Traffic classification with passive measurement
Abstract This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace tr...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Master Thesis |
| Language: | Norwegian Bokmål |
| Published: |
2005
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10852/9262 http://urn.nb.no/URN:NBN:no-10603 |
| id |
ftoslouniv:oai:www.duo.uio.no:10852/9262 |
|---|---|
| record_format |
openpolar |
| spelling |
ftoslouniv:oai:www.duo.uio.no:10852/9262 2023-05-15T17:14:08+02:00 Traffic classification with passive measurement Pham, Hoang Phong Tore Jonassen, Dag Langmyhr 2005 http://hdl.handle.net/10852/9262 http://urn.nb.no/URN:NBN:no-10603 nob nob http://urn.nb.no/URN:NBN:no-10603 Pham, Hoang Phong. Traffic classification with passive measurement. Masteroppgave, University of Oslo, 2005 http://hdl.handle.net/10852/9262 info:ofi/fmt:kev:mtx:ctx&ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&rft.au=Pham, Hoang Phong&rft.title=Traffic classification with passive measurement&rft.inst=University of Oslo&rft.date=2005&rft.degree=Masteroppgave URN:NBN:no-10603 27533 051367351 Fulltext https://www.duo.uio.no/bitstream/handle/10852/9262/1/MasterThesis_Phong.pdf VDP::420 Master thesis Masteroppgave 2005 ftoslouniv 2020-06-21T08:41:25Z Abstract This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace traffic with Gigabit speed. We would like to investigate the structure and patterns in these data. It is of special interest to classify the traffic belonging to different services and protocols. Traffic classification enables a variety of other applications and topics, including Quality of Service, security, monitoring, and intrusion-detection that are of use to research, accountants, network operators and end users. The ability to accurately identify the network traffic associated with different applications is therefore important. However, traditional traffic to higher-level application classification techniques such as port-based is highly inaccurate for some applications. In this thesis, we provide an efficient approach for identifying different applications through our classification methodology. Our results indicate that with our technique we achieves less than 6.5% unknown type in most cases compared to the port-based which is 46.6%. The project is divided into three phases. First we will have a look at the problems dealing with collecting data traces in high speed network system. Second we will explore how we can identify and classify the data into different categories. Finally we will try to analyse our results offline. Index terms – Passive network measurement, Cluster, Classification Master Thesis Narvik Narvik Universitet i Oslo: Digitale utgivelser ved UiO (DUO) Narvik ENVELOPE(17.427,17.427,68.438,68.438) |
| institution |
Open Polar |
| collection |
Universitet i Oslo: Digitale utgivelser ved UiO (DUO) |
| op_collection_id |
ftoslouniv |
| language |
Norwegian Bokmål |
| topic |
VDP::420 |
| spellingShingle |
VDP::420 Pham, Hoang Phong Traffic classification with passive measurement |
| topic_facet |
VDP::420 |
| description |
Abstract This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace traffic with Gigabit speed. We would like to investigate the structure and patterns in these data. It is of special interest to classify the traffic belonging to different services and protocols. Traffic classification enables a variety of other applications and topics, including Quality of Service, security, monitoring, and intrusion-detection that are of use to research, accountants, network operators and end users. The ability to accurately identify the network traffic associated with different applications is therefore important. However, traditional traffic to higher-level application classification techniques such as port-based is highly inaccurate for some applications. In this thesis, we provide an efficient approach for identifying different applications through our classification methodology. Our results indicate that with our technique we achieves less than 6.5% unknown type in most cases compared to the port-based which is 46.6%. The project is divided into three phases. First we will have a look at the problems dealing with collecting data traces in high speed network system. Second we will explore how we can identify and classify the data into different categories. Finally we will try to analyse our results offline. Index terms – Passive network measurement, Cluster, Classification |
| author2 |
Tore Jonassen, Dag Langmyhr |
| format |
Master Thesis |
| author |
Pham, Hoang Phong |
| author_facet |
Pham, Hoang Phong |
| author_sort |
Pham, Hoang Phong |
| title |
Traffic classification with passive measurement |
| title_short |
Traffic classification with passive measurement |
| title_full |
Traffic classification with passive measurement |
| title_fullStr |
Traffic classification with passive measurement |
| title_full_unstemmed |
Traffic classification with passive measurement |
| title_sort |
traffic classification with passive measurement |
| publishDate |
2005 |
| url |
http://hdl.handle.net/10852/9262 http://urn.nb.no/URN:NBN:no-10603 |
| long_lat |
ENVELOPE(17.427,17.427,68.438,68.438) |
| geographic |
Narvik |
| geographic_facet |
Narvik |
| genre |
Narvik Narvik |
| genre_facet |
Narvik Narvik |
| op_relation |
http://urn.nb.no/URN:NBN:no-10603 Pham, Hoang Phong. Traffic classification with passive measurement. Masteroppgave, University of Oslo, 2005 http://hdl.handle.net/10852/9262 info:ofi/fmt:kev:mtx:ctx&ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&rft.au=Pham, Hoang Phong&rft.title=Traffic classification with passive measurement&rft.inst=University of Oslo&rft.date=2005&rft.degree=Masteroppgave URN:NBN:no-10603 27533 051367351 Fulltext https://www.duo.uio.no/bitstream/handle/10852/9262/1/MasterThesis_Phong.pdf |
| _version_ |
1766071421644046336 |