1 Department of Electronic Systems, The Faculty of Engineering and Science (ENG), Aalborg University, VBN2 Networking and Security, The Faculty of Engineering and Science (ENG), Aalborg University, VBN3 The Faculty of Engineering and Science (TECH), Aalborg University, VBN4 Center for Network Planning, The Faculty of Engineering and Science (ENG), Aalborg University, VBN
Our previous work demonstrated the possibility of distinguishing several groups of traffic with accuracy of over 99%. Today, most of the traffic is generated by web browsers, which provide different kinds of services based on the HTTP protocol: web browsing, file downloads, audio and voice streaming through third-party plugins, etc. This paper suggests and evaluates two approaches to distinguish various types of HTTP traffic based on the content: distributed among volunteers' machines and centralized running in the core of the network. We also assess the accuracy of the centralized classifier for both the HTTP traffic and mixed HTTP/non-HTTP traffic. In the latter case, we achieved the accuracy of 94%. Finally, we provide graphical characteristics of different kinds of HTTP traffic.
Ieee Symposium on Computers and Communications (iscc), 2012, p. 882-887