Selection of relevant features and examples in machine learning
Artificial Intelligence - Special issue on relevance
Support vector machines: hype or hallelujah?
ACM SIGKDD Explorations Newsletter - Special issue on “Scalable data mining algorithms”
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Redundant feature elimination for multi-class problems
ICML '04 Proceedings of the twenty-first international conference on Machine learning
Transport layer identification of P2P traffic
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Automated Traffic Classification and Application Identification using Machine Learning
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
PlanetLab: overview, history, and future directions
ACM SIGOPS Operating Systems Review
A measurement study of correlations of internet flow characteristics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Identifying and discriminating between web and peer-to-peer traffic in the network core
Proceedings of the 16th international conference on World Wide Web
Dynamic application-layer protocol analysis for network intrusion detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Byte me: a case for byte accuracy in traffic classification
Proceedings of the 3rd annual ACM workshop on Mining network data
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
A parameterizable methodology for Internet traffic flow profiling
IEEE Journal on Selected Areas in Communications
Bayesian Neural Networks for Internet Traffic Classification
IEEE Transactions on Neural Networks
Revealing the Unknown ADSL Traffic Using Statistical Methods
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
On the stability of the information carried by traffic flow features at the packet level
ACM SIGCOMM Computer Communication Review
GT: picking up the truth from the ground for internet traffic
ACM SIGCOMM Computer Communication Review
Early traffic classification using support vector machines
Proceedings of the 5th International Latin American Networking Conference
On dominant characteristics of residential broadband internet traffic
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Challenging statistical classification for operational usage: the ADSL case
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Exploiting dynamicity in graph-based traffic analysis: techniques and applications
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Traffic Behaviour Characterization Using NetMate
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
One-Against-All Methodology for Features Selection and Classification of Internet Applications
IPOM '09 Proceedings of the 9th IEEE International Workshop on IP Operations and Management
Graph-based P2P traffic classification at the internet backbone
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Classification of audio and video traffic over HTTP protocol
ISCIT'09 Proceedings of the 9th international conference on Communications and information technologies
An experimental evaluation of the computational cost of a DPI traffic classifier
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Volume traffic anomaly detection using hierarchical clustering
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Traffic classification techniques supporting semantic networks
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Fine-grained traffic classification with netflow data
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Probabilistic graphical models for semi-supervised traffic classification
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
A first look at traffic classification in enterprise networks
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Googling the internet: profiling internet endpoints via the world wide web
IEEE/ACM Transactions on Networking (TON)
Volunteer-based distributed traffic data collection system
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Link homophily in the application layer and its usage in traffic classification
INFOCOM'10 Proceedings of the 29th conference on Information communications
Diffprobe: detecting ISP service discrimination
INFOCOM'10 Proceedings of the 29th conference on Information communications
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
Unsupervised host behavior classification from connection patterns
International Journal of Network Management
Relational network-service clustering analysis with set evidences
Proceedings of the 3rd ACM workshop on Artificial intelligence and security
Digging into HTTPS: flow-based classification of webmail traffic
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
On the characteristics and reasons of long-lived internet flows
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Profiling-By-Association: a resilient traffic profiling solution for the internet backbone
Proceedings of the 6th International COnference
Proceedings of the 6th International COnference
Internet traffic classification demystified: on the sources of the discriminative power
Proceedings of the 6th International COnference
Nfsight: netflow-based network awareness tool
LISA'10 Proceedings of the 24th international conference on Large installation system administration
HostView: annotating end-host performance measurements with user feedback
ACM SIGMETRICS Performance Evaluation Review
NeTraMark: a network traffic classification benchmark
ACM SIGCOMM Computer Communication Review
Prediction of web goodput using nonlinear autoregressive models
IEA/AIE'10 Proceedings of the 23rd international conference on Industrial engineering and other applications of applied intelligent systems - Volume Part II
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analysis of the impact of sampling on NetFlow traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
KISS: stochastic packet inspection classifier for UDP traffic
