AIRCC's International Journal of Computer Science and Information Technology

Open Access Open Access  Restricted Access Subscription Access

ITCM: A Real Time Internet Traffic Classifier Monitor


Affiliations
1 Federal Institute of Ceara, Aracati, Brazil
2 Department of Statistics and Computing, State University of Ceara, Fortaleza, Brazil
 

The continual growth of high speed networks is a challenge for real-time network analysis systems. The real time traffic classification is an issue for corporations and ISPs (Internet Service Providers). This work presents the design and implementation of a real time flow-based network traffic classification system. The classifier monitor acts as a pipeline consisting of three modules: packet capture and pre-processing, flow reassembly, and classification with Machine Learning (ML). The modules are built as concurrent processes with well defined data interfaces between them so that any module can be improved and updated independently. In this pipeline, the flow reassembly function becomes the bottleneck of the performance. In this implementation, was used a efficient method of reassembly which results in a average delivery delay of 0.49 seconds, approximately. For the classification module, the performances of the K-Nearest Neighbor (KNN), C4.5 Decision Tree, Naive Bayes (NB), Flexible Naive Bayes (FNB) and AdaBoost Ensemble Learning Algorithm are compared in order to validate our approach.

Keywords

Traffic Classification System, Pipeline, Flow Reassembly, Machine Learning.
User
Notifications
Font Size

Abstract Views: 209

PDF Views: 112




  • ITCM: A Real Time Internet Traffic Classifier Monitor

Abstract Views: 209  |  PDF Views: 112

Authors

Silas Santiago Lopes Pereira
Federal Institute of Ceara, Aracati, Brazil
Jose Everardo Bessa Maia
Department of Statistics and Computing, State University of Ceara, Fortaleza, Brazil
Jorge Luiz de Castro e Silva
Department of Statistics and Computing, State University of Ceara, Fortaleza, Brazil

Abstract


The continual growth of high speed networks is a challenge for real-time network analysis systems. The real time traffic classification is an issue for corporations and ISPs (Internet Service Providers). This work presents the design and implementation of a real time flow-based network traffic classification system. The classifier monitor acts as a pipeline consisting of three modules: packet capture and pre-processing, flow reassembly, and classification with Machine Learning (ML). The modules are built as concurrent processes with well defined data interfaces between them so that any module can be improved and updated independently. In this pipeline, the flow reassembly function becomes the bottleneck of the performance. In this implementation, was used a efficient method of reassembly which results in a average delivery delay of 0.49 seconds, approximately. For the classification module, the performances of the K-Nearest Neighbor (KNN), C4.5 Decision Tree, Naive Bayes (NB), Flexible Naive Bayes (FNB) and AdaBoost Ensemble Learning Algorithm are compared in order to validate our approach.

Keywords


Traffic Classification System, Pipeline, Flow Reassembly, Machine Learning.