NESG

Icono Icono

Icono Icono

A Generalizable Dynamic Flow Pairing Method for Traffic Classification

José Camacho; Pablo Padilla; Pedro García-Teodoro; Jesús Esteban Díaz Verdejo
Abstract:
The goal of network traffic classification is to identify the protocols or types of protocols in the network traffic. In particular, the identification of network traffic with high resource consumption, such as peer-to-peer (P2P) traffic, represents a great concern for Internet Service Providers (ISP) and network managers. Most current classification approaches report high accuracies without paying attention to the generalization ability of the classifier. However, without this ability, a classifier may not be suitable for on-line classification. In this paper, a number of experiments on real traffic help to elucidate the reason for this lack of generalization. It is also shown that one way to attain the generalization ability is by using dynamic classifiers. From these results, a dynamic classification approach based on the pairing of flows according to a similarity criterion is proposed. This method can be used in combination with any classifier in order to reduce its computational overhead without a significant reduction in accuracy. In this paper we ex- plore complementing the pairing method with payload inspection achieving an important reduction in the computation overhead of the latter. Moreover, a high portion of the traffic unclassified by payload inspection is categorized with the pairing method. In the experiments performed, the proposed approach generalizes well to traffic obtained in different conditions than that used for calibration.
Research areas:
Year:
2013
Type of Publication:
Article
Keywords:
Traffic classification, peer to peer, flow, pairing
Journal:
Computer Networks (Elsevier)
Volume:
57
Number:
14
Pages:
2718-2732
ISSN:
1389-1286
Hits: 2843