Abstract
Classification analysis of network traffic based on port number or payload is becoming increasingly difficult from security to quality of service measurements, because of using dynamic port numbers, masquerading and various cryptographic techniques to avoid detection. Research tends to analyze flow statistical features with machine learning techniques. Clustering approaches do not require complex training procedure and large memory cost. However, the performance of clustering algorithm like k-Means still have own disadvantages. We propose a novel approach of considering harmonic mean as distance matric, and evaluate it in terms of three metrics on real-world encrypted traffic. The result shows the classification has better performance compared with the previously.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Thomas, K., Konstantina, P., Michalis, F.: BLINC: Multilevel Traffic Classification in the Dark. Computer Communication Review 35(4), 229–240 (2005)
Roughan, M., Sen, S., Spatscheck, O., Duffield, N.: Class-of service mapping for QoS: a statistical signature-based approach to IP traffic classification. In: Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement, New York, USA, pp. 135–148 (2004)
Karagiannis, T., Broido, A., Faloutsos, M., Claffy, K.C.: Transport Layer Identification of P2P Traffic. In: Proc. of IMC 2004, Taormina, Italy, pp. 121–134 (2004)
Dainotti, A., Pescapé, A., Claffy, K.C.: Issues and Future Directions in Traffic Classification. IEEE Network 26(4), 35–40 (2012)
Moore, A.W., Zuev, D.: Internet Traffic Classification Using Bayesian Analysis Techniques. In: SIGMETRIC 2005, Banff, Canada, June 6-10, pp. 50–60 (2005)
Williams, N., Zander, S., Armitage, G.: A preliminary performance comparison of five machine learning algorithms for practical ip traffic flow classification. Computer Communication Review 36(5), 5–16 (2006)
Este, A., Gringoli, F., Salgarelli, L.: Support vector machines for tcp traffic classification. Computer Networks 53(14), 2476–2490 (2009)
McGregor, A., Hall, M., Lorier, P., Brunskill, J.: Flow Clustering Using Machine Learning Techniques. In: Barakat, C., Pratt, I. (eds.) PAM 2004. LNCS, vol. 3015, pp. 205–214. Springer, Heidelberg (2004)
Zander, S., Nguyen, T., Armitage, G.: Automated traffic classification and application identification using machine learning. In: Annual IEEE Conference on Local Computer Networks, Los Alamitos, CA, USA, pp. 250–257 (2005)
Jeffrey, E., Martin, A., Anirban, M.: Traffic classification using clustering algorithms. In: Proceedings of SIGCOMM 2006, New York, USA, pp. 281–286 (September 2006)
Jeffrey, E., Anirban, M., Martin, A., Carey, W.: Identifying and discriminating between web and peer-to-peer traffic in the network core. In: Proceedings of the 16th International Conference, WWW 2007, New York, USA, pp. 883–892 (May 2007)
Wu, K.L., Yang, M.S.: Alternative c-means clustering algorithms. Pattern Recognition 35(10), 2267–2278 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, M., Zhang, H., Zhang, B., Lu, G. (2013). Encrypted Traffic Classification Based on an Improved Clustering Algorithm. In: Yuan, Y., Wu, X., Lu, Y. (eds) Trustworthy Computing and Services. ISCTCS 2012. Communications in Computer and Information Science, vol 320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35795-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-35795-4_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35794-7
Online ISBN: 978-3-642-35795-4
eBook Packages: Computer ScienceComputer Science (R0)