In-The-Dark Network Traffic Classification Using Support Vector Machines

William H. Turkett, Jr., Andrew V. Karode, Errin W. Fulp

This work addresses the problem of in-the-dark traffic classification for TCP sessions, an important problem in network management. An innovative use of support vector machines (SVMs) with a spectrum representation of packet flows is demonstrated to provide a highly accurate, fast, and robust method for classifying common application protocols. The use of a linear kernel allows for an analysis of SVM feature weights to gain insight into the underlying protocol mechanisms.

Subjects: 12. Machine Learning and Discovery; 1. Applications

Submitted: Mar 25, 2008


This page is copyrighted by AAAI. All rights reserved. Your use of this site constitutes acceptance of all of AAAI's terms and conditions and privacy policy.