A survey of techniques for internet traffic classification using machine learning

Authors:
T. T.T. Nguyen;G. Armitage
Affiliations:
Swinburne University of Technology, Melbourne, Australia;-
Venue:
IEEE Communications Surveys & Tutorials
Year:
2008

Citing 0
Cited 55

Detecting sensitive data exfiltration by an insider attack

Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Acceleration of decision tree searching for IP traffic classification

Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A nonlinear, recurrence-based approach to traffic classification

Computer Networks: The International Journal of Computer and Telecommunications Networking
Characterizing network traffic by means of the NetMine framework

Computer Networks: The International Journal of Computer and Telecommunications Networking
Rapid identification of Skype traffic flows

Proceedings of the 18th international workshop on Network and operating systems support for digital audio and video
Internet traffic classification demystified: myths, caveats, and the best practices

CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Revealing the Unknown ADSL Traffic Using Statistical Methods

TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Review: Application classification using packet size distribution and port association

Journal of Network and Computer Applications
Challenging statistical classification for operational usage: the ADSL case

Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Graph-based P2P traffic classification at the internet backbone

INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Decision tree network traffic classifier via adaptive hierarchical clustering for imperfect training dataset

WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Better network traffic identification through the independent combination of techniques

Journal of Network and Computer Applications
Impact of asymmetric routing on statistical traffic classification

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Traffic classification techniques supporting semantic networks

Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Probabilistic graphical models for semi-supervised traffic classification

Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
A first look at traffic classification in enterprise networks

Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Discernibility analysis and accuracy improvement of machine learning algorithms for network intrusion detection

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A framework for tunneled traffic analysis

ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Link homophily in the application layer and its usage in traffic classification

INFOCOM'10 Proceedings of the 29th conference on Information communications
Towards automated detection of peer-to-peer botnets: on the limits of local approaches

LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Analysis of the impact of sampling on NetFlow traffic classification

Computer Networks: The International Journal of Computer and Telecommunications Networking
KISS: stochastic packet inspection classifier for UDP traffic

IEEE/ACM Transactions on Networking (TON)
Graption: A graph-based P2P traffic classification framework for the internet backbone

Computer Networks: The International Journal of Computer and Telecommunications Networking
Early classification of network traffic through multi-classification

TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Inferring users' online activities through traffic analysis

Proceedings of the fourth ACM conference on Wireless network security
Feature extraction based IP traffic classification using machine learning

ACAI '11 Proceedings of the International Conference on Advances in Computing and Artificial Intelligence
Scalable Stealth Mode P2P Overlays of Very Small Constant Degree

ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Using a behaviour knowledge space approach for detecting unknown IP traffic flows

MCS'11 Proceedings of the 10th international conference on Multiple classifier systems
MINETRAC: mining flows for unsupervised analysis & semi-supervised classification

Proceedings of the 23rd International Teletraffic Congress
Admission control for webservices in enterprise systems using expert systems

WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
Self-adaptive QoS control mechanism in cognitive networks based on intelligent service awareness

WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
Kiss to abacus: a comparison of P2P-TV traffic classifiers

TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
TCP traffic classification using markov models

TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
K-dimensional trees for continuous traffic classification

TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Realtime classification for encrypted traffic

SEA'10 Proceedings of the 9th international conference on Experimental Algorithms
Tetherway: a framework for tethering camouflage

Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Measurement Based Analysis of One-Click File Hosting Services

Journal of Network and Systems Management
Real-Time traffic classification based on cosine similarity using sub-application vectors

TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
Internet traffic classification using multifractal analysis approach

Proceedings of the 15th Communications and Networking Simulation Symposium
Machine learning-based classification of encrypted internet traffic

MLDM'12 Proceedings of the 8th international conference on Machine Learning and Data Mining in Pattern Recognition
An efficient fuzzy controller based technique for network traffic classification to improve QoS

Proceedings of the Fifth International Conference on Security of Information and Networks
Wire-speed statistical classification of network traffic on commodity hardware

Proceedings of the 2012 ACM conference on Internet measurement conference
Measuring the impact of the copyright amendment act on New Zealand residential DSL users

Proceedings of the 2012 ACM conference on Internet measurement conference
Timely and continuous machine-learning-based classification for interactive IP traffic

IEEE/ACM Transactions on Networking (TON)
Application traffic classification at the early stage by characterizing application rounds

Information Sciences: an International Journal
Review: A survey of network flow applications

Journal of Network and Computer Applications
Unsupervised traffic classification using flow statistical properties and IP packet payload

Journal of Computer and System Sciences
Detection and classification of peer-to-peer traffic: A survey

ACM Computing Surveys (CSUR)
Robust network traffic identification with unknown applications

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Protocol misidentification made easy with format-transforming encryption

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
P2P traffic classification using ensemble learning

Proceedings of the 5th IBM Collaborative Academia Research Exchange Workshop
Traffic classification combining flow correlation and ensemble classifier

International Journal of Wireless and Mobile Computing
Reviewing traffic classification

DataTraffic Monitoring and Analysis
The application of neural networks to improve the quality of experience of video transmission over IP networks

Engineering Applications of Artificial Intelligence
Application of Bayesian Networks for Autonomic Network Management

Journal of Network and Systems Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The research community has begun looking for IP traffic classification techniques that do not rely on `well known驴 TCP or UDP port numbers, or interpreting the contents of packet payloads. New work is emerging on the use of statistical traffic characteristics to assist in the identification and classification process. This survey paper looks at emerging research into the application of Machine Learning (ML) techniques to IP traffic classification - an inter-disciplinary blend of IP networking and data mining techniques. We provide context and motivation for the application of ML techniques to IP traffic classification, and review 18 significant works that cover the dominant period from 2004 to early 2007. These works are categorized and reviewed according to their choice of ML strategies and primary contributions to the literature. We also discuss a number of key requirements for the employment of ML-based traffic classifiers in operational IP networks, and qualitatively critique the extent to which the reviewed works meet these requirements. Open issues and challenges in the field are also discussed.