Graption: A graph-based P2P traffic classification framework for the internet backbone
作者: Marios Iliofotou , Hyun-chul Kim , Michalis Faloutsos , Michael Mitzenmacher , Prashanth Pappu
DOI: 10.1016/J.COMNET.2011.01.020
关键词:
摘要: Monitoring network traffic and classifying applications are essential functions for administrators. Current classification methods can be grouped in three categories: (a) flow-based (e.g., packet sizing/timing features), (b) payload-based, (c) host-based. Methods from all categories have limitations, especially when it comes to detecting new applications, at the backbone. In this paper, we propose use of Traffic Dispersion Graphs (TDGs) remedy these limitations. Given a set flows, TDG is graph with an edge between any two IP addresses that communicate; thus TDGs capture network-wide interactions. Using TDGs, develop application framework dubbed Graption (Graph-based classification). Our provides systematic way classify by using information behavior flow-level characteristics Internet applications. As proof concept, instantiate our detect P2P traffic, show identify 90% flows 95% accuracy backbone traces, which particularly challenging other methods.
elsevier.com
sci-hub.se 参考文章(40)
M. Roughan, S. Sen, A. Gerber, H. Nguyen, J. Houle, P2P the gorilla in the cable National Cable & Telecommunications Association. ,(2003)
Anthony McGregor, Mark Hall, Perry Lorier, James Brunskill, Flow Clustering Using Machine Learning Techniques passive and active network measurement. ,vol. 3015, pp. 205- 214 ,(2004) , 10.1007/978-3-540-24668-8_21
Andrew W. Moore, Konstantina Papagiannaki, Toward the Accurate Identification of Network Applications Lecture Notes in Computer Science. pp. 41- 54 ,(2005) , 10.1007/978-3-540-31966-5_4
T. Karagiannis, A. Broido, N. Brownlee, K.C. Claffy, M. Faloutsos, Is P2P dying or just hiding? [P2P traffic measurement] global communications conference. ,vol. 3, pp. 1532- 1538 ,(2004) , 10.1109/GLOCOM.2004.1378239
Mark A. Hall, Ian H. Witten, Eibe Frank, Data Mining: Practical Machine Learning Tools and Techniques ,(1999)
Roberto Perdisci, Guofei Gu, Wenke Lee, Junjie Zhang, BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection usenix security symposium. pp. 139- 154 ,(2008)
John Guttag, Godfrey Tan, Frans Kaashoek, Massimiliano Poletto, Role classification of hosts within enterprise networks based on connection patterns usenix annual technical conference. pp. 2- 2 ,(2003)
Alice Este, Francesco Gringoli, Luca Salgarelli, On the stability of the information carried by traffic flow features at the packet level ACM SIGCOMM Computer Communication Review. ,vol. 39, pp. 13- 18 ,(2009) , 10.1145/1568613.1568616
Hyunchul Kim, KC Claffy, Marina Fomenkov, Dhiman Barman, Michalis Faloutsos, KiYoung Lee, Internet traffic classification demystified: myths, caveats, and the best practices conference on emerging network experiment and technology. pp. 11- ,(2008) , 10.1145/1544012.1544023
Wolfgang John, Sven Tafvelin, Heuristics to Classify Internet Backbone Traffic based on Connection Patterns international conference on information networking. pp. 1- 5 ,(2008) , 10.1109/ICOIN.2008.4472818