A Hybrid Online Classifier System for Internet Traffic Based on Statistical Machine Learning Approach and Flow Port Number

Internet traffic classification is a beneficial technique in the direction of intrusion detection and network monitoring. After several years of searching, there are still many open problems in Internet traffic classification. The hybrid classifier combines more than one classification method to ide...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Applied sciences 2021-12, Vol.11 (24), p.12113
Hauptverfasser: Ibrahim, Hamza Awad Hamza, Zuobi, Omer Radhi A. L., Abaker, Awad M., Alzghoul, Musab B.
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Internet traffic classification is a beneficial technique in the direction of intrusion detection and network monitoring. After several years of searching, there are still many open problems in Internet traffic classification. The hybrid classifier combines more than one classification method to identify Internet traffic. Using only one method to classify Internet traffic poses many risks. In addition, an online classifier is very important in order to manage threats on traffic such as denial of service, flooding attack and other similar threats. Therefore, this paper provides some information to differentiate between real and live internet traffic. In addition, this paper proposes a hybrid online classifier (HOC) system. HOC is based on two common classification methods, port-base and ML-base. HOC is able to perform an online classification since it can identify live Internet traffic at the same time as it is generated. HOC was used to classify three common Internet application classes, namely web, WhatsApp and Twitter. HOC produces more than 90% accuracy, which is higher than any individual classifiers.
ISSN:2076-3417
2076-3417
DOI:10.3390/app112412113