HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Introduction to Machine Learning (Adaptive Computation and Machine Learning)
Introduction to Machine Learning (Adaptive Computation and Machine Learning)
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
A Monotonic Archive for Pareto-Coevolution
Evolutionary Computation
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
New methods for competitive coevolution
Evolutionary Computation
Managing team-based problem solving with symbiotic bid-based genetic programming
Proceedings of the 10th annual conference on Genetic and evolutionary computation
Coevolutionary bid-based genetic programming for problem decomposition in classification
Genetic Programming and Evolvable Machines
Investigating Two Different Approaches for Encrypted Traffic Classification
PST '08 Proceedings of the 2008 Sixth Annual Conference on Privacy, Security and Trust
Learning when training data are costly: the effect of class distribution on tree induction
Journal of Artificial Intelligence Research
GP classification under imbalanced data sets: active sub-sampling and AUC approximation
EuroGP'08 Proceedings of the 11th European conference on Genetic programming
Cooperative problem decomposition in Pareto competitive classifier models of coevolution
EuroGP'08 Proceedings of the 11th European conference on Genetic programming
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
| Hi-index | 0.00 |
The classification of Encrypted Traffic, namely Secure Shell (SSH), on the fly from network TCP traffic represents a particularly challenging application domain for machine learning. Solutions should ideally be both simple - therefore efficient to deploy - and accurate. Recent advances to teambased Genetic Programming provide the opportunity to decompose the original problem into a subset of classifiers with non-overlapping behaviors, in effect providing further insight into the problem domain and increasing the throughput of solutions. Thus, in this work we have investigated the identification of SSH encrypted traffic based on packet header features without using IP addresses, port numbers and payload data. Evaluation of C4.5 and AdaBoost - representing current best practice - against the Symbiotic Bid-based (SBB) paradigm of team-based Genetic Programming (GP) under data sets common and independent from the training condition indicates that SBB based GP solutions are capable of providing simpler solutions without sacrificing accuracy.