Abstract
Reliable network traffic classification is essential to management and security tasks. Therefore, it is beneficial to analyze and improve existing techniques. Some of the most traditional methodologies for traffic classification are based on port number and packet payload, each of which presents an increasing set of problems. Port number-based classification techniques suffer from the misuse of port numbers and tunneling. This is primarily due to their reliance on the proper use of IANA (Internet Assigned Numbers Authority) assigned numbers. On the other hand, packet payload-based classification has difficulty dealing with encrypted data and legal restrictions to accessing user data. Flow feature-based classification canovercome these challenges by creating profiles based on the traffic patterns of applications. Furthermore, machine learning techniques have shown to be a good match for traffic classification. Thus, the goal of this paper is to explore the combination of these fields and to develop a set of machine learning models capable of classifying network traffic based on flow features. This was achieved by using a ready to use dataset to train two supervised and one unsupervised clustering model.The results for the supervised classifiers were considered comparable to similar studies, while the performance of the clustering model was found to be not satisfactory.
Highlights
TRAFFIC classification can have many vital applications in the management and security of computer networks, such as traffic prioritization, performance monitoring and anomaly detection
The widespread use of cryptography has posed problems for more robust classification techniques, such as payload-based DPI (Deep Packet Inspection) [5, 6]. Considering these challenges, flow feature-based classification has shown to be a potential alternative to port number and packet payload-based techniques
The main goal of this work is to develop a set of machine learning models capable of achieving a classification accuracy comparable of that present in the literature
Summary
TRAFFIC classification can have many vital applications in the management and security of computer networks, such as traffic prioritization, performance monitoring and anomaly detection. This classification task can be summarized as the mapping of the incoming traffic into classes of interest in a reliable and accurate manner. The general approach adopted by this work consists of: 1) identifying common software tools, machine learning models and practices for building datasets in the relevant literature; 2) selecting a set of machine learning models to train and evaluate; 3) executing the classification experiments on the trained models and evaluating the results.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
