摘要
当今网络环境中,新型、未知应用大量涌现、并且网络技术日新月异,这对网络流量的识别带来严重挑战.传统的基于IANA端口的应用识别方法逐渐失效,利用流行为统计特征的流量分类方法在精度和实时性上又存在先天的缺陷.本文提出了一种新型的基于数据挖掘的应用识别方法,该方法从应用会话内容中自动提取应用特征,然后根据特征匹配识别应用.通过仿真实验测试识别率、正确率及综合指标,结果表明算法是有效性,能够实现应用层流量的精确分类.
With the various newly designed applications and the rapid development of the network technology,the network traffic identification has encountered serious challenges.The traditional method of traffic identification based on the port number assigned by IANA could no longer be applied due to its deficiency,and another method by the statistical characters of flows could hardly satisfy the accuracy and real-time demand.This paper presents a novel approach to identify application traffic based on data mining,which automatically extracts application signature from the content of the application session,and furthermore identifies the same traffic using the signature matching.The identification rate,precision rate and F1-Measue have been verified on some traces and experimental results are presented to show the effectiveness of the algorithm,which can be used to accurately identify applications.
出处
《小型微型计算机系统》
CSCD
北大核心
2011年第5期875-880,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金-广东联合基金重点项目(U0735002)资助
国家自然科学基金项目(60970146)资助
国家"八六三"高技术研究发展计划项目(2007AA01Z449)资助
关键词
流量识别
自动提取应用特征
频繁项挖掘
应用会话
traffic identification
automatically extracted application signatures
frequent session fragment mining
application session
