Document Open Access Logo

Improving Markov-based TCP Traffic Classification

Authors Gerhard Münz, Stephan Heckmüller, Lothar Braun, Georg Carle

PDF

File

Thumbnail PDF
PDF
OASIcs.KiVS.2011.61.pdf
  • Filesize: 1.06 MB
  • 12 pages

Document Identifiers

Subject Classification

Keywords
  • Markov model
  • TCP Traffic Classification
  • network

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

This paper presents an improved variant of our Markov-based TCP traffic classifier and demonstrates its performance using traffic captured in a university network. Payload length, flow direction, and position of the first data packets of a TCP connection are reflected in the states of the Markov models. In addition, we integrate a new "end of connection" state to further improve the classification accuracy. Using 10-fold cross validation, we identify appropriate settings for the payload length intervals and the number of data packets considered in the models. Finally, we discuss the classification results for the different applications.

Cite As Get BibTex

Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle. Improving Markov-based TCP Traffic Classification. In 17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011). Open Access Series in Informatics (OASIcs), Volume 17, pp. 61-72, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2011) https://doi.org/10.4230/OASIcs.KiVS.2011.61

Author Details

Gerhard Münz
Stephan Heckmüller
Lothar Braun
Georg Carle
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact