A Near Real-time IP Traffic Classification Using Machine Learning

Full Text (PDF, 553KB), PP.83-93

Views: 0 Downloads: 0

Author(s)

Kuldeep Singh 1,* S. Agrawal 2 B.S. Sohi 3

1. RIMT Maharaja Aggrasen Engineering College, Mandi Gobindgarh, Punjab (India)

2. University Institute of Engineering & Technology, Panjab University, Chandigarh (India)

3. Chandigarh Group of Colleges, Gharuan, Punjab (India)

* Corresponding author.

DOI: https://doi.org/10.5815/ijisa.2013.03.09

Received: 10 May 2012 / Revised: 11 Sep. 2012 / Accepted: 1 Dec. 2012 / Published: 8 Feb. 2013

Index Terms

IP Traffic Classification, Machine Learning Techniques, Feature Selection, Packet Capture Duration, Classification Accuracy, Training Time

Abstract

With drastic increase in internet traffic over last few years due to increase in number of internet users, IP traffic classification has gained significant importance for research community as well as various internet service providers for optimization of their network performance and for governmental intelligence organizations. Today, traditional IP traffic classification techniques such as port number and payload based direct packet inspection techniques are rarely used because of use of dynamic port number instead of well-known port number in packet headers and various cryptographic techniques which inhibit inspection of packet payload. Current trends are use of machine learning (ML) techniques for IP traffic classification. In this research paper, a real time internet traffic dataset has been developed using packet capturing tool for 2 second packet capturing duration and other datasets have been developed by reducing number of features of 2 second duration dataset using Correlation and Consistency based Feature Selection (FS) Algorithms. Then, five ML algorithms MLP, RBF, C4.5, Bayes Net and Naïve Bayes are employed for IP traffic classification with these datasets. This experimental analysis shows that Bayes Net is an effective ML technique for near real time and online IP traffic classification with reduction in packet capture duration and reduction in number of features characterizing each application sample with Correlation based FS Algorithm.

Cite This Paper

Kuldeep Singh, S. Agrawal, B.S. Sohi, "A Near Real-time IP Traffic Classification Using Machine Learning", International Journal of Intelligent Systems and Applications(IJISA), vol.5, no.3, pp.83-93, 2013. DOI:10.5815/ijisa.2013.03.09

Reference

[1]Thuy T.T. Nguyen and Grenville Armitage. A Survey of Techniques for IP traffic classification using Machine Learning, IEEE Communications Survey & tutorials, Vol. 10, No. 4, pp. 56-76, Fourth Quarter 2008.

[2] Arthur Callado, Carlos Kamienski, Géza Szabó, Balázs Péter Ger˝o, Judith Kelner,Stênio Fernandes ,and Djamel Sadok. A Survey on Internet Traffic Identification, IEEE Communications Survey & tutorials, Vol. 11, No. 3, pp. 37-52, Third Quarter 2009.

[3]http://www.iana.org/assignments /port-numbers

[4]Abuagla Babiker Mohd and Sulaiman bin Mohd Nor. Towards a Flow-based IP traffic classification for Bandwidth Optimization, International Journal of Computer Science and Security (IJCSS), Vol. 3, Issue 2, pp. 146-153. 

[5]A.W.Moore and D.papagiannaki, Toward the accurate Identification of network applications, in poc. 6th passive active measurement. Workshop (PAM), mar 2005, Vol.3431, pp 41-54.

[6]Subhabrata Sen, Oliver Spatscheck, Dongmei Wang. Accurate, scalable in-network identification of p2p traffic using application signatures, in Proceedings of the 13th international conference on World Wide Web, New York, NY, USA, ACM: pp: 512 – 521.

[7]Thomas Karagiannis, Konstantina Papagiannaki and Michalis Faloutsos, BLINC: Multilevel Traffic Classification in the Dark, in SIGCOMM’05, August 21–26, 2005, Philadelphia, Pennsylvania, USA.

[8]Runyuan Sun, Bo Yang, Lizhi Peng, Zhenxiang Chen, Lei Zhang, and Shan Jing. Traffic Classification Using Probabilistic Neural Network, in Sixth International Conference on Natural Computation (ICNC 2010), 2010, pp. 1914-1919.

[9]Li Jun, Zhang Shunyil, Lu Yanqing, Zhang Zailong. IP traffic classification Using Machine Learning, Nanjing University of Posts and Telecommunications, Nanjing 210003, China.

[10]Kuldeep Singh and Sunil Agrawal, Internet traffic classification using RBF Neural Network, in International Conference on Communication and Computing technologies(ICCCT-2011), Jalandhar, India, February 25-26, 2011, paper 10, p.39-43.

[11]Kuldeep Singh and Sunil Agrawal. Comparative Analysis of five Machine Learning Algorithms for IP Traffic Classification, In International Conference on Emerging Trends in Networks and Computer Communications (ENCTT-2011), Udaipur, Rajasthan, India, April 22-24, 2011.

[12]Mark A. Hall, Correlation-based Feature Selection for Machine Learning, University of Waikato, Hamilton, New Zealand, April, 1999. 

[13]Manoranjan Dash, Huan Lau, Consistency – based search in feature selection, Artificial Intelligence, Elsevier, 27 March, 2003.

[14]Andrew W. Moore, Denis Zuev, Michael L. Crogan, Discriminators for use in flow-based classification, Queen Mary University of London, Department of Computer Science, RR-05-13, August 2005.

[15]Y.L. Chongand K. Sundaraj, A Study of Back Propagation and Radial Basis Neural Networks on ECG signal classification, in 6th International Symposium on Mechatronics and its Applications (ISMA09), Sharjah, UAE, March 24-26, 2009.

[16]Mutasem khalil Alsmadi, Khairuddin Bin Omar, Shahrul Azman Noah ,Ibrahim Almarashdah, Performance Comparison of Multi-layer Perceptron (Back Propagation, Delta Rule and Perceptron) algorithms in Neural Networks in 2009 IEEE International Advance Computing Conference (IACC 2009) ,Patiala, India, 6-7 March 2009, p. 296-299.

[17]Thales Sehn Korting, C4.5 algorithm and Multivariate Decision Trees, Image Processing Division, National Institute for Space Research – INPE, SP, Brazil. 

[18]Ian H. Witten and Eibe Frank, Data Mining: Practical Machine Learning Tools and Techniques, 2th edition, Morgan Kaufmann Publishers, San Francisco, CA, 2005. 

[19]Weka website. Available: http:// www.cs.waikato.ac.nz/ml/weka/

[20]Jie Cheng, Russell Greiner, Learning Bayesian Belief Network Classifiers: Algorithms and System, Department of Computing Science, University of Alberta, Edmonton, Alberta, Canada.

[21]Ioan Pop, An approach of the Naive Bayes classifier for the document classification, General Mathematics, Vol. 14, No. 4, pp.135-138, 2006.

[22]Simon Haykin, Neural Networks: A Comprehensive foundation, 2th edition, Pearson Prentice Hall, New Delhi, 2005.

[23]Wireshark, Available: http:// www.wireshark.org/