An SVM-based machine learning method for accurate internet traffic classification |
| |
| Authors: | Ruixi Yuan Zhu Li Xiaohong Guan Li Xu |
| |
| Affiliation: | (1) Center for Intelligent and Networked Systems, TNLIST Lab, Tsinghua University, Beijing, 100084, China;(2) MOE KLINNS Lab and SKLMS Lab, Xi’an Jiaotong University, Xi’an, 710049, China;(3) College of Economics and Management, Beijing Jiaotong University, Beijing, 100044, China;(4) Department of Information Technology and Decision Science, Old Dominion University, Norfolk, VA 23529, USA; |
| |
| Abstract: | Accurate and timely traffic classification is critical in network security monitoring and traffic engineering. Traditional
methods based on port numbers and protocols have proven to be ineffective in terms of dynamic port allocation and packet encapsulation.
The signature matching methods, on the other hand, require a known signature set and processing of packet payload, can only
handle the signatures of a limited number of IP packets in real-time. A machine learning method based on SVM (supporting vector
machine) is proposed in this paper for accurate Internet traffic classification. The method classifies the Internet traffic
into broad application categories according to the network flow parameters obtained from the packet headers. An optimized
feature set is obtained via multiple classifier selection methods. Experimental results using traffic from campus backbone
show that an accuracy of 99.42% is achieved with the regular biased training and testing samples. An accuracy of 97.17% is
achieved when un-biased training and testing samples are used with the same feature set. Furthermore, as all the feature parameters
are computable from the packet headers, the proposed method is also applicable to encrypted network traffic. |
| |
| Keywords: | |
| 本文献已被 SpringerLink 等数据库收录! |
|
