Classification of network traffic using supervised machine learning algorithms within NFV environment

Deep Packet Inspection (DPI) of the network traffic is used on a regular basis within the traditional and virtualized environments. But changes in the network architecture with the introduction of containers, microservices, application functions, network functions, and the penetration of 5G access technology are adding more traffic complexity, especially in the so-called east-west flow direction. Network Functions Virtualization (NFV) has become an unavoidable step for further IP network development. In this context, DPI is becoming a challenge. Furthermore, the penetration of 5G allows access of various kinds of devices to the network with cloudification logic which drives them. This paper provides a performance analysis of a selected set of supervised machine learning (ML) algorithms for classification of network traffic within an NFV environment. The goal is to find a suitable algorithm that will classify the traffic from a point of both precision and speed, especially because in the 5G networks any packet delay may compromise the quality of service requirements. The research shows that out of the 6 algorithms tested, Decision Tree algorithm has the best overall performance, from both classification precision and time consumption point of view. It has proved as a reliable classifier that is performing evenly across different classes. Due to the specifics of the virtualized environments and encryption methods, payload data, source, destination, and port information of the network traffic packets are excluded from any statistical operation used for classification by the ML algorithms.