A new platform for machine-learning-based network traffic classification

This study provides a new platform for classifying encrypted network traffic based on machine learning (ML) techniques. The architecture of the platform is designed for real-world network traffic classification problems with performance-oriented, practical, and up-to-date software technologies. In addition, this study introduces a new feature extraction method to the literature. The proposed platform applies ML techniques with flowbased statistical features of encrypted network traffic and new feature extraction. It takes network traffic packets as input and passes them through feature extraction, data preparation, and ML stages. In the feature extraction stage, network flows are extracted from the network traffic data by calculating their features with the NFStream tool. During the data preparation stage, the dataset is transformed into a processable state for the ML algorithm with the Apache Spark framework. This stage also includes the feature selection operation. The ML stage runs GBTree, LightGBM, and XGBoost algorithms. Moreover, we use the MLflow framework in the proposed process management to observe the ML lifecycle, including experimentation, reproducibility, and deployment. The experimental results show that the XGBoost algorithm achieves the best result with an F1 score of above 99%.