Lightweight Internet Traffic Classification based on Packet Level Hidden Markov Models

During the last decade, Internet traffic classification finds its importance not only to safeguard the integrity and security of network resources, but also to ensure the quality of service for business critical applications by optimizing existing network resources. But optimization at first place requires correct identification of different traffic flows. In this paper, we have suggested a framework based on Hidden Markov Model, which will use Internet Packet intrinsic statistical characteristics for traffic classification. The packet inspection based on statistical analysis of its different characteristics has helped to reduce overall computational complexity. Generally, the major challenges associated with any internet traffic classifier are: 1) the limitation to accurately identify encrypted traffic when classification is performed using traditional port based techniques; 2) overall computational complexity, and 3 ) to achieve high accuracy in traffic identification. Our methodology takes advantage of internet packet statistical characteristics in terms of its size and their inter arrival time in order to model different traffic flows. For experimental results, the data set of mostly used internet applications was used. The proposed HMM models best fit the observed traffic with high accuracy. Achieved traffic identification accuracy was 91% for packet size classifier whereas it was 82% for inter packet time based classifier. Keywords—Hidden Markov model; traffic classification; network security; deep packet inspection; internet traffic modeling; Internet of Things