TY - GEN
T1 - Realtime classification for encrypted traffic
AU - Bar-Yanai, Roni
AU - Langberg, Michael
AU - Peleg, David
AU - Roditty, Liam
PY - 2010
Y1 - 2010
N2 - Classifying network flows by their application type is the backbone of many crucial network monitoring and controlling tasks, including billing, quality of service, security and trend analyzers. The classical "port-based" and "payload-based" approaches to traffic classification have several shortcomings. These limitations have motivated the study of classification techniques that build on the foundations of learning theory and statistics. The current paper presents a new statistical classifier that allows real time classification of encrypted data. Our method is based on a hybrid combination of the k-means and knearest neighbor (or k-NN) geometrical classifiers. The proposed classifier is both fast and accurate, as implied by our feasibility tests, which included implementing and intergrading statistical classification into a realtime embedded environment. The experimental results indicate that our classifier is extremely robust to encryption.
AB - Classifying network flows by their application type is the backbone of many crucial network monitoring and controlling tasks, including billing, quality of service, security and trend analyzers. The classical "port-based" and "payload-based" approaches to traffic classification have several shortcomings. These limitations have motivated the study of classification techniques that build on the foundations of learning theory and statistics. The current paper presents a new statistical classifier that allows real time classification of encrypted data. Our method is based on a hybrid combination of the k-means and knearest neighbor (or k-NN) geometrical classifiers. The proposed classifier is both fast and accurate, as implied by our feasibility tests, which included implementing and intergrading statistical classification into a realtime embedded environment. The experimental results indicate that our classifier is extremely robust to encryption.
UR - http://www.scopus.com/inward/record.url?scp=78650639149&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-13193-6_32
DO - 10.1007/978-3-642-13193-6_32
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:78650639149
SN - 3642131921
SN - 9783642131929
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 373
EP - 385
BT - Experimental Algorithms - 9th International Symposium, SEA 2010, Proceedings
T2 - 9th International Symposium on Experimental Algorithms, SEA 2010
Y2 - 20 May 2010 through 22 May 2010
ER -