- 學位論文
Flow-based網路流量分類技術的可行性之研究
A Study of Applicability of Flow-based Internet Traffic Classification
摘要
依照應用程式的種類來對 IP 流量進行分類,可說是所有先進網路管理平台必備的功能之一。然而,在過去十年間,由於許多應用程式開始使用各種巧妙的方法去避免輕易地被辨識出來,使得流量分類這項工作逐漸變成一個挑戰。在這種情況下,傳統的分類技術諸如 port-based 偵測機制很快地就失去效用。同時間,許多知名的研究團體陸續針對流量分類這個議題發表了一些有趣的論文,並提出各種不同性質的分類機制。其中不少分類方法在研究實驗裡展現出相當優異的表現。然而,我們認為現實的網路環境中存在一些因素,極可能會影響這些分類技術的表現。 在這篇論文裡,我們實作出一個 flow-based 的 Internet 流量分類器,並利用真實的網路流量進行實驗,以測量此分類器的效能表現。雖然我們的分類方法是立基於前人的理論,不過我們的貢獻在於分析 flow-based 分類技術在真實網路環境下的可行性,根據我們的實驗、觀察及分析結果,可獲得對於此種分類技術更為深刻的洞察。我們的實驗結果展現出在真實世界中採用 flow-based 分類技術時的一些問題,其中有些問題可透過我們提出的機制予以解決,有些則需要更進一步的研究分析。此外,我們的研究也呈現出真實網路中常用的流量採樣(flow sampling)機制對於流量分類技術的影響。我們的結果顯示,flow-based 流量分類技術的有效性只侷限在一定範圍的採樣區間(sampling interval)之內。
並列摘要
The classification of IP flows according to the applications that generated them is at the basis of any modern network management platform. It has become a challenge in the last decade since many applications use tricky ways to avoid being easily recognized. Classical techniques such as port-based detection are rapidly becoming ineffective. Many reputable research groups have published several interesting papers on traffic classification, proposing mechanisms of different nature. However, it is our opinion that some factors in real-world network environments would affect the effectiveness of these classification mechanisms. In this paper we implement a flow-based Internet traffic classifier and conduct an experiment to measure its performance dealing with real-world data traces. Even though the classification method is based on the work in the past, our contribution is to provide insights into flow-based traffic classification technique and to analyze the applicability of it. Our results expose several real-world issues while applying flow-based classification; some can be resolved by the mechanisms we propose, and some still need to be researched in further work. We also present the impact of flow sampling to the technique. Our results show that the effectiveness of flow-based traffic classification is limited in a certain range of sampling intervals.
並列關鍵字
Traffic classification ; NetFlow ; host behavior ; transport layer ; algorithms ; flow sampling參考文獻
延伸閱讀
- Huang, J. P. (2004). 整合型行動通訊網路之訊務量模型與性能研究 [doctoral dissertation, Yuan Ze University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0009-0112200611322700
- 程連育、林旭信、李軒昂(2017)。整合SWMM模式與Ice分散式計算平台探討分散式雨水下水道模擬之可行性。先進工程學刊,12(2),81-90。https://www.airitilibrary.com/Article/Detail?DocID=a0000255-201704-201705310014-201705310014-81-90
- Jung, W. S. (2016). 基於軟體定義網路之應用程式網路流量分配管理系統設計與研製 [master's thesis, National Tsing Hua University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0016-0901201710383564
- Lei, C. H. (2011). A Channel Allocation Mechanism Using Real-time Traffic Information and User Behavior for Cellular Networks [master's thesis, National Chiao Tung University]. Airiti Library. https://doi.org/10.6842/NCTU.2011.00143
- 林良泰、張建彥、張嘉惠、張修榕(2000)。A Study On Traffic Flow Conflict Models for Signalized Intersections。運輸學刊,12(1),29-50。https://www.airitilibrary.com/Article/Detail?DocID=10272275-200003-202208310007-202208310007-29-50