An Upgraded C5.0 Algorithm for Network Application Identification

摘要

Network traffic classification is an approach of examining application packets and classifying them into different classes that are generated from different applications. Network traffic classification indicates an important role in network security. There have been several kinds of research taken place to classify network traffic based on the statistical features of flow duration, packet inter-arrival time, packet size etc. Of these, the existing port number based classifier technique is applicable only for the well-known application because of the ascent of dynamic porting technique. Then payload based classifier have worked well only for the unrestricted data packets that are for nonconfidential data packets. And at the same time monitoring a high-speed internet for analyzing the data flow was impractical with the traditional technologies instead it required multi-hop technologies. Providing multi-hop observers is not an easy and efficient task. Thus to overwhelm the challenges in the existing technique, this paper has been provided with a supervised machine learning technique using an algorithm called C5.O algorithm. With that algorithm, based on the statistical parameters collected from volunteers we have built a classifier algorithm which have the ability to classify 17 different applications. This is a decision tree algorithm which decides upon the traffic by relating to the application which generated it. This is an efficient algorithm with nearly 98% accuracy as it classifies the traffic based on the statistical characteristics gathered by a survey of the internet traffic and applications.