Grano-GT: A granular ground truth collection tool for encrypted browser-based Internet traffic

Zaki, Faiz and Gani, Abdullah and Tahaei, Hamid and Furnell, Steven and Anuar, Nor Badrul (2021) Grano-GT: A granular ground truth collection tool for encrypted browser-based Internet traffic. Computer Networks, 184. p. 107617. ISSN 1389-1286, DOI https://doi.org/10.1016/j.comnet.2020.107617.

Full text not available from this repository.
Official URL: https://doi.org/10.1016/j.comnet.2020.107617

Abstract

Modern network traffic classification puts much attention toward producing a granular classification of the traffic, such as at the application service level. However, the classification process is often impaired by the lack of granular network traffic ground truth. Granular network traffic ground truth is critical to provide a benchmark for a fair evaluation of modern network traffic classification. Nevertheless, in modern network traffic classification, existing ground truth tools only managed to build the ground truth at the application name level at most. Application name level granularity is quickly becoming insufficient to address the current needs of network traffic classification and therefore; this paper presents the design, development and experimental evaluation of Grano-GT, a tool to build a reliable and highly granular network traffic ground truth for encrypted browser-based traffic at the application name and service levels. Grano-GT builds on four main engines which are packet capture, browser, application and service isolator engines. These engines work together to intercept the application requests and combine them with the support of temporal features and cascading filters to produce reliable and highly granular ground truth. Preliminary experimental results show that Grano-GT can classify the Internet traffic into respective application names with high reliability. Grano-GT achieved an average accuracy of more than 95% when validated using nDPI at the application name level. The remaining 5% loss of accuracy was primarily due to the unavailability of signatures in nDPI. In addition, Grano-GT managed to classify application service traffic with significant reliability and validated using the Kolmogorov-Smirnov test. © 2020

Item Type: Article
Funders: Ministry of Education Malaysia ( FRGS/1/2018/ICT03/UM/02/3 ), University Malaya Faculty Research Grants (GPF006D-2018)
Uncontrolled Keywords: Ground truth; Network traffic classification; Granular
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Computer Science & Information Technology
Depositing User: Ms. Juhaida Abd Rahim
Date Deposited: 28 Apr 2021 00:23
Last Modified: 28 Apr 2021 00:23
URI: http://eprints.um.edu.my/id/eprint/25884

Actions (login required)

View Item View Item
UM Research Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.