KIPS Transactions on Computer and Communication Systems (정보처리학회논문지:컴퓨터 및 통신 시스템)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Study on Classification Scheme for Multilateral and Hierarchical Traffic Identification

다각적이고 계층적인 트래픽 분석을 위한 트래픽 분류 체계에 관한 연구

  • 윤성호 (고려대학교 컴퓨터정보학과) ;
  • 안현민 (고려대학교 컴퓨터정보학과) ;
  • 김명섭 (고려대학교 컴퓨터정보학과)
  • Received : 2013.09.02
  • Accepted : 2014.01.21
  • Published : 2014.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Internet traffic has rapidly increased due to the supplying wireless devices and the appearance of various applications and services. By increasing internet traffic rapidly, the need of Internet traffic classification becomes important for the effective use of network resource. However, the traffic classification scheme is not much studied comparing to the study for classification method. This paper proposes novel classification scheme for multilateral and hierarchical traffic identification. The proposed scheme can support multilateral identification with 4 classification criteria such as service, application, protocol, and function. In addition, the proposed scheme can support hierarchical analysis based on roll-up and drill-down operation. We prove the applicability and advantages of the proposed scheme by applying it to real campus network traffic.

인터넷을 기반으로 하는 다양한 서비스 및 응용의 등장과 무선 디바이스의 보급은 인터넷 트래픽을 급격하게 증가시켰다. 인터넷 트래픽의 급격한 증가로 한정적인 네트워크 자원을 효율적으로 사용하기 위해 인터넷 트래픽 분석의 중요성이 증가하고 있다. 하지만 트래픽 분석 방법론에 비해 분석 결과를 체계적으로 관리하는 분류 체계에 대한 연구는 이루어지지 않고 있다. 본 논문에서는 다각적이고 계층적인 트래픽 분석을 위한 분류 체계를 제안한다. 제안하는 분류 체계는 서비스, 응용, 프로토콜, 기준의 4가지 분류 기준을 사용하여 다각적으로 분석이 가능하며, 분류 기준 별로 계층화된 속성을 가지고 있어 결과의 통합화 및 세분화가 가능하다. 논문에서는 제안한 분류 기준을 실제 학내 망에 적용하여 분석함으로 분류 체계의 장점과 활용성을 보인다.

Keywords

References

  1. F. C. VNI, "Cisco Visual Networking Index: Global Mobile data Traffic Forecast Update 2009-2014," Cisco Public Information, February, Vol.9, 2010.
  2. J.-h. Kim, S.-H. Yoon, and M.-S. Kim, "Research on traffic taxonomy for Internet traffic classification," in Network Operations and Management Symposium (APNOMS), 2011 13th Asia-Pacific, 2011, pp.1-4.
  3. Check Point AppWiki. [Internet], http://appwiki.checkpoint.com/appwikisdb/public.htm
  4. FortiGuard Center App Control. [Internet], http://www.fortiguard.com/encyclopedia/applications/
  5. Paloalto Networks Applipedia. [Internet], https://applipedia.paloaltonetworks.com/
  6. IANA port number list. [Internet], http://www.iana.org/assignments/service-names-port-nu mbers/service-names-port-numbers.xml
  7. Z. Jian and A. Moore, "Traffic Trace Artifacts due to Monitoring Via Port Mirroring," in End-to-End Monitoring Techniques and Services, 2007. E2EMON '07. Workshop on, 2007, pp.1-8.
  8. F. Risso, M. Baldi, O. Morandi, A. Baldini, and P. Monclus, "Lightweight, Payload-Based Traffic Classification: An Experimental Evaluation," in Communications, 2008. ICC '08. IEEE International Conference on, 2008, pp.5869-5875.
  9. J.-S. Park, S.-H. Yoon, and M.-S. Kim, "Software Architecture for a Lightweight Payload Signature-Based Traffic Classification System," in Traffic Monitoring and Analysis. Vol. 6613, J. Domingo-Pascual, Y. Shavitt, and S. Uhlig, Eds., ed: Springer Berlin Heidelberg, 2011, pp.136-149.
  10. A. W. Moore and D. Zuev, "Internet traffic classification using bayesian analysis techniques," SIGMETRICS Perform. Eval. Rev., Vol.33, pp.50-60, 2005. https://doi.org/10.1145/1071690.1064220
  11. K. Xu, Z.-L. Zhang, and S. Bhattacharyya, "Profiling internet backbone traffic: behavior models and applications," in ACM SIGCOMM Computer Communication Review, 2005, pp.169-180.
  12. J.-W. Park, S.-H. Yoon, J.-S. Park, S.-W. Lee, and M.-S. Kim, "Statistic Signature based Application Traffic Classification," KICS, Vol.34, pp.1234-1244, 2009.
  13. T. Karagiannis, K. Papagiannaki, and M. Faloutsos, "BLINC: multilevel traffic classification in the dark," in ACM SIGCOMM Computer Communication Review, 2005, pp.229-240.
  14. A. Callado, C. Kamienski, G. Szabo, B. Gero, J. Kelner, S. Fernandes, et al., "A Survey on Internet Traffic Identification," Communications Surveys & Tutorials, IEEE, Vol.11, pp.37-52, 2009. https://doi.org/10.1109/SURV.2009.090304
  15. S.-H. Yoon, J.-W. Park, J.-S. Park, Y.-S. Oh, and M.-S. Kim, "Internet Application Traffic Classification Using Fixed IP-Port," in Management Enabling the Future Internet for Changing Business and New Computing Services, 2009, pp.21-30.