|
|
|
|
|
|||
|
Network Traffic based Application Identification OverviewThe Network Traffic based Application Identification (netAI) has been developed for identifying the end host applications that are responsible for traffic flows in the network. Unlike previous solutions that identify the application based on port numbers or packet payload (either through protocol decoding or signatures) netAI computes various payload independent features (e.g. packet length and packet inter-arrival time statistics) for a traffic flow and uses machine learning (ML) techniques. ML is a discipline of the wider area of Artificial Intelligence (AI). Before netAI can be used to classify a particular application it must be trained on a representative set of traffic flows of that application. netAI can be used offline (reading packet data from tracefiles) and online (live capturing on network interfaces). For more detailed information please look at the introduction or the documentation. netAI has been developed by members of the Centre for Adavanced Internet Architectures (CAIA), which is part of the Swinburne University of Technology in Melbourne, Autralia. netAI has been developed in the Dynamic Self-learning Traffic Classification based on Flow Characteristics (DSTC) project. This project has been made possible in part by a grant from the Cisco University Research Program Fund at Community Foundation Silicon Valley. FeaturesThe following are the main features of netAI. netAI is still under development and we are adding more features to it.
AuthorsnetAI has been developed by the following people:Sebastian Zander (szander@swin.edu.au) Nigel Williams (niwilliams@swin.edu.au) License and Terms of UseThe netAI source code is made publically available under the terms and conditions of the GNU General Public License, which can be downloaded here. |
|
|
|