TY - JOUR
T1 - Traffic classification and packet detections to facilitate networks security
AU - Oreku, George S.
AU - Mtenzi, Fredrick J.
AU - Shoniregun, Charles A.
PY - 2011
Y1 - 2011
N2 - Traffic classification has a vital role in tasks as wide ranging as trend analyses, adaptive network-based QoS marking of traffic, dynamic access control and lawful interception. The identification of network applications through observation of associated packet traffic flows is vital to the areas of network management and surveillance. An important role of this work is to show the need for thorough comparisons between the plethora of proposed solutions in traffic classification and packet detections. Certainly there are other learning algorithms, other features, other performance measures, different approaches to traffic classification and packet detection, in general more research have been done, and within the same lane, we propose a novel strategy called 'separator'. This paper is an attempt to create discussion and inspire future research in this direction. The method proposed is theoretically proved to have tight error bound and small space usage. We then show that it is useful to differentiate algorithms based on computational performance rather than classification accuracy alone, as although classification accuracy between the algorithms is similar, computational performance can differ significantly. Comprehensive experiments conducted also verify our mechanism accuracy and efficiency.
AB - Traffic classification has a vital role in tasks as wide ranging as trend analyses, adaptive network-based QoS marking of traffic, dynamic access control and lawful interception. The identification of network applications through observation of associated packet traffic flows is vital to the areas of network management and surveillance. An important role of this work is to show the need for thorough comparisons between the plethora of proposed solutions in traffic classification and packet detections. Certainly there are other learning algorithms, other features, other performance measures, different approaches to traffic classification and packet detection, in general more research have been done, and within the same lane, we propose a novel strategy called 'separator'. This paper is an attempt to create discussion and inspire future research in this direction. The method proposed is theoretically proved to have tight error bound and small space usage. We then show that it is useful to differentiate algorithms based on computational performance rather than classification accuracy alone, as although classification accuracy between the algorithms is similar, computational performance can differ significantly. Comprehensive experiments conducted also verify our mechanism accuracy and efficiency.
KW - Classification
KW - Network security
KW - Traffic flows
UR - http://www.scopus.com/inward/record.url?scp=84878790145&partnerID=8YFLogxK
U2 - 10.1504/IJITST.2011.041294
DO - 10.1504/IJITST.2011.041294
M3 - Article
AN - SCOPUS:84878790145
SN - 1748-569X
VL - 3
SP - 240
EP - 252
JO - International Journal of Internet Technology and Secured Transactions
JF - International Journal of Internet Technology and Secured Transactions
IS - 3
ER -