• DocumentCode
    3040260
  • Title

    Investigating Two Different Approaches for Encrypted Traffic Classification

  • Author

    Alshammari, Riyad ; Zincir-Heywood, A. Nur

  • Author_Institution
    Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS
  • fYear
    2008
  • fDate
    1-3 Oct. 2008
  • Firstpage
    156
  • Lastpage
    166
  • Abstract
    The basic objective of this work is to compare the utility of an expert driven system and a data driven system for classifying encrypted network traffic, specifically SSH traffic from traffic log files. Pre-processing is applied to the traffic data to represent as traffic flows. Results show that the data driven system approach outperforms the expert driven system approach in terms of high detection and low false positive rates.
  • Keywords
    cryptography; expert systems; telecommunication computing; telecommunication traffic; SSH traffic; data driven system; encrypted traffic classification; expert driven system; machine learning; network traffic; traffic data preprocessing; traffic flow; traffic log file; Application software; Communication system traffic control; Cryptography; Data privacy; Data security; Machine learning; Payloads; Protocols; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Privacy, Security and Trust, 2008. PST '08. Sixth Annual Conference on
  • Conference_Location
    Fredericton, NB
  • Print_ISBN
    978-0-7695-3390-2
  • Type

    conf

  • DOI
    10.1109/PST.2008.15
  • Filename
    4641283
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3040260