Skip to main content
SpringerLink
Log in

K-Dimensional Trees for Continuous Traffic Classification

  • Conference paper
Traffic Monitoring and Analysis (TMA 2010)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 6003))

Included in the following conference series:

Abstract

The network measurement community has proposed multiple machine learning (ML) methods for traffic classification during the last years. Although several research works have reported accuracies over 90%, most network operators still use either obsolete (e.g., port-based) or extremely expensive (e.g., pattern matching) methods for traffic classification. We argue that one of the barriers to the real deployment of ML-based methods is their time-consuming training phase. In this paper, we revisit the viability of using the Nearest Neighbor technique for traffic classification. We present an efficient implementation of this well-known technique based on multiple K-dimensional trees, which is characterized by short training times and high classification speed.This allows us not only to run the classifier online but also to continuously retrain it, without requiring human intervention, as the training data become obsolete. The proposed solution achieves very promising accuracy (> 95%) while looking just at the size of the very first packets of a flow. We present an implementation of this method based on the TIE classification engine as a feasible and simple solution for network operators.

This work has been supported by the European Community’s 7th Framework Programme (FP7/2007-2013) under Grant Agreement No. 225553 (INSPIRE Project) and Grant Agreement No. 216585 (INTERSECTION Project).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bentley, J.L.: K-d trees for semidynamic point sets, pp. 187–197 (1990)

    Google Scholar 

  2. Bernaille, L., Teixeira, R., Salamatian, K.: Early application identification. In: Proc. of ACM CoNEXT (2006)

    Google Scholar 

  3. Bernaille, L., et al.: Traffic classification on the fly. ACM SIGCOMM Comput. Commun. Rev. 36(2) (2006)

    Google Scholar 

  4. CoMo-UPC data sharing model, http://monitoring.ccaba.upc.edu/como-upc/

  5. Dainotti, A., et al.: TIE: a community-oriented traffic classification platform. In: Proceedings of the First International Workshop on Traffic Monitoring and Analysis, p. 74 (2009)

    Google Scholar 

  6. Erman, J., Mahanti, A., Arlitt, M.: Byte me: a case for byte accuracy in traffic classification. In: Proc. of ACM SIGMETRICS MineNet (2007)

    Google Scholar 

  7. Erman, J., et al.: Identifying and discriminating between web and peer-to-peer traffic in the network core. In: Proc. of WWW Conf. (2007)

    Google Scholar 

  8. Friedman, J.H., Bentley, J.L., Finkel, R.A.: An algorithm for finding best matches in logarithmic expected time. ACM Trans. Math. Softw. 3(3), 209–226 (1977)

    Article  MATH  Google Scholar 

  9. Internet Assigned Numbers Authority (IANA): as of August 12 (2008), http://www.iana.org/assignments/port-numbers

  10. Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: multilevel traffic classification in the dark. In: Proc. of ACM SIGCOMM (2005)

    Google Scholar 

  11. Kim, H., et al.: Internet traffic classification demystified: myths, caveats, and the best practices. In: Proc. of ACM CoNEXT (2008)

    Google Scholar 

  12. Moore, A., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: Proc. of ACM SIGMETRICS (2005)

    Google Scholar 

  13. Nguyen, T., Armitage, G.: A survey of techniques for internet traffic classification using machine learning. IEEE Communications Surveys and Tutorials 10(4) (2008)

    Google Scholar 

  14. Roughan, M., et al.: Class-of-service mapping for qos: a statistical signature-based approach to ip traffic classification. In: Proc. of ACM SIGCOMM IMC (2004)

    Google Scholar 

  15. Williams, N., Zander, S., Armitage, G.: Evaluating machine learning algorithms for automated network application identification. CAIA Tech. Rep. (2006)

    Google Scholar 

  16. Zander, S., Nguyen, T., Armitage, G.: Automated traffic classification and application identification using machine learning. In: Proc. of IEEE LCN Conf. (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Architecture, Universitat Politècnica de Catalunya (UPC),  

    Valentín Carela-Español, Pere Barlet-Ros & Marc Solé-Simó

  2. Department of Computer Engineering and Systems, Universitá di Napoli Federico II,  

    Alberto Dainotti, Walter de Donato & Antonio Pescapé

Authors
  1. Valentín Carela-Español
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pere Barlet-Ros
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marc Solé-Simó
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alberto Dainotti
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Walter de Donato
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Antonio Pescapé
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Università del Salento, Lecce, Italy, and FTW Forschungszentrum Telekommunikation, Vienna, Austria

    Fabio Ricciato

  2. Dipartimento di Elettronica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129, Torino, Italy

    Marco Mellia

  3. Institut EURECOM, Sophia Antipolis, France

    Ernst Biersack

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Carela-Español, V., Barlet-Ros, P., Solé-Simó, M., Dainotti, A., de Donato, W., Pescapé, A. (2010). K-Dimensional Trees for Continuous Traffic Classification. In: Ricciato, F., Mellia, M., Biersack, E. (eds) Traffic Monitoring and Analysis. TMA 2010. Lecture Notes in Computer Science, vol 6003. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12365-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12365-8_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12364-1

  • Online ISBN: 978-3-642-12365-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation