Modern networks carry increasingly diverse and encrypted traffic types that demand classification techniques beyond traditional port-based and payload-based methods. This tutorial provides a practical, end-to-end guide to building machine-learning-based network traffic flow classification systems. We cover the workflow from flow metering and dataset creation, through ground-truth labeling and feature engineering, to leakage-resistant experimental design, model training and evaluation, explainability, and deployment considerations. The tutorial focuses on supervised flow-based classification that remains effective under encryption and provides actionable guidance on algorithm selection, performance metrics, and realistic partitioning strategies, with emphasis on common real-world measurement artifacts and methodological pitfalls. A companion set of five Jupyter notebooks on GitHub implements the data-to-model workflow on real traffic captures, enabling readers to reproduce key steps. The intended audience includes researchers and practitioners with foundational networking knowledge who aim to design and deploy robust traffic classification systems in operational environments.

翻译：现代网络承载着日益多样化和加密的流量类型，这要求超越传统基于端口和基于载荷的分类技术。本教程提供了一个构建基于机器学习的网络流量流分类系统的端到端实用指南。我们涵盖了从流计量与数据集创建、真实标签标注与特征工程，到抗泄漏实验设计、模型训练与评估、可解释性及部署考量等完整工作流程。本教程聚焦于在加密条件下依然有效的基于流的监督分类方法，并就算法选择、性能指标和现实划分策略提供可操作的指导，重点探讨常见的实际测量伪影与方法论陷阱。GitHub上配套的五套Jupyter笔记本在真实流量捕获数据上实现了从数据到模型的工作流程，使读者能够复现关键步骤。目标读者包括具备基础网络知识的研究人员和从业者，旨在为运行环境中设计与部署鲁棒的流量分类系统提供支持。