Active Learning Framework to Automate Network Traffic Classification

Recent network traffic classification methods benefit from machine learning (ML) technology. However, there are many challenges due to use of ML, such as: lack of high-quality annotated datasets, data-drifts and other effects causing aging of datasets and ML models, high volumes of network traffic etc. This paper argues that it is necessary to augment traditional workflows of ML training&deployment and adapt Active Learning concept on network traffic analysis. The paper presents a novel Active Learning Framework (ALF) to address this topic. ALF provides prepared software components that can be used to deploy an active learning loop and maintain an ALF instance that continuously evolves a dataset and ML model automatically. The resulting solution is deployable for IP flow-based analysis of high-speed (100 Gb/s) networks, and also supports research experiments on different strategies and methods for annotation, evaluation, dataset optimization, etc. Finally, the paper lists some research challenges that emerge from the first experiments with ALF in practice.