Using Burstiness for Network Applications Classification

Hussein Oudah, Bogdan Ghita, Taimur Bakhshi, Abdulrahman Alruban, David J. Walker

Allbwn ymchwil: Cyfraniad at gyfnodolynErthygladolygiad gan gymheiriaid

2 Wedi eu Llwytho i Lawr (Pure)


Network traffic classification is a vital task for service operators, network engineers, and security specialists to manage network
traffic, design networks, and detect threats. Identifying the type/name of applications that generate traffic is a challenging task as
encrypting traffic becomes the norm for Internet communication. -erefore, relying on conventional techniques such as deep
packet inspection (DPI) or port numbers is not efficient anymore. -is paper proposes a novel flow statistical-based set of features
that may be used for classifying applications by leveraging machine learning algorithms to yield high accuracy in identifying the
type of applications that generate the traffic. -e proposed features compute different timings between packets and flows. -is
work utilises tcptrace to extract features based on traffic burstiness and periods of inactivity (idle time) for the analysed traffic,
followed by the C5.0 algorithm for determining the applications that generated it. -e evaluation tests performed on a set of real,
uncontrolled traffic, indicated that the method has an accuracy of 79% in identifying the correct network application.
Iaith wreiddiolSaesneg
Rhif yr erthygl5758437
Nifer y tudalennau11
CyfnodolynJournal of Computer Networks and Communications
Dynodwyr Gwrthrych Digidol (DOIs)
StatwsCyhoeddwyd - 20 Awst 2019
Cyhoeddwyd yn allanolIe

Ôl bys

Gweld gwybodaeth am bynciau ymchwil 'Using Burstiness for Network Applications Classification'. Gyda’i gilydd, maen nhw’n ffurfio ôl bys unigryw.

Dyfynnu hyn