Profiling-By-Association: a resilient traffic profiling solution for the internet backbone
作者: Marios Iliofotou , Brian Gallagher , Tina Eliassi-Rad , Guowu Xie , Michalis Faloutsos
关键词:
摘要: Profiling Internet backbone traffic is becoming an increasingly hard problem since users and applications are avoiding detection using obfuscation encryption. The key question addressed here is: Is it possible to profile at the without relying on its packet flow level information, which can be obfuscated? We propose a novel approach, called Profiling-By-Association (PBA), that uses only IP-to-IP communication graph information about some used by few IP-hosts (a.k.a. seeds). insight tend communicate more frequently with hosts involved in same application forming communities (or clusters). members within cluster "give away" whole community. Following our we develop different algorithms evaluate them real-traces from four large networks. show PBA's accuracy average around 90% knowledge of 1% all given data set runtime order minutes (a 5).
acm.org
osti.gov
eliassi.org 参考文章(20)
Kuai Xu, Zhi-Li Zhang, Supratik Bhattacharyya, Profiling internet backbone traffic: behavior models and applications acm special interest group on data communication. ,vol. 35, pp. 169- 180 ,(2005) , 10.1145/1080091.1080112
Ionut Trestian, Supranamaya Ranjan, Aleksandar Kuzmanovi, Antonio Nucci, Unconstrained endpoint profiling (googling the internet) ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 279- 290 ,(2008) , 10.1145/1402946.1402991
Deepayan Chakrabarti, Spiros Papadimitriou, Dharmendra S. Modha, Christos Faloutsos, Fully automatic cross-associations knowledge discovery and data mining. pp. 79- 88 ,(2004) , 10.1145/1014052.1014064
Justin Ma, Kirill Levchenko, Christian Kreibich, Stefan Savage, Geoffrey M. Voelker, Unexpected means of protocol inference internet measurement conference. pp. 313- 326 ,(2006) , 10.1145/1177080.1177123
Yu Jin, Esam Sharafuddin, Zhi-Li Zhang, Unveiling core network-wide communication patterns through application traffic activity graph decomposition Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems - SIGMETRICS '09. ,vol. 37, pp. 49- 60 ,(2009) , 10.1145/1555349.1555356
Brian Gallagher, Marios Iliofotou, Tina Eliassi-Rad, Michalis Faloutsos, Link Homophily in the Application Layer and its Usage in Traffic Classification international conference on computer communications. pp. 221- 225 ,(2010) , 10.1109/INFCOM.2010.5462239
Keith Henderson, Tina Eliassi-Rad, Applying latent dirichlet allocation to group discovery in large graphs acm symposium on applied computing. pp. 1456- 1461 ,(2009) , 10.1145/1529282.1529607
Vincent D Blondel, Jean-Loup Guillaume, Renaud Lambiotte, Etienne Lefebvre, Fast unfolding of communities in large networks Journal of Statistical Mechanics: Theory and Experiment. ,vol. 2008, pp. 10008- ,(2008) , 10.1088/1742-5468/2008/10/P10008
Andrew W. Moore, Konstantina Papagiannaki, Toward the Accurate Identification of Network Applications Lecture Notes in Computer Science. pp. 41- 54 ,(2005) , 10.1007/978-3-540-31966-5_4
Hyunchul Kim, KC Claffy, Marina Fomenkov, Dhiman Barman, Michalis Faloutsos, KiYoung Lee, Internet traffic classification demystified: myths, caveats, and the best practices conference on emerging network experiment and technology. pp. 11- ,(2008) , 10.1145/1544012.1544023