BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
Unconstrained endpoint profiling (googling the internet)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting
Computer Networks: The International Journal of Computer and Telecommunications Networking
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Service-based traffic classification: principles and validation
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
On the validation of traffic classification algorithms
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Improving cost and accuracy of DPI traffic classifiers
Proceedings of the 2010 ACM Symposium on Applied Computing
HostView: annotating end-host performance measurements with user feedback
ACM SIGMETRICS Performance Evaluation Review
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
Performance of networked applications: the challenges in capturing the user's perception
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack
Inferring protocol state machine from network traces: a probabilistic approach
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
MINETRAC: mining flows for unsupervised analysis & semi-supervised classification
Proceedings of the 23rd International Teletraffic Congress
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
Feature selection for optimizing traffic classification
Computer Communications
Statistical traffic classification by boosting support vector machines
Proceedings of the 7th Latin American Networking Conference
Exploiting packet-sampling measurements for traffic characterization and classification
International Journal of Network Management
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Incremental algorithm for updating betweenness centrality in dynamically growing networks
Proceedings of the 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
Online NetFPGA decision tree statistical traffic classifier
Computer Communications
Reviewing traffic classification
DataTraffic Monitoring and Analysis
Hi-index | 0.00 |
Much of Internet traffic modeling, firewall, and intrusion detection research requires traces where some ground truth regarding application and protocol is associated with each packet or flow. This paper presents the design, development and experimental evaluation of gt, an open source software toolset for associating ground truth information with Internet traffic traces. By probing the monitored host's kernel to obtain information on active Internet sessions, gt gathers ground truth at the application level. Preliminary experimental results show that gt's effectiveness comes at little cost in terms of overhead on the hosting machines. Furthermore, when coupled with other packet inspection mechanisms, gt can derive ground truth not only in terms of applications (e.g., e-mail), but also in terms of protocols (e.g., SMTP vs. POP3).