C4.5: programs for machine learning
C4.5: programs for machine learning
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Identifying Known and Unknown Peer-to-Peer Traffic
NCA '06 Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
A markovian signature-based approach to IP traffic classification
Proceedings of the 3rd annual ACM workshop on Mining network data
Revealing skype traffic: when randomness plays with you
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
On the Double-Faced Nature of P2P Traffic
PDP '08 Proceedings of the 16th Euromicro Conference on Parallel, Distributed and Network-Based Processing (PDP 2008)
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
A Machine Learning Approach for Efficient Traffic Classification
MASCOTS '07 Proceedings of the 2007 15th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems
Per flow packet sampling for high-speed network monitoring
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Challenging statistical classification for operational usage: the ADSL case
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
On the characterization of multi-channel applications
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
One-Against-All Methodology for Features Selection and Classification of Internet Applications
IPOM '09 Proceedings of the 9th IEEE International Workshop on IP Operations and Management
A first look at traffic classification in enterprise networks
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Evolution of cache replacement policies to track heavy-hitter flows
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Experience with high-speed automated application-identification for network-management
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Salting public traces with attack traffic to test flow classifiers
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
WSEAS TRANSACTIONS on COMMUNICATIONS
Session-based classification of internet applications in 3G wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Kiss to abacus: a comparison of P2P-TV traffic classifiers
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Feature selection for optimizing traffic classification
Computer Communications
Timely and continuous machine-learning-based classification for interactive IP traffic
IEEE/ACM Transactions on Networking (TON)
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Application specific processor with high level synthesized instructions (abstract only)
Proceedings of the 2014 ACM/SIGDA international symposium on Field-programmable gate arrays
Reviewing traffic classification
DataTraffic Monitoring and Analysis
Data summarization for network traffic monitoring
Journal of Network and Computer Applications
Hi-index | 0.00 |
Motivated by the importance of accurate identification for a range of applications, this paper compares and contrasts the effective and efficient classification of network-based applications using behavioral observations of network-traffic and those using deep-packet inspection. Importantly, throughout our work we are able to make comparison with data possessing an accurate, independently determined ground-truth that describes the actual applications causing the network-traffic observed. In a unique study in both the spatial-domain: comparing across different network-locations and in the temporal-domain: comparing across a number of years of data, we illustrate the decay in classification accuracy across a range of application-classification mechanisms. Further, we document the accuracy of spatial classification without training data possessing spatial diversity. Finally, we illustrate the classification of UDP traffic. We use the same classification approach for both stateful flows (TCP) and stateless flows based upon UDP. Importantly, we demonstrate high levels of accuracy: greater than 92% for the worst circumstance regardless of the application.