Gaussian Fitting of Multi-scale Traffic Properties for Discriminating IP Applications
作者: Paulo Salvador , Ant ´ onio Nogueira , Eduardo Rocha
DOI:
关键词:
摘要: Abstract In the last years, there has been an increasingneed to accurately assign trafc its originating applicationor protocol. Several new protocols and services have appeared,such as VoIP or le sharing, creating additional identicationchallenges due their peculiar behaviors, such useof random ports associated other protocols. Thenumber variety of security vulnerabilities attacks thatare carried out over Internet also drastically increased inrecent years. Besides, privacy condentiality are growingconcerns for users: encryption is becoming widelyused and, therefore, access user payload more andmore difcult. Therefore, identication methodologies thatcan be accurate when applied different types andbe able operate in cyphered scenarios needed.In this paper, we present methodology thatrelies on a multiscale analysis ows, differentiatingthem based probability that characteristic multiscalebehavior estimators belong specic distributionswhose parameters inferred from ows real ap-plications. The classical concept ow was replacedby denition data stream , which consists all trafc(in upload download directions) local IP addressthat univocally identied by numeric identier. resultsachieved so far show proposed toaccurately classify licit identify some mostcommon attacks. approach can alsocircumvent most important drawbacks existingidentication methodologies, namely inability work understrict restriction scenarios.Keywords: Application identication, analysis,wavelets, illicit applications.
thinkmind.org参考文章(29)
David Dagon, Cliff Changchun Zou, Wenke Lee, Modeling Botnet Propagation Using Time Zones. network and distributed system security symposium. ,(2006)
Vinod Yegneswaran, Guofei Gu, Wenke Lee, Martin Fong, Phillip Porras, BotHunter: detecting malware infection through IDS-driven dialog correlation usenix security symposium. pp. 12- ,(2007)
Paul Barford, Vinod Yegneswaran, An Inside Look at Botnets Advances in Information Security. pp. 171- 191 ,(2007) , 10.1007/978-0-387-44599-1_8
A. Madhukar, C. Williamson, A Longitudinal Study of P2P Traffic Classification modeling, analysis, and simulation on computer and telecommunication systems. pp. 179- 188 ,(2006) , 10.1109/MASCOTS.2006.6
Farnam Jahanian, Danny McPherson, Evan Cooke, The Zombie roundup: understanding, detecting, and disrupting botnets conference on steps to reducing unwanted traffic on internet. pp. 6- 6 ,(2005)
Oleg Kolesnikov, Wenke Lee, Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic Georgia Institute of Technology. ,(2005)
David Dagon, Nick Feamster, Anirudh Ramachandran, Revealing botnet membership using DNSBL counter-intelligence conference on steps to reducing unwanted traffic on internet. pp. 8- 8 ,(2006)
Brian Rexroad, Anestis Karasaridis, David Hoeflin, Wide-scale botnet detection and characterization conference on workshop on hot topics in understanding botnets. pp. 7- 7 ,(2007)
T. Karagiannis, A. Broido, N. Brownlee, K.C. Claffy, M. Faloutsos, Is P2P dying or just hiding? [P2P traffic measurement] global communications conference. ,vol. 3, pp. 1532- 1538 ,(2004) , 10.1109/GLOCOM.2004.1378239
I. Zukerman, D. W. Albrecht, A. E. Nicholson, Predicting users' requests on the WWW international conference on user modeling, adaptation, and personalization. pp. 275- 284 ,(1999) , 10.1007/978-3-7091-2490-1_27