Small Sample Size Effects in Statistical Pattern Recognition: Recommendations for Practitioners
IEEE Transactions on Pattern Analysis and Machine Intelligence
Nonlinear component analysis as a kernel eigenvalue problem
Neural Computation
Decision boundary feature extraction for neural networks
IEEE Transactions on Neural Networks
SOCIAL: self-organizing classifier ensemble for adversarial learning
MCS'10 Proceedings of the 9th international conference on Multiple Classifier Systems
Network protocol identification ensemble with EA optimization
Proceedings of the 15th annual conference companion on Genetic and evolutionary computation
| Hi-index | 0.00 |
Classical approaches for network traffic classification are based on port analysis and packet inspection. Recent studies indicate that network protocols can be recognised more accurately using the flow statistics of the TCP connection. We propose a classifier selection ensemble for a fast and accurate verification of network protocols. Using the requested port number, the classifier selector directs the decision to an ensemble member responsible for this port. The chosen ensemble member ramifies the decision further using the "sign pattern" of the first four packets. Finally, a decision tree classifier labels the flow as `accepted' or `rejected' using the sizes of the first four packets. The ensemble has modular architecture which allows further modules to be individually trained and added. The classifiers were cross-tested using designated training and testing data of network traffic traces from three institutions. The results show that accuracy need not be sacrificed for speed of classification, and that the protocol classification is robust from one network to another.