Practical and Configurable Network Traffic Classification Using Probabilistic Machine Learning
This work addresses the need for flexible and accurate traffic classification for network security and management, though it is incremental in its approach.
The authors tackled the problem of network traffic classification by proposing a configurable machine learning method based on likelihood estimation, which achieved high performance on real-world traffic from a high-performance computing network environment.
Network traffic classification that is widely applicable and highly accurate is valuable for many network security and management tasks. A flexible and easily configurable classification framework is ideal, as it can be customized for use in a wide variety of networks. In this paper, we propose a highly configurable and flexible machine learning traffic classification method that relies only on statistics of sequences of packets to distinguish known, or approved, traffic from unknown traffic. Our method is based on likelihood estimation, provides a measure of certainty for classification decisions, and can classify traffic at adjustable certainty levels. Our classification method can also be applied in different classification scenarios, each prioritizing a different classification goal. We demonstrate how our classification scheme and all its configurations perform well on real-world traffic from a high performance computing network environment.