Home › WakeSpace Scholarship › Electronic Theses and Dissertations

Support Vector Machine Classification of Network Streams Using a Spectrum Kernel Encoding

Electronic Theses and Dissertations

Item Files

karodeav_december_2008.pdf

Item Details

abstract: The growth of computer networking has raised the profile of network management issues, and for those institutions (academic, private, and public) that require high-speed networks these issues have not only become more pressing, but also more challenging. In particular, performance and security management rely heavily on automated tools that must operate in real-time, but creating real-time tools can be a difficult problem that is only exacerbated by prevalence of high-speed networking. One important piece of these tools is the task of network stream classification, which allows for the application protocol of a stream to be identified. Traditional stream classification methods, however, are becoming less reliable, due to increased use of both non-standard ports and encryption algorithms. As such, this work proposes a novel method for network stream classification, relying on the Support Vector Machine (SVM) algorithm. Using only information available in the headers of TCP packets, the SVM creates temporal features – encoded using a spectrum kernel representation – and aggregate features for classification. Experimental results show that 6 protocols of interest are classified with over 99% accuracy. Also, 200, 000 streams can be classified in, on average, 148 seconds, with a strong promise of further speed increases due to parallelization.
subject: spectrum kernel; support vector machines; network stream classification
contributor: Karode, Andrew (author); William H. Turkett, Jr. (committee chair); David J. John (committee member); Errin W. Fulp (committee member)
date: 2009-01-27T19:21:53Z (accessioned); 2010-06-18T18:59:05Z (accessioned); 2009-01-27T19:21:53Z (available); 2010-06-18T18:59:05Z (available); 2009-01-27T19:21:53Z (issued)
degree: Computer Science (discipline)
identifier: http://hdl.handle.net/10339/14826 (uri)
language: en_US (iso)
publisher: Wake Forest University
rights: Release the entire work immediately for access worldwide. (accessRights)
title: Support Vector Machine Classification of Network Streams Using a Spectrum Kernel Encoding
type: Thesis

Usage Statistics

View Usage Statistics