Network traffic classification in encrypted environment: A case study of Google Hangout

Network traffic classification in encrypted environment: A case study of Google Hangout Traffic classification is an important task for providing differentiated service quality to applications and also for security monitoring. With the advent of peer-to-peer applications and tunneling techniques it is becoming increasingly difficult to identify the traffic without going to the application semantics. Several approaches have been proposed (with varied success) which use machine learning techniques toidentify the application traffic. In this paper we propose a novel technique based on application behavior based feature extraction and classification. We experiment with Google Hangout as a case study and report its detection results. Google Hangout is a semi peer-to-peer application allowing two parties to do video chat online. We performed experiments with a dataset consisting of several hours of networktraffic consisting of 2.5 million packets and report results on 3 classification algorithms namely Naive Base, decision tree and AdaBoost. We conducted 3 sets of experiments with different combinations of data and performed 10 fold cross validation in each case to assess the classification performance.