Application identification via network traffic classification

Yamansavascilar, Baris; Güvensan, M. Amaç; Yavuz, A. Gökhan; Karslıgil, M. Elif

doi:10.1109/iccnc.2017.7876241

Cited by 107 publications

(43 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As mentioned in Section 2, authors in [16] tried to characterize network traffic using time-related features handcrafted from traffic flows such as the duration of the flow and flow bytes per second. Yamansavascilar et al also used such time-related features to identify the end-user application [47]. Both of these studies evaluated their models on the "ISCX VPN-nonVPN traffic dataset" and their best results can be found in Table 5.…”

Section: Resultsmentioning

confidence: 99%

“…In the light of this approach, the cumbersome step of finding and extracting distinguishing features has been omitted. -Deep Packet can identify traffic at both granular levels (application identification and traffic characterization) with state-of-the-art results compared to the other works conducted on similar dataset [16,47]. -Deep Packet can accurately classify one of the hardest class of applications, known to be P2P [20].…”

Section: Introductionmentioning

confidence: 93%

“…Hence, it makes these approaches time-consuming, expensive and prone to human mistakes. Moreover, note that for the case of using k-NN classifiers, as suggested by [47], it is known that, when used for prediction, the execution time of this algorithms is a major concern.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Deep packet: a novel approach for encrypted traffic classification using deep learning

et al. 2019

View full text Add to dashboard Cite

Internet traffic classification has become more important with rapid growth of current Internet network and online applications. There have been numerous studies on this topic which have led to many different approaches. Most of these approaches use predefined features extracted by an expert in order to classify network traffic. In contrast, in this study, we propose a deep learning based approach which integrates both feature extraction and classification phases into one system. Our proposed scheme, called "Deep Packet," can handle both traffic characterization in which the network traffic is categorized into major classes (e.g., FTP and P2P) and application identification in which end-user applications (e.g., BitTorrent and Skype) identification is desired. Contrary to most of the current methods, Deep Packet can identify encrypted traffic and also distinguishes between VPN and non-VPN network traffic. After an initial pre-processing phase on data, packets are fed into Deep Packet framework that embeds stacked autoencoder and convolution neural network in order to classify network traffic. Deep packet with CNN as its classification model achieved recall of 0.98 in application identification task and 0.94 in traffic categorization task. To the best of our knowledge, Deep Packet outperforms all of the proposed classification methods on UNB ISCX VPN-nonVPN dataset.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 93%

See 1 more Smart Citation

Deep packet: a novel approach for encrypted traffic classification using deep learning

et al. 2019

View full text Add to dashboard Cite

show abstract

“…They experimented using k ‐nearest neighbor ( k NN) and C4.5 decision tree algorithms and achieved approximately 92% and 88% recall, respectively, for the VPN‐tunneled dataset. Yamansavascilar and others selected 111 discriminators for 14 classes of applications and achieved an accuracy of 94% with k ‐NN algorithm. However, in their report, they did not mention the specific details of their implementation, and the results need to be revalidated by independent third parties to increase their credibility.…”

Section: Resultsmentioning

confidence: 99%

Practical evaluation of encrypted traffic classification based on a combined method of entropy estimation and neural networks

Zhou

Wang

et al. 2020

ETRI Journal

View full text Add to dashboard Cite

Encrypted traffic classification plays a vital role in cybersecurity as network traffic encryption becomes prevalent. First, we briefly introduce three traffic encryption mechanisms: IPsec, SSL/TLS, and SRTP. After evaluating the performances of support vector machine, random forest, naïve Bayes, and logistic regression for traffic classification, we propose the combined approach of entropy estimation and artificial neural networks. First, network traffic is classified as encrypted or plaintext with entropy estimation. Encrypted traffic is then further classified using neural networks. We propose using traffic packet’s sizes, packet's inter‐arrival time, and direction as the neural network's input. Our combined approach was evaluated with the dataset obtained from the Canadian Institute for Cybersecurity. Results show an improved precision (from 1 to 7 percentage points), and some application classification metrics improved nearly by 30 percentage points.

show abstract

“…In [5] conducts research to analyze security by using IPv6 addressing and performing comparisons between routing protocols used. In the year 2017, [6] conducted research to identify the application by classifying network traffic. In international scientific journals described by S. Moemen Bellah dan H. Khanjari in 2015 [7] has modeled for band width management automatically on a virtual private network.…”

Section: Introductionmentioning

confidence: 99%

Impact of Different Topology on the Performance of IPSec VPN Multimedia Using CLSA

Sari

Batubara

2018

IJEEPSE

View full text Add to dashboard Cite

Due to multimedia application, network communication are expected to support multimedia traffic such as voice, video streaming and real time chat with a variety of Quality of Service (QoS) requirements. To support multimedia communications, it is desirable to use a network that meets QoS Parameter requirements. To deal with these challenges. In this study, VPN was designed with IPSec Tunneling. In designing VPN, the CLSA method is used. The network is composed of different topologies and uses OSPF as the routing protocol. Then multimedia traffic is passed on VPN networks to see the impact of different topologies on performance.The result show that theQuality of Service (QOS)in VPNobtained areaccording to ITU-T G.107 10 06/2015. The comparison of the average delay between the mesh and the star topology shows that the average delay in the mesh topology is 23% less than the starfor multimedia traffic. The comparison of the through put between the mesh topology and the star shows that the average throughputin the mesh topology is 68.8% betterthan the star for multimedia traffic. The comparison of the jitterbetween the mesh topology and the star shows that the average jitter in the star topology is 6%shorterthan the mesh for multimedia traffic.

show abstract

Application identification via network traffic classification

Cited by 107 publications

References 16 publications

Deep packet: a novel approach for encrypted traffic classification using deep learning

Deep packet: a novel approach for encrypted traffic classification using deep learning

Practical evaluation of encrypted traffic classification based on a combined method of entropy estimation and neural networks

Impact of Different Topology on the Performance of IPSec VPN Multimedia Using CLSA

Contact Info

Product

Resources

About