A Framework for Classifying IPFIX Flow Data, Case KNN Classifier

Nieminen, Jussi; Ylinen, Jorma; Seppälä, Timo; Alapaholuoma, Teemu; Loula, Pekka

Home // ICNS 2012, The Eighth International Conference on Networking and Services // View article

A Framework for Classifying IPFIX Flow Data, Case KNN Classifier

Authors:
Jussi Nieminen
Jorma Ylinen
Timo Seppälä
Teemu Alapaholuoma
Pekka Loula

Keywords: Flow; IP; IPFIX; KNN; Classification

Abstract:
Flow-level measurement applications and analysis in IP networks are inevitably gaining popularity, due to the unstoppable increase in the amount of transmitted data on the Internet. It is not reasonable or even possible to examine each and every packet traversing through a network. Our research focuses on passive flow level data classification and characteristic identification. To be more exact, our goal is to design a framework for extracting certain classes, feature(s) and behavior from IP flow data. One of the goals is to achieve this without examining the payload of any of the IP packets and without compromising the anonymity of the flow counterparts. Traditionally, Deep Packet Inspection or port mapping techniques have been applied for this purpose. In this paper, we present an alternative framework for classifying the IP traffic, which we aim to utilize in the future for separating classes from the IP traffic for information security purposes.

Pages: 14 to 19

Copyright: Copyright (c) IARIA, 2012

Publication date: March 25, 2012

Published in: conference

ISSN: 2308-4006

ISBN: 978-1-61208-186-1

Location: St. Maarten, The Netherlands Antilles

Dates: from March 25, 2012 to March 30, 2012