A preliminary investigation of skype traffic classification using a minimalist feature set

被引:12
作者
Angevine, Duffy [1 ]
Zincir-Heywood, A. Nur [1 ]
机构
[1] Dalhousie Univ, Fac Comp Sci, Halifax, NS, Canada
来源
ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY | 2008年
关键词
D O I
10.1109/ARES.2008.158
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this work, AdaBoost and C4.5, are employed for classifying Skype direct (UDP and TCP) communications from traffic log files. Pre-processing is applied to the traffic data to express it as flows, which is later converted into a descriptive feature set. The aforementioned algorithms are then evaluated on this feature set. Results show that a 98% detection rate with 6% false positive rate for UDP based Skype and a 94% detection rate with 4% false positive rate for TCP based Skype is possible to achieve.
引用
收藏
页码:1075 / 1079
页数:5
相关论文
共 15 条
[1]  
Alpaydin Ethem, 2004, Introduction to machine learning
[2]  
[Anonymous], P PASS ACT MEAS WORK
[3]  
Baset S. A., 2006, P IEEE INFOCOM
[4]  
BERNAILLE L, 2006, P ACM SIGCOMM COMP C
[5]  
BERSONT T, 2005, SKYPE SECURITY EVALU
[6]  
Biondi P., 2006, SILVER NEEDLE SKYPE
[7]  
Erman Jeffrey, 2006, P 2006 SIGCOMM WORKS, P281
[8]  
Garfinkel S. L., 2005, VOIP SKYPE SECURITY
[9]  
HAFFNER P, 2005, P ACM SIGCOMM, P97
[10]  
KARAGIANNIS T, 2006, P ACM SIGCOMM, P229
12