Network traffic classification: Techniques, datasets, and challenges

Ahmad Azab, Mahmoud Khasawneh, Saed Alrabaee, Kim Kwang Raymond Choo, Maysa Sarsour

Research output: Contribution to journalReview articlepeer-review

79 Citations (Scopus)

Abstract

In network traffic classification, it is important to understand the correlation between network traffic and its causal application, protocol, or service group, for example, in facilitating lawful interception, ensuring the quality of service, preventing application choke points, and facilitating malicious behavior identification. In this paper, we review existing network classification techniques, such as port-based identification and those based on deep packet inspection, statistical features in conjunction with machine learning, and deep learning algorithms. We also explain the implementations, advantages, and limitations associated with these techniques. Our review also extends to publicly available datasets used in the literature. Finally, we discuss existing and emerging challenges, as well as future research directions.

Original languageEnglish
Pages (from-to)676-692
Number of pages17
JournalDigital Communications and Networks
Volume10
Issue number3
DOIs
Publication statusPublished - Jun 2024

Keywords

  • Deep learning
  • Deep packet inspection
  • Machine learning
  • Network classification
  • Traffic monitoring

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Network traffic classification: Techniques, datasets, and challenges'. Together they form a unique fingerprint.

Cite this