Network Traffic Classification Based on Single Flow Time Series Analysis
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F23%3A10133607" target="_blank" >RIV/63839172:_____/23:10133607 - isvavai.cz</a>
Nalezeny alternativní kódy
RIV/68407700:21240/23:00369772
Výsledek na webu
<a href="https://ieeexplore.ieee.org/document/10327876" target="_blank" >https://ieeexplore.ieee.org/document/10327876</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.23919/CNSM59352.2023.10327876" target="_blank" >10.23919/CNSM59352.2023.10327876</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Network Traffic Classification Based on Single Flow Time Series Analysis
Popis výsledku v původním jazyce
Network traffic monitoring using IP flows is used to handle the current challenge of analyzing encrypted network communication. Nevertheless, the packet aggregation into flow records naturally causes information loss; therefore, this paper proposes a novel flow extension for traffic features based on the time series analysis of the Single Flow Time series, i.e., a time series created by the number of bytes in each packet and its timestamp. We propose 69 universal features based on the statistical analysis of data points, time domain analysis, packet distribution within the flow timespan, time series behavior, and frequency domain analysis. We have demonstrated the usability and universality of the proposed feature vector for various network traffic classification tasks using 15 well-known publicly available datasets. Our evaluation shows that the novel feature vector achieves classification performance similar or better than related works on both binary and multiclass classification tasks. In more than half of the evaluated tasks, the classification performance increased by up to 5 %.
Název v anglickém jazyce
Network Traffic Classification Based on Single Flow Time Series Analysis
Popis výsledku anglicky
Network traffic monitoring using IP flows is used to handle the current challenge of analyzing encrypted network communication. Nevertheless, the packet aggregation into flow records naturally causes information loss; therefore, this paper proposes a novel flow extension for traffic features based on the time series analysis of the Single Flow Time series, i.e., a time series created by the number of bytes in each packet and its timestamp. We propose 69 universal features based on the statistical analysis of data points, time domain analysis, packet distribution within the flow timespan, time series behavior, and frequency domain analysis. We have demonstrated the usability and universality of the proposed feature vector for various network traffic classification tasks using 15 well-known publicly available datasets. Our evaluation shows that the novel feature vector achieves classification performance similar or better than related works on both binary and multiclass classification tasks. In more than half of the evaluated tasks, the classification performance increased by up to 5 %.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
20202 - Communication engineering and systems
Návaznosti výsledku
Projekt
<a href="/cs/project/VJ02010024" target="_blank" >VJ02010024: Analýza šifrovaného provozu pomocí síťových toků</a><br>
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Ostatní
Rok uplatnění
2023
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
19th International Conference on Network and Service Management, CNSM 2023
ISBN
978-3-903176-59-1
ISSN
2165-963X
e-ISSN
—
Počet stran výsledku
7
Strana od-do
—
Název nakladatele
IEEE
Místo vydání
Piscataway , USA
Místo konání akce
Niagara Falls, Kanada
Datum konání akce
30. 10. 2023
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
—