. The key feature of our NIDS is that it combines different classifiers using ensemble models, with the idea that each classifier can target specific aspects/types of intrusions, and in doing so provides a more robust defense mechanism against new intrusions. Further, we perform a detailed analysis of DDoS attacks, and based on this domain-knowledge verify the reduced feature set [27, 28] to significantly improve accuracy. We experiment with and analyze NSL-KDD dataset with reduced feature set and our proposed NIDS can detect 99.1% of DDoS attacks successfully. We compare our results with other existing approaches. Our NIDS approach has the learning capability to keep up with new and emerging DDoS attack patterns.
Wehbi, Khadijeh, Hong, Liang, Al-salah, Tulha, Bhutta, Adeel A.  2019.  A Survey on Machine Learning Based Detection on DDoS Attacks for IoT Systems. 2019 SoutheastCon. :1–6.
Internet of Things (IoT) is transforming the way we live today, improving the quality of living standard and growing the world economy by having smart devices around us making decisions and performing our daily tasks and chores. However, securing the IoT system from malicious attacks is a very challenging task. Some of the most common malicious attacks are Denial of service (DoS), and Distributed Denial of service (DDoS) attacks, which have been causing major security threats to all networks and specifically to limited resource IoT devices. As security will always be a primary factor for enabling most IoT applications, developing a comprehensive detection method that effectively defends against DDoS attacks and can provide 100% detection for DDoS attacks in IoT is a primary goal for the future of IoT. The development of such a method requires a deep understanding of the methods that have been used thus far in the detection of DDoS attacks in the IoT environment. In our survey, we try to emphasize some of the most recent Machine Learning (ML) approaches developed for the detection of DDoS attacks in IoT networks along with their advantage and disadvantages. Comparison between the performances of selected approaches is also provided.
2020-06-26
Karthika, P., Babu, R. Ganesh, Nedumaran, A..  2019.  Machine Learning Security Allocation in IoT. 2019 International Conference on Intelligent Computing and Control Systems (ICCS). :474—478.

The progressed computational abilities of numerous asset compelled gadgets mobile phones have empowered different research zones including picture recovery from enormous information stores for various IoT applications. The real difficulties for picture recovery utilizing cell phones in an IoT situation are the computational intricacy and capacity. To manage enormous information in IoT condition for picture recovery a light-weighted profound learning base framework for vitality obliged gadgets. The framework initially recognizes and crop face areas from a picture utilizing Viola-Jones calculation with extra face classifier to take out the identification issue. Besides, the utilizes convolutional framework layers of a financially savvy pre-prepared CNN demonstrate with characterized highlights to speak to faces. Next, highlights of the huge information vault are listed to accomplish a quicker coordinating procedure for constant recovery. At long last, Euclidean separation is utilized to discover comparability among question and archive pictures. For exploratory assessment, we made a nearby facial pictures dataset it including equally single and gathering face pictures. In the dataset can be utilized by different specialists as a scale for examination with other ongoing facial picture recovery frameworks. The trial results demonstrate that our planned framework beats other cutting edge highlight extraction strategies as far as proficiency and recovery for IoT-helped vitality obliged stages.

2020-06-19
Keshari, Tanya, Palaniswamy, Suja.  2019.  Emotion Recognition Using Feature-level Fusion of Facial Expressions and Body Gestures. 2019 International Conference on Communication and Electronics Systems (ICCES). :1184—1189.

Automatic emotion recognition using computer vision is significant for many real-world applications like photojournalism, virtual reality, sign language recognition, and Human Robot Interaction (HRI) etc., Psychological research findings advocate that humans depend on the collective visual conduits of face and body to comprehend human emotional behaviour. Plethora of studies have been done to analyse human emotions using facial expressions, EEG signals and speech etc., Most of the work done was based on single modality. Our objective is to efficiently integrate emotions recognized from facial expressions and upper body pose of humans using images. Our work on bimodal emotion recognition provides the benefits of the accuracy of both the modalities.

