A Classifier to Detect Stream Applications Based on Network Traffic Statistical Metrics

One of the most crucial considerations, when considering security vulnerabilities, is network traffic. There is still potential for more research on the inter-arrival time side, even though some studies concentrate on network traffic from the perspective of the packet fields such as packet length and packet number. Inter-arrival timings are crucial to investigate because there are numerous attacks, such as Covert Timing Channels attacks, that heavily rely on them. In this article, we conduct a statistical analysis of the TCP inter-arrival times of two major key streaming programs (Zoom and Skype), which are frequently used, particularly during and following the COVID-19 pandemic. Using two internet-connected devices and the statistical measures of TCP, a dataset of 18,371 instances is created for this use. Five machine learning algorithms are evaluated on balanced and imbalanced forms of the dataset. The results revealed that the traffic of Zoom and Skype calls can be identified by machine learning algorithms with an accuracy of up to 99% by random forest.