Generating Accurate Rule Sets Without Global Optimization
ICML '98 Proceedings of the Fifteenth International Conference on Machine Learning
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Network traffic analysis using singular value decomposition and multiscale transforms
Information Sciences: an International Journal
Privacy preserving data mining of sequential patterns for network traffic data
Information Sciences: an International Journal
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
The WEKA data mining software: an update
ACM SIGKDD Explorations Newsletter
Privacy-preserving data mining: A feature set partitioning approach
Information Sciences: an International Journal
NeTraMark: a network traffic classification benchmark
ACM SIGCOMM Computer Communication Review
Estimating continuous distributions in Bayesian classifiers
UAI'95 Proceedings of the Eleventh conference on Uncertainty in artificial intelligence
A Modular Machine Learning System for Flow-Level Traffic Classification in Large Networks
ACM Transactions on Knowledge Discovery from Data (TKDD)
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
Issues and future directions in traffic classification
IEEE Network: The Magazine of Global Internetworking
Mining frequent patterns in a varying-size sliding window of online transactional data streams
Information Sciences: an International Journal
Information Sciences: an International Journal
Hi-index | 0.07 |
This article proposes a machine learning-based high-accuracy algorithm called ''APPlication Round method (APPR)'' to identify network application traffic at the early stage. For each TCP/UDP flow, discriminators available at the early stage are determined to support high-accuracy and real-time traffic classification. Such discriminators characterize the possible negotiation behaviors of each flow from an application layer perspective. The ability of flow attributes is tested using several machine learning algorithms. By contrast, this study also compares the level of accuracy of the proposed method with those reported by machine learning-based application traffic classification methods that have addressed real-time application traffic classification problems based on identical sample traffic sets. By applying a pruned C4.5 tree machine learning algorithm to real traffic traces, the proposed method offers a maximal 99.21%, with an average overall accuracy of 92.88% for all traffic samples. Compared to other machine learning algorithms, the proposed algorithm not only provides a minimal accuracy improvement of approximately 7-8% for normal ratio data sets and more than 15-30% improvement of overall accuracy for fixed ratio data samples, but is also suitable for on-line identification because of the low-flow test duration. Furthermore, the proposed method is also appropriate for identifying encrypted protocols because it demonstrates high accuracy, classifies encryption-based protocols, and supports real-time classification.