№2, 2014

ONE METHOD FOR COMPUTER NETWORKS TRAFFIC CLASSIFICATION (rus.

Ramiz H. Shikhaliyev

Precise traffic classification of computer networks (CN) is necessary for their effective management, monitoring and security. Article proposes sharing use of machine learning and associative rules mining algorithms for CN traffic classification. The proposed method of classifying traffic will improve performance and classification accuracy with small training datasets. (pp. 59-67)

Keywords: computer networks, network traffic, traffic classification, traffic classification features, machine learning, associative rules, SVM-method
References
  • Nguyen T.T., Armitage G. A survey of techniques for internet traffic classification using machine learning // IEEE Commun. Surveys & Tutorials, 2008, vol.10, no.4, pp.56–76.
  • Roughan M., Sen S., Spatscheck O., Duffield N. Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification / Proceedings of the ACM SIGCOMM Conference on Internet Measurement, 2004, pp.135–148.
  • IANA, http://www.iana.org/assignments/port-numbers.
  • RFC 4251. http://www.ietf.org/rfc/rfc4251.txt.
  • RFC 2246. http://www.ietf.org/rfc/rfc2246.txt.
  • http://www.skype.com.
  • MSN Messenger. http://join.msn.com/messenger/overview2000.
  • Moore A.W., Zuev D. Internet traffic classification using Bayesian analysis techniques // Proceedings of the ACM SIGMETRICS international conference on Measurement and modeling of computer systems, vol.33, no.1, 2005, pp.50–60.
  • Williams N., Zander S., Armitage G. A preliminary performance comparison of five machine learning algorithms for practical ip traffic flow classification // ACM SIGCOMM Computer Communication Review, 2006, vol.36, no.5, 5–16.
  • Nguyen T., Armitage G. Training on multiple sub-flows to optimise the use of machine learning classifiers in real-world ip networks / Proceedings of the 31st IEEE Conference on Local Computer Networks, 2006, pp.369–376.
  • Auld T., Moore A.W., S.F.Gull. Bayesian neural networks for internet traffic classification // IEEE Trans. Neural Networks, January 2007, 18, no.1, pp.223–239.
  • Erman J., Mahanti A., Arlitt M., Williamson C. Identifying and discriminating between web and peer-to-peer traffic in the network core / Proceedings of the 16th international conference on World Wide Web, 2007, pp.883–892.
  • Crotti M., Dusi M., Gringoli F., Salgarelli L. Traffic classification through simple statistical fingerprinting // ACM SIGCOMM Computer Communication Review, 2007, vol.37, no.1, pp.5–16,
  • Este A., Gringoli F., Salgarelli L. Support vector machines for tcp traffic classification // Computer Networks, 2009, vol.53, no.14, pp.2476–2490.
  • Roughan M., Sen S., Spatscheck O., Duffield N. Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification / Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, 2004, pp.135–148.
  • Kim H., Claffy K., Fomenkov M., Barman D., Faloutsos M., Lee K. Internet traffic classification demystified: myths, caveats, and the best practices / Proceedings of the ACM CoNEXT Conference, 2008, pp.1–12.
  • McGregor A., Hall M., Lorier P., Brunskill J. Flow clustering using machine learning techniques / Proceedings of Passive and Active Measurement Workshop, 2004, pp.205–214.
  • Zander S., Nguyen T., Armitage G. Automated traffic classification and application identification using machine learning / Annual IEEE Conference on Local Computer Networks, 2005, pp.250–257.
  • Bernaille L., Teixeira R., Akodkenou I., Soule A., Salamatian K. Traffic classification on the fly // ACM SIGCOMM Computer Communication Review, 2006, vol.36, no.2, pp.23–26.
  • Erman J., Arlitt M., Mahanti A. Traffic classification using clustering algorithms / Proceedings of the SIGCOMM workshop on Mining network data, 2006, pp.281–286.
  • Wang Y., Xiang Y. and S.-Z. Yu. An automatic application signature construction system for unknown traffic // Concurrency Computations: Pract. Exper., 2010, vol.22, pp.1927–1944.
  • Finamore A., Mellia M., Meo M.. Mining unclassified traffic using automatic clustering techniques // TMA International Workshop on Traffic Monitoring and Analysis, 2011, pp. 150–163.
  • Zhang J., Xiang Y.,  Wang Y.,  Zhou W.,  Xiang Y.,  Guan Y. Network  traffic  classification  using  correlation information // IEEE Transactions on Parallel and Distributed Systems, 2012, vol.24, no.1, pp.1–15.
  • Gu1 C., Zhang S., Chen X., Du A. Realtime traffic classification based on semi-supervised learning // Journal of Computational Information Systems 2011, no.7, pp.2347-
  • Erman J., Mahanti A., Arlitt M., Cohen I., Williamson C. Offline/realtime traffic classification using semi-supervised learning // Performance Evaluation, October 2007, vol.64, no.9-12, pp.1194–1213,
  • http://cs229.stanford.edu/notes/cs229-notes3.pdf
  • Este A., Gringoli F., Salgarelli L. Support Vector Machines for TCP Traffic Classification // The International Journal of Computer and Telecommunications Networking, 2009, vol.53, no.14, pp.2476–2490.
  • Yang A., Jiang S., Deng H. A P2P Network Traffic Classification Method Using SVM / The 9th International Conference for Young Computer Scientists, 2008, pp.398–403.
  • Sena G.G., Belzarena P. Early Traffic Classification Using Support Vector Machines / Proceedings of the 5th International Latin American Networking Conference, LANC ’09. 2009, pp.60–66.
  • Шихалиев Р.Г. Об одном методе сокращения размерности анализируемых признаков сетевых трафиков, используемых для мониторинга компьютерных сетей // Телекоммуникации, 2011, №06, 44–48.
  • Agrawal R., Srikant R. Fast Algorithms for Mining Association Rules in Large Databases / Proc. Conf. Very Large Databases, 1994, pp.487–499.
  • Srikant R., Agrawal R. Mining Generalized Association Rules / Proceedings of the 21th International Conference on Very Large Data Bases, 1995, pp.407–419.