Novel dynamic multiple classification system for network traffic

Traffic classification has been widely used in networking and security issues. Previous works have involved many different techniques for mapping traffic to the application. However, little attention has been paid to traffic classification for dynamic network stream. In this paper, we propose a Dynamic Multiple Traffic Classification System (DMTCS). We first introduce the time-based distribution of the traffic protocol information to the traffic classification problem, as the traffic data is a data stream with time continuity. The packets are treated as documents and protocols are seen as topics. Thus, we can apply topic models to cluster packets. In our system, after initialization, packets arrived at a time point are classified as of some protocols. Then, these packets are assembled to clusters according to the protocol distribution at the last time point. Finally, we use these clusters to classify packets arrived at the next time point. Our method has several advantages: 1) does not require the prior knowledge of target applications: 2) tolerant with both TCP and UDP protocols; 3) support multiple classification; 4) preserve high accuracy for the traffic stream with dynamic and imbalanced traffic distribution. Evaluations on DMTCS are carried on two different datasets, and the experimental results demonstrate that DMTCS has an impressive performance in classification on the real-world network stream and the dynamic simulation stream. Whats more, DMTCS outperforms other state-of-the-art models in our experiment. (C) 2018 Published by Elsevier Inc.