Share Email Print

Proceedings Paper

Network traffic classification using a random field model
Author(s): Gang Shen; Zhaojie Niu; Liyuan Duan
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The accurate identification of the different protocols used by various applications plays an important role in many network management and monitoring tasks. However, the development of emerging applications and the evolution of existing applications have made the early success of port number or payload signature based classification methods no longer repeatable. On the other hand, machine learning based approaches have achieved steady progress in classification accuracy, with the statistical features extracted from packets and flows. In this paper, by introducing a Markov random field to model the semantics of network application protocols, we investigate a new approach to classifying network traffic into application protocols. First the packets in a flow are aggregated into messages that contain the related semantics information. We assume that the simple message features like the length and the direction of a message are observable, while the semantics of messages are invisible in both training and test phases. Tested with traffic traces collected from heterogeneous sources, this approach was demonstrated to be able to deliver good accuracy and speed.

Paper Details

Date Published: 19 July 2013
PDF: 5 pages
Proc. SPIE 8878, Fifth International Conference on Digital Image Processing (ICDIP 2013), 887835 (19 July 2013); doi: 10.1117/12.2030954
Show Author Affiliations
Gang Shen, Huazhong Univ. of Science and Technology (China)
Zhaojie Niu, Huazhong Univ. of Science and Technology (China)
Liyuan Duan, Huazhong Univ. of Science and Technology (China)

Published in SPIE Proceedings Vol. 8878:
Fifth International Conference on Digital Image Processing (ICDIP 2013)
Yulin Wang; Xie Yi, Editor(s)

© SPIE. Terms of Use
Back to Top