Title :
Towards automatic identification of network applications
Author :
Wang, Yu ; Yu, Shun-zheng
Author_Institution :
Dept. of Electron. & Commun. Eng., Sun Yat-Sen Univ., Guangzhou, China
Abstract :
Traditional application identification based on port numbers has become increasingly inaccurate. A more accurate alternative is to inspect the application payloads of traffic flows. The main drawback of such method is that target applications must be manually analyzed beforehand. Another alternative is to exploit the distinctive statistical properties of traffic flows and apply machine learning techniques to classify or cluster flows. In this paper, we propose a fully automatic mechanism for application identification. The mechanism combine flow clustering based on statistical features in order to generate clusters dominated by a single application on the one hand, and automatic of application signature based on payload contents solely on the other hand. Preliminary results of evaluation using real-world traffic traces indicate that the proposed approach is feasible and promising.
Keywords :
computer networks; learning (artificial intelligence); pattern classification; pattern clustering; statistical analysis; telecommunication traffic; application payload inspection; automatic application signature construction; automatic network application identification; machine learning technique; port number; statistical property; traffic flow classification; traffic flow clustering; Automatic control; Communication system control; Computer network management; Computer networks; Machine learning; Payloads; Protocols; Supervised learning; Telecommunication traffic; Traffic control; application identification; application signature; clustering; machine learning; traffic classification;
Conference_Titel :
Computing, Communication, Control, and Management, 2009. CCCM 2009. ISECS International Colloquium on
Conference_Location :
Sanya
Print_ISBN :
978-1-4244-4247-8
DOI :
10.1109/CCCM.2009.5267940
