Network traffic classification techniques and challenges

The number of alleged crimes in computer networks had not increased until a few years ago. Real-time analysis has become essential to detect any suspicious activities. Network classification is the first step of network traffic analysis, and it is the core element of network intrusion detection systems (IDS). Although the techniques of classification have improved and their accuracy has been enhanced, the growing trend of encryption and the insistence of application developers to create new ways to avoid applications being filtered and detected are among the reasons that this field remains open for further research. This paper discusses how researchers apply Machine Learning (ML) algorithms in several classification techniques, utilising the statistical properties of the network traffic flow. It also outlines the next stage of our research, which involves investigating different classification techniques (supervised, semi-supervised, and unsupervised) that use ML algorithms to cope with real-world network traffic.