On the self-similar nature of Ethernet traffic (extended version)
IEEE/ACM Transactions on Networking (TON)
Self-similarity in World Wide Web traffic: evidence and possible causes
IEEE/ACM Transactions on Networking (TON)
Generating representative Web workloads for network and server performance evaluation
SIGMETRICS '98/PERFORMANCE '98 Proceedings of the 1998 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
An Empirical Model of HTTP Network Traffic
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
A Behavioral Model of Web Traffic
ICNP '99 Proceedings of the Seventh Annual International Conference on Network Protocols
Characteristics of WWW Client-based Traces
Characteristics of WWW Client-based Traces
Measuring normality in HTTP traffic for anomaly-based intrusion detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Traffic classification on the fly
ACM SIGCOMM Computer Communication Review
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Revealing skype traffic: when randomness plays with you
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Hi-index | 0.00 |
Skype is a Voice over IP (VoIP) Internet application that is gaining huge popularity in recent years. A key point to Skype popularity is its capability to dynamically adapt itself to operate behind firewalls or network proxies. A common way adopted by Skype to delude these network devices is to use port 80, normally expected to comprise HTTP traffic. In this paper, we propose metrics and investigate statistical tests intended to clearly distinguish Skype flows from HTTP traffic. We validate our study using real-world experimental datasets gathered at a commercial Internet Service Provider (ISP). Our experimental results suggest that the proposed methodology may be seen as a promising building block towards a system to detect general protocol anomalies in HTTP traffic.