Marked Neural Temporal Point Process for Network Packet Characterization
Document Type
Thesis
Degree Name
Master of Science (MS)
Department
Computer Science and Info Sys
Date of Award
Fall 2025
Abstract
With the advancement of digital technologies, cyberattacks have become increasingly sophisticated, posing serious threats to personal privacy, national security, and organizational infrastructure. As modern cyber threats grow in complexity and intelligence, traditional network security approaches are proving insufficient. Existing detection methods often rely on complete connection information, making it difficult to identify attacks in time, or depend on packet payload inspection, which is limited to unencrypted traffic and raises privacy concerns.To address these limitations, this study proposes a novel multi-class classification approach for cyberattack detection by introducing a Marked Neural Temporal Point Process (MNTPP) model that integrates deep learning techniques with Temporal Point Process (TPP) theory. Unlike conventional methods, the proposed model characterizes network flows by analyzing only inter-packet arrival time and packet sizes, enabling practical and efficient early detection with minimal packet information. The MNTPP model captures temporal dependencies and patterns through inter-packet arrival time and leverages packet size as a mark to provide additional information for flow characterization. Experiments on real-world network traffic traces demonstrate its effectiveness in early attack detection, outperforming advanced deep sequence models such as bidirectional LSTM and sequence-to-sequence.
Advisor
Jinoh Kim
Subject Categories
Computer Sciences | Physical Sciences and Mathematics
Recommended Citation
Seo, Eunjung, "Marked Neural Temporal Point Process for Network Packet Characterization" (2025). Electronic Theses & Dissertations. 1336.
https://lair.etamu.edu/etd/1336
