Towards self adaptive network traffic classification
作者: Alok Tongaonkar , Ruben Torres , Marios Iliofotou , Ram Keralapura , Antonio Nucci
DOI: 10.1016/J.COMCOM.2014.03.026
关键词: Traffic generation model 、 Network management 、 Traffic shaping 、 Scalability 、 Computer network 、 Traffic classification 、 Network monitoring 、 Network traffic control 、 Network packet 、 Computer science 、 Service provider
摘要: Abstract A critical aspect of network management from an operator’s perspective is the ability to understand or classify all traffic that traverses network. The failure port based classification technique triggered interest in discovering signatures on packet content. However, this approach involves manually reverse engineering applications/protocols need be identified. This suffers problem scalability; keeping up with new applications come everyday very challenging and time-consuming. Moreover, traditional developing once using them different networks low coverage. In work, we present a novel fully automated payload content (PPC) system addresses above shortcomings. Our learns application where desired. Furthermore, our adapts as for changes. Based real traces several service providers, show capable detecting (1) tunneled wrapped applications, (2) use random ports, (3) applications. it robust routing asymmetry, important requirement large ISPs, has high precision (>97%). Finally, easy deploy setup performs real-time.
sci-hub.se 参考文章(22)
Brad Karp, Hyang-Ah Kim, Autograph: toward automated, distributed worm signature detection usenix security symposium. pp. 19- 19 ,(2004)
Andrew W. Moore, Konstantina Papagiannaki, Toward the Accurate Identification of Network Applications Lecture Notes in Computer Science. pp. 41- 54 ,(2005) , 10.1007/978-3-540-31966-5_4
Weidong Cui, Helen J. Wang, Jayanthkumar Kannan, Discoverer: automatic protocol reverse engineering from network traces usenix security symposium. pp. 14- ,(2007)
Jae Yoon Chung, Byungchul Park, Young J. Won, John Strassner, James W. Hong, Traffic Classification Based on Flow Similarity ip operations and management. pp. 65- 77 ,(2009) , 10.1007/978-3-642-04968-2_6
Soheil Hassas Yeganeh, Milad Eftekhar, Yashar Ganjali, Ram Keralapura, Antonio Nucci, CUTE: Traffic Classification Using TErms international conference on computer communications and networks. pp. 1- 9 ,(2012) , 10.1109/ICCCN.2012.6289207
Yu Wang, Yang Xiang, Wanlei Zhou, Shunzheng Yu, Generating regular expression signatures for network traffic classification in trusted network management Journal of Network and Computer Applications. ,vol. 35, pp. 992- 1000 ,(2012) , 10.1016/J.JNCA.2011.03.017
Guowu Xie, Marios Iliofotou, Ram Keralapura, Michalis Faloutsos, Antonio Nucci, SubFlow: Towards practical flow-level traffic classification international conference on computer communications. pp. 2541- 2545 ,(2012) , 10.1109/INFCOM.2012.6195649
Juan Caballero, Heng Yin, Zhenkai Liang, Dawn Song, Polyglot: automatic extraction of protocol message format using dynamic binary analysis computer and communications security. pp. 317- 329 ,(2007) , 10.1145/1315245.1315286
Ignacio N. Bermudez, Marco Mellia, Maurizio M. Munafo, Ram Keralapura, Antonio Nucci, DNS to the rescue: discerning content and services in a tangled web internet measurement conference. ,vol. 1, pp. 413- 426 ,(2012) , 10.1145/2398776.2398819
Laurent Bernaille, Renata Teixeira, Kave Salamatian, Early application identification conference on emerging network experiment and technology. pp. 6- ,(2006) , 10.1145/1368436.1368445