Abstract

Reliable network traffic classification is essential to management and security tasks. Therefore, it is beneficial to analyze and improve existing techniques. Some of the most traditional methodologies for traffic classification are based on port number and packet payload, each of which presents an increasing set of problems. Port number-based classification techniques suffer from the misuse of port numbers and tunneling. This is primarily due to their reliance on the proper use of IANA (Internet Assigned Numbers Authority) assigned numbers. On the other hand, packet payload-based classification has difficulty dealing with encrypted data and legal restrictions to accessing user data. Flow feature-based classification canovercome these challenges by creating profiles based on the traffic patterns of applications. Furthermore, machine learning techniques have shown to be a good match for traffic classification. Thus, the goal of this paper is to explore the combination of these fields and to develop a set of machine learning models capable of classifying network traffic based on flow features. This was achieved by using a ready to use dataset to train two supervised and one unsupervised clustering model.The results for the supervised classifiers were considered comparable to similar studies, while the performance of the clustering model was found to be not satisfactory.

Highlights

  • TRAFFIC classification can have many vital applications in the management and security of computer networks, such as traffic prioritization, performance monitoring and anomaly detection

  • The widespread use of cryptography has posed problems for more robust classification techniques, such as payload-based DPI (Deep Packet Inspection) [5, 6]. Considering these challenges, flow feature-based classification has shown to be a potential alternative to port number and packet payload-based techniques

  • The main goal of this work is to develop a set of machine learning models capable of achieving a classification accuracy comparable of that present in the literature

Read more

Summary

INTRODUCTION

TRAFFIC classification can have many vital applications in the management and security of computer networks, such as traffic prioritization, performance monitoring and anomaly detection. This classification task can be summarized as the mapping of the incoming traffic into classes of interest in a reliable and accurate manner. The general approach adopted by this work consists of: 1) identifying common software tools, machine learning models and practices for building datasets in the relevant literature; 2) selecting a set of machine learning models to train and evaluate; 3) executing the classification experiments on the trained models and evaluating the results.

RELATED WORK
TRAFFIC CLASSIFICATION EXPERIMENTS
Environment
Datasets
Preprocessing
DBSCAN Clustering
Evaluation Dataset
CONCLUSION
Future Work

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.