EARLY RECOGNITION OF INTERNET TRAFFIC BASED ON SIGNATURE INSPECTION

EARLY RECOGNITION OF INTERNET TRAFFIC BASED ON SIGNATURE INSPECTION

下载PDF

导出

摘要 The accurate and efficient classification of Internet traffic is the first and key step to ac-curate traffic management,network security and traffic analysis. The classic ways to identify flows is either inaccurate or inefficient,which are not suitable to be applied to real-time online classification. In this paper,we originally presented an early recognition method named Early Recognition Based on Deep Packet Inspection (ERBDPI) based on deep packet inspection,after analyzing the distribution of payload signature between packets of a flow in detail. The basic concept of ERBDPI is classifying flows based on the payload signature of their first some packets,so that we can identify traffic at the be-ginning of a flow connection. We compared the performance of ERBDPI with that of traditional sampling methods both synthetically and using real-world traffic traces. The result shows that ERBDPI can get a higher classification accuracy with a lower packet sampling rate,which makes it suitable to be applied to accurate real-time classification in high-speed links. The accurate and efficient classification of Internet traffic is the first and key step to accurate traffic management, network security and traffic analysis. The classic ways to identify flows is either inaccurate or inefficient, which are not suitable to be applied to real-time online classification. In this paper, we originally presented an early recognition method named Early Recognition Based on Deep Packet Inspection （ERBDPI） based on deep packet inspection, after analyzing the distribution of payload signature between packets of a flow in detail. The basic concept of ERBDPI is classifying flows based on the payload signature of their first some packets, so that we can identify traffic at the be- ginning of a flow connection. We compared the performance of ERBDPI with that of traditional sampling methods both synthetically and using real-world traffic traces. The result shows that ERBDPI can get a higher classification accuracy with a lower packet sampling rate, which makes it suitable to be applied to accurate real-time classification in high-speed links.

作者 Niu Xiaona Guo Yunfei Zhang Jin Wang Chao

机构地区 National Digital Switching System Engineering ＆ Technology Research Center （ NDSC）

出处《Journal of Electronics(China)》 2010年第2期230-236,共7页 电子科学学刊（英文版）

基金 Supported by grant from the Major State Basic Research Development Program of China (No.2007CB307102)

关键词 Traffic classification Packet sampling Payload signature inspection Early recognition Traffic classification Packet sampling Payload signature inspection Early recognition

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献10

1Andrew W Moore,Konstantina Papagiannaki.Toward the accurate identification of network appli- cations[].PAM’.2005
2.NetFlow Services Solu- tions Guide[].Cisco System White Paper.
3IANA.Protocol numbers[]..2006
4Sen S,Spatscheck O,Wang D,et al.Accurate,scalable in-network identification of p2p traffic using application signatures[].Proceedings of the th International Conference on World Wide Web.2004
5Karagiannis T,Papagiannaki K,Faloutsos M.Blinc: multilevel traffic classification in the dark[].Proceedings of the SIGCOMM conference on Applications Technologies Architectures and Protocols for Computer Communication.2005
6Claffy K C,Polyzos G C,Braun H W.Application of Sampling Methodologies to Network Traffic Characterization[].Computer Communications.1993
7A. W. Moore,and D. Zuev.Internet Traffic Classification Using Bayesian Analysis Techniques[].ACM SIGMETRICS.2005
8Zander S,Nguyen T,Armitage G.Self-learning IP traffic classification based on statistical flow characteristics[].Passive & Active Measurement Workshop (PAM).2005
9Hohn N,Veitch D.Inverting Sampled Traffic[].Internet Measurement Conference.2003
10Duffield N,Lund C,Thorup M.Properties and Prediction of Flow Statistics from Sampled Packet Streams[].In : Proceedings of ACM Sigcomm Internet Measurement Workshop.2002

1荣辉桂,李明伟,蔡立军.An early recognition algorithm for BitTorrent traffic based on improved K-means[J].Journal of Central South University,2011,18(6):2061-2067.
2PENG Lizhi,ZHANG Hongli,YANG Bo,CHEN Yuehui,WU Tong.Traffic Labeller： Collecting Internet Traffic Samples with Accurate Application Information[J].China Communications,2014,11(1):69-78. 被引量：2
3李君,Zhang Shunyi,Wang Pan,Li Cuilian.Research on internet traffic classification techniques using supervised machine learning[J].High Technology Letters,2009,15(4):369-377. 被引量：1
4CUI Yidong,SUN Hanlin.Periodicity Impacts on the Accuracy in Grey Model Based Internet Traffic Prediction[J].Chinese Journal of Electronics,2010,19(1):170-174. 被引量：2
5杜敏,陈兴蜀,谭骏.Online Internet Traffic Identification Algorithm Based on Multistage Classifier[J].China Communications,2013,10(2):89-97. 被引量：3
6吴晓非,禹可,狄佳玺,苏驷希.Structural Insights on Internet Traffic:Community Overlapping and Correlations[J].China Communications,2013,10(10):101-114.
7Li Jun,Zhang Shunyi,Lu Yanqing,Yan Junrong.HYBRID INTERNET TRAFFIC CLASSIFICATION TECHNIQUE[J].Journal of Electronics(China),2009,26(1):101-112.
8谭骏,陈兴蜀,杜敏,朱锴.A novel internet traffic identification approach using wavelet packet decomposition and neural network[J].Journal of Central South University,2012,19(8):2218-2230. 被引量：6
9RADWARE防火墙力保网络通畅[J].互联网周刊,2000(16):34-34.
10孟魁,张根度.MPLS和Internet流量工程[J].计算机科学,2001,28(8):42-45. 被引量：1

Journal of Electronics(China)

2010年第2期

浏览历史

内容加载中请稍等...

EARLY RECOGNITION OF INTERNET TRAFFIC BASED ON SIGNATURE INSPECTION

参考文献10

相关作者

相关机构

相关主题

浏览历史