/Classification_by_NetTiSA_flow

Classification of Network Traffic based NetTiSA flow

Primary LanguageJupyter Notebook

Classification of Network Traffic based NetTiSA flow

The novel extended IP flow called NetTiSA (Network Time Series Analysed) flow contains a universal bandwidth-constrained feature vector consisting of 20 features. We divide the NetTiSA flow classification features into three groups by computation. The first group of features is based on classical bidirectional flow information---a number of transferred bytes, and packets. The second group contains statistical and time-based features calculated using the time-series analysis of the packet sequences. The third type of features can be computed from the previous groups (i.e., on the flow collector) and improve the classification performance without any impact on the telemetry bandwidth.

The NetTiSA flow is implemented into IP flow exporter ipfixprobe: https://github.com/CESNET/ipfixprobe

Codes were created for the paper: https://doi.org/10.1016/j.comnet.2023.110147

Cite as follows:

Josef Koumar, Karel Hynek, Jaroslav Pešek, Tomáš Čejka, "NetTiSA: Extended IP flow with time-series features for universal bandwidth-constrained high-speed network traffic classification", Computer Networks, Volume 240, 2024, 110147, ISSN 1389-1286

@article{KOUMAR2024110147,
title = {NetTiSA: Extended IP flow with time-series features for universal bandwidth-constrained high-speed network traffic classification},
journal = {Computer Networks},
volume = {240},
pages = {110147},
year = {2024},
issn = {1389-1286},
doi = {https://doi.org/10.1016/j.comnet.2023.110147},
url = {https://www.sciencedirect.com/science/article/pii/S1389128623005923},
author = {Josef Koumar and Karel Hynek and Jaroslav Pešek and Tomáš Čejka}
}

Datasets were published in Zenodo repository https://zenodo.org/record/8301043

@dataset{josef_koumar_2023_8301043,
  author       = {Josef Koumar and
                  Karel Hynek and
                  Jaroslav Pešek and
                  Tomáš Čejka},
  title        = {{Network traffic datasets with novel extended IP 
                   flow called NetTiSA flow}},
  month        = aug,
  year         = 2023,
  publisher    = {Zenodo},
  doi          = {10.5281/zenodo.8301043},
  url          = {https://doi.org/10.5281/zenodo.8301043}
}

Copyright © 2023, Czech Technical University in Prague, CESNET a.l.e., Josef Koumar (koumajos@fit.cvut.cz), Karel Hynek (hynekkar@cesnet.cz), Tomáš Čejka (cejkat@cesnet.cz)