Thursday, May 1, 2014
3:00 P.M., MANCHESTER 245
Network classification using motif coloring
As the pervasiveness of computer networks continues to grow, network administrators face a seemingly insurmountable challenge of monitoring and managing network access and connectivity. Accurate network application classification is essential for network administrators in performing their duties. Current tools are not well suited to handle the deluge of data that traverses modern networks; it’s challenging enough capturing the massive quantities of data in real-time as they travel across the wire. In addition, the growing use of encryption and port randomization further complicate the process of accurately identifying application protocols and reduce the efficacy of existing tools.
This work seeks to improve on previous research that showed network motifs can successfully be used to identify network applications. In particular, it explores the use of link coloring to improve motif classification performance, and it proposes the use of a Support Vector Machine (SVM) for classification. Experimental results show that the newly proposed features can accurately classify observed applications with greater than 95% accuracy, and that SVMs provide comparable performance to previous methods using k-Nearest Neighbor.