State of the Art in Traffic Classification: A Research Review

The Internet, while emerging as the key component for all sorts of communication, is far from well-understood. The goal of traffic classification is to understand the type of traffic carried on the Internet, which continually evolves in scope and complexity. For security and privacy reasons, many applications have emerged that utilize obfuscation techniques such as random ports, encrypted data transmission, or proprietary communication protocols. Further, applications adapt rapidly in the face of attempts to detect certain types of traffic, creating a challenge for traffic classification schemes. Research papers on Internet traffic classification try to classify whatever traffic samples a researcher can find, with no systematic integration of results. With the exception of machine learning techniques for traffic classification, we know of no complete overview of traffic classification attempts. To fill this gap, we have created a structured taxonomy of traffic classification papers and their datasets. To illustrate its utility, we use the taxonomy to answer the recently most popular question about traffic (“How much is peer-to-peer file sharing?”). Our survey also reveals open issues and challenges in traffic classification.

[1]  Shigeki Goto,et al.  Flow analysis of internet traffic: World Wide Web versus peer-to-peer , 2005, Systems and Computers in Japan.

[2]  Michalis Faloutsos,et al.  Is P2P dying or just hiding? [P2P traffic measurement] , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[3]  Grenville J. Armitage,et al.  A survey of techniques for internet traffic classification using machine learning , 2008, IEEE Communications Surveys & Tutorials.

[4]  Hiroshi Esaki,et al.  Observing slow crustal movement in residential user traffic , 2008, CoNEXT '08.

[5]  Shigeki Goto,et al.  Flow analysis of internet traffic: World Wide Web versus peer-to-peer , 2005 .

[6]  Carey L. Williamson,et al.  Identifying and discriminating between web and peer-to-peer traffic in the network core , 2007, WWW '07.

[7]  Carey L. Williamson,et al.  A Longitudinal Study of P2P Traffic Classification , 2006, 14th IEEE International Symposium on Modeling, Analysis, and Simulation.

[8]  Anirban Mahanti,et al.  Traffic classification using clustering algorithms , 2006, MineNet '06.

[9]  Michalis Faloutsos,et al.  Transport layer identification of P2P traffic , 2004, IMC '04.

[10]  Patrick Brown,et al.  Analysis of Peer-to-Peer Traffic on ADSL , 2005, PAM.

[11]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[12]  Tomas Olovsson,et al.  Trends and Differences in Connection-Behavior within Classes of Internet Backbone Traffic , 2008, PAM.

[13]  Sándor Molnár,et al.  Identification and Analysis of Peer-to-Peer Traffic , 2006, J. Commun..

[14]  Carey L. Williamson,et al.  Offline/realtime traffic classification using semi-supervised learning , 2007, Perform. Evaluation.

[15]  Wolfgang John,et al.  Heuristics to Classify Internet Backbone Traffic based on Connection Patterns , 2008, 2008 International Conference on Information Networking.

[16]  M. Mitzenmacher Graption : Automated Detection of P 2 P Applications using Traffic Dispersion Graphs ( TDGs ) , 2008 .