Title :
Unveiling Skype encrypted tunnels using GP
Author :
Alshammari, Riyad ; Zincir-Heywood, A. Nur
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
The classification of Encrypted Traffic, namely Skype, from network traffic represents a particularly challenging problem. Solutions should ideally be both simple-therefore efficient to deploy-and accurate. Recent advances to team-based Genetic Programming provide the opportunity to decompose the original problem into a subset of classifiers with non-overlapping behaviors. Thus, in this work we have investigated the identification of Skype encrypted traffic using Symbiotic Bid-Based (SBB) paradigm of team based Genetic Programming (GP) found on flow features without using IP addresses, port numbers and payload data. Evaluation of SBB-GP against C4.5 and AdaBoost-representing current best practice-indicates that SBB-GP solutions are capable of providing simpler solutions in terms number of features used and the complexity of the solution/model without sacrificing accuracy.
Keywords :
IP networks; Internet telephony; computer network management; cryptography; genetic algorithms; telecommunication traffic; AdaBoost; C4.5; IP addresses; Skype encrypted tunnels; encrypted traffic; genetic programming; network traffic; symbiotic bid based paradigm; Bayesian methods; Cryptography; Decision trees; IP networks; Payloads; Protocols; Training;
Conference_Titel :
Evolutionary Computation (CEC), 2010 IEEE Congress on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6909-3
DOI :
10.1109/CEC.2010.5586288