2020-05-18
Lee, Hyun-Young, Kang, Seung-Shik.  2019.  Word Embedding Method of SMS Messages for Spam Message Filtering. 2019 IEEE International Conference on Big Data and Smart Computing (BigComp). :1–4.
SVM has been one of the most popular machine learning method for the binary classification such as sentiment analysis and spam message filtering. We explored a word embedding method for the construction of a feature vector and the deep learning method for the binary classification. CBOW is used as a word embedding technique and feedforward neural network is applied to classify SMS messages into ham or spam. The accuracy of the two classification methods of SVM and neural network are compared for the binary classification. The experimental result shows that the accuracy of deep learning method is better than the conventional machine learning method of SVM-light in the binary classification.
Sel, Slhami, Hanbay, Davut.  2019.  E-Mail Classification Using Natural Language Processing. 2019 27th Signal Processing and Communications Applications Conference (SIU). :1–4.
Thanks to the rapid increase in technology and electronic communications, e-mail has become a serious communication tool. In many applications such as business correspondence, reminders, academic notices, web page memberships, e-mail is used as primary way of communication. If we ignore spam e-mails, there remain hundreds of e-mails received every day. In order to determine the importance of received e-mails, the subject or content of each e-mail must be checked. In this study we proposed an unsupervised system to classify received e-mails. Received e-mails' coordinates are determined by a method of natural language processing called as Word2Vec algorithm. According to the similarities, processed data are grouped by k-means algorithm with an unsupervised training model. In this study, 10517 e-mails were used in training. The success of the system is tested on a test group of 200 e-mails. In the test phase M3 model (window size 3, min. Word frequency 10, Gram skip) consolidated the highest success (91%). Obtained results are evaluated in section VI.
Zhong, Guo-qiang, Wang, Huai-yu, Zheng, Shuai, JIA, Bao-zhu.  2019.  Research on fusion diagnosis method of thermal fault of Marine diesel engine. 2019 Chinese Automation Congress (CAC). :5371–5375.
In order to avoid the situation that the diagnosis model based on single sensor data is easily disturbed by environmental noise and the diagnosis accuracy is low, an intelligent fault fusion diagnosis method for marine diesel engine is proposed. Firstly, the support vector machine which is optimized by genetic algorithm is used to learn the fault sample data from different sensors, then multiple fault diagnosis models and results can be got. After that, multiple groups of diagnosis results are taken as evidence bodies and fused by evidence theory to obtain more accurate diagnosis results. By analyzing the sample data obtained from the fault simulation experiment of marine diesel engine based on AVL BOOST software, the proposed method can improve the fault diagnosis accuracy of marine diesel engine and reduce the uncertainty value of diagnosis results.
Zhao, Xiaohang, Zhang, Ke, Chai, Yi.  2019.  A Multivariate Time Series Classification based Multiple Fault Diagnosis Method for Hydraulic Systems. 2019 Chinese Control Conference (CCC). :6819–6824.
Hydraulic systems is a class of nonlinear complex systems. There are many typical characteristics with the systems: multiple functional components, multiple operation modes, space-time coupling work, and monitoring signals for faults are multivariate time series data, etc. Because of the characteristics, fault diagnosis for Hydraulic systems is not easy. Traditional fault diagnosis methods mostly ignore the multivariable timing characteristics of monitoring signals, it has made many detection and diagnosis (especially for multiple fault) can not keep high accuracy, and some of the methods are not even be able to multiple fault diagnosis. Aim at the problem, a multivariate time series classification based diagnosis method is proposed. Firstly, extracting timing characteristics (transformed features) from the time series data collected via sensors by 1-NN method. Secondly, training the transformed features by multi-class OVO-SVM to classify multivariate time series. Simulation of the method contains single fault and multiple faults conditions, the results show that the method has high accuracy, it can complete multiple-faults classification.
2020-05-11
Khan, Riaz Ullah, Zhang, Xiaosong, Alazab, Mamoun, Kumar, Rajesh.  2019.  An Improved Convolutional Neural Network Model for Intrusion Detection in Networks. 2019 Cybersecurity and Cyberforensics Conference (CCC). :74–77.

