Open Access Open Access  Restricted Access Subscription Access

A Sampling Methodology for DPI Classifiers

Jawad Khalife,
Amjad Hajjar,
Jesús Díaz-Verdejo,

Abstract


In this paper we provide a general methodology for customizing sampling schemes used with DPI (Deep Packet inspection) based traffic classifiers. Sampling is supposed to optimize DPI classification by reducing the disclosed payload size for inspection and the associated computational overhead while providing better protection of the users' privacy. As a real case scenario, we choose a real traffic dataset captured on a campus network link on which we conduct a series of classification experiments joint with sampling using OpenDPI, as the DPI tool of choice. First, we attempt to statistically localize payload sections within a flow stream where application signatures are mostly matched by OpenDPI. Then, we specify the minimum required payload to be disclosed for inspection, on a per protocol basis. Finally, we recommend a methodology for generalizing one DPI sampling scheme.

Keywords


Traffic classification; DPI; Application signature; Optimization

Citation Format:
Jawad Khalife, Amjad Hajjar, Jesús Díaz-Verdejo, "A Sampling Methodology for DPI Classifiers," Journal of Internet Technology, vol. 18, no. 4 , pp. 787-800, Jul. 2017.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Library and Information Center, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd. Shoufeng, Hualien 97401, Taiwan, R.O.C.
Tel: +886-3-931-7017  E-mail: jit.editorial@gmail.com