C4.5: programs for machine learning
C4.5: programs for machine learning
A Tutorial on Support Vector Machines for Pattern Recognition
Data Mining and Knowledge Discovery
Behavioral Authentication of Server Flows
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Introduction to Machine Learning (Adaptive Computation and Machine Learning)
Introduction to Machine Learning (Adaptive Computation and Machine Learning)
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
ACM SIGCOMM Computer Communication Review
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Dynamic application-layer protocol analysis for network intrusion detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Investigating Two Different Approaches for Encrypted Traffic Classification
PST '08 Proceedings of the 2008 Sixth Annual Conference on Privacy, Security and Trust
Detailed analysis of Skype traffic
IEEE Transactions on Multimedia
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Estimating continuous distributions in Bayesian classifiers
UAI'95 Proceedings of the Eleventh conference on Uncertainty in artificial intelligence
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
Early classification of network traffic through multi-classification
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Using a behaviour knowledge space approach for detecting unknown IP traffic flows
MCS'11 Proceedings of the 10th international conference on Multiple classifier systems
High throughput and programmable online trafficclassifier on FPGA
Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays
| Hi-index | 0.00 |
The objective of this work is to assess the robustness of machine learning based traffic classification for classifying encrypted traffic where SSH and Skype are taken as good representatives of encrypted traffic. Here what we mean by robustness is that the classifiers are trained on data from one network but tested on data from an entirely different network. To this end, five learning algorithms - AdaBoost, Support Vector Machine, Naïve Bayesian, RIPPER and C4.5 - are evaluated using flow based features, where IP addresses, source/destination ports and payload information are not employed. Results indicate the C4.5 based approach performs much better than other algorithms on the identification of both SSH and Skype traffic on totally different networks.