Network visibility is a critical part of traffic engineering, network management, and security. The most popular current solutions - Deep Packet Inspection (DPI) and statistical classification, deeply rely on the availability of a training set. Besides the cumbersome need to regularly update the signatures, their visibility is limited to classes the classifier has been trained for. Unsupervised algorithms have been envisioned as a viable alternative to automatically identify classes of traffic. However, the accuracy achieved so far does not allow to use them for traffic classification in practical scenario. To address the above issues, we propose Select, a Self-Learning Classifier for Internet Traffic. It uses unsupervised algorithms along with an adaptive seeding approach to automatically let classes of traffic emerge, being identified and labeled. Unlike traditional classifiers, it requires neither a-priori knowledge of signatures nor a training set to extract the signatures. Instead, Select automatically groups flows into pure (or homogeneous) clusters using simple statistical features. Select simplifies label assignment (which is still based on some manual intervention) so that proper class labels can be easily discovered. Furthermore, Select uses an iterative seeding approach to boost its ability to cope with new protocols and applications. We evaluate the performance of Select using traffic traces collected in different years from various ISPs located in 3 different continents. Our experiments show that Select achieves excellent precision and recall, with overall accuracy close to 98%. Unlike state-of-art classifiers, the biggest advantage of Select is its ability to discover new protocols and applications in an almost automated fashion.

SeLeCT: Self-Learning Classifier for Internet Traffic / Grimaudo, Luigi; Mellia, Marco; Baralis, ELENA MARIA; Ram, Keralapura. - In: IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT. - ISSN 1932-4537. - STAMPA. - (2014), pp. 144-157. [10.1109/TNSM.2014.011714.130505]

SeLeCT: Self-Learning Classifier for Internet Traffic

GRIMAUDO, LUIGI;MELLIA, Marco;BARALIS, ELENA MARIA;
2014

Abstract

Network visibility is a critical part of traffic engineering, network management, and security. The most popular current solutions - Deep Packet Inspection (DPI) and statistical classification, deeply rely on the availability of a training set. Besides the cumbersome need to regularly update the signatures, their visibility is limited to classes the classifier has been trained for. Unsupervised algorithms have been envisioned as a viable alternative to automatically identify classes of traffic. However, the accuracy achieved so far does not allow to use them for traffic classification in practical scenario. To address the above issues, we propose Select, a Self-Learning Classifier for Internet Traffic. It uses unsupervised algorithms along with an adaptive seeding approach to automatically let classes of traffic emerge, being identified and labeled. Unlike traditional classifiers, it requires neither a-priori knowledge of signatures nor a training set to extract the signatures. Instead, Select automatically groups flows into pure (or homogeneous) clusters using simple statistical features. Select simplifies label assignment (which is still based on some manual intervention) so that proper class labels can be easily discovered. Furthermore, Select uses an iterative seeding approach to boost its ability to cope with new protocols and applications. We evaluate the performance of Select using traffic traces collected in different years from various ISPs located in 3 different continents. Our experiments show that Select achieves excellent precision and recall, with overall accuracy close to 98%. Unlike state-of-art classifiers, the biggest advantage of Select is its ability to discover new protocols and applications in an almost automated fashion.
File in questo prodotto:
File Dimensione Formato  
1.final_version.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 1 MB
Formato Adobe PDF
1 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2524903
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo