基于隐马尔可夫模型的并行网络流量分类

2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery Pub Date : 2011-10-10 DOI:10.1109/CyberC.2011.27

X. Mu, Wenjun Wu

{"title":"基于隐马尔可夫模型的并行网络流量分类","authors":"X. Mu, Wenjun Wu","doi":"10.1109/CyberC.2011.27","DOIUrl":null,"url":null,"abstract":"This paper implemented a network traffic classification method on the basis of Guassian Mixture Model-Hidden Markov Model using packet-level properties in network traffic flows (PLGMM-HMM). Our model firstly builds PLGMM-HMMs via two packet-level properties, inter packet time and payload size, respectively; then, we construct the estimation function by computing the F-Measure value through classifying another training set using the PLGMM-HMMs. Hadoop Streaming based MapReduce has been evaluated while performing our classification experiment. Results show that our PLGMM-HMM based classification method could obtain considerable accuracy, giving out the accuracy over 90% on collected datasets, and comparatively outperforming classifiers based on HMMs with variables obeying other distributions. It is recommended that this framework could be applied to other machine learning methods as a multi-classifier template.","PeriodicalId":227472,"journal":{"name":"2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery","volume":"100 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"A Parallelized Network Traffic Classification Based on Hidden Markov Model\",\"authors\":\"X. Mu, Wenjun Wu\",\"doi\":\"10.1109/CyberC.2011.27\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper implemented a network traffic classification method on the basis of Guassian Mixture Model-Hidden Markov Model using packet-level properties in network traffic flows (PLGMM-HMM). Our model firstly builds PLGMM-HMMs via two packet-level properties, inter packet time and payload size, respectively; then, we construct the estimation function by computing the F-Measure value through classifying another training set using the PLGMM-HMMs. Hadoop Streaming based MapReduce has been evaluated while performing our classification experiment. Results show that our PLGMM-HMM based classification method could obtain considerable accuracy, giving out the accuracy over 90% on collected datasets, and comparatively outperforming classifiers based on HMMs with variables obeying other distributions. It is recommended that this framework could be applied to other machine learning methods as a multi-classifier template.\",\"PeriodicalId\":227472,\"journal\":{\"name\":\"2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery\",\"volume\":\"100 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CyberC.2011.27\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberC.2011.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 17

摘要

基于高斯混合模型-隐马尔可夫模型，利用网络流量的包级特性实现了一种网络流量分类方法(PLGMM-HMM)。该模型首先通过两个包级属性(包间时间和有效载荷大小)构建plgmm - hmm;然后，利用plgmm - hmm对另一个训练集进行分类，通过计算F-Measure值来构造估计函数。基于Hadoop Streaming的MapReduce在执行我们的分类实验时进行了评估。结果表明，基于PLGMM-HMM的分类方法可以获得较高的准确率，在收集到的数据集上准确率达到90%以上，相对优于基于其他分布的hmm分类器。建议将该框架作为多分类器模板应用于其他机器学习方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Parallelized Network Traffic Classification Based on Hidden Markov Model

This paper implemented a network traffic classification method on the basis of Guassian Mixture Model-Hidden Markov Model using packet-level properties in network traffic flows (PLGMM-HMM). Our model firstly builds PLGMM-HMMs via two packet-level properties, inter packet time and payload size, respectively; then, we construct the estimation function by computing the F-Measure value through classifying another training set using the PLGMM-HMMs. Hadoop Streaming based MapReduce has been evaluated while performing our classification experiment. Results show that our PLGMM-HMM based classification method could obtain considerable accuracy, giving out the accuracy over 90% on collected datasets, and comparatively outperforming classifiers based on HMMs with variables obeying other distributions. It is recommended that this framework could be applied to other machine learning methods as a multi-classifier template.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery

自引率

0.00%

发文量