Flow Feature-Based Network Traffic Classification Using Machine Learning

Reliable network traffic classification is essential to management and security tasks. Therefore, it is beneficial to analyze and improve existing techniques. Some of the most traditional methodologies for traffic classification are based on port number and packet payload, each of which presents an increasing set of problems. Port number-based classification techniques suffer from the misuse of port numbers and tunneling. This is primarily due to their reliance on the proper use of IANA (Internet Assigned Numbers Authority) assigned numbers. On the other hand, packet payload-based classification has difficulty dealing with encrypted data and legal restrictions to accessing user data. Flow feature-based classification canovercome these challenges by creating profiles based on the traffic patterns of applications. Furthermore, machine learning techniques have shown to be a good match for traffic classification. Thus, the goal of this paper is to explore the combination of these fields and to develop a set of machine learning models capable of classifying network traffic based on flow features. This was achieved by using a ready to use dataset to train two supervised and one unsupervised clustering model.The results for the supervised classifiers were considered comparable to similar studies, while the performance of the clustering model was found to be not satisfactory.