Traffic Classification in Enterprise Network: Preliminary Results
نویسندگان
چکیده
Enterprise networks have a complexity that sometimes rival the one of the larger Internet. Still, enterprise traffic has received little attention so far from the research community. Most studies rely on port numbers to identify applications. In this work, we introduce a method to build statistical classifiers to detect specific intranet applications. We exemplify the approach with traces collected within the Eurecom network. We demonstrate that our statistical classifiers are able to classify the majority of the flows in our traces. For the cases when the traffic on a specific port cannot be fully identified with our application/protocol decoder, e.g., encrypted traffic, we demonstrate that our approach can be used to test the homogeneity of the traffic, i.e., that the corresponding flows share a common statistical signature that differs from the one of the rest of the traffic.
منابع مشابه
Classification of encrypted traffic for applications based on statistical features
Traffic classification plays an important role in many aspects of network management such as identifying type of the transferred data, detection of malware applications, applying policies to restrict network accesses and so on. Basic methods in this field were using some obvious traffic features like port number and protocol type to classify the traffic type. However, recent changes in applicat...
متن کاملFeature Extraction to Identify Network Traffic with Considering Packet Loss Effects
There are huge petitions of network traffic coming from various applications on Internet. In dealing with this volume of network traffic, network management plays a crucial rule. Traffic classification is a basic technique which is used by Internet service providers (ISP) to manage network resources and to guarantee Internet security. In addition, growing bandwidth usage, at one hand, and limit...
متن کاملBehavioral Analysis of Traffic Flow for an Effective Network Traffic Identification
Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...
متن کاملApplication-Level Traffic Monitoring
A major problem with current Internet traffic monitoring and analysis concerns the large number of newly emerging network-based applications possessing more complicated communication structures and traffic patterns than traditional applications. The amount of traffic generated by these applications, such as peer-to-peer (P2P), streaming media, games, etc., is reported to be well over half of th...
متن کاملEarly Classification of Network Traffic through Multi-classification
In this work we present and evaluate different automated combination techniques for traffic classification. We consider six intelligent combination algorithms applied to both traditional andmore recent traffic classification techniques using either packet content or statistical properties of flows. Preliminary results show that, when selecting complementary classifiers, some combination algorit...
متن کامل