A Generalizable Dynamic Flow Pairing Method for Traffic Classification
-
José Camacho; Pablo Padilla; Pedro García-Teodoro; Jesús Esteban Díaz Verdejo
- Abstract:
- The goal of network traffic classification is to identify the protocols or types of protocols in the network traffic. In particular, the identification of network traffic with high resource consumption, such as peer-to-peer (P2P) traffic, represents a great concern for Internet Service Providers (ISP) and
network managers. Most current classification approaches report high accuracies without paying attention to the generalization ability of the classifier. However, without this ability, a classifier may not be suitable for on-line classification. In this paper, a number of experiments on real traffic help to elucidate the reason for this lack of generalization. It is also shown that one way to attain the generalization ability is by using dynamic classifiers. From these results, a dynamic classification approach based on the pairing
of flows according to a similarity criterion is proposed. This method can be used in combination with any classifier in order to reduce its computational overhead without a significant reduction in accuracy. In this paper we ex-
plore complementing the pairing method with payload inspection achieving an important reduction in the computation overhead of the latter. Moreover, a high portion of the traffic unclassified by payload inspection is categorized
with the pairing method. In the experiments performed, the proposed approach generalizes well to traffic obtained in different conditions than that
used for calibration.
- Research areas:
- Year:
- 2013
- Type of Publication:
- Article
- Keywords:
- Traffic classification, peer to peer, flow, pairing
- Journal:
- Computer Networks (Elsevier)
- Volume:
- 57
- Number:
- 14
- Pages:
- 2718-2732
- ISSN:
- 1389-1286
Hits: 2843