Optimised TCP Trafc Classication with Multiple Statistical Algorithms
Network traffic classification can be employed for providing enhanced Quality of Service (QoS), network security, traffic management, etc. Classifying network traffic with statistical characteristics of traffic flows has the advantages of fast processing speed, fairly high accuracy, ability of handling encrypted traffic, etc. However, Nagles algorithm coalesces small TCP packets, and sometimes there are overwhelming number of Maximum Transmission Unit (MTU) packets in TCP flows. These mask the statistical characteristics of traffic flows. Different algorithms and statistical features also affect the classification performance. In this paper, an approach for optimising the classifier has been presented, which uses independent binary detectors to handle different traffic types separately. Meanwhile, the algorithms and statistical features for detectors are optimised and the size of detection windows are also optimised in order to find the best detection periods for avoiding the statistical characteristics deteriorated by the overwhelming number of MTU packets. Machine learning algorithms including kNearest Neighbour (k-NN), decision trees and neural networks are considered, and Kolmogorov-Smirnov (K-S) test is also considered for using as a non-parametric algorithm. The experimental results and performance comparison confirmed that, the proposed system has higher accuracy, and can classify traffic earlier.
network traffic classification application detection machine learning data mining.
Xiaoming Wang David J.Parish
Electronic and Electrical Engineering Loughborough University Loughborough,United Kingdom
国际会议
昆明
英文
261-265
2010-10-17(万方平台首次上网日期,不代表论文的发表时间)