Encrypted Traffic characterization using None Zero payload and Payload Ratio Characteristics
Traffic characterization has been the backbone of network maintenance procedures, such as limiting bandwidth for specific services. However, with today's network, traditional techniques fall short. Traffic characterization using machining learning has been intensively researched to alleviate th...
Saved in:
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Published: |
2022
|
| Subjects: | |
| Online Access: | https://repository.li.mahidol.ac.th/handle/123456789/76713 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Mahidol University |
| Summary: | Traffic characterization has been the backbone of network maintenance procedures, such as limiting bandwidth for specific services. However, with today's network, traditional techniques fall short. Traffic characterization using machining learning has been intensively researched to alleviate the shortcomings of traditional methods. This paper proposed a Bi-direction Flow Non-zero Payload Flow (BIF-NZPF) data extraction scheme and Bi-direction Flow Payload Ratio feature (BIF-PR) for supervised traditional machine learning. Our approach is measured on a publicly available ISCX VPN-NonVPN dataset to classify 12 types of traffic using precision, recall, and accuracy. BIF-NZPF reduced the obscurity of application characteristics by filtering out TCP configuration packets. BIF-PR further detailed traffic characteristics using payload size distribution characteristics through local and global traffic flow while being lightly coupled with the duration of traffic flow. Lastly, the ISCX-VPN-NonVPN imbalance class issue is alleviated using a boosting ensemble algorithm, which improves performance. |
|---|