Title :
Labeling the Network Traffic with Accurate Application Information
Author :
Caiyun Zhao ; Lizhi Peng ; Bo Yang ; Zhenxiang Chen
Author_Institution :
Shandong Provincial Key Lab. of Network Based Intell. Comput., Univ. of Jinan, Jinan, China
Abstract :
Accurate network traffic classification is crucial for network management and has received widespread attention in the last few years. However, there is not a reliable and widely accepted validation technique for verifying these classification approaches. The main reason is that there are not public traffic traces with accurate application information. In order to address the above problem, this paper presents a new technique, which uses the Network Driver Interface Specification (NDIS) Hook and the Socket Hook to label the packets with the corresponding application on the basis of the user host. The socket hook can capture the packets and gain the related information of the captured packet and send the gained information to the memory. The NDIS Hook can capture the packet and change the header information of the IP packet. Then, these marked packets are sent to the Internet and collected at the boundary gateway.
Keywords :
IP networks; Internet; computer network management; internetworking; network servers; telecommunication traffic; IP packet; Internet; NDIS hook; application information accuracy; boundary gateway; network driver interface specification hook; network management; network traffic classification accuracy; network traffic labeling; public traffic tracing; socket hook; validation technique; Educational institutions; IP networks; Internet; Labeling; Machine learning; Ports (Computers); Sockets;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing (WiCOM), 2012 8th International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-61284-684-2
DOI :
10.1109/WiCOM.2012.6478559
