scholarly journals A Survey of Network Traffic Classification

2020 ◽  
Vol 32 (6) ◽  
pp. 137-154
Author(s):  
Aleksandr Igorevich Getman ◽  
Maria Kirillovna Ikonnikova
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Learning Algorithms ◽  
Research Area ◽  
Machine Learning Algorithms ◽  
Traffic Classification ◽  
Research Papers ◽  
Advantages And Disadvantages ◽  
Network Traffic Classification ◽  
Insight Into

This survey is dedicated to the task of network traffic classification, particularly to the use of machine learning algorithms in this task. The survey begins with the description of the task, its variations and possible uses in real-world problems. It then proceeds to the description of the methods used historically to solve this task, their limitations and evolution of traffic making machine learning the main way to solve the problem. Then the most popular machine learning algorithms used in this task are described, with the examples of research papers, providing the insight into their advantages and disadvantages in relation to this field. The task of feature selection is discussed, followed by the more global problem of acquiring the suitable dataset to use in the research; some examples of such popular datasets and their descriptions are provided. The paper concludes with the outline of the current problems in this research area to be solved.

scholarly journals Searching for optimal machine learning algorithm for network traffic classification in intrusion detection system

2018 ◽  
Vol 21 ◽  
pp. 00027
Author(s):  
Alicja Gerka
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Network Traffic ◽  
Detection System ◽  
Learning Algorithms ◽  
Attack Detection ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Traffic Classification ◽  
Network Traffic Classification

The main problem associated with the development of an effective network behaviour anomaly detection-based IDS model is the selection of the optimal network traffic classification method. This article presents the results of simulation research on the effectiveness of the use of machine learning algorithms in the network attacks detection. The research part of the work concerned finding the optimal method of network packets classification possible to implement in the intrusion detection system’s attack detection module. During the research, the performance of three machine learning algorithms (Artificial Neural Network, Support Vector Machine and Naïve Bayes Classifier) has been compared using a dataset from the KDD Cup competition. Attention was also paid to the relationship between the values of algorithm parameters and their effectiveness. The work also contains an short analysis of the state of cybersecurity in Poland.

scholarly journals A Comparative Study of Traffic Classification Techniques for Smart City Networks

Sensors ◽  
2021 ◽  
Vol 21 (14) ◽  
pp. 4677
Author(s):  
Razan M. AlZoman ◽  
Mohammed J. F. Alenazi
Keyword(s):  
Machine Learning ◽  
Decision Tree ◽  
Network Management ◽  
Network Traffic ◽  
Smart City ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Traffic Classification ◽  
Network Traffic Classification

Smart city networks involve many applications that impose specific Quality of Service (QoS) requirements, thus representing a challenging scenario for network management. Solutions aiming to guarantee QoS support have not been deployed in large-scale networks. Traffic classification is a mechanism used to manage different aspects, including QoS requirements. However, conventional traffic classification methods, such as the port-based method, are inefficient because of their inability to handle dynamic port allocation and encryption. Traffic classification using machine learning has gained research interest as an alternative method to achieve high performance. In fact, machine learning embeds intelligence into network functions, thus improving network management. In this study, we apply machine learning algorithms to predict network traffic classification. We apply four supervised learning algorithms: support vector machine, random forest, k-nearest neighbors, and decision tree. We also apply a port-based method of traffic classification based on applications’ popular assigned port numbers. Then, we compare the results of this method to those obtained from the machine learning algorithms. The evaluation results indicate that the decision tree algorithm provides the highest average accuracy among the evaluated algorithms, at 99.18%. Moreover, network traffic classification using machine learning provides more accurate results and higher performance than the port-based method.

scholarly journals MODC: A Pareto-Optimal Optimization Approach for Network Traffic Classification Based on the Divide and Conquer Strategy

Information ◽  
2018 ◽  
Vol 9 (9) ◽  
pp. 233 ◽  
Author(s):  
Zuleika Nascimento ◽  
Djamel Sadok
Keyword(s):  
Machine Learning ◽  
Network Traffic ◽  
Machine Learning Algorithms ◽  
Divide And Conquer ◽  
Pareto Optimal ◽  
Optimization Approach ◽  
Traffic Classification ◽  
Multi Objective ◽  
Network Traffic Classification ◽  
Changes Over Time

Network traffic classification aims to identify categories of traffic or applications of network packets or flows. It is an area that continues to gain attention by researchers due to the necessity of understanding the composition of network traffics, which changes over time, to ensure the network Quality of Service (QoS). Among the different methods of network traffic classification, the payload-based one (DPI) is the most accurate, but presents some drawbacks, such as the inability of classifying encrypted data, the concerns regarding the users’ privacy, the high computational costs, and ambiguity when multiple signatures might match. For that reason, machine learning methods have been proposed to overcome these issues. This work proposes a Multi-Objective Divide and Conquer (MODC) model for network traffic classification, by combining, into a hybrid model, supervised and unsupervised machine learning algorithms, based on the divide and conquer strategy. Additionally, it is a flexible model since it allows network administrators to choose between a set of parameters (pareto-optimal solutions), led by a multi-objective optimization process, by prioritizing flow or byte accuracies. Our method achieved 94.14% of average flow accuracy for the analyzed dataset, outperforming the six DPI-based tools investigated, including two commercial ones, and other machine learning-based methods.

scholarly journals Effective Packet Number for 5G IM WeChat Application at Early Stage Traffic Classification

2017 ◽  
Vol 2017 ◽  
pp. 1-22 ◽  
Author(s):  
Muhammad Shafiq ◽  
Xiangzhan Yu
Keyword(s):  
Machine Learning ◽  
Mutual Information ◽  
Network Traffic ◽  
Early Stage ◽  
Statistical Tests ◽  
Internet Traffic ◽  
Machine Learning Algorithms ◽  
Experimental Results ◽  
Traffic Classification ◽  
Network Traffic Classification

Accurate network traffic classification at early stage is very important for 5G network applications. During the last few years, researchers endeavored hard to propose effective machine learning model for classification of Internet traffic applications at early stage with few packets. Nevertheless, this essential problem still needs to be studied profoundly to find out effective packet number as well as effective machine learning (ML) model. In this paper, we tried to solve the above-mentioned problem. For this purpose, five Internet traffic datasets are utilized. Initially, we extract packet size of 20 packets and then mutual information analysis is carried out to find out the mutual information of each packet onnflow type. Thereafter, we execute 10 well-known machine learning algorithms using crossover classification method. Two statistical analysis tests, Friedman and Wilcoxon pairwise tests, are applied for the experimental results. Moreover, we also apply the statistical tests for classifiers to find out effective ML classifier. Our experimental results show that 13–19 packets are the effective packet numbers for 5G IM WeChat application at early stage network traffic classification. We also find out effective ML classifier, where Random Forest ML classifier is effective classifier at early stage Internet traffic classification.

Sign in / Sign up

Export Citation Format

Share Document