1 research outputs found
Radio frequency traffic classification over WLAN
Network traffic classification is the process of analyzing traffic flows and associating them to different categories
of network applications. Network traffic classification represents an essential task in the whole chain of network security. Some
of the most important and widely spread applications of traffic classification are the ability to classify encrypted traffic, the identification of malicious traffic flows, and the enforcement of security policies on the use of different applications. Passively monitoring a network utilizing low-cost and low-complexity
wireless local area network (WLAN) devices is desirable. Mobile devices can be used or existing office desktops can be temporarily
utilized when their computational load is low. This reduces the burden on existing network hardware. The aim of this paper is to investigate traffic classification techniques for wireless communications. To aid with intrusion detection, the key goal
is to passively monitor and classify different traffic types over WLAN to ensure that network security policies are adhered to. The classification of encrypted WLAN data poses some unique challenges not normally encountered in wired traffic. WLAN
traffic is analyzed for features that are then used as an input to six different machine learning (ML) algorithms for traffic
classification. One of these algorithms (a Gaussian mixture model incorporating a universal background model) has not been
applied to wired or wireless network classification before. The authors also propose a ML algorithm that makes use of the
well-known vector quantization algorithm in conjunction with a decision tree—referred to as a TRee Adaptive Parallel Vector Quantiser. This algorithm has a number of advantages over the other ML algorithms tested and is suited to wireless traffic
classification. An average F-score (harmonic mean of precision and recall) > 0.84 was achieved when training and testing on the same day across six distinct traffic types