IEEE/ACM Transactions on Networking (TON)
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Early classification of network traffic through multi-classification
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Operating a network link at 100%
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
Inferring users' online activities through traffic analysis
Proceedings of the fourth ACM conference on Wireless network security
BotTrack: tracking botnets using NetFlow and PageRank
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
On blind mice and the elephant: understanding the network impact of a large distributed system
Proceedings of the ACM SIGCOMM 2011 conference
The network from above and below
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack
Discriminating graphs through spectral projections
Computer Networks: The International Journal of Computer and Telecommunications Networking
Using a behaviour knowledge space approach for detecting unknown IP traffic flows
MCS'11 Proceedings of the 10th international conference on Multiple classifier systems
A network activity classification schema and its application to scan detection
IEEE/ACM Transactions on Networking (TON)
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Kiss to abacus: a comparison of P2P-TV traffic classifiers
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
K-dimensional trees for continuous traffic classification
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Realtime classification for encrypted traffic
SEA'10 Proceedings of the 9th international conference on Experimental Algorithms
Network traffic classification via HMM under the guidance of syntactic structure
Computer Networks: The International Journal of Computer and Telecommunications Networking
Network flow classification based on the rhythm of packets
ICONIP'11 Proceedings of the 18th international conference on Neural Information Processing - Volume Part II
Tetherway: a framework for tethering camouflage
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Accommodating short and long web traffic flows over a diffserv architecture
EPEW'11 Proceedings of the 8th European conference on Computer Performance Engineering
Padding and fragmentation for masking packet length statistics
TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
Unmasking the growing UDP traffic in a campus network
PAM'12 Proceedings of the 13th international conference on Passive and Active Measurement
Towards the reduction of data used for the classification of network flows
HAIS'12 Proceedings of the 7th international conference on Hybrid Artificial Intelligent Systems - Volume Part II
Statistical traffic classification by boosting support vector machines
Proceedings of the 7th Latin American Networking Conference
Enhancing Tor's performance using real-time traffic classification
Proceedings of the 2012 ACM conference on Computer and communications security
Deep packet inspection tools and techniques in commodity platforms: Challenges and trends
Journal of Network and Computer Applications
An approach for failure recognition in IP-based industrial control networks and systems
International Journal of Network Management
Classifying internet one-way traffic
Proceedings of the 2012 ACM conference on Internet measurement conference
Wire-speed statistical classification of network traffic on commodity hardware
Proceedings of the 2012 ACM conference on Internet measurement conference
ICONIP'12 Proceedings of the 19th international conference on Neural Information Processing - Volume Part IV
Timely and continuous machine-learning-based classification for interactive IP traffic
IEEE/ACM Transactions on Networking (TON)
Application traffic classification at the early stage by characterizing application rounds
Information Sciences: an International Journal
Review: A survey of network flow applications
Journal of Network and Computer Applications
Unsupervised traffic classification using flow statistical properties and IP packet payload
Journal of Computer and System Sciences
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Robust network traffic identification with unknown applications
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Toward an efficient and scalable feature selection approach for internet traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
IEEE/ACM Transactions on Networking (TON)
Traffic classification combining flow correlation and ensemble classifier
International Journal of Wireless and Mobile Computing
Reviewing traffic classification
DataTraffic Monitoring and Analysis
Hi-index | 0.00 |
Recent research on Internet traffic classification algorithms has yield a flurry of proposed approaches for distinguishing types of traffic, but no systematic comparison of the various algorithms. This fragmented approach to traffic classification research leaves the operational community with no basis for consensus on what approach to use when, and how to interpret results. In this work we critically revisit traffic classification by conducting a thorough evaluation of three classification approaches, based on transport layer ports, host behavior, and flow features. A strength of our work is the broad range of data against which we test the three classification approaches: seven traces with payload collected in Japan, Korea, and the US. The diverse geographic locations, link characteristics and application traffic mix in these data allowed us to evaluate the approaches under a wide variety of conditions. We analyze the advantages and limitations of each approach, evaluate methods to overcome the limitations, and extract insights and recommendations for both the study and practical application of traffic classification. We make our software, classifiers, and data available for researchers interested in validating or extending this work.