Analysis of the impact of sampling on NetFlow traffic classification

Carela-Español, Valentín; Barlet‐Ros, Pere; Cabellos‐Aparicio, Albert; Solé-Pareta, Josep

doi:10.1016/j.comnet.2010.11.002

Cited by 89 publications

(126 citation statements)

References 42 publications

Supporting

Mentioning

113

Contrasting

Unclassified

Order By: Relevance

“…Historically, the L7 Filter signatures have been popular within the traffic classification community. During the same period, researchers requiring a free deep packet inspection Dots Per Inch (DPI) tool to provide ground truth data for testing and evaluating classification techniques, found that L7 Filter was the only feasible option (Grajzer et al, 2012;Dong et al, 2013;Carela-Espanol et al, 2011).…”

Section: L7 Filtermentioning

confidence: 99%

Online Traffic Measurement and Analysis in Big Data: Comparative Research Review

Ibrahim¹,

Hassan

Ahmad

et al. 2016

American Journal of Applied Sciences

View full text Add to dashboard Cite

Abstract:The Internet traffic measurement and analysis is important to avoid many problems of data transferring via online networks such as data losing and slow data transferring. The Internet traffic measuring and analysis could be effective to avoid the data transferring challenges. The Internet traffic measuring and analysis flexibility is important due to many reasons such as dynamicity of transferred data such as size and format, the data transferring protocols and the dynamicity of measure the traffic based on the networks available resources depend on the transferred data characteristics. The main objective of this paper is to review the most flexible Internet traffic measuring and analysis tools that could be adopted to handle the dynamicity of data transferring characteristics.

show abstract

Section: L7 Filtermentioning

confidence: 99%

Online Traffic Measurement and Analysis in Big Data: Comparative Research Review

Ibrahim¹,

Hassan

Ahmad

et al. 2016

American Journal of Applied Sciences

View full text Add to dashboard Cite

show abstract

“…For this comparison, we chose the J48 technique as a representative example of batch-oriented techniques, which is an open source version of the C4.5 decision tree implemented in WEKA. We selected this technique because it has been widely used for network traffic classification [5,6,12,29], achieving very good results when compared with other techniques [4,30]. Usually ML-based network traffic classification solutions presented in the literature are evaluated from a static point of view using limited datasets.…”

Section: Hoeffding Adaptive Tree Evaluationmentioning

confidence: 99%

“…State-of-the-art proposals for traffic classification are usually based on Deep Packet Inspection (DPI) or Machine Learning (ML) techniques [2][3][4][5][6][7][8][9]. These techniques extract in an offline phase a set of patterns, rules or models that capture a static view of a particular network and moment of time from a training dataset.…”

Section: Introductionmentioning

confidence: 99%

A streaming flow-based technique for traffic classification applied to 12 + 1 years of Internet traffic

et al. 2015

Self Cite

View full text Add to dashboard Cite

The continuous evolution of Internet traffic and its applications makes the classification of network traffic a topic far from being completely solved. An essential problem in this field is that most of proposed techniques in the literature are based on a static view of the network traffic (i.e. they build a model or a set of patterns from a static, invariable dataset). However, very little work has addressed the practical limitations that arise when facing a more realistic scenario with an infinite, continuously evolving stream of network traffic flows. In this paper, we propose a streaming flowbased classification solution based on Hoeffding Adaptive Tree, a machine learning technique specifically designed for evolving data streams. The main novelty of our proposal is that it is able to automatically adapt to the continuous evolution of the network traffic without storing any traffic data. We apply our solution to a 12+1 year-long dataset from a transit link in Japan, and show that it can sustain a very high accuracy over the years, with significantly less cost and complexity than existing alternatives based on static learning algorithms, such as C4.5.Valentín Carela-Español ( ) UPC BarcelonaTech,

show abstract

“…As we do not provide a new sampling technique we just highlight the long history of sampling dating back to mathematical work on statistics over many decades. For a focused introduction we refer to work of Claffy et al [31] (general overview), Carela-Español et al [32] (study of sampling influence for traffic analysis), Braun et al [13], who recently implemented an adaptive sampling within a monitoring system to mitigate tail dropping behaviour within the overloaded system, and referenced in there.…”

Section: Related Workmentioning

confidence: 99%

MonSamp: an SDN Application for QoS Monitoring

Raumer¹,

Schwaighofer²,

Carle³

2014

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

Abstract-Software Defined Networks are intended to be less complex, more flexible, and free of vendor-lock-ins. Therefore the Software Defined Networking (SDN) instantiation OpenFlow has been designed according to these properties. The efforts are expected to result in lower expenditure and operational costs. To reach these objectives, mechanisms of classical networks that provide established functionalities have to be revalued and either transformed or redesigned from scratch to take advantage from SDNs. In this paper we describe our vision on flow sampling suitable for traffic monitoring in those networks. Without the loss of generality our approach was specifically created to monitor the quality of service for flows. We describe monitoring as one of possibly many applications that communicate with the SDN controller via the SDN Northbound API. We implemented a prototype SDN application called MonSamp and performed tests to demonstrate the feasibility of our concept.

show abstract

Analysis of the impact of sampling on NetFlow traffic classification

Cited by 89 publications

References 42 publications

Online Traffic Measurement and Analysis in Big Data: Comparative Research Review

Online Traffic Measurement and Analysis in Big Data: Comparative Research Review

A streaming flow-based technique for traffic classification applied to 12 + 1 years of Internet traffic

MonSamp: an SDN Application for QoS Monitoring

Contact Info

Product

Resources

About