Traffic classification with passive measurement
Master i nettverks- og systemadministrasjon This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specializ...
Main Author: | |
---|---|
Other Authors: | |
Format: | Master Thesis |
Language: | English |
Published: |
Høgskolen i Oslo. Avdeling for ingeniørutdanning
2005
|
Subjects: | |
Online Access: | https://hdl.handle.net/10642/432 |
id |
fthsosloakersoda:oai:oda.oslomet.no:10642/432 |
---|---|
record_format |
openpolar |
spelling |
fthsosloakersoda:oai:oda.oslomet.no:10642/432 2023-05-15T17:14:08+02:00 Traffic classification with passive measurement Pham, Phong Hoang Jonassen, Tore Møller 2005 application/pdf https://hdl.handle.net/10642/432 eng eng Høgskolen i Oslo. Avdeling for ingeniørutdanning Universitetet i Oslo https://hdl.handle.net/10642/432 Passive network measurement Cluster Classification VDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550::Datateknologi: 551 Master thesis 2005 fthsosloakersoda 2021-10-11T16:54:18Z Master i nettverks- og systemadministrasjon This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace traffic with Gigabit speed. We would like to investigate the structure and patterns in these data. It is of special interest to classify the traffic belonging to different services and protocols. Traffic classification enables a variety of other applications and topics, including Quality of Service, security, monitoring, and intrusion-detection that are of use to research, accountants, network operators and end users. The ability to accurately identify the network traffic associated with different applications is therefore important. However, traditional traffic to higher-level application classification techniques such as port-based is highly inaccurate for some applications. In this thesis, we provide an efficient approach for identifying different applications through our classification methodology. Our results indicate that with our technique we achieves less than 6.5% unknown type in most cases compared to the port-based which is 46.6%. The project is divided into three phases. First we will have a look at the problems dealing with collecting data traces in high speed network system. Second we will explore how we can identify and classify the data into different categories. Finally we will try to analyse our results offline. Master Thesis Narvik Narvik OsloMet (Oslo Metropolitan University): ODA (Open Digital Archive) Narvik ENVELOPE(17.427,17.427,68.438,68.438) |
institution |
Open Polar |
collection |
OsloMet (Oslo Metropolitan University): ODA (Open Digital Archive) |
op_collection_id |
fthsosloakersoda |
language |
English |
topic |
Passive network measurement Cluster Classification VDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550::Datateknologi: 551 |
spellingShingle |
Passive network measurement Cluster Classification VDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550::Datateknologi: 551 Pham, Phong Hoang Traffic classification with passive measurement |
topic_facet |
Passive network measurement Cluster Classification VDP::Teknologi: 500::Informasjons- og kommunikasjonsteknologi: 550::Datateknologi: 551 |
description |
Master i nettverks- og systemadministrasjon This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace traffic with Gigabit speed. We would like to investigate the structure and patterns in these data. It is of special interest to classify the traffic belonging to different services and protocols. Traffic classification enables a variety of other applications and topics, including Quality of Service, security, monitoring, and intrusion-detection that are of use to research, accountants, network operators and end users. The ability to accurately identify the network traffic associated with different applications is therefore important. However, traditional traffic to higher-level application classification techniques such as port-based is highly inaccurate for some applications. In this thesis, we provide an efficient approach for identifying different applications through our classification methodology. Our results indicate that with our technique we achieves less than 6.5% unknown type in most cases compared to the port-based which is 46.6%. The project is divided into three phases. First we will have a look at the problems dealing with collecting data traces in high speed network system. Second we will explore how we can identify and classify the data into different categories. Finally we will try to analyse our results offline. |
author2 |
Jonassen, Tore Møller |
format |
Master Thesis |
author |
Pham, Phong Hoang |
author_facet |
Pham, Phong Hoang |
author_sort |
Pham, Phong Hoang |
title |
Traffic classification with passive measurement |
title_short |
Traffic classification with passive measurement |
title_full |
Traffic classification with passive measurement |
title_fullStr |
Traffic classification with passive measurement |
title_full_unstemmed |
Traffic classification with passive measurement |
title_sort |
traffic classification with passive measurement |
publisher |
Høgskolen i Oslo. Avdeling for ingeniørutdanning |
publishDate |
2005 |
url |
https://hdl.handle.net/10642/432 |
long_lat |
ENVELOPE(17.427,17.427,68.438,68.438) |
geographic |
Narvik |
geographic_facet |
Narvik |
genre |
Narvik Narvik |
genre_facet |
Narvik Narvik |
op_relation |
https://hdl.handle.net/10642/432 |
_version_ |
1766071422196645888 |