Traffic Classification Approach Based on Support Vector Machine and Statistic Signature

As network traffic is dramatically increasing, classification of application traffic becomes important for the effective use of network resources. Classification of network traffic using port-based or payload-based analysis is becoming increasingly difficult because of many peer-to-peer (P2P) applications using dynamic port numbers, masquerading techniques, and encryption. An alternative approach is to classify traffic by exploiting the distinctive characteristics of applications. In this paper, we propose a classification method of application traffic using statistic signatures based on SVM (Support Vector Machine). The statistic signatures, defined as a directional sequence of packet size in a flow, are collected for each application, and applications are classified by SVM mechanism.

[1]  Andrew W. Moore,et al.  Internet traffic classification using bayesian analysis techniques , 2005, SIGMETRICS '05.

[2]  Matthew Roughan,et al.  Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification , 2004, IMC '04.

[3]  Judith Kelner,et al.  A Survey on Internet Traffic Identification , 2009, IEEE Communications Surveys & Tutorials.

[4]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[5]  Vladimir N. Vapnik,et al.  The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[6]  Renata Teixeira,et al.  Traffic classification on the fly , 2006, CCRV.

[7]  Michalis Faloutsos,et al.  Is P2P dying or just hiding? [P2P traffic measurement] , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[8]  Renata Teixeira,et al.  Early application identification , 2006, CoNEXT '06.