William H. Turkett, Jr., Andrew V. Karode, Errin W. Fulp
This work addresses the problem of in-the-dark traffic classification for TCP sessions, an important problem in network management. An innovative use of support vector machines (SVMs) with a spectrum representation of packet flows is demonstrated to provide a highly accurate, fast, and robust method for classifying common application protocols. The use of a linear kernel allows for an analysis of SVM feature weights to gain insight into the underlying protocol mechanisms.
Subjects: 12. Machine Learning and Discovery; 1. Applications
Submitted: Mar 25, 2008