Independent comparison of popular DPI tools for traffic classification
作者: Tomasz Bujlow , Valentín Carela-Español , Pere Barlet-Ros
DOI: 10.1016/J.COMNET.2014.11.001
关键词:
摘要: Deep Packet Inspection (DPI) is the state-of-the-art technology for traffic classification. According to conventional wisdom, DPI most accurate classification technique. Consequently, popular products, either commercial or open-source, rely on some sort of However, actual performance still unclear research community, since lack public datasets prevent comparison and reproducibility their results. This paper presents a comprehensive 6 well-known tools, which are commonly used in literature. Our study includes 2 products (PACE NBAR) 4 open-source tools (OpenDPI, L7-filter, nDPI, Libprotoident). We studied various scenarios (including packet flow truncation) at different levels (application protocol, application web service). carefully built labeled dataset with more than 750K flows, contains from applications. Volunteer-Based System (VBS), developed Aalborg University, guarantee correct labeling dataset. released this dataset, including full payloads, community. believe could become common benchmark validation network classifiers. results present PACE, tool, as solution. Surprisingly, we find that such nDPI Libprotoident, also achieve very high accuracy.
acm.org
bujlow.com
elsevier.com
core.ac.uk 参考文章(23)
Péter Megyesi, Sándor Molnár, Finding Typical Internet User Behaviors Meeting of the European Network of Universities and Companies in Information and Communication Engineering. pp. 321- 327 ,(2012) , 10.1007/978-3-642-32808-4_29
Steffen Gebert, Rastin Pries, Daniel Schlosser, Klaus Heck, Internet access traffic measurement and analysis traffic monitoring and analysis. pp. 29- 42 ,(2012) , 10.1007/978-3-642-28534-9_3
Pere Barlet-Ros, Valentín Carela-Español, Tomasz Bujlow, Extended Independent Comparison of Popular Deep Packet Inspection (DPI) Tools for Traffic Classification Universitat Politècnica de Catalunya. pp. 1- 440 ,(2014)
Géza Szabó, Dániel Orincsay, Szabolcs Malomsoky, István Szabó, On the validation of traffic classification algorithms passive and active network measurement. pp. 72- 81 ,(2008) , 10.1007/978-3-540-79232-1_8
M. Tahir Riaz, Sara Ligaard Hald, Jens Myrup Pedersen, Kartheepan Balachandran, Tomasz Bujlow, Volunteer-Based System for Research on the Internet Traffic TELFOR Journal. ,vol. 4, pp. 2- 7 ,(2012)
Marco Canini, Wei Li, Andrew W. Moore, Raffaele Bolla, GTVS: Boosting the Collection of Application Traffic Ground Truth traffic monitoring and analysis. pp. 54- 63 ,(2009) , 10.1007/978-3-642-01645-5_7
F. Gringoli, Luca Salgarelli, M. Dusi, N. Cascarano, F. Risso, k. c. claffy, GT: picking up the truth from the ground for internet traffic acm special interest group on data communication. ,vol. 39, pp. 12- 18 ,(2009) , 10.1145/1629607.1629610
Giuseppe Aceto, Alberto Dainotti, Walter de Donato, Antonio Pescape, PortLoad: Taking the Best of Two Worlds in Traffic Classification conference on computer communications workshops. pp. 1- 5 ,(2010) , 10.1109/INFCOMW.2010.5466645
Hyunchul Kim, KC Claffy, Marina Fomenkov, Dhiman Barman, Michalis Faloutsos, KiYoung Lee, Internet traffic classification demystified: myths, caveats, and the best practices conference on emerging network experiment and technology. pp. 11- ,(2008) , 10.1145/1544012.1544023
Luca Deri, Maurizio Martinelli, Tomasz Bujlow, Alfredo Cardigliano, nDPI: Open-source high-speed deep packet inspection international conference on wireless communications and mobile computing. pp. 617- 622 ,(2014) , 10.1109/IWCMC.2014.6906427