Approaching Real-time Network Traffic Classification

Recent research explored the feasibility of using Machine Learning methods to provide accurate network traffic classification. We further believe that these methods can work on real-time Internet traffic with sufficient accuracy for practical applications. In this paper we present ANTc, a framework for quasi-realtime statistical traffic classification. It essentially demultiplexes network flows, collects statistical features of the flows, and then allows classification of the flows into arbitrary traffic classes using a pre-trained Naive Bayes model. ANTc contains a built-in feature collector for the input of Naive Bayes classifier and further provides a modular framework to facilitate further investigations into statistical classification methodologies. It also provides a set of flow sampling parameters which can be tuned, thus is capable of demonstrating the impact on classification accuracy from flow sample size restrictions. Results show that ANTc using Naive Baye model can work in near real-time without obvious decrease in precision.