Traffic Classification and Application Identification in Network Forensics

Network traffic classification is an absolute necessity for network monitoring, security analyses and digital forensics. Without accurate traffic classification, the computational demands imposed by analyzing all the IP traffic flows are enormous. Classification can also reduce the number of flows that need to be examined and prioritized for analysis in forensic investigations.

[1]  Ivan Žežula,et al.  On multivariate Gaussian copulas , 2009 .

[2]  Neeraj Namdev,et al.  Recent Advancement in Machine Learning Based Internet Traffic Classification , 2015, KES.

[3]  Elie Bursztein,et al.  Probabilistic Identification for Hard to Classify Protocol , 2008, WISTP.

[4]  Andrew W. Moore,et al.  Discriminators for use in flow-based classification , 2013 .

[5]  A. Nur Zincir-Heywood,et al.  Investigating application behavior in network traffic traces , 2013, 2013 IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA).

[6]  Grenville J. Armitage,et al.  A survey of techniques for internet traffic classification using machine learning , 2008, IEEE Communications Surveys & Tutorials.

[7]  Josef Kittler,et al.  Combining classifiers: A theoretical framework , 1998, Pattern Analysis and Applications.

[8]  Nir Friedman,et al.  Bayesian Network Classifiers , 1997, Machine Learning.

[9]  Jan Pluskal,et al.  Advanced Techniques for Reconstruction of Incomplete Network Data , 2015, ICDF2C.

[10]  Richard E. Overill,et al.  Forensic Network Traffic Analysis , 2015 .

[11]  Shun-Zheng Yu,et al.  Machine Learned Real-Time Traffic Classifiers , 2008, 2008 Second International Symposium on Intelligent Information Technology Application.

[12]  Liu Zhen,et al.  A New Feature Selection Method for Internet Traffic Classification Using ML , 2012 .

[13]  Chaofan Shen,et al.  On Detection Accuracy of L7-filter and OpenDPI , 2012, 2012 Third International Conference on Networking and Distributed Computing.

[14]  Dawn Xiaodong Song,et al.  NetworkProfiler: Towards automatic fingerprinting of Android apps , 2013, 2013 Proceedings IEEE INFOCOM.

[15]  Yan Luo,et al.  Acceleration of decision tree searching for IP traffic classification , 2008, ANCS '08.

[16]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[17]  Elena Deza,et al.  Encyclopedia of Distances , 2014 .

[18]  Isabelle Guyon,et al.  An Introduction to Variable and Feature Selection , 2003, J. Mach. Learn. Res..

[19]  Jesús E. Díaz-Verdejo,et al.  A multilevel taxonomy and requirements for an optimal traffic‐classification model , 2014, Int. J. Netw. Manag..

[20]  Pablo Belzarena,et al.  Early traffic classification using support vector machines , 2009, LANC.

[21]  Marco Mellia,et al.  Mining Unclassified Traffic Using Automatic Clustering Techniques , 2011, TMA.

[22]  Carey L. Williamson,et al.  Offline/realtime traffic classification using semi-supervised learning , 2007, Perform. Evaluation.

[23]  Jiawei Han,et al.  Data Mining: Concepts and Techniques , 2000 .

[24]  Yong Liao,et al.  AppPrint: Automatic Fingerprinting of Mobile Applications in Network Traffic , 2015, PAM.

[25]  Muttukrishnan Rajarajan,et al.  Enhancements to Statistical Protocol IDentification (SPID) for Self-Organised QoS in LANs , 2010, 2010 Proceedings of 19th International Conference on Computer Communications and Networks.

[26]  Pavel Celeda,et al.  A survey of methods for encrypted traffic classification and analysis , 2015, Int. J. Netw. Manag..

[27]  Andrew W. Moore,et al.  Bayesian Neural Networks for Internet Traffic Classification , 2007, IEEE Transactions on Neural Networks.

[28]  Li Jun,et al.  Identifying Skype Traffic by Random Forest , 2007, 2007 International Conference on Wireless Communications, Networking and Mobile Computing.

[29]  Konstantina Papagiannaki,et al.  Toward the Accurate Identification of Network Applications , 2005, PAM.