Browse > Article
http://dx.doi.org/10.7840/kics.2013.38B.5.368

Behavior Based Signature Extraction Method for Internet Application Traffic Identification  

Yoon, Sung-Ho (고려대학교 컴퓨터정보학과 네트워크 관리 연구실)
Kim, Myung-Sup (고려대학교 컴퓨터정보학과 네트워크 관리 연구실)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.38B, no.5, 2013 , pp. 368-376 More about this Journal
Abstract
The importance of application traffic identification is emphasized for the efficient network management with recent rapid development of internet. In this paper, we present the application traffic identification method using the behavior based signature to improve the previous limitations. The behavior based signature is made by combining the existing various traffic features, and uses the Inter-Flow unit that is combination of the first request packet of each flow. All signatures have 100% precision when measured the accuracy of 5 applications using at home and abroad to prove the feasibility of the proposed signature.
Keywords
behavior based signature; signature extraction; signature creation; traffic identification; traffic classification;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 J. Zhang and A. Moore, "Traffic trace artifacts due to monitoring via port mirroring," in Proc. End-to-End Monitoring Techniques and Services (E2EMON), pp. 1-8, Munich, Germany, May 2007.
2 F. Risso, M. Baldi, O. Morandi, A. Baldini, and P. Monclus, "Lightweight, payload-based traffic classification: an experimental evaluation," in Proc. IEEE Int. Conf. Commun (ICC) '08, pp. 5869-5875, Beijing, China, May 2008.
3 J.-S. Park, S.-H. Yoon, and M.-S. Kim, "Software architecture for a lightweight payload signature-based traffic classification system," in Proc. 3rd Int. Conf. Traffic Monitoring and Analysis (TMA) '11, pp. 136-149, Vienna, Austria, Apr. 2011.
4 K. Xu, Z.-L. Zhang, and S. Bhattacharya, "Profiling internet backbone traffic: behavior models and applications," in Proc. ACM SIGCOMM 2005, pp. 169-180, Philadelphia, U.S.A., Aug. 2005.
5 A. W. Moore and D. Zuev, "Internet traffic classification using bayesian analysis techniques," in Proc. ACM SIGMETRICS, pp. 50-60, Banff, Canada, June 2005.
6 T. Karagiannis, K. Papagiannaki, and M. Faloutsos, "BLINC: multilevel traffic classification in the dark," in Proc. ACM SIGCOMM 2005, pp. 229-240, Philadelphia, U.S.A., Aug. 2005.
7 A. Callado, C. Kamienski, G. Szabo, B. Gero, J. Kelner, S. Fernandes, and D. Sadok, "A survey on internet traffic identification," IEEE Commun. Surveys Tutorials, vol. 11, no. 3, pp. 37-52, July 2009.   DOI   ScienceOn
8 B.-C. Park, Y. J. Won, M.-S. Kim, and J. W. Hong, "Towards automated application signature generation for traffic identification," in Proc. IEEE NOMS 2008, pp. 160-167, Salvador, Brazil, Apr. 2008.
9 S.-H. Yoon and M.-S. Kim, "A study of performance improvement of internet application traffic identification using flow correlation," J. KICS, vol. 36, no. 6, pp. 600-607, May 2011.   과학기술학회마을   DOI   ScienceOn
10 S. Sen and J. Wang, "Analyzing peer-to-peer traffic across large networks," in Proc. Internet Measurement Conf. (IMC), pp. 137-150, Marseille, France, Nov. 2002.
11 IANA, IANA port number list, Retrieved 5, 24, 2013, from http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml.