Loughborough University
Browse
KOndoz_wireless_traffic_jrnl.1.pdf (2.81 MB)

Radio frequency traffic classification over WLAN

Download (2.81 MB)
journal contribution
posted on 2016-06-14, 11:03 authored by Joe Kornycky, Omar Abdul-Hameed, Ahmet Kondoz, Brian C. Barber
Network traffic classification is the process of analyzing traffic flows and associating them to different categories of network applications. Network traffic classification represents an essential task in the whole chain of network security. Some of the most important and widely spread applications of traffic classification are the ability to classify encrypted traffic, the identification of malicious traffic flows, and the enforcement of security policies on the use of different applications. Passively monitoring a network utilizing low-cost and low-complexity wireless local area network (WLAN) devices is desirable. Mobile devices can be used or existing office desktops can be temporarily utilized when their computational load is low. This reduces the burden on existing network hardware. The aim of this paper is to investigate traffic classification techniques for wireless communications. To aid with intrusion detection, the key goal is to passively monitor and classify different traffic types over WLAN to ensure that network security policies are adhered to. The classification of encrypted WLAN data poses some unique challenges not normally encountered in wired traffic. WLAN traffic is analyzed for features that are then used as an input to six different machine learning (ML) algorithms for traffic classification. One of these algorithms (a Gaussian mixture model incorporating a universal background model) has not been applied to wired or wireless network classification before. The authors also propose a ML algorithm that makes use of the well-known vector quantization algorithm in conjunction with a decision tree—referred to as a TRee Adaptive Parallel Vector Quantiser. This algorithm has a number of advantages over the other ML algorithms tested and is suited to wireless traffic classification. An average F-score (harmonic mean of precision and recall) > 0.84 was achieved when training and testing on the same day across six distinct traffic types.

History

School

  • Loughborough University London

Published in

IEEE/ACM Transactions on Networking

Volume

25

Issue

1

Pages

56 - 68

Citation

KORNYCKY, J. ...et al., 2016. Radio Frequency Traffic Classification Over WLAN. IEEE/ACM Transactions on Networking, 25 (1), pp. 56-68.

Publisher

© IEEE

Version

  • VoR (Version of Record)

Publication date

2016-05-20

Notes

Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

ISSN

1063-6692

eISSN

1558-2566

Language

  • en

Usage metrics

    Loughborough Publications

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC