Network traffic classification using decision tree based on minimum partition distance
Before data communications,every application protocol to handshake at application layer and transmit some parameters.This process is quite different according to the protocols,such as the packet direction,payload size and the information entropy of each packet payload.So according to these features,...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2012-03-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/1000-436X(2012)03-0090-13/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Before data communications,every application protocol to handshake at application layer and transmit some parameters.This process is quite different according to the protocols,such as the packet direction,payload size and the information entropy of each packet payload.So according to these features,decision tree algorithm based on minimum partition distance was used to train the classifier.The results of the offline experiments on real network traces and the online classification experiments in campus network indicate that,analyzing the first four or six packets of each flow is enough to classify eight common used application protocols with high overall accuracy and low cost.Contrast to other machine learning algorithms,decision tree can achieve better ent traces and low classification time.So it is very suitable for real-time traffic classification. |
|---|---|
| ISSN: | 1000-436X |