Affiliation:
1. University of Cambridge
2. University of Oxford
Abstract
Accurate traffic classification is of fundamental importance to numerous other network activities, from security monitoring to accounting, and from Quality of Service to providing operators with useful forecasts for long-term provisioning. We apply a Naïve Bayes estimator to categorize traffic by application. Uniquely, our work capitalizes on hand-classified network data, using it as input to a supervised Naïve Bayes estimator. In this paper we illustrate the high level of accuracy achievable with the \Naive Bayes estimator. We further illustrate the improved accuracy of refined variants of this estimator.Our results indicate that with the simplest of Naïve Bayes estimator we are able to achieve about 65% accuracy on per-flow classification and with two powerful refinements we can improve this value to better than 95%; this is a vast improvement over traditional techniques that achieve 50--70%. While our technique uses training data, with categories derived from packet-content, all of our training and testing was done using header-derived discriminators. We emphasize this as a powerful aspect of our approach: using samples of well-known traffic to allow the categorization of traffic using commonly available information alone.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Networks and Communications,Hardware and Architecture,Software
Reference26 articles.
1. C. Logg and L. Cottrell. Characterization of the Traffic between SLAC and the Internet July 2003. http://www.slac.stanford.edu/comp/net/slac-netflow/html/SLAC-netflow.html. C. Logg and L. Cottrell. Characterization of the Traffic between SLAC and the Internet July 2003. http://www.slac.stanford.edu/comp/net/slac-netflow/html/SLAC-netflow.html.
2. Toward the Accurate Identification of Network Applications
3. Transport layer identification of P2P traffic
Cited by
462 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献