Title :
Performance Comparison of Four Rule Sets: An Example for Encrypted Traffic Classification
Author :
Alshammari, Riyad ; Zincir-Heywood, A. Nur ; Farrag, A.A.
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
The objective of this work is the classification of encrypted traffic where SSH is taken as an example application. To this end, four learning algorithms AdaBoost, RIPPER, C4.5 and Rough Set are evaluated using flow based features to extract the minimum features/rules set required to classify SSH traffic. Results indicate that C4.5 based classifier performs better than the other three. However, we have also identified 15 features that are important to classify encrypted traffic, namely SSH.
Keywords :
cryptography; rough set theory; AdaBoost; C4.5 based classifier; RIPPER; encrypted traffic classification; four rule sets; learning algorithm; rough set; Application software; Computer security; Cryptography; Feature extraction; Machine learning algorithms; Payloads; Peer to peer computing; Privacy; Telecommunication traffic; Traffic control; encrypted traffic classification; performance measures; problem decomposition; security;
Conference_Titel :
Privacy, Security, Trust and the Management of e-Business, 2009. CONGRESS '09. World Congress on
Conference_Location :
Saint John, NB
Print_ISBN :
978-1-4244-5344-3
Electronic_ISBN :
978-0-7695-3805-1
DOI :
10.1109/CONGRESS.2009.22
