Abstract
Network traffic classification is the foundation of many network research works. Network traffic classification is extensively required for some network management tasks, for example, prioritization, flow, diagnostic monitoring and traffic shaping/policing. Similar to network management tasks, many network engineering problems, like capacity planning, route provisioning and workload characterization and modelling, also benefit from accurate identification of the network traffic. The focus of this research is to classify traffic based on application type. This paper presents a review of different types of network classification methods and big data tools used to increase accuracy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Katzan H (2012), Essentials of cybersecurity. In: Southeastern INFORMS conference, Myrtle Beach
Chen M, Kotay S, Robinson J (2018) Network traffic classification. U.S. Patent No. 9,948,605
CERT Incident Note (1998) (Online Available): http://www.cert.org/incident_notes/IN-98.02.html
NMAP Homepage. http://www.insecure.org/nmap/index.html
COAST FTP Site, (Online Available): ftp://coast.cs.purdue.edu/pub/tools/unix/satan/
Hadoop, (Online Avaliable). http://hadoop.apache.org
Engle C, Lupher A, Xin R, Zaharia M, Franklin MJ, Shenker S, Stoica I (2012) Shark: fast data analysis using coarse-grained distributed memory. In: Proceedings of the 2012 ACM SIGMOD international conference on management of data, ser. SIGMOD ’12
IANA Port Numbers, (Online Available): http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. Accessed 15 Jan 2014
Thusoo A, Sarma JS, Jain N, Shao Z, Chakka P, Anthony S, Liu H, Wyckoff P, Murthy R (2009) Hive: a warehousing solution over a mapreduce framework. Proc VLDB Endow 2(2):1626–1629
Zaharia M, Chowdhury M, Franklin MJ, Shenker S, Stoica I (2010) Spark: cluster computing with working sets. In: Proceedings of the 2nd USENIX conference on hot topics in cloud computing, ser. HotCloud’10
Moore AW, Papagiannaki K (2005) Toward the accurate identification of network applications. In: Proceedings of the 6th passive active measurement (PAM) Workshop, vol 3431, pp 41–54
Roughan M, Sen S, Spatscheck O, Duffield N (2004) Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification. In: Proceedings of ACM SIGCOMM internet measurement workshop, Sicily, pp 135–148
Haffner P, Sen S, Spatscheck O, Wang D (2005) ACAS: automated construction of application signatures. In: Proceedings of the 2005 ACM SIGCOMM workshop on mining network data, Philadelphia, pp 197–202
Finamore A, Mellia M, Rossi MMaD (2010) Kiss: stochastic packet inspection classifier for udp traffic. IEEE/ACM Trans Networking 18(5):1505–1515
Kim J, Hwang J, Kim K (2016) High-performance internet traffic classification using a Markov Model and Kullback-Leibler divergence. Mobile Information Systems
Peng L, Yang B, Chen Y, Chen Z (2016) Effectiveness of statistical features for early stage internet traffic identification. Int J Parallel Prog 44(1):181–197
Mula-Valls O (2011) A practical retraining mechanism for network traffic classification in operational environments. Master Thesis in Computer Architecture, Networks and Systems, Universitat Politecnica de Catalunya
Jain AK, Mao J, Mohiuddin K (1996) Artificial neural networks: a tutorial. IEEE Comput 29(3):31–44
Namdev N, Agrawal S, Silkari S (2015) Recent advancement in machine learning based internet traffic classification. Procedia Comput Sci 60:784–791
Zhang J, Xiang Y, Zhou W, Wang Y (2013) Unsupervised traffic classification using flow statistical properties and IP packet payload. J Comput Syst Sci 79(5):573–585
Zander S, Nguyen T, Armitage G (2005) Automated traffic classification and application identification using machine learning. In: 30th annual IEEE conference on local computer networks, Sydney, pp 250–257
Taylor FR (2016) Evaluation of supervised machine learning for classifying video traffic. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, College of Engineering and Computing
Bin H, Shen Y (2012) Machine learning based network traffic classification: a survey. J Inf Comput Sci 9(11):3161–3170
Huang N-F, Jai G-Y, Chao H-C, Tzang Y-J, Chang H-Y (2013) Application traffic classification at the early stage by characterizing application rounds. Inf Sci 232:130–142
Li W, Moore AW (2007) A machine learning approach for efficient traffic classification. In: 15th international symposium on modeling, analysis, and simulation of computer and telecommunication systems, 2007. MASCOTS ‘07
Tabatabaei TS, Karray F, Kamel M (2012) Early internet traffic recognition based on machine learning methods. In: IEEE Canadian conference on electrical and computer engineering (CCECE), Montreal
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Al-Araji, Z.J. et al. (2019). Network Traffic Classification for Attack Detection Using Big Data Tools: A Review. In: Piuri, V., Balas, V., Borah, S., Syed Ahmad, S. (eds) Intelligent and Interactive Computing. Lecture Notes in Networks and Systems, vol 67. Springer, Singapore. https://doi.org/10.1007/978-981-13-6031-2_37
Download citation
DOI: https://doi.org/10.1007/978-981-13-6031-2_37
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-6030-5
Online ISBN: 978-981-13-6031-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)