ANALYTICAL REVIEW OF MODELS AND SYSTEMS FOR NETWORK TRAFFIC CLASSIFICATION
DOI:
https://doi.org/10.28925/2663-4023.2024.26.639Keywords:
network traffic classification, key performance indicators, real-time traffic analysis, transfer learningAbstract
This article presents a comprehensive analytical review of network traffic classification models and systems, essential for managing the complexities of modern network environments. The study covers traditional and advanced methods, including statistical approaches, machine learning, and deep learning techniques, highlighting their strengths and limitations. It also explores both commercial and open-source systems, offering insights into their practical applications and effectiveness. The rapid evolution of network technologies has significantly enhanced global data exchange and connectivity but has also introduced new challenges in managing and securing complex network environments. As networks expand and grow more heterogeneous, the ability to classify and manage network traffic efficiently becomes critical for optimizing network performance, ensuring security, and supporting operational continuity. Network traffic classification is an essential function that enables network administrators to apply appropriate policies, detect anomalies, and prevent malicious activities. Traditional classification methods, such as payload-based detection and port-based classification, are increasingly unreliable due to the rise of encrypted traffic and evolving network protocols, which obscure important traffic details. Therefore, it is necessary to explore advanced approaches such as machine learning, deep learning, and transfer learning. These methods can handle large volumes of data and adapt to new traffic types, improving accuracy and efficiency. This paper presents a comprehensive review of existing models and systems for network traffic classification, including both commercial and open-source solutions. The study covers a range of techniques from traditional statistical methods to advanced machine learning and artificial intelligence (AI)-based techniques. Special attention is given to key performance indicators (KPIs) such as latency, packet loss, jitter, throughput, and bandwidth utilization, which are vital for effective network monitoring and optimization. In light of increasing encryption and evolving cyber threats, the paper emphasizes the importance of adaptive systems, real-time analysis, and the integration of AI and machine learning technologies. The review concludes by identifying future research directions and emerging trends, crucial for developing the next generation of traffic classification systems.
Downloads
References
Alkenani, J., & Nassar Khulood A. (2022). Network Monitoring Measurements for Quality of Service: A Review. Iraqi Journal for Electrical and Electronic Engineering, 18(2), 33–42. https://doi.org/10.37917/ijeee.18.2.5
Bhattacharyya, D, & Kalita, J. (2016). DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance. CRC Press.
Bhuyan, M., Bhattacharyya, D., Kalita, J. (2017). Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools. Springer.
Biersack, E., Callegari, C., & Matijasevic, M. (2013). Data Traffic Monitoring and Analysis. Springer.
Chauhan, Aj. S. (2018). Practical Network Scanning: Capture Network Vulnerabilities Using Standard Tools Such As Nmap and Nessus. Packt Publishing.
Chen, S., Chen, M., & Xiao, Q. (2017). Measurement for Big Network Data. Springer.
Collins, M. (2017). Network Security through Data Analysis: From Data to Action. O’Reilly Media.
Cui, J., Bai, L., Zhang, X., Lin, Z., & Liu, Q. (2024). The Attention-Based Autoencoder for Network Traffic Classification with Interpretable Feature Representation. Symmetry, 16(5) 589. https://doi.org/10.3390/sym16050589
Kim, E. (n. d.). A Survey on Network Measurement: Concepts, Techniques, and Tools. https://www.cs.helsinki.fi/u/kervasti/projects/A%20Survey%20on%20Network%20Measurement%20-%20Concepts,%20Techniques,%20and%20Tools%20-%20Kim%20Ervasti%20-%2031-12-2016.pdf
Stênio, F. (2017). Performance Evaluation for Network Services, Systems and Protocols. Springer.
Fichera, J., & Bolt, S. (2012). Network Intrusion Analysis: Methodologies, Tools, and Techniques for Incident Analysis and Response. Syngress.
Forshaw, J. (2018). Attacking Network Protocols: A Hacker’s Guide to Capture, Analysis, and Exploitation. No Starch Press.
He, T., Ma, L., Swami, A., & Towsley, D. (2021). Network Tomography: Identifiability, Measurement Design, and Network State Inference. Cambridge University Press.
Hu, F. et al. (2023). Network Traffic Classification Model Based on Attention Mechanism and Spatiotemporal Features. EURASIP Journal on Information Security, 6(2023). https://doi.org/10.1186/s13635-023-00141-4
Vinit, J. (2022). Wireshark Fundamentals: A Network Engineer’s Handbook to Analyzing Network Traffic. Apress.
Wang, L., & Lu, Y. (2018). A Survey of Network Measurement in Software-Defined Networking. Advances in Intelligent Systems Research, 147.
Nie, Sh., et al. (2020). Network Traffic Classification Model Based on Multi-Task Learning. Journal of Physics: Conference Series, 1693. https://doi:10.1088/1742-6596/1693/1/012097
Nucci, A., & Papagiannaki, K. (2009). Design Measurement and Management of Large Scale IP Networks. Bridging the Gap Between Theory and Practice. Cambridge University Press.
Özçelik, I., Brooks, R. R. (2020). Distributed Denial of Service Attacks: Real-world Detection and Mitigation. CRC Press.
Alkenani, J., & Nassar Khulood A. (2022). Network Monitoring Measurements for Quality of Service: A Review. Iraqi Journal for Electrical and Electronic Engineering, 18(2), 33–42. https://doi.org/10.37917/ijeee.18.2.5
Sharif, M., & Moein, M. (2021). An Effective Cost-Sensitive Convolutional Neural Network for Network Traffic Classification. In: 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT). https://doi: 10.1109/3ICT53449.2021.9581789
Tari, Z., Fahad, A., Almalawi, A., & Yi, X. (2020). Network Classification for Traffic Management: Anomaly Detection, Feature Selection, Clustering and Classification. The Institution of Engineering and Technology.
Mohan, V., et al. (2011). Active and Passive Network Measurements: A Survey. International Journal of Computer Science and Information Technologies, 2(4), 1372–1385.
Zeek. (n. d.). An Open Source Network Security Monitoring Tool. https://zeek.org/
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Павло Підгорний
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
