Network analytics is of key importance for the proper management of network resources as the rate of Internet traffic continues to rise. The aim of this paper is to investigate the performance of different network traffic capture tools for extracting features and to evaluate the performance of eight Machine Learning (ML) algorithms in the classification of (1) applications; (2) states and (3) anomalies. Six Internet applications were considered along with four PC states and two network anomalies. The network was monitored by three traffic capture tools: PRTG, Colasoft Capsa and Wireshark and classification was performed using the Weka Toolkit. The performance of the eight ML classifiers was determined based on several metrics. The Colasoft Capsa feature set gave the highest accuracy for the classification of applications while same was achieved with features from PRTG for the classification of the four states considered. For anomaly classification, the ML algorithms showed almost similar classification behavior when the Colasoft Capsa or PRTG feature set was used.

中文翻译：

---

网络流量捕获工具和机器学习算法的性能分析，用于对应用程序，状态和异常进行分类

随着Internet流量的持续增长，网络分析对于正确管理网络资源至关重要。本文的目的是研究用于提取特征的不同网络流量捕获工具的性能，并评估（1）应用分类中的八种机器学习（ML）算法的性能；（2）状态和（3）异常。考虑了六个Internet应用程序以及四个PC状态和两个网络异常。该网络由三种流量捕获工具进行监视：PRTG，Colaso​​ft Capsa和Wireshark，并使用Weka Toolkit进行分类。八个ML分类器的性能是基于几个指标确定的。Colaso​​ft Capsa功能集为应用程序分类提供了最高的准确性，而PRTG的功能为所考虑的四个状态的分类提供了相同的准确性。对于异常分类，当使用Colaso​​ft Capsa或PRTG功能集时，ML算法显示出几乎相似的分类行为。