An Application-Level Signatures Extracting Algorithm Based on Offset Constraint

It´s an efficient approach to identify the application traffic through application-level signatures, but the performance of an application-level identification approach heavily depends on accuracy and abundance of signatures. Unfortunately, deriving the signatures manually is very time consuming and difficult. Machine learning has been widely used in network data analysis. But existing studies mostly considered statistical network flow attributes such as packet size distributions, for that there arenpsilat so far efficient solutions to extract signatures based on application-level content. The association rules algorithm may be the key to solve the problem, but itpsilas unavailable while itemset is a permutation of items or transaction is a set of itemsets. Aiming at this problem, the paper provides a signatures extracting algorithm based on offset constraint, which present the notion of Sequence Itemset and Offset Attribute Set, remedying the defect of association rules algorithm. The results indicate that signatures extracted by this approach is highly accurate for apply to online application identification.