Using a behaviour knowledge space approach for detecting unknown IP traffic flows

Authors:
Alberto Dainotti;Antonio Pescapé;Carlo Sansone;Antonio Quintavalle
Affiliations:
Department of Computer Engineering and Systems, Universitá di Napoli Federico II;Department of Computer Engineering and Systems, Universitá di Napoli Federico II;Department of Computer Engineering and Systems, Universitá di Napoli Federico II;Department of Computer Engineering and Systems, Universitá di Napoli Federico II
Venue:
MCS'11 Proceedings of the 10th international conference on Multiple classifier systems
Year:
2011

Citing 16
Cited 1

A Method of Combining Multiple Experts for the Recognition of Unconstrained Handwritten Numerals

IEEE Transactions on Pattern Analysis and Machine Intelligence
Combining Pattern Classifiers: Methods and Algorithms

Combining Pattern Classifiers: Methods and Algorithms
A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification

ACM SIGCOMM Computer Communication Review
GA-Based Internet Traffic Classification Technique for QoS Provisioning

IIH-MSP '06 Proceedings of the 2006 International Conference on Intelligent Information Hiding and Multimedia
On Inferring Application Protocol Behaviors in Encrypted Network Traffic

The Journal of Machine Learning Research
Traffic classification using en-semble learning and co-training

AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Internet traffic classification demystified: myths, caveats, and the best practices

CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Information fusion for computer security: State of the art and open issues

Information Fusion
TIE: A Community-Oriented Traffic Classification Platform

TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Machine learning based encrypted traffic classification: identifying SSH and skype

CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Early recognition of encrypted applications

PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Better network traffic identification through the independent combination of techniques

Journal of Network and Computer Applications
Early classification of network traffic through multi-classification

TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
A survey of techniques for internet traffic classification using machine learning

IEEE Communications Surveys & Tutorials
A Survey on Internet Traffic Identification

IEEE Communications Surveys & Tutorials
Bayesian Neural Networks for Internet Traffic Classification

IEEE Transactions on Neural Networks

Reviewing traffic classification

DataTraffic Monitoring and Analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

The assignment of an IP flow to a class, according to the application that generated it, is at the basis of any modern network management platform. In several network scenarios, however, it is quite unrealistic to assume that all the classes an IP flow can belong to are a priori known. In these cases, in fact, some network protocols may be known, but novel protocols can appear so giving rise to unknown classes. In this paper, we propose to face the problem of classifying IP flows by means of a multiple classifier approach based on the Behaviour Knowledge Space (BKS) combiner. It has been explicitly devised in order to effectively address the problem of the unknown traffic too. To demonstrate the effectiveness of the proposed approach we present an experimental evaluation on a real traffic trace.