Identifying online traffic based on property of TCP flow

doi:10.1016/S1005-8885(08)60231-9

Acta Metallurgica Sinica(English letters) ›› 2009, Vol. 16 ›› Issue (3): 84-88.doi: 10.1016/S1005-8885(08)60231-9

Identifying online traffic based on property of TCP flow

洪民火,顾仁涛,王宏祥,孙咏梅,纪越峰

Key Laboratory of Optical Communications and Lightwave Technologies, Beijing University of Posts and Telecommunications, Beijing 100876, China

收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-06-30
通讯作者: 洪民火

Identifying online traffic based on property of TCP flow

HONG Min-huo, GU Ren-tao, WANG Hong-xiang, SUN Yong-mei, JI Yue-feng

Key Laboratory of Optical Communications and Lightwave Technologies, Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:1900-01-01 Revised:1900-01-01 Online:2009-06-30
Contact: HONG Min-huo

摘要/Abstract

摘要：

Classification of network traffic using port-based or payload-based analysis is becoming increasingly difficult when many applications use dynamic port numbers, masquerading techniques, and encryption to avoid detection. In this article, an approach is presented for online traffic classification relying on the observation of the first n packets of a transmission control protocol (TCP) connection. Its key idea is to utilize the properties of the observed first ten packets of a TCP connection and Bayesian network method to build a classifier. This classifier can classify TCP flows dynamically as packets pass through it by deciding whether a TCP flow belongs to a given application. The experimental results show that the proposed approach performs well in online internet traffic classification and that it is superior to naïve Bayesian method.

关键词:

network;traffic;classification,;inter-arrival;time,;TCP;flow,;Bayesian;network

Abstract:

Key words:

network traffic classification;inter-arrival time;TCP flow;Bayesian network

HONG Min-huo, GU Ren-tao, WANG Hong-xiang, SUN Yong-mei, JI Yue-feng. Identifying online traffic based on property of TCP flow[J]. Acta Metallurgica Sinica(English letters), 2009, 16(3): 84-88.

参考文献

1. Karagiannis T, Papagiannaki K, Faloutsos M. BLINC: multilevel traffic classification in the dark. Proceedings of the 2005 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’05), Aug 22-26, 2005, Philadelphia, PA, USA. New York, NY, USA: ACM, 2005: 229-240

2. McGregor A, Hall M, Lorier P, et al. Flow clustering using machine learning techniques. Proceedings of the the 5th Passive and Active Measurement Workshop (PAM’ 04), Apri 19-20, 2004, Antibes, France. New York, NY, USA: ACM, 2004: 205-214

3. Paxson V. Empirically derived analytic models of wide-area TCP connections. IEEE/ACM Transactions on Networking, 1994, 2(4): 316-336

4. Paxson V, Floyd S. Wide-area traffic: the failure of Poisson modeling. IEEE/ACM Transactions on Networking, 1995, 3(3): 226-244

5. Roughan M, Sen S, Spatscheck O, et al. Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification. Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement Conference (IMC’04), Oct 25-27, 2004, Taormina, Italy. New York, NY, USA: ACM, 2004: 135-148

6. Bernaille L, Teixeira R, Salamatian K. Early application identification. Proceedings of the 2nd Conference on Future Networking Technologies (CoNEXT’06), Dec 4-7, 2006, Lisboa, Portugal. New York, NY, USA: ACM, 2006: 436-445

7. Crotti M, Gringoli F, Pelosato P, et al. A statistical approach to IP-level classification of network traffic. Proceedings of the IEEE International Conference on Communications (ICC’06): Vol 1, Jun 11-15, 2006, Istanbul, Turkey. Piscataway, NJ, USA: IEEE, 2006: 170-176

8. Moore A W, Zuev D. Internet traffic classification using Bayesian analysis techniques. Proceedings of ACM International Conference on Measurement & Modeling of Computer Systems (SIGMETRICS’05), Jun 6-10, 2005, Banff, Canada, New York, NY, USA: ACM, 2005: 50-60

