Title :
Application-specific packet capturing using kernel probes
Author :
Lee, Byungjoon ; Moon, Seong ; Lee, Youngseok
Author_Institution :
Electron. & Telecommun. Res. Inst., Daejeon, South Korea
Abstract :
When we reverse-engineer unknown protocols or analyze the Internet traffic, it is critical to capture complete traffic traces generated by a target application. Besides, to prove the accuracy of Internet traffic classification algorithms of the traffic monitoring system usually located in the middle of the network, it is highly required to retain traffic traces associated with the related application. Therefore, in this paper, we present an application-specific packet capturing method at end hosts, which is based on the dynamic kernel probing technique. From the experiments it is shown that the proposed method is useful for creating per-application complete traffic traces without performance degradation.
Keywords :
Internet; monitoring; protocols; reverse engineering; telecommunication traffic; Internet traffic; application-specific packet capturing; kernel probes; protocols; reverse engineering; traffic monitoring system; Classification algorithms; Internet; Kernel; Linux; Monitoring; Moon; Payloads; Probes; Protocols; Telecommunication traffic;
Conference_Titel :
Integrated Network Management, 2009. IM '09. IFIP/IEEE International Symposium on
Conference_Location :
Long Island, NY
Print_ISBN :
978-1-4244-3486-2
Electronic_ISBN :
978-1-4244-3487-9
DOI :
10.1109/INM.2009.5188827
