C4.5: programs for machine learning
C4.5: programs for machine learning
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACM SIGCOMM Computer Communication Review
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
ACM SIGCOMM Computer Communication Review
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
| Hi-index | 0.00 |
Classifying network traffic is very challenging and is still an issue yet to be solved due to the increase of new applications and traffic encryption. In this paper, we propose a novel hybrid approach for the network flow classification, in which we first apply the payload signature based classifier to identify the flow applications and unknown flows are then identified by a decision tree based classifier in parallel. We evaluate our approach with over 100 million flows collected over three consecutive days on a large-scale WiFi ISP network and results show the proposed approach successfully classifies all the flows with an accuracy approaching 93%.