期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

数据流应用层载荷特征正则表达式的自动提取 被引量:2

Automatically Generating Regular Expression of Load Signatures for Applications
下载PDF
导出
摘要 基于载荷特征的IP流分类技术的准确性较高,但是该分类技术的基础是提取出准确的载荷特征.目前大部分应用的载荷特征依靠手工逆向分析数据包结构来进行提取.然而手工分析提取应用产生的数据包是十分耗时的,特别是对于一个未知的应用.鉴于此,本文设计并实现了一种把固定位置载荷特征和载荷特征公共子串相结合的载荷特征自动提取算法.该算法可以自动提取应用层载荷特征并构造出正则表达式.除了可以提取出公共特征串之外,还可提取出很多特征提取算法所忽略的固定位置的单字节特征.实验结果验证了算法的有效性和准确性. The classification of IP flow based on the payload signatures is quite accurate, but the basis of the classification method is extracting an accurate payload signature. At present the payload signatures of most applications are generated based on inverse analysis of the packet structures manually. However, analyzing the packets generated by applications manually is time-consuming, especially for an unknown application. Due to this, the paper devises and implements an algorithm for automatic generation of the payload sig- natures, which combine the fixed-position payload signatures with the common substrings of the signatures. This algorithm can gener- ate the payload signatures of the application layer and construct the regular expressions of the signatures automatically. In addition to generating the common signatures, this algorithm can also generate the fixed-position one-byte-signature which is usually ignored by many algorithms for generating payload signatures. The experimental results verify the effectiveness and accuracy of the proposed al- gorithm.
作者 武飞 曾凡平 张辉 董齐兴
机构地区 中国科学技术大学计算机科学与技术学院 安徽省计算与通讯软件重点实验室
出处 《小型微型计算机系统》 CSCD 北大核心 2014年第8期1711-1716,共6页 Journal of Chinese Computer Systems
基金 安徽省自然科学基金项目(11040606M131)资助
关键词 特征自动提取 正则表达式 载荷特征 数据流分类 automatic signature generation regular expression payload signature traffic classification
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献1

二级参考文献12

  • 1Iliofotou M, Kim H, Faloutsos M, et al. Graph-based P2P traffic classification at the intemet backbone[ C]. Proceedings of the 12thIEEE Global Intemet Symposium,2009 : 1-6.
  • 2Karagiannis T,Broido A,Brownlee N,et al. Is P2P dying or just hiding.? [C]. Procee, dings of the 47th Annual IEEE Global Tele- communications Conference,2004:1532-1538.
  • 3Bernaille L,Teixeira R,Akodkenou I,et al. Traffic classification on the fly [ J ]. ACM SIGCOMM Computer Communication Review, 2006,36(2) :23-26.
  • 4Moore A W, Papagiannaki K. Toward the accurate identification of network applicadons[ C]. ngs of the Sixth Passive and Ac- tive Measurement Workshop,2005:41-54.
  • 5Roughan M, Sen S, Spatschek O, et al. Class-of-service mapping for QoS : a statistical signature-based approach to IP mfffic classifi- cation[ C]. Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement,2004 : 135-148.
  • 6Moore A W,Zuev D,Crogan M L. Discriminators for use in flow- based classification [ R ]. RR-05-13, London: University of Lon- don, 2005.
  • 7Li W,Moore A W. A machine learning approach for efficient traffic classification[C]. Proceedings of the IEEE International Symposi- um on Modeling, Analysis, and Simulation of Computer and Tele- communication Systems (MASCOTS) ,2007:24-26.
  • 8Zander S, Nguyen T, Armitage G. Automated traffic classification and application identification using machine learning [ C ]. Proceed- ings of the IEEE Conference on Local Computer Networks 30th Anniversary,2005 : 250-257.
  • 9Karagiannis T, Papagiannaki K, Faloutsos M. BLINC: multilevel traffic classification in the dark[ C]. Proceedings of the 2005 Con- ference on Applications,Technologies ,Architectures, and Protocols for Computer Communications ,2005:229-240.
  • 10Karagiannis T, Broido A, Faloutsos M, et al. Transport layer identi- fication of P2P traffic [ C ]. Proceedings of the 4th ACM SIG- COMM Conference on Intemet Measurement, 2004:121-134.

共引文献1

同被引文献7

引证文献2

二级引证文献2

小型微型计算机系统
2014年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部