Murdoch University Research Repository

Welcome to the Murdoch University Research Repository

The Murdoch University Research Repository is an open access digital collection of research
created by Murdoch University staff, researchers and postgraduate students.

Learn more

Self-Learning IP traffic classification based on statistical flow characteristics

Zander, S., Nguyen, T. and Armitage, G. (2005) Self-Learning IP traffic classification based on statistical flow characteristics. Lecture Notes in Computer Science, 3431 . pp. 325-328.

PDF - Authors' Version
Download (141kB) | Preview
Link to Published Version:
*Subscription may be required


A number of key areas in IP network engineering, management and surveillance greatly benefit from the ability to dynamically identify traffic flows according to the applications responsible for their creation. Currently such classifications rely on selected packet header fields (e.g. destination port) or application layer protocol decoding. These methods have a number of shortfalls e.g. many applications can use unpredictable port numbers and protocol decoding requires high resource usage or is simply infeasible in case protocols are unknown or encrypted. We propose a framework for application classification using an unsupervised machine learning (ML) technique. Flows are automatically classified based on their statistical characteristics. We also propose a systematic approach to identify an optimal set of flow attributes to use and evaluate the effectiveness of our approach using captured traffic traces.

Item Type: Journal Article
Publisher: Springer Verlag
Copyright: 2005 Springer-Verlag Berlin Heidelberg
Other Information: Conference title: 6th International Workshop, PAM 2005, Boston, MA, USA, March 31 - April 1, 2005
Item Control Page Item Control Page


Downloads per month over past year