Journal on Communications ›› 2013, Vol. 34 ›› Issue (10): 143-152.doi: 10.3969/j.issn.1000-436x.2013.10.017
• Technical Report • Previous Articles Next Articles
Shi DONG1,2,3,Wei DING1,2
Online:
2013-10-25
Published:
2017-08-10
Supported by:
Shi DONG,Wei DING. Traffic classification model based on fusion of multiple classifiers with flow preference[J]. Journal on Communications, 2013, 34(10): 143-152.
"
测度 | 测度描述 |
双向报文数 | 前向和后向的报文数之和 |
双向字节数 | 前向和后向的字节数之和 |
平均报文长度 | 双向字节数双向报文数/ |
持续时间 | 流结束时间—流开始时间 |
TOS | NETFLOW中双向TOS之OR |
TCPFLAGS1 | 某一方向流的TCPFLAGS |
TCPFLAGS2 | 另一方向流的TCPFLAGS |
传输层协议 | NETFLOW直接得到 |
低位端口 | NETFLOW直接得到 |
高位端口 | NETFLOW直接得到 |
PPS | 报文数持续时间/ |
BPS | 字节数持续时间/ |
平均报文到达间隔 | 持续时间报文数/ |
双向报文数比 | 流中双向报文数的比 |
双向字节数比 | 流中双向字节数的比 |
双向报文长度比 | 流中双向报文长度的比 |
"
应用协议标号 | 应用类别 | 所含协议举例 | 流数 | 比重/% |
1 | WWW | HTTP等 | 304 572 | 74.01 |
2 | Bulk | FTP | 5 483 | 1.33 |
3 | Mail | IMAP,POP3,SMTP | 385 | 0.09 |
4 | P2P | BitTorrent,eDonkey,Gnu-tella,Xun-Lei,pplive | 71 186 | 17.3 |
5 | Service | DNS,NTP | 3 035 | 0.74 |
6 | Interactive | SSH,CVS,pcAnywhere | 60 | 0.014 |
7 | Multimedia | RTSP,Real | 20 | 0.004 9 |
8 | Voice | SIP,Skype | 276 | 0.067 |
9 | Others | games,attacks | 26 500 | 6.44 |
"
流数量 | 多分类器时间消耗 | C4.5时间消耗 | NaiveBayes时间消耗 | SVM时间消耗 | |||||||
训练时间/s | 分类时间/s | 训练时间/s | 分类时间/s | 训练时间/s | 分类时间/s | 训练时间/s | 分类时间/s | ||||
103 | 30.0 | 5.20 | 84.6 | 12.58 | 46.63 | 13.24 | 116.6 | 13.2 | |||
104 | 256 | 7.11 | 284.7 | 16.36 | 275.5 | 12.44 | 325.6 | 19.4 | |||
105 | 3 503 | 15.24 | 3 870 | 23.57 | 3 781 | 18.96 | 4 294 | 25.9 | |||
106 | 36 172 | 59.2 | 38 476 | 79.84 | 37 276 | 67.01 | 42 162 | 86.7 |
[1] | KARAGIANNIS T , PAPAGIANNAKI K , FALOUTSOS M . BLINC:multilevel traffic classification in the dark[A]. Proc of the ACM SIG-COMM[C]. Philadelphia, 2005. 229-240. |
[2] | ROUGHAN M , SEN S , SPATSCHECK O ,et al. Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[A]. Proc of the ACM SIGCOMM Internet Measurement Conf[C]. Taormina, 2004. 135-148. |
[3] | MOORE A W , ZUEV D . Internet traffic classification using Bayes n analysis techniques[A]. Proc of the 2005 ACM SIGMETRICS Int'1 Conf on Measurement and Modeling of Computer Systems[C]. Banff, 2005. 50-60. |
[4] | 李君, 张顺颐, 王浩云 ,等. 基于贝叶斯网络的Peer to peer识别方法[J]. 应用科学学报, 2009,27(2): 124-130. LI J , ZHANG S Y , WANG H Y ,et al. Peer to peer identification using Bayesian networks[J]. Journal of Applied Sciences, 2009,27(2): 124-130. |
[5] | 徐鹏, 刘琼, 林森 . 基于支持向量机的Internet流量分类研究[J]. 计算机研究与发展, 2009,46(3): 407-414. XU P , LIU Q , LIN S . Internet traffic classification based on support vector machines[J]. Journal of Computer Research and Development, 2009,46(3): 407-414. |
[6] | LI Z , YUAN R X , GUAN X H . Accurate classification of the Internet traffic based on the SVM method[A]. Proc of IEEE International Conference on Communications (ICC)[C]. Glasgow,Scotland,United Kingdom, 2007. 1373-1378. |
[7] | MA Y L , QIAN Z J , SHOU G C . Study on preliminary performance of algorithms for network traffic identification[A]. Proc of 2008 Interna-tional Conference on Computer Science and Software Eng neering[C]. Wuhan,China, 2008. 629-633. |
[8] | ALSHAMMARI R , ZINCIR-HEYWOOD A N . Investigating two different approaches for encrypted traffic classification[A]. Proc of Sixth Annual Conference on Privacy,Security and Trust[C]. Fredericton,NB,Canada, 2008. 156-166. |
[9] | HIRVONEN M , LAULAJAINEN J P . Two-phased network traffic classification method for quality of service management[A]. Proc of the 13th IEEE International Symposium on Consumer Electronics (ISCE2009)[C]. Kyoto,Japan, 2009. 962-966. |
[10] | ZUEV D , ANDREW W M . Traffic classification using a statistical approach[A]. Proc of the 6th Annual Passive and Active Measure-ments Workshop (PAM'05)[C]. Boston,USA, 2005. 321-324. |
[11] | ANDREW W M , DENIS Z . Internet traffic classification using baye-sian analysis techniques[A]. Proc of ACM SIGMETRICS'05[C]. Banff,Canada, 2005. 50-60. |
