Waterfall: Rapid Identification of IP Flows Using Cascade Classification
In the last years network traffic classification has attracted much research effort, given that it represents the foundation of many Internet functionalities such as Quality of Service (QoS) enforcement, monitoring, and security. Nonetheless, the proposed works are not able to satisfactorily solve the problem, usually being suitable for only addressing a given portion of the whole network traffic and thus none of them can be considered an ultimate solution for network classification.
In this paper, we address network traffic classification by proposing a new architecture – named Waterfall architecture – that, by combining several classification algorithms together according to a cascade principle, is able to correctly classify the whole mixture of network traffic.
Through extensive experimental tests run over real traffic datasets, we have demonstrated the effectiveness of the proposal.
Keywordsnetwork management traffic classification machine learning multi-classification classifier selection cascade classification
Unable to display preview. Download preview PDF.
- 1.Foremski, P.: On different ways to classify Internet traffic: a short review of selected publications. Theoretical and Applied Informatics 25(2) (2013)Google Scholar
- 3.Foremski, P., Callegari, C., Pagano, M.: DNS-Class: Immediate classification of IP flows using DNS. International Journal of Network Management (accepted, 2014)Google Scholar
- 4.Fiadino, P., Bär, A., Casas, P.: HTTPTag: A Flexible On-line HTTP Classification System for Operational 3G Networks. In: International Conference on Computer Communications, INFOCOM 2013. IEEE (2013)Google Scholar
- 8.Duda, R.O., Hart, P.E., Stork, D.G.: Pattern classification. John Wiley & Sons (2012)Google Scholar
- 9.Kuncheva, L.I.: Combining Pattern Classifiers: Methods and Algorithms. Wiley (2004)Google Scholar
- 10.Dainotti, A., Pescapé, A., Sansone, C.: Early classification of network traffic through multi-classification. Traffic Monitoring and Analysis, 122–135 (2011)Google Scholar
- 12.Bujlow, T., Carela-Espanol, V.: Comparison of Deep Packet Inspection (DPI) Tools for Traffic Classification. Technical report, Polytechnic University of Catalonia (2013)Google Scholar