Harvesting unique characteristics in packet sequences for effective application classification
作者: Zhenlong Yuan , Yibo Xue , Yingfei Dong
关键词:
摘要: Network traffic classification is critical to both network management and security. Identifying application at the flow level with signature matching has been widely used as most efficient method due its reliability robustness. However, increasing number of applications their frequent updates, we have constantly regenerate signatures, which resource intensive time consuming. To address this issue, propose explore unique characteristics in packet sequences discovered two types sequence signatures. We introduce our design implementation an automated packet-sequence construction (APSC) system, based on association rule mining data clustering technologies. This system can not only automatically generate traditional signatures from individual payloads but also construct new or features sequences, even for encrypted flows. best knowledge, first practical that supports construction. Our experimental results show proposed high quality a variety limited overhead.
sci-hub.se 参考文章(29)
Anthony McGregor, Mark Hall, Perry Lorier, James Brunskill, Flow Clustering Using Machine Learning Techniques passive and active network measurement. ,vol. 3015, pp. 205- 214 ,(2004) , 10.1007/978-3-540-24668-8_21
Alice Este, Francesco Gringoli, Luca Salgarelli, Support Vector Machines for TCP traffic classification Computer Networks. ,vol. 53, pp. 2476- 2490 ,(2009) , 10.1016/J.COMNET.2009.05.003
Yu Wang, Yang Xiang, Wanlei Zhou, Shunzheng Yu, Generating regular expression signatures for network traffic classification in trusted network management Journal of Network and Computer Applications. ,vol. 35, pp. 992- 1000 ,(2012) , 10.1016/J.JNCA.2011.03.017
Yeon-sup Lim, Hyun-chul Kim, Jiwoong Jeong, Chong-kwon Kim, Ted "Taekyoung" Kwon, Yanghee Choi, Internet traffic classification demystified: on the sources of the discriminative power conference on emerging network experiment and technology. pp. 9- ,(2010) , 10.1145/1921168.1921180
Robin Sommer, Vern Paxson, Enhancing byte-level network intrusion detection signatures with context computer and communications security. pp. 262- 271 ,(2003) , 10.1145/948109.948145
Andrew W. Moore, Denis Zuev, Internet traffic classification using bayesian analysis techniques measurement and modeling of computer systems. ,vol. 33, pp. 50- 60 ,(2005) , 10.1145/1064212.1064220
Yibo Xue, Luoshi Zhang, Dawei Wang, Traffic Classification: Issues and Challenges Journal of Communications. ,vol. 8, pp. 240- 248 ,(2013) , 10.12720/JCM.8.4.240-248
Yibo Xue, Dawei Wang, Luoshi Zhang, Traffic classification: Issues and challenges 2013 International Conference on Computing, Networking and Communications (ICNC). pp. 545- 549 ,(2013) , 10.1109/ICCNC.2013.6504144
Usama Fayyad, Ramasamy Uthurusamy, Data mining and knowledge discovery in databases Communications of the ACM. ,vol. 39, pp. 24- 26 ,(1996) , 10.1145/240455.240463
Nigel Williams, Sebastian Zander, Grenville Armitage, A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification ACM SIGCOMM Computer Communication Review. ,vol. 36, pp. 5- 16 ,(2006) , 10.1145/1163593.1163596