Incorporating multiple cluster models for network traffic classification | IEEE Conference Publication | IEEE Xplore

Incorporating multiple cluster models for network traffic classification


Abstract:

Network traffic classification is one of the essential functions for local and ISP networks. With its importance, a substantial number of previous studies have explored v...Show More

Abstract:

Network traffic classification is one of the essential functions for local and ISP networks. With its importance, a substantial number of previous studies have explored various machine learning techniques with network flow statistics for accurate traffic classification, including the clustering-based approach. However, we obtained unacceptable results from previously proposed clustering-based techniques from our preliminary experiments. In particular, simply employing the entire flow attributes for clustering leads to unexpectedly poor accuracy (less than 70%). In this paper, we propose a new technique based on multiple trained cluster models to overcome this problem. The proposed technique utilizes multiple sets of attribute combinations in parallel for traffic classification, rather than simply merging the entire (or a subset of) attributes in a single model. Our technique also includes a selection step to reduce the results from the individual models into a single output as the final classification decision, and we explore a set of selection strategies. We present our experimental results and show that our technique significantly improves overall accuracy up to 95%.
Date of Conference: 26-29 October 2015
Date Added to IEEE Xplore: 07 January 2016
ISBN Information:
Conference Location: Clearwater Beach, FL, USA

References

References is not available for this document.