[12] | JIANG H B , MOORE A W , GE Z H ,et al. Lightweight application classification for network management[A]. Proc of the SIGCOMM Workshop on Internet Network Management'07[C]. Kyoto,Japan, 2007.299-304. |
[13] | AULD T , MOORE A W , GULL S F . Bayesian neural networks Internet traffic classification[J]. IEEE Transactions on Neural Net-works, 2007,18(1): 223-239. |
[14] | LI W , CANINI M , MOORE A W ,et al. Efficient application identifi-cation and the temporal and spatial stability of class fication schema[J]. Computer Networks, 2009,53: 790-809. |
[15] | HALL D L.Mathematical Techniques in Multi Sensor Data Fusion . Bosston[M]. Artech Hous, 2004. 125-13. |
[16] | ORPONEN P . Dempster's rule of combination is # P-complete[J]. Artificial Intelligence, 1990,44(1,2): 245-253. |
[17] | DAVIS J , GOADRICH M . The relationship between precision-recall and ROC curves[A]. Proceedings of the 23rd International Conference on Machine Learning (ACM,2006)[C]. Pittsburgh,PA,United, 2006. 233-240. |
[18] | L7-filter,application layer packet classifier for Linux[EB/OL]. . 2003. |
[1] | Qianyi DAI, Bin ZHANG, Song GUO, Kaiyong XU. Blockchain network layer anomaly traffic detection method based on multiple classifier integration [J]. Journal on Communications, 2023, 44(3): 66-80. |
[2] | Jianxun LIU, Linghang DING, Guosheng KANG, Buqing CAO, Yong XIAO. Joint QoS prediction for Web services based on deep fusion of features [J]. Journal on Communications, 2022, 43(7): 215-226. |
[3] | Gaofeng HE, Qianfeng WEI, Xiancai XIAO, Haiting ZHU, Bingfeng XU. Confirmation method for the detection of malicious encrypted traffic with data privacy protection [J]. Journal on Communications, 2022, 43(2): 156-170. |
[4] | Zhibin FENG, Yuhua XU, Zhiyong DU, Xin LIU, Wen LI, Hao HAN, Xiaobo ZHANG. Active defense technology against intelligent jammer [J]. Journal on Communications, 2022, 43(10): 42-54. |
[5] | Yanhui LU, Han LIU, Hang LI, Guangxu ZHU. Time series generation model based on multi-discriminator generative adversarial network [J]. Journal on Communications, 2022, 43(10): 167-176. |
[6] | Kai MEI, Haitao ZHAO, Xiaoran LIU, Jun LIU, Jun XIONG, Baoquan REN, Jibo WEI. Efficient model-and-data based channel estimation algorithm [J]. Journal on Communications, 2022, 43(1): 59-70. |
[7] | Changgen PENG, Ting GAO, Huilan LIU, Hongfa DING. PCA-based membership inference attack for machine learning models [J]. Journal on Communications, 2022, 43(1): 149-160. |
[8] | Futai ZOU, Yue TAN, Lin WANG, Yongkang JIANG. Botnet detection based on generative adversarial network [J]. Journal on Communications, 2021, 42(7): 95-106. |
[9] | Liu LIU, Jianhua ZHANG, Yuanyuan FAN, Li YU, Jiachi ZHANG. Survey of application of machine learning in wireless channel modeling [J]. Journal on Communications, 2021, 42(2): 134-153. |
[10] | Yusun FU,Genke YANG. Application of artificial intelligence in mobile communication:challenge and practice [J]. Journal on Communications, 2020, 41(9): 190-201. |
[11] | Jiazhi REN,Hui TIAN,Shaoshuai FAN,Yuanzhuo LIN,Gaofeng NIE,Jilong LI. UAV deployment and caching scheme based on user preference prediction [J]. Journal on Communications, 2020, 41(6): 1-13. |
[12] | Tieming CHEN,Chengqiang JIN,Mingqi LYU,Tiantian ZHU. Intelligent detection method on network malicious traffic based on sample enhancement [J]. Journal on Communications, 2020, 41(6): 128-138. |
[13] | Chunyu HAN,Yongzheng ZHANG,Yu ZHANG. Fast-flucos:malicious domain name detection method for Fast-flux based on DNS traffic [J]. Journal on Communications, 2020, 41(5): 37-47. |
[14] | Xin ZHOU,Xiaoxin HE,Changwen ZHENG. Radio signal recognition based on image deep learning [J]. Journal on Communications, 2019, 40(7): 114-125. |
[15] | Xuehui DU,Yangdong LIN,Yi SUN. Malicious PDF document detection based on mixed feature [J]. Journal on Communications, 2019, 40(2): 118-128. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|