Abstract
SummaryMachine learning has recently entered the area of network traffic classification as an alternative to the deep packet inspection technique. It provides both unsupervised and supervised learning algorithms that are capable to put aside similar types of traffic or recognize Internet protocols based on some training, pre‐labeled samples. The current work proposes a new approach in the area of network traffic classification using machine learning. First, we extract the unidirectional and bidirectional flows from a traffic capture. A flow is a collection of packets that share sender and receiver IP address and port. Second, we select relevant statistical properties of these flows and use an unsupervised learning mechanism to group flows into clusters based on the similarities. Eventually, we use this classification as training input for a supervised learning engine that will have to properly determine the class of new, unseen traffic flows. Copyright © 2016 John Wiley & Sons, Ltd.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
