Title :
Online Classification of Network Flows
Author :
Tavallaee, Mahbod ; Lu, Wei ; Ghorbani, Ali A.
Author_Institution :
Fac. of Comput. Sci., Univ. of New Brunswick Fredericton, Fredericton, NB
Abstract :
Summary form only given. Online classification of network traffic is very challenging and still an issue to be solved due to the increase of new applications and traffic encryption. In this paper, we propose a hybrid mechanism for online classification of network traffic, in which we apply a signature-based method at the first level, and then we take advantage of a learning algorithm to classify the remaining unknown traffic using statistical features. Our evaluation with over 250 thousand flows collected over three consecutive hours on a large-scale ISP network shows promising results in detecting encrypted and tunneled applications compared to other existing methods.
Keywords :
digital signatures; learning (artificial intelligence); pattern classification; statistical analysis; telecommunication security; telecommunication traffic; learning algorithm; network traffic; online classification; signature-based method; statistical feature; traffic encryption; Application software; Classification tree analysis; Communication networks; Computer science; Cryptography; Decision trees; Large-scale systems; Niobium; Payloads; Telecommunication traffic; Application Discovery; Traffic Classification;
Conference_Titel :
Communication Networks and Services Research Conference, 2009. CNSR '09. Seventh Annual
Conference_Location :
Moncton, NB
Print_ISBN :
978-1-4244-4155-6
Electronic_ISBN :
978-0-7695-3649-1
DOI :
10.1109/CNSR.2009.22
