Proceedings of ISP RAS

A survey of problems and solution methods in network traffic classification

A.I. Get’man (ISP RAS, Moscow, Russia)
Yu.V. Markin (ISP RAS, Moscow, Russia)
D.O. Obidenkov (ISP RAS, Moscow, Russia)
E.F. Evstropov (ISP RAS, Moscow, Russia)


The paper discusses the problem of network traffic classification: the characteristics that are used to solve it, existing approaches and their limitations. Applied tasks that require classification are listed, as well as additional requirements that arise from the main problem. Properties of network traffic that root in communication medium specifics are analyzed as well as the technology being used where they influence the classification process. Relevant directions in current approaches to analysis and the reasons for their development are discussed.


Network traffic analysis, network security, network traffic classification, machine learning, DPI


Proceedings of the Institute for System Programming, vol. 29, issue 3, 2017, pp. 117-150.

ISSN 2220-6426 (Online), ISSN 2079-8156 (Print).

DOI: 10.15514/ISPRAS-2017-29(3)-8

Full text of the paper in pdf (in Russian) Back to the contents of the volume