end-to-end encryption on the Internet is becoming more prevalent, techniques such as deep packet inspection (DPI) can no longer be expected to be able to classify traffic. In many cellular networks a large fraction of all traffic is video traffic, and being able to divide flows in the network into video and non-video can provide considerable traffic engineering benefits. In this study we examine machine learning based flow classification using features that are available also for encrypted flows. Using a data set of several several billion packets from a live cellular network we examine the obtainable classification performance for two different ensemble-based classifiers. Further, we contrast the classification performance of a statistical-based feature set with a less computationally demanding alternate feature set. To also examine the runtime aspects of the problem, we export the trained models and use a tailor-made C implementation to evaluate the runtime performance. The results quantify the trade-off between classification and runtime performance, and show that up to 1 million classifications per second can be achieved for a single core. Considering that only the subset of flows reaching some minimum flow length will need to be classified, the results are promising with regards to deployment also in scenarios with very high flow arrival rates. HITS
The different versions of the original document can be found in:
Published on 01/01/2018
Volume 2018, 2018
DOI: 10.1109/aina.2018.00061
Licence: CC BY-NC-SA license
Are you one of the authors of this document?