9. Nilsson N J. Artificial intelligence: a new synthesis. San Fransisco, CA, USA: Morgan Kaufmann Publishers, 1998: 197-223

10. Friedman N, Geiger D, Goldszmidt M. Bayesian network classifiers. Machine Learning, 1997, 29(2/3): 131-163

11. Hall M A. Correlation-based feature selection for machine learning. Ph. D. Dissertations. Hamilton, NZ, USA: Department of Computer Science, Waikato University, 1998

12. Moore A W, Papagiannaki K. Toward the accurate identification of network applications. Proceedings of the the 6th Passive and Active Measurement Workshop (PAM’ 05), Mar 31-Apr 1, 2005, Boston, MA, USA. New York, NY, USA: ACM, 2005: 41-54

[1]	刘琨, 王辉, 申自浩. Prediction of network attack profit path based on NAPG model[J]. 中国邮电高校学报(英文版), 2020, 27(5): 91-102.
[2]	何明枢, 金磊, 王小娟, 李源. Web log classification framework with data augmentation based on GANs[J]. 中国邮电高校学报(英文版), 2020, 27(5): 34-46.
[3]	汪昭颖, 周军华, 廖中华, 翟翔, 张连平. Semantic segmentation of track image based on deep neural network[J]. 中国邮电高校学报(英文版), 2020, 27(5): 23-33.
[4]	张永昌. Game-Based Distributed Noncooperation Interference Coordination Scheme in Ultra-Dense Networks[J]. 中国邮电高校学报(英文版), 2020, 27(5): 55-62.
[5]	王锴烨崔绍华许方敏赵成林. Independently recurrent neural network for remaining useful life estimation [J]. 中国邮电高校学报(英文版), 2020, 27(4): 26-33.
[6]	杨健健张强王晓林杜毅博王超吴淼. Research on equipment fault diagnosis method based on random stochastic adaptive particle swarm optimization [J]. 中国邮电高校学报(英文版), 2020, 27(4): 17-25.
[7]	李艳华肖文光. Enhancement network: confining deep convolutional features based on hand-crafted rules [J]. 中国邮电高校学报(英文版), 2020, 27(4): 34-42.
[8]	李绍贤吕凡王成瑞侯延昭. UWB positioning enhancement using Markov chain in indoor NLOS environment [J]. 中国邮电高校学报(英文版), 2020, 27(4): 54-58.
[9]	姚引娣王磊贺军瑾. Hybrid time slot allocation algorithm based on LoRa Internet of things [J]. 中国邮电高校学报(英文版), 2020, 27(4): 83-90.
[10]	田世明宫飞翔莫爽李蒙吴文睿肖丁. End-to-end encrypted network traffic classification method based on deep learning[J]. 中国邮电高校学报(英文版), 2020, 27(3): 21-30.
[11]	Pan Ziyu, Hu Han. Energy efficiency optimization for HCNs based on small base station transmission power allocation[J]. 中国邮电高校学报(英文版), 2020, 27(2): 19-25.
[12]	Tang Xianlun, Chen Yingjie, Xu Jin, Yu Xinxian. Deep global-attention based convolutional network with dense connections for text classification[J]. 中国邮电高校学报(英文版), 2020, 27(2): 46-55.
[13]	Wei Rongyu, Nie Min, Yang Guang, Zhang Meiling, Sun Aijing, Pei Changx. Parameters and performance analysis of quantum wireless sensor network for monitoring the activities of tibetan antelope in Hoh Xil[J]. 中国邮电高校学报(英文版), 2019, 26(6): 11-19.
[14]	Yao Wenbin, Hu Fangyi. Improvement of LDA model with time factor for collaborative filtering[J]. 中国邮电高校学报(英文版), 2019, 26(6): 54-62.
[15]	Wang Huan, Liu Ting, Cao Yuning, Wu Aixiang. Underflow concentration prediction model of deep-cone thickener based on data-driven[J]. 中国邮电高校学报(英文版), 2019, 26(6): 63-72.

Identifying online traffic based on property of TCP flow

Identifying online traffic based on property of TCP flow

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价