Abstract
In modern Internet, different protocols generate numerous traffic types with distinct service requirements. Therefore the Internet traffic identification plays an important role to improve the network performance as part of network measurement and network management task. Primarily well-known port based method was used. But latest services uses random and uncertain port numbers reduces the accuracy of identification. Consequently “payload based approach” also known as “deep packet inspection”, used but still resulted less accuracy and required huge operational resources and are exposed to encrypted traffic flows. The recent techniques classify the application protocol based on statistical characteristics at packet level using network flow-based approach. Dealing with several datasets and millions of transaction of packets needs the use of Machine learning techniques for classification and identification of traffic. Our research shows the classification accuracy up to 99.7929%. In this paper we propose the statistical feature based approach for real-time network traffic classification. We compared the performance of three machine learning algorithms for the same. This mechanism of real time protocol identification confirms improved performance and reduced complexity.
An Erratum for this chapter can be found at http://dx.doi.org/10.1007/978-3-319-07350-7_68
An erratum to this chapter can be found at http://dx.doi.org/10.1007/978-3-319-07350-7_68
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sen, S., Spatscheck, O., Wang, D.: Accurate, scalable in network identification of P2P traffic using application signatures (2004)
Moore, A.W., Papagiannaki, K.: Toward the accurate identification of network applications. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 41–54. Springer, Heidelberg (2005)
Bro intrusion detection system - Bro overview (2008), http://broids.org
Application specific bit strings, http://www.cs.ucr.edu/tkarag/papers/strings.txt
Ma, J., Levchenko, K., Kreibich, C., Savage, S., Voelker, G.M.: Unexpected means of protocol inference. In: 6th ACM SIGCOMM Internet Measurement Conference (IMC 2006), Rio de Janeiro, BR (2006)
Haffner, S.S., Spatscheck, O., Wang, D.: ACAS: automated construction of application signatures. In: MineNet 2005, Philadelphia, Pennsylvania, USA (2005)
Paxson, V.: Empirically derived analytic models of wide-area TCP connections. IEEE/ACM Trans. Networking 2(4), 316–336 (1994)
Zander, S., Nguyen, T., Armitage, G.: Automated traffic classification and application identification using machine learning. In: IEEE 30th Conference on Local Computer Networks (2005)
Nguyen, -T.T.T., Armitage, G.: A Survey of Techniques for Internet Traffic classification using Machine Learning. IEEE Communications Surveys & Tutorials 10(4) (2008)
Roughan, M., Sen, S., Spatscheck, O., Duffield, N.: Class-of-service mapping for QoS: A statistical signature-based approach to IP traffic classification. In: ProcessingInternet Measurement Conference (2004)
Singh, K., Agrawal, S.: Internet Traffic Classification using RBF Neural Network. In: International Conference on Communication and Computing Technologies, vol. 10, pp. 39–43 (2011)
Haffner, P., Sen, S., Spatscheck, O., Wang, D.: ACAS: automated construction of application signatures. In: MineNet 2005: Proceeding of the 2005 ACM SIGCOMM Workshop on Mining Network Data, pp. 197–202. ACM Press (2005)
Zander, S., Armitage, G.: A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification. Special Interest Group on Data Communication (SIGCOMM) Computer Communication Review 36(5), 5–16 (2006)
Auld, T., Moore, A.W., Gull, S.F.: Bayesian neural networks for Internet traffic classification. IEEE Trans. Neural Networks 1, 223–239 (2007)
Chandrakant, J.R.: Lokhande Shashikant. D.: Machine Learning Based Internet Traffic Recognition with Statistical Approach. In: Annual IEEE India Conference (2013)
Bernaille, L., Teixeira, R., Akodkenou, I., Soule, A., Salamatian, K.: Traffic classification on the fly. ACM Special Interest Group on Data Communication (SIGCOMM) Computer Communication Review 36(2) (2006)
Nguyen,-T.T.T, Armitage, G.: Clustering to Assist Supervised Machine Learning for Real-Time IP Traffic Classification (2008)
Nguyen, T., Armitage, G.: Training on multiple sub-flows to optimize the use of Machine Learning classifiers in real-world IP networks. In: Proceeding IEEE 31st Conference on Local Computer Networks (2006)
Wang, Y., Yu, S.Z.: Machine Learned Real-time Traffic Classifiers. In: Second International Symposium on Intelligent Information Technology Application. IEEE (2008)
Tian, X., Sun, O., Huang, X., Ma, Y.: A Dynamic Online Traffic Classification Methodology based on Data Stream Mining. In: WRI World Congress on Computer Science and Information Engineering. IEEE (2009)
Dehghani, F., Movahhedinia, N., Khayyambashi, M.R., Kianian, S.: Real-time Traffic Classification Based on Statistical and Payload Content Features. In: 2nd International Workshop on Intelligent Systems and Applications. IEEE (2010)
Este, A., Gringoli, F., Salgarelli, L.: On-line SVM traffic classification. In: 7th International Wireless Communications and Mobile Computing Conference (IWCMC). IEEE (2011)
Qu, B., Zhang, Z., Guo, L., Meng, D.: On accuracy of early traffic classification. In: 7th International Conference on Networking, Architecture and Storage (NAS) (2012)
Witten, I.H., Frank, E., Hall, M.A.: Data Mining-Practical machine learning tools and techniques. Morgan Kaufmann Publishers, Elsevier Copyright (2012)
Moore, A.W., Zuev, D.: Discriminators for use in flow-based classification. Intel Research Technical Report (2005)
Auld, T., Moore, A.W., Gull, S.F.: Bayesian neural networks for Internet traffic classification. IEEE Trans. Neural Networks 1, 223–239 (2007)
Lang, T., Armitage, G., Branch, P., Choo, H.Y.: A synthetic traffic model for Half-life. In: Procceding Australian Telecommunications Networks and Applications Conference (2003)
Lang, T., Branch, P., Armitage, G.: A synthetic traffic model for Quake 3. In: Proc. ACM SIGCHI International Conference on Advances in Computer Entertainment Technology (ACE 2004), Singapore (2004)
MAWI Working Group Traffic Archive. Packet traces from wide backbone, http://mawi.wide.ad.jp/mawi/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Jaiswal, R., Lokhande, S. (2014). Analysis of Early Traffic Processing and Comparison of Machine Learning Algorithms for Real Time Internet Traffic Identification Using Statistical Approach. In: Kumar Kundu, M., Mohapatra, D., Konar, A., Chakraborty, A. (eds) Advanced Computing, Networking and Informatics- Volume 2. Smart Innovation, Systems and Technologies, vol 28. Springer, Cham. https://doi.org/10.1007/978-3-319-07350-7_64
Download citation
DOI: https://doi.org/10.1007/978-3-319-07350-7_64
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07349-1
Online ISBN: 978-3-319-07350-7
eBook Packages: EngineeringEngineering (R0)