Network intrusion detection is an important component of network security. Currently, the popular detection technology used the traditional machine learning algorithms to train the intrusion samples, so as to obtain the intrusion detection model. However, these algorithms have the disadvantage of low detection rate. Deep learning is more advanced technology that automatically extracts features from samples. In view of the fact that the accuracy of intrusion detection is not high in traditional machine learning technology, this paper proposes a network intrusion detection model based on convolutional neural network algorithm. The model can automatically extract the effective features of intrusion samples, so that the intrusion samples can be accurately classified. Experimental results on KDD99 datasets show that the proposed model can greatly improve the accuracy of intrusion detection.

Abhilash, Goyal, Divyansh, Gupta.  2018.  Intrusion Detection and Prevention in Software Defined Networking. 2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). :1–4.
Software defined networking is a concept proposed to replace traditional networks by separating control plane and data plane. It makes the network more programmable and manageable. As there is a single point of control of the network, it is more vulnerable to intrusion. The idea is to train the network controller by machine learning algorithms to let it make the intelligent decisions automatically. In this paper, we have discussed our approach to make software defined networking more secure from various malicious attacks by making it capable of detecting and preventing such attacks.
2020-04-13
Phan, Trung V., Islam, Syed Tasnimul, Nguyen, Tri Gia, Bauschert, Thomas.  2019.  Q-DATA: Enhanced Traffic Flow Monitoring in Software-Defined Networks applying Q-learning. 2019 15th International Conference on Network and Service Management (CNSM). :1–9.
Software-Defined Networking (SDN) introduces a centralized network control and management by separating the data plane from the control plane which facilitates traffic flow monitoring, security analysis and policy formulation. However, it is challenging to choose a proper degree of traffic flow handling granularity while proactively protecting forwarding devices from getting overloaded. In this paper, we propose a novel traffic flow matching control framework called Q-DATA that applies reinforcement learning in order to enhance the traffic flow monitoring performance in SDN based networks and prevent traffic forwarding performance degradation. We first describe and analyse an SDN-based traffic flow matching control system that applies a reinforcement learning approach based on Q-learning algorithm in order to maximize the traffic flow granularity. It also considers the forwarding performance status of the SDN switches derived from a Support Vector Machine based algorithm. Next, we outline the Q-DATA framework that incorporates the optimal traffic flow matching policy derived from the traffic flow matching control system to efficiently provide the most detailed traffic flow information that other mechanisms require. Our novel approach is realized as a REST SDN application and evaluated in an SDN environment. Through comprehensive experiments, the results show that-compared to the default behavior of common SDN controllers and to our previous DATA mechanism-the new Q-DATA framework yields a remarkable improvement in terms of traffic forwarding performance degradation protection of SDN switches while still providing the most detailed traffic flow information on demand.
2020-04-10
Bagui, Sikha, Nandi, Debarghya, Bagui, Subhash, White, Robert Jamie.  2019.  Classifying Phishing Email Using Machine Learning and Deep Learning. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1—2.

In this work, we applied deep semantic analysis, and machine learning and deep learning techniques, to capture inherent characteristics of email text, and classify emails as phishing or non -phishing.

2020-04-03
Sattar, Naw Safrin, Arifuzzaman, Shaikh, Zibran, Minhaz F., Sakib, Md Mohiuddin.  2019.  An Ensemble Approach for Suspicious Traffic Detection from High Recall Network Alerts. {2019 IEEE International Conference on Big Data (Big Data. :4299—4308}}@inproceedings{wu_ensemble_2019.
Web services from large-scale systems are prevalent all over the world. However, these systems are naturally vulnerable and incline to be intruded by adversaries for illegal benefits. To detect anomalous events, previous works focus on inspecting raw system logs by identifying the outliers in workflows or relying on machine learning methods. Though those works successfully identify the anomalies, their models use large training set and process whole system logs. To reduce the quantity of logs that need to be processed, high recall suspicious network alert systems can be applied to preprocess system logs. Only the logs that trigger alerts are retrieved for further usage. Due to the universally usage of network traffic alerts among Security Operations Center, anomalies detection problems could be transformed to classify truly suspicious network traffic alerts from false alerts.In this work, we propose an ensemble model to distinguish truly suspicious alerts from false alerts. Our model consists of two sub-models with different feature extraction strategies to ensure the diversity and generalization. We use decision tree based boosters and deep neural networks to build ensemble models for classification. Finally, we evaluate our approach on suspicious network alerts dataset provided by 2019 IEEE BigData Cup: Suspicious Network Event Recognition. Under the metric of AUC scores, our model achieves 0.9068 on the whole testing set.
Saridou, Betty, Shiaeles, Stavros, Papadopoulos, Basil.  2019.  DDoS Attack Mitigation through Root-DNS Server: A Case Study. 2019 IEEE World Congress on Services (SERVICES). 2642-939X:60—65.

