HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Using visual motifs to classify encrypted traffic
Proceedings of the 3rd international workshop on Visualization for computer security
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
Stock price effects analysis between US and Taiwanese online stock trading
International Journal of Electronic Finance
In-the-dark network traffic classification using support vector machines
IAAI'08 Proceedings of the 20th national conference on Innovative applications of artificial intelligence - Volume 3
A scalable multi-core aware software architecture for high-performance network monitoring
Proceedings of the 2nd international conference on Security of information and networks
Statistical texture analysis methods for network traffic classification
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
Machine learning based encrypted traffic classification: identifying SSH and skype
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Traffic classification - towards accurate real time network applications
HCI'07 Proceedings of the 12th international conference on Human-computer interaction: applications and services
An SVM-based machine learning method for accurate internet traffic classification
Information Systems Frontiers
A high-performance and scalable multi-core aware software solution for network monitoring
The Journal of Supercomputing
Spam behavior recognition based on session layer data mining
FSKD'06 Proceedings of the Third international conference on Fuzzy Systems and Knowledge Discovery
Classification of hidden network streams
DaWaK'06 Proceedings of the 8th international conference on Data Warehousing and Knowledge Discovery
Finding peer-to-peer file-sharing using coarse network behaviors
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Enhancing Tor's performance using real-time traffic classification
Proceedings of the 2012 ACM conference on Computer and communications security
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
An information-theoretical approach to high-speed flow nature identification
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
Understanding the nature of the information flowing intoand out of a system or network is fundamental to determiningif there is adherence to a usage policy. Traditional methodsof determining traffic type rely on the port label carriedin the packet header. This method can fail, however, in thepresence of proxy servers that re-map port numbers or hostservices that have been compromised to act as backdoors orcovert channels.We present an approach to classify server traffic basedon decision trees learned during a training phase. The treesare constructed from traffic described using a set of featureswe designed to capture stream behavior. Because our classificationof the traffic type is independent of port label, it providesa more accurate classification in the presence of maliciousactivity. An empirical evaluation illustrates that modelsof both aggregate protocol behavior and host-specificprotocol behavior obtain classification accuracies rangingfrom 82-100%.