| Summary: | 碩士 === 臺灣大學 === 資訊工程學研究所 === 98 === The classification of IP flows according to the applications that generated them is at the basis of any modern network management platform. It has become a challenge in the last decade since many applications use tricky ways to avoid being easily recognized. Classical techniques such as port-based detection are rapidly becoming ineffective. Many reputable research groups have published several interesting papers on traffic classification, proposing mechanisms of different nature. However, it is our opinion that some factors in real-world network environments would affect the effectiveness of these classification mechanisms.
In this paper we implement a flow-based Internet traffic classifier and conduct an experiment to measure its performance dealing with real-world data traces. Even though the classification method is based on the work in the past, our contribution is to provide insights into flow-based traffic classification technique and to analyze the applicability of it. Our results expose several real-world issues while applying flow-based classification; some can be resolved by the mechanisms we propose, and some still need to be researched in further work. We also present the impact of flow sampling to the technique. Our results show that the effectiveness of flow-based traffic classification is limited in a certain range of sampling intervals.
|
|---|