Load balancing and IP anycast are traffic routing algorithms used to speed up delivery of the Domain Name System. In case of a DDoS attack or an overload condition, the value of these protocols is critical, as they can provide intrinsic DDoS mitigation with the failover alternatives. In this paper, we present a methodology for predicting the next DNS response in the light of a potential redirection to less busy servers, in order to mitigate the size of the attack. Our experiments were conducted using data from the Nov. 2015 attack of the Root DNS servers and Logistic Regression, k-Nearest Neighbors, Support Vector Machines and Random Forest as our primary classifiers. The models were able to successfully predict up to 83% of responses for Root Letters that operated on a small number of sites and consequently suffered the most during the attacks. On the other hand, regarding DNS requests coming from more distributed Root servers, the models demonstrated lower accuracy. Our analysis showed a correlation between the True Positive Rate metric and the number of sites, as well as a clear need for intelligent management of traffic in load balancing practices.

2020-03-23
Hirano, Manabu, Kobayashi, Ryotaro.  2019.  Machine Learning Based Ransomware Detection Using Storage Access Patterns Obtained From Live-forensic Hypervisor. 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1–6.
With the rapid increase in the number of Internet of Things (IoT) devices, mobile devices, cloud services, and cyber-physical systems, the large-scale cyber attacks on enterprises and public sectors have increased. In particular, ransomware attacks damaged UK's National Health Service and many enterprises around the world in 2017. Therefore, researchers have proposed ransomware detection and prevention systems. However, manual inspection in static and dynamic ransomware analysis is time-consuming and it cannot cope with the rapid increase in variants of ransomware family. Recently, machine learning has been used to automate ransomware analysis by creating a behavioral model of same ransomware family. To create effective behavioral models of ransomware, we first obtained storage access patterns of live ransomware samples and of a benign application by using a live-forensic hypervisor called WaybackVisor. To distinguish ransomware from a benign application that has similar behavior to ransomware, we carefully selected five dimensional features that were extracted both from actual ransomware's Input and Output (I/O) logs and from a benign program's I/O logs. We created and evaluated machine learning models by using Random Forest, Support Vector Machine, and K-Nearest Neighbors. Our experiments using the proposed five features of storage access patterns achieved F-measure rate of 98%.
2020-03-12
Lafram, Ichrak, Berbiche, Naoual, El Alami, Jamila.  2019.  Artificial Neural Networks Optimized with Unsupervised Clustering for IDS Classification. 2019 1st International Conference on Smart Systems and Data Science (ICSSD). :1–7.

Information systems are becoming more and more complex and closely linked. These systems are encountering an enormous amount of nefarious traffic while ensuring real - time connectivity. Therefore, a defense method needs to be in place. One of the commonly used tools for network security is intrusion detection systems (IDS). An IDS tries to identify fraudulent activity using predetermined signatures or pre-established user misbehavior while monitoring incoming traffic. Intrusion detection systems based on signature and behavior cannot detect new attacks and fall when small behavior deviations occur. Many researchers have proposed various approaches to intrusion detection using machine learning techniques as a new and promising tool to remedy this problem. In this paper, the authors present a combination of two machine learning methods, unsupervised clustering followed by a supervised classification framework as a Fast, highly scalable and precise packets classification system. This model's performance is assessed on the new proposed dataset by the Canadian Institute for Cyber security and the University of New Brunswick (CICIDS2017). The overall process was fast, showing high accuracy classification results.