KOndoz_wireless_traffic_jrnl.1.pdf (2.81 MB)

Radio frequency traffic classification over WLAN

Download (2.81 MB)
journal contribution
posted on 14.06.2016 by Joe Kornycky, Omar Abdul-Hameed, Ahmet Kondoz, Brian C. Barber
Network traffic classification is the process of analyzing traffic flows and associating them to different categories of network applications. Network traffic classification represents an essential task in the whole chain of network security. Some of the most important and widely spread applications of traffic classification are the ability to classify encrypted traffic, the identification of malicious traffic flows, and the enforcement of security policies on the use of different applications. Passively monitoring a network utilizing low-cost and low-complexity wireless local area network (WLAN) devices is desirable. Mobile devices can be used or existing office desktops can be temporarily utilized when their computational load is low. This reduces the burden on existing network hardware. The aim of this paper is to investigate traffic classification techniques for wireless communications. To aid with intrusion detection, the key goal is to passively monitor and classify different traffic types over WLAN to ensure that network security policies are adhered to. The classification of encrypted WLAN data poses some unique challenges not normally encountered in wired traffic. WLAN traffic is analyzed for features that are then used as an input to six different machine learning (ML) algorithms for traffic classification. One of these algorithms (a Gaussian mixture model incorporating a universal background model) has not been applied to wired or wireless network classification before. The authors also propose a ML algorithm that makes use of the well-known vector quantization algorithm in conjunction with a decision tree—referred to as a TRee Adaptive Parallel Vector Quantiser. This algorithm has a number of advantages over the other ML algorithms tested and is suited to wireless traffic classification. An average F-score (harmonic mean of precision and recall) > 0.84 was achieved when training and testing on the same day across six distinct traffic types.

History

School

  • Loughborough University London

Published in

IEEE/ACM Transactions on Networking

Pages

1 - 13

Citation

KORNYCKY, J. ...et al., 2016. Radio Frequency Traffic Classification Over WLAN. IEEE/ACM Transactions on Networking, 25 (1), pp. 56-68.

Publisher

© IEEE

Version

VoR (Version of Record)

Publication date

2016

Notes

Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

ISSN

1063-6692

eISSN

1558-2566

Language

en

Exports

Logo branding

Exports