TIE: A Community-Oriented Traffic Classification Platform

  • Alberto Dainotti
  • Walter de Donato
  • Antonio Pescapé
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5537)

Abstract

The research on network traffic classification has recently become very active. The research community, moved by increasing difficulties in the automated identification of network traffic, started to investigate classification approaches alternative to port-based and payload-based techniques. Despite the large quantity of works published in the past few years on this topic, very few implementations targeting alternative approaches have been made available to the community. Moreover, most approaches proposed in literature suffer of problems related to the ability of evaluating and comparing them. In this paper we present a novel community-oriented software for traffic classification called TIE, which aims at becoming a common tool for the fair evaluation and comparison of different techniques and at fostering the sharing of common implementations and data. Moreover, TIE supports the combination of more classification plugins in order to build multi-classifier systems, and its architecture is designed to allow online traffic classification.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Karagiannis, T., Broido, A., Brownlee, N., Claffy, K.C., Faloutsos, M.: Is p2p dying or just hiding? In: IEEE Globecom (2004)Google Scholar
  2. 2.
    Karagiannis, T., Papagiannaki, K., Faloutsos, M.: Blinc: Multilevel traffic classification in the dark. In: ACM SIGCOMM (August 2005)Google Scholar
  3. 3.
    Auld, T., Moore, A.W., Gull, S.F.: Bayesian neural networks for internet traffic classification. IEEE Transactions on Neural Networks 18(1), 223–239 (2007)CrossRefGoogle Scholar
  4. 4.
    Williams, N., Zander, S., Armitage, G.: A preliminary performance comparison of five machine learning algorithms for practical ip traffic flow classification. ACM SIGCOMM CCR 36(5), 7–15 (2006)CrossRefGoogle Scholar
  5. 5.
  6. 6.
    Paxson, V.: Bro: A system for detecting network intruders in real-time. In: Computer Networks, pp. 23–24 (1999)Google Scholar
  7. 7.
    L7-filter, Application Layer Packet Classifier for Linux, http://l7-filter.sourceforge.net
  8. 8.
    Cisco Systems. Blocking Peer-to-Peer File Sharing Programs with the PIX Firewall, http://www.cisco.com/application/pdf/paws/42700/block_p2p_pix.pdf
  9. 9.
    netAI: Network Traffic based Application Identification, http://caia.swin.edu.au/urp/dstc/netai
  10. 10.
    Tstat (November 2008), http://tstat.tlc.polito.it
  11. 11.
    Bonfiglio, D., Mellia, M., Meo, M., Rossi, D., Tofanelli, P.: Revealing skype traffic: when randomness plays with you. In: SIGCOMM 2007, pp. 37–48. ACM, New York (2007)Google Scholar
  12. 12.
    Salgarelli, L., Gringoli, F., Karagiannis, T.: Comparing traffic classifiers. SIGCOMM Comput. Commun. Rev. 37(3), 65–68 (2007)CrossRefGoogle Scholar
  13. 13.
    Tcpdump and the Libpcap library (November 2008), http://www.tcpdump.org
  14. 14.
    Jacobson, V., McCanne, S.: The bsd packet filter: A new architecture for userlevel packet capture. In: Winter 1993 USENIX Conference, January 1993, pp. 259–269 (1993)Google Scholar
  15. 15.
    Li, W., Moore, A.W.: A machine learning approach for efficient traffic classification. In: IEEE MASCOTS (October 2007)Google Scholar
  16. 16.
    Bernaille, L., Teixeira, R., Salamatian, K.: Early application identification. In: ACM CoNEXT (December 2006)Google Scholar
  17. 17.
    Ptacek, T.H., Newsham, T.N.: Insertion, evasion, and denial of service: Eluding network intrusion detection. Technical report (1998)Google Scholar
  18. 18.
    Moore, A., Zuev, D., Crogan, M.: Discriminators for use in flow-based classification. Technical Report RR-05-13, Dept. of Computer Science, Queen Mary, University of London (2005)Google Scholar
  19. 19.
    Kuncheva, L.I.: Combining Pattern Classifiers: Methods and Algorithms. Wiley, Chichester (2004)CrossRefMATHGoogle Scholar
  20. 20.
    Moore, A., Papagiannaki, K.: Toward the accurate identification of network applications. In: Dovrolis, C. (ed.) PAM 2005. LNCS, vol. 3431, pp. 41–54. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Alberto Dainotti
    • 1
  • Walter de Donato
    • 1
  • Antonio Pescapé
    • 1
  1. 1.University of Napoli “Federico II”Italy

Personalised recommendations