Internet traffic identification and classification - PowerPoint PPT Presentation

1 / 6
About This Presentation
Title:

Internet traffic identification and classification

Description:

Why is this one of the hottest issues in the Internet today? Existing approaches. Port-based ... What is the key new idea that I want to explore? ... – PowerPoint PPT presentation

Number of Views:572
Avg rating:3.0/5.0
Slides: 7
Provided by: ccGa
Category:

less

Transcript and Presenter's Notes

Title: Internet traffic identification and classification


1
Internet traffic identificationand classification
  • CS 7270
  • Networked Applications Services
  • Lecture-2

2
Background
  • What does traffic classification mean?
  • Packet monitors
  • Which are the important packet header fields?
  • Flow monitors (e.g., Ciscos NetFlow)
  • Definition of a flow?
  • Who is interested in traffic classification and
    why?
  • Why is this one of the hottest issues in the
    Internet today?

3
Existing approaches
  • Port-based
  • Largely ineffective today
  • Flow-based signatures/patterns
  • Look for certain packet sizes, packet
    interarrivals, flow sizes
  • Supervised machine-learning techniques
  • Requires accurate classification of some flows
    (training set)
  • Cluster flows based on group of discriminants?
  • Payload-based techniques
  • Look for certain strings or byte sequences in
    layer-4 (or higher) headers
  • What does deep packet inspection mean?

4
How would you do traffic classification?
  • A good project topic?
  • Some things to consider as you decide on a
    project topic
  • What is the most important related work?
  • See Keshavs paper
  • Read at least 3-4 papers on a topic before you
    decide to work on it
  • What is the key new idea that I want to explore?
  • For example, can I identify individual p2p
    applications if I have access to the payload of
    the first packet in a flow (after connection
    establishment)?
  • Which are the available tools I can use?
  • Tcpdump or ethereal packet monitors at my laptop
  • Install clients of p2p applications at my laptop
  • Do we have appropriate datasets?
  • OIT may be able to provide us with anonymized
    packet traces or netflow records from GAtechs
    edge routers
  • You can collect packet traces from your own
    laptop for validation purposes
  • What is the set of questions I want to answer?
    How will I do so?
  • Asking the right questions is 50 of the
    research!
  • Describe your methodology in detail
  • E.g, I will examine hypothesis X if I can accept
    it, I will move on to hypothesis Y (given X)
    otherwise, if I reject X, I will move to
    hypothesis Z

5
Reading
  • Blinc multilevel traffic classification in the
    dark by Karagiannis et al.
  • Published at Sigcomm05
  • Probably the most accurate method currently
    available (without payload information)
  • Interesting methodology for a couple of reasons
  • Focuses on hosts rather flows
  • Considers social/functional/application levels

6
Download slides
  • http//www.nanog.org/mtg-0510/pdf/karagiannis.blin
    c.pdf
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Internet traffic identification and classification" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!