Granular network traffic classification for streaming traffic using incremental learning and classifier chain
In modern networks, network visibility is of utmost importance to network operators. Accordingly, granular network traffic classification quickly rises as an essential technology due to its ability to provide high network visibility. Granular network traffic classification categorizes traffic into d...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
2022
|
| Subjects: | |
| Online Access: | http://eprints.um.edu.my/41801/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Malaya |
| id |
my.um.eprints.41801 |
|---|---|
| record_format |
eprints |
| spelling |
my.um.eprints.418012023-10-23T06:21:57Z http://eprints.um.edu.my/41801/ Granular network traffic classification for streaming traffic using incremental learning and classifier chain Mohd Zaki, Muhammad Faiz Afifi, Firdaus Gani, Abdullah Juma'at, Nor Badrul Anuar QA75 Electronic computers. Computer science In modern networks, network visibility is of utmost importance to network operators. Accordingly, granular network traffic classification quickly rises as an essential technology due to its ability to provide high network visibility. Granular network traffic classification categorizes traffic into detailed classes like application names and services. Application names represent parent applications, such as Facebook, while application services are the individual actions within the parent application, such as Facebook-comment. Most studies on granular classification focus on classification at the application name level. Besides that, evaluations in existing studies are also limited and utilize only static and immutable datasets, which are insufficient to reflect the continuous and evolving nature of real -world traffic. Therefore, this paper aims to introduce a granular classification technique, which is evaluated on streaming traffic. The proposed technique implements two Adaptive Random Forest classifiers linked together using a classifier chain to simultaneously produce classification at two granularity levels. Performance evaluation on a streaming testbed setup using Apache Kafka showed that the proposed technique achieved an average F1 score of 99% at the application name level and 88% at the application service level. Additionally, the performance benchmark on ISCX VPN non-VPN public dataset also maintained comparable results, besides recording classification time as low as 2.6 ms per packet. The results conclude that the proposed technique proves its advantage and feasibility for a granular classification in streaming traffic. 2022 Article PeerReviewed Mohd Zaki, Muhammad Faiz and Afifi, Firdaus and Gani, Abdullah and Juma'at, Nor Badrul Anuar (2022) Granular network traffic classification for streaming traffic using incremental learning and classifier chain. Malaysian Journal of Computer Science, 35 (3). pp. 264-280. ISSN 0127-9084, DOI https://doi.org/10.22452/mjcs.vol35no3.5 <https://doi.org/10.22452/mjcs.vol35no3.5>. 10.22452/mjcs.vol35no3.5 |
| institution |
Universiti Malaya |
| building |
UM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaya |
| content_source |
UM Research Repository |
| url_provider |
http://eprints.um.edu.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Mohd Zaki, Muhammad Faiz Afifi, Firdaus Gani, Abdullah Juma'at, Nor Badrul Anuar Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| description |
In modern networks, network visibility is of utmost importance to network operators. Accordingly, granular network traffic classification quickly rises as an essential technology due to its ability to provide high network visibility. Granular network traffic classification categorizes traffic into detailed classes like application names and services. Application names represent parent applications, such as Facebook, while application services are the individual actions within the parent application, such as Facebook-comment. Most studies on granular classification focus on classification at the application name level. Besides that, evaluations in existing studies are also limited and utilize only static and immutable datasets, which are insufficient to reflect the continuous and evolving nature of real -world traffic. Therefore, this paper aims to introduce a granular classification technique, which is evaluated on streaming traffic. The proposed technique implements two Adaptive Random Forest classifiers linked together using a classifier chain to simultaneously produce classification at two granularity levels. Performance evaluation on a streaming testbed setup using Apache Kafka showed that the proposed technique achieved an average F1 score of 99% at the application name level and 88% at the application service level. Additionally, the performance benchmark on ISCX VPN non-VPN public dataset also maintained comparable results, besides recording classification time as low as 2.6 ms per packet. The results conclude that the proposed technique proves its advantage and feasibility for a granular classification in streaming traffic. |
| format |
Article |
| author |
Mohd Zaki, Muhammad Faiz Afifi, Firdaus Gani, Abdullah Juma'at, Nor Badrul Anuar |
| author_facet |
Mohd Zaki, Muhammad Faiz Afifi, Firdaus Gani, Abdullah Juma'at, Nor Badrul Anuar |
| author_sort |
Mohd Zaki, Muhammad Faiz |
| title |
Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| title_short |
Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| title_full |
Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| title_fullStr |
Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| title_full_unstemmed |
Granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| title_sort |
granular network traffic classification for streaming traffic using incremental learning and classifier chain |
| publishDate |
2022 |
| url |
http://eprints.um.edu.my/41801/ |
| _version_ |
1781704557769